Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/SM54zuBxga612KQUL0AKWZOqpok.roa
File: SM54zuBxga612KQUL0AKWZOqpok.roa (raw, json)
Hash identifier: 8IFLCZkhbQPtujxDedHQuoApF76qJA/8/IVaEil+gto=
Subject key identifier: 48:CE:78:CE:E0:71:81:AE:B5:D8:A4:14:2F:40:0A:59:93:AA:A6:89
Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial: 018A8EC06D1A44B0F08AEB628F0662BAD463
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/SM54zuBxga612KQUL0AKWZOqpok.roa
Signing time: Wed 13 Sep 2023 13:34:50 +0000
ROA not before: Wed 13 Sep 2023 13:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202
IP address blocks: 185.148.224.0/23 maxlen: 24
109.234.0.0/24 maxlen: 24
109.234.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Sep 2023 09:26:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8e:c0:6d:1a:44:b0:f0:8a:eb:62:8f:06:62:ba:d4:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Validity
Not Before: Sep 13 13:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48ce78cee07181aeb5d8a4142f400a5993aaa689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f2:ac:91:48:54:ad:71:26:60:24:22:69:9a:
84:36:cb:b4:8a:9e:85:90:99:4c:61:4b:b7:41:09:
31:d5:b5:6f:a0:ef:d0:8d:8b:0a:95:39:6f:c4:ec:
dc:3e:49:48:11:57:62:71:4b:60:b3:d2:b4:89:2b:
4a:de:b4:78:9e:3c:83:45:ef:d3:e9:be:0e:fb:0b:
9f:e9:9c:cf:78:31:03:ae:a0:b1:ff:02:fa:25:c3:
dc:40:f2:5c:b3:0d:f5:80:1f:20:f6:89:01:13:a8:
ea:25:a9:cc:1b:64:10:3c:62:60:5d:c1:08:79:7f:
1e:ae:a5:1b:6f:ae:97:cc:a3:25:b6:4c:5d:b5:5c:
65:17:e0:11:e8:47:03:e0:2c:65:14:9a:ae:9a:69:
bf:9a:98:ea:b6:82:51:55:93:d9:cf:3b:a1:d6:a0:
56:25:ad:26:00:94:70:75:56:2b:1d:72:bc:17:a9:
8e:5d:7b:17:b2:81:50:10:a6:47:ea:9f:7f:88:81:
a9:a7:0a:b7:dc:8b:5e:bb:20:55:31:2d:a0:ee:f6:
99:db:32:9f:20:46:11:f5:57:0e:c8:63:5c:96:e4:
b9:c3:e7:eb:36:2a:ec:2c:b5:7d:53:30:cb:94:cd:
a0:ad:c2:d9:ce:fc:ed:0f:37:38:5a:a3:47:8b:56:
28:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:CE:78:CE:E0:71:81:AE:B5:D8:A4:14:2F:40:0A:59:93:AA:A6:89
X509v3 Authority Key Identifier:
keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/SM54zuBxga612KQUL0AKWZOqpok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.0.0/23
185.148.224.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:b1:a1:f7:a0:51:eb:e7:2c:02:7b:55:8f:24:7f:ad:d3:24:
b0:82:80:d3:61:5d:69:f6:a1:1f:06:9e:33:d4:1a:f7:2f:cf:
3e:96:a9:18:03:39:ec:8f:bf:e1:c9:ab:54:ab:d8:77:85:38:
da:9e:96:a6:9f:af:d5:0e:8b:f8:8b:96:a7:5c:17:cb:76:84:
aa:33:74:e3:11:d7:26:bb:11:6e:72:a7:d5:2b:87:72:f9:79:
37:38:d2:0d:ec:99:6f:40:96:6a:13:77:82:bd:5d:91:3c:1c:
1d:87:ee:8e:bf:e0:fa:28:40:a5:2b:2d:70:b3:50:32:d7:1d:
1d:f7:68:b1:bc:1f:b3:33:d2:07:2d:52:aa:68:c9:63:f6:2b:
97:3e:da:2c:a6:9d:4f:92:64:2e:3c:80:d6:62:75:f9:f3:0b:
1c:67:ea:9c:c5:a9:97:2a:40:6a:2d:f7:01:8f:b2:97:32:d9:
05:7b:98:bb:64:5d:1d:65:62:db:42:d4:38:68:28:f3:0f:44:
8a:82:88:2d:0c:e6:7e:7a:86:67:5f:0d:d2:64:00:9e:db:60:
69:20:8f:22:57:0c:99:cd:85:01:d8:7e:95:05:56:bd:e3:0e:
8e:50:99:f0:55:64:ef:d8:42:e9:63:63:3e:21:aa:5b:45:6e:
ae:7d:a0:c9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqOwG0aRLDwiutijwZiutRjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjMwOTEzMTMzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGNlNzhjZWUwNzE4MWFlYjVkOGE0MTQyZjQwMGE1OTkzYWFhNjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfKskUhUrXEmYCQiaZqENsu0ip6F
kJlMYUu3QQkx1bVvoO/QjYsKlTlvxOzcPklIEVdicUtgs9K0iStK3rR4njyDRe/T
6b4O+wuf6ZzPeDEDrqCx/wL6JcPcQPJcsw31gB8g9okBE6jqJanMG2QQPGJgXcEI
eX8erqUbb66XzKMltkxdtVxlF+AR6EcD4CxlFJqummm/mpjqtoJRVZPZzzuh1qBW
Ja0mAJRwdVYrHXK8F6mOXXsXsoFQEKZH6p9/iIGppwq33IteuyBVMS2g7vaZ2zKf
IEYR9VcOyGNcluS5w+frNirsLLV9UzDLlM2grcLZzvztDzc4WqNHi1Yo4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEjOeM7gcYGutdikFC9AClmTqqaJMB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEvU001NHp1QnhnYTYxMktRVUwwQUtXWk9xcG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBbeoAAwQB
uZTgMA0GCSqGSIb3DQEBCwUAA4IBAQCnsaH3oFHr5ywCe1WPJH+t0ySwgoDTYV1p
9qEfBp4z1Br3L88+lqkYAznsj7/hyatUq9h3hTjanpamn6/VDov4i5anXBfLdoSq
M3TjEdcmuxFucqfVK4dy+Xk3ONIN7JlvQJZqE3eCvV2RPBwdh+6Ov+D6KEClKy1w
s1Ay1x0d92ixvB+zM9IHLVKqaMlj9iuXPtospp1PkmQuPIDWYnX58wscZ+qcxamX
KkBqLfcBj7KXMtkFe5i7ZF0dZWLbQtQ4aCjzD0SKgogtDOZ+eoZnXw3SZACe22Bp
II8iVwyZzYUB2H6VBVa94w6OUJnwVWTv2ELpY2M+IapbRW6ufaDJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:51 2024 by rpki-client on console-ams.rpki-client.org