Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/S0jWeBbGhpKU4MRSwtnhh3sOGdI.roa
File: S0jWeBbGhpKU4MRSwtnhh3sOGdI.roa (raw, json)
Hash identifier: VeLstjy0b7hOHdgDeNyrla8otBrRm7IXWtL64MrM0oI=
Subject key identifier: 4B:48:D6:78:16:C6:86:92:94:E0:C4:52:C2:D9:E1:87:7B:0E:19:D2
Certificate issuer: /CN=661691ca9c58d0859b6b870230b0f581be66a58a
Certificate serial: 018BEEE5399BAF0BBFEBC57BE6E3E6089174
Authority key identifier: 66:16:91:CA:9C:58:D0:85:9B:6B:87:02:30:B0:F5:81:BE:66:A5:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZhaRypxY0IWba4cCMLD1gb5mpYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/S0jWeBbGhpKU4MRSwtnhh3sOGdI.roa
Signing time: Mon 20 Nov 2023 22:41:21 +0000
ROA not before: Mon 20 Nov 2023 22:41:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199364
IP address blocks: 185.31.120.0/22 maxlen: 22
45.84.192.0/24 maxlen: 24
2a00:af60::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ee:e5:39:9b:af:0b:bf:eb:c5:7b:e6:e3:e6:08:91:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=661691ca9c58d0859b6b870230b0f581be66a58a
Validity
Not Before: Nov 20 22:41:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b48d67816c6869294e0c452c2d9e1877b0e19d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:fa:85:4c:3b:72:07:e9:21:4b:25:0e:16:72:
68:35:ea:2e:56:bc:8c:e5:11:eb:9e:f4:6a:53:db:
a2:5a:13:59:9d:fc:e0:bc:b0:94:76:95:fc:e9:e2:
eb:52:89:dc:86:4a:c3:f1:cd:52:29:25:2c:f9:e1:
4a:80:fe:9b:9f:8e:72:d3:8e:a5:cf:ff:bb:9a:4d:
cf:6d:87:fa:cf:c3:ff:93:20:af:f4:f5:58:05:8c:
f9:7d:07:8e:ab:41:bd:26:42:9e:79:a6:32:4b:78:
81:33:d9:dd:9e:3c:98:5d:2e:40:ec:89:82:f7:f5:
6d:f6:7b:c1:f4:02:f0:01:c7:7d:e2:71:f5:80:c0:
3e:af:fd:92:3e:e9:eb:a8:f5:78:0a:32:bf:c3:ad:
34:55:9a:49:60:9e:be:ce:47:91:0d:94:a6:ae:01:
75:75:59:0f:c3:f9:62:4d:22:fd:8f:f0:8a:71:0f:
38:0d:4a:fb:6d:31:10:59:e8:53:00:61:3a:25:e2:
13:c5:3c:ba:f2:c0:a9:77:1f:43:54:e6:b3:cf:15:
e2:1e:58:3d:ab:a6:58:92:1d:c6:23:4a:02:56:9e:
57:2a:ca:6a:3a:7a:78:16:5b:c3:e0:8b:ce:3a:72:
35:33:f1:2c:7c:36:0c:47:3c:3a:2d:4d:be:fa:59:
36:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:48:D6:78:16:C6:86:92:94:E0:C4:52:C2:D9:E1:87:7B:0E:19:D2
X509v3 Authority Key Identifier:
keyid:66:16:91:CA:9C:58:D0:85:9B:6B:87:02:30:B0:F5:81:BE:66:A5:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZhaRypxY0IWba4cCMLD1gb5mpYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/S0jWeBbGhpKU4MRSwtnhh3sOGdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/ZhaRypxY0IWba4cCMLD1gb5mpYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.192.0/24
185.31.120.0/22
IPv6:
2a00:af60::/32
Signature Algorithm: sha256WithRSAEncryption
80:59:b0:91:11:0c:30:20:15:1e:7a:75:ee:75:ba:14:7b:fe:
6b:40:2d:5c:3b:50:96:01:54:eb:4f:13:cf:cb:a1:02:ba:b8:
9d:20:1a:1e:8c:89:89:20:85:81:ab:06:d9:38:d8:f2:47:d8:
93:2e:d5:ec:6f:37:0f:08:cf:a2:ea:6d:96:2e:4a:31:b1:ca:
18:88:37:0e:66:56:2e:82:4c:b5:aa:33:4d:7b:96:d2:ec:b9:
49:1b:3b:99:f8:f1:46:aa:e7:e6:f5:f4:96:91:5d:5e:f7:ef:
fb:6b:d3:79:55:24:24:5e:3a:e8:91:a9:10:98:38:d9:47:62:
c7:7f:37:6a:cf:cf:4c:ae:63:39:3b:0c:bf:51:6e:00:f9:3d:
76:f2:a5:c2:9f:e1:2a:bf:8f:3b:e9:98:7e:eb:e4:9d:3e:f6:
ac:2b:df:e6:13:96:b2:d6:4a:5c:12:4c:af:be:a0:74:c1:dc:
9e:a7:d4:14:ee:24:96:c4:db:e8:6b:b9:8f:4f:1b:45:26:9c:
76:a9:ec:89:a3:6d:6b:b9:64:49:32:b6:fc:86:63:37:f4:c9:
57:b1:d5:50:f3:09:b8:cf:11:48:dc:9c:df:74:fc:46:1a:2d:
7d:84:67:42:e4:a1:8c:48:6e:67:ff:0a:d9:21:2e:61:aa:09:
4e:28:52:54
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYvu5Tmbrwu/68V75uPmCJF0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MTY5MWNhOWM1OGQwODU5YjZiODcwMjMwYjBmNTgxYmU2
NmE1OGEwHhcNMjMxMTIwMjI0MTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjQ4ZDY3ODE2YzY4NjkyOTRlMGM0NTJjMmQ5ZTE4NzdiMGUxOWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPqFTDtyB+khSyUOFnJoNeouVryM
5RHrnvRqU9uiWhNZnfzgvLCUdpX86eLrUonchkrD8c1SKSUs+eFKgP6bn45y046l
z/+7mk3PbYf6z8P/kyCv9PVYBYz5fQeOq0G9JkKeeaYyS3iBM9ndnjyYXS5A7ImC
9/Vt9nvB9ALwAcd94nH1gMA+r/2SPunrqPV4CjK/w600VZpJYJ6+zkeRDZSmrgF1
dVkPw/liTSL9j/CKcQ84DUr7bTEQWehTAGE6JeITxTy68sCpdx9DVOazzxXiHlg9
q6ZYkh3GI0oCVp5XKspqOnp4FlvD4IvOOnI1M/EsfDYMRzw6LU2++lk2aQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEtI1ngWxoaSlODEUsLZ4Yd7DhnSMB8GA1UdIwQY
MBaAFGYWkcqcWNCFm2uHAjCw9YG+ZqWKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmhhUnlweFkwSVdiYTRjQ01MRDFnYjVtcFlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS84ZjAyNTktOWJjOC00ZmRjLTkyNmQt
MWE4MGRhZmZkNzk2LzEvUzBqV2VCYkdocEtVNE1SU3d0bmhoM3NPR2RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS84ZjAyNTktOWJjOC00ZmRjLTkyNmQtMWE4MGRhZmZkNzk2
LzEvWmhhUnlweFkwSVdiYTRjQ01MRDFnYjVtcFlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALVTAAwQC
uR94MA0EAgACMAcDBQAqAK9gMA0GCSqGSIb3DQEBCwUAA4IBAQCAWbCREQwwIBUe
enXudboUe/5rQC1cO1CWAVTrTxPPy6ECuridIBoejImJIIWBqwbZONjyR9iTLtXs
bzcPCM+i6m2WLkoxscoYiDcOZlYugky1qjNNe5bS7LlJGzuZ+PFGqufm9fSWkV1e
9+/7a9N5VSQkXjrokakQmDjZR2LHfzdqz89MrmM5Owy/UW4A+T128qXCn+Eqv487
6Zh+6+SdPvasK9/mE5ay1kpcEkyvvqB0wdyep9QU7iSWxNvoa7mPTxtFJpx2qeyJ
o21ruWRJMrb8hmM39MlXsdVQ8wm4zxFI3JzfdPxGGi19hGdC5KGMSG5n/wrZIS5h
qglOKFJU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:46 2024 by rpki-client on console-fra.rpki-client.org