Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/S4CcNdTfoskbucflq_EoihxKRzk.roa
File: S4CcNdTfoskbucflq_EoihxKRzk.roa (raw, json)
Hash identifier: jU74vYOeZ5jfejkzACWlvwnaJYtfgFL77uOnPUy6eog=
Subject key identifier: 4B:80:9C:35:D4:DF:A2:C9:1B:B9:C7:E5:AB:F1:28:8A:1C:4A:47:39
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 0185719562793776676FC8235B9340B07AFF
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/S4CcNdTfoskbucflq_EoihxKRzk.roa
Signing time: Mon 02 Jan 2023 08:24:53 +0000
ROA not before: Mon 02 Jan 2023 08:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1162
IP address blocks: 145.100.32.0/22 maxlen: 22
145.100.9.0/30 maxlen: 30
2001:610:108:3017::/64 maxlen: 64
2001:610:108:3014::/64 maxlen: 64
2001:610:108:203a::/64 maxlen: 64
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:62:79:37:76:67:6f:c8:23:5b:93:40:b0:7a:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jan 2 08:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b809c35d4dfa2c91bb9c7e5abf1288a1c4a4739
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ad:e3:d7:31:4c:0c:70:cb:70:1f:f8:91:d0:
4a:c5:53:18:08:e7:4a:66:87:6a:34:b6:28:59:50:
42:d5:17:5a:8d:b2:4b:2f:3b:45:a7:ba:2b:2c:ed:
63:51:7e:10:ec:99:03:0c:19:a6:37:70:13:4e:62:
16:9e:70:33:ee:2c:22:fa:98:12:bf:8d:6f:b7:da:
7b:15:16:90:44:c6:64:d1:72:c0:2a:55:c8:84:76:
7a:b8:3a:f8:3a:0f:3f:ae:c5:f5:1d:c0:31:63:26:
ed:81:30:b6:4e:67:d5:69:50:c7:58:fc:44:3d:05:
67:67:fc:e1:ff:43:53:19:4c:c8:9e:ad:9f:59:3a:
0d:25:48:42:b9:51:bb:bc:bb:7d:e6:0e:99:63:87:
86:ec:42:cd:c1:77:ae:4e:9c:73:bd:c4:79:2d:05:
34:fc:24:0b:05:48:13:a5:fd:97:53:05:76:23:8e:
f0:52:96:7a:45:42:15:25:ae:5f:13:ce:c4:60:1d:
c7:9a:17:c1:b4:e4:5a:a7:8e:db:4e:34:10:f9:0f:
08:94:01:bf:e0:1e:f6:13:2e:d0:0a:ba:73:81:fb:
03:0e:9a:bb:60:49:9f:f6:b7:25:91:f0:c3:16:c4:
cc:eb:e9:01:89:30:83:7b:53:47:68:9d:f5:33:86:
d7:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:80:9C:35:D4:DF:A2:C9:1B:B9:C7:E5:AB:F1:28:8A:1C:4A:47:39
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/S4CcNdTfoskbucflq_EoihxKRzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.100.9.0/30
145.100.32.0/22
IPv6:
2001:610:108:203a::/64
2001:610:108:3014::/64
2001:610:108:3017::/64
Signature Algorithm: sha256WithRSAEncryption
3e:5d:ab:e4:1b:5e:0e:b5:f1:07:ad:f1:6e:b5:f0:e8:72:3e:
07:e8:8d:30:d0:85:29:bb:bb:17:47:ec:22:28:2e:3d:bb:51:
58:a7:ed:05:b1:d3:24:bb:9d:e8:7f:d3:86:9a:74:e3:9b:2d:
c8:9b:66:05:25:bc:52:c9:ae:fb:41:eb:40:3a:72:b1:e8:b2:
7b:a3:56:8b:65:8f:65:db:e0:34:30:10:a3:4d:70:b6:f9:66:
62:98:31:6e:62:4e:b8:7c:6f:96:27:46:48:b4:34:c0:e3:19:
10:71:06:05:e5:51:d8:81:34:d6:52:dc:9a:6e:ce:bd:a2:f4:
74:0d:59:8c:eb:56:02:30:90:35:32:f2:e0:72:50:09:14:16:
b2:ed:e9:92:6f:08:d8:68:f5:9f:39:97:2e:1c:69:20:2f:b1:
db:c0:0c:cb:fa:78:ec:ac:89:bd:0e:8c:a6:3b:90:0a:d1:83:
e4:11:0a:4b:d0:e9:77:6f:8b:cd:ae:fb:2e:4d:41:5a:13:c1:
7b:14:2a:82:e9:89:1b:62:fd:84:06:6d:5f:6d:4e:ae:63:38:
4a:70:13:1a:96:6d:fd:b6:6f:32:ff:dc:50:c0:b9:ff:98:0c:
92:fe:a6:d5:4d:3f:48:7e:67:f3:c7:6f:62:c2:89:80:d0:4d:
4d:00:cf:3e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVxlWJ5N3Znb8gjW5NAsHr/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjMwMTAyMDgyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjgwOWMzNWQ0ZGZhMmM5MWJiOWM3ZTVhYmYxMjg4YTFjNGE0NzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk63j1zFMDHDLcB/4kdBKxVMYCOdK
ZodqNLYoWVBC1RdajbJLLztFp7orLO1jUX4Q7JkDDBmmN3ATTmIWnnAz7iwi+pgS
v41vt9p7FRaQRMZk0XLAKlXIhHZ6uDr4Og8/rsX1HcAxYybtgTC2TmfVaVDHWPxE
PQVnZ/zh/0NTGUzInq2fWToNJUhCuVG7vLt95g6ZY4eG7ELNwXeuTpxzvcR5LQU0
/CQLBUgTpf2XUwV2I47wUpZ6RUIVJa5fE87EYB3HmhfBtORap47bTjQQ+Q8IlAG/
4B72Ey7QCrpzgfsDDpq7YEmf9rclkfDDFsTM6+kBiTCDe1NHaJ31M4bX0wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEuAnDXU36LJG7nH5avxKIocSkc5MB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvUzRDY05kVGZvc2tidWNmbHFfRW9paHhLUnprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjATBAIAATANAwUCkWQJAAME
ApFkIDAnBAIAAjAhAwkAIAEGEAEIIDoDCQAgAQYQAQgwFAMJACABBhABCDAXMA0G
CSqGSIb3DQEBCwUAA4IBAQA+XavkG14OtfEHrfFutfDocj4H6I0w0IUpu7sXR+wi
KC49u1FYp+0FsdMku53of9OGmnTjmy3Im2YFJbxSya77QetAOnKx6LJ7o1aLZY9l
2+A0MBCjTXC2+WZimDFuYk64fG+WJ0ZItDTA4xkQcQYF5VHYgTTWUtyabs69ovR0
DVmM61YCMJA1MvLgclAJFBay7emSbwjYaPWfOZcuHGkgL7HbwAzL+njsrIm9Doym
O5AK0YPkEQpL0Ol3b4vNrvsuTUFaE8F7FCqC6YkbYv2EBm1fbU6uYzhKcBMalm39
tm8y/9xQwLn/mAyS/qbVTT9Ifmfzx29iwomA0E1NAM8+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:09 2024 by rpki-client on console-fra.rpki-client.org