Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/SCtE4tYpbI1yKuBL5nElx9ndQHQ.roa
File: SCtE4tYpbI1yKuBL5nElx9ndQHQ.roa (raw, json)
Hash identifier: Z6H7q0paWnw23pHyNHcacJc7vtpXgTNXmnqgQa082sU=
Subject key identifier: 48:2B:44:E2:D6:29:6C:8D:72:2A:E0:4B:E6:71:25:C7:D9:DD:40:74
Certificate issuer: /CN=4944680c20d1af01f169b18ac9c77d9877133cde
Certificate serial: 01856D93F16E99853547B6E4F8F65A394741
Authority key identifier: 49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/SCtE4tYpbI1yKuBL5nElx9ndQHQ.roa
Signing time: Sun 01 Jan 2023 13:44:50 +0000
ROA not before: Sun 01 Jan 2023 13:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 85.255.125.0/24 maxlen: 24
85.255.123.0/24 maxlen: 24
85.255.121.0/24 maxlen: 24
85.255.120.0/24 maxlen: 24
85.255.126.0/24 maxlen: 24
85.255.127.0/24 maxlen: 24
178.212.205.0/24 maxlen: 24
178.212.204.0/24 maxlen: 24
178.212.203.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:93:f1:6e:99:85:35:47:b6:e4:f8:f6:5a:39:47:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4944680c20d1af01f169b18ac9c77d9877133cde
Validity
Not Before: Jan 1 13:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=482b44e2d6296c8d722ae04be67125c7d9dd4074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a1:64:48:89:33:b6:1a:a9:f3:29:24:fe:b3:
38:7f:df:2c:88:d6:95:50:04:42:e5:cc:af:3e:3d:
56:71:2e:a5:46:1c:1f:fe:b1:a9:c4:0d:c8:b7:cd:
73:9f:55:13:f3:8d:32:ce:fe:d1:4e:42:dd:26:d2:
d7:ee:51:d7:16:c9:22:dc:57:7d:eb:fa:f5:b7:49:
d6:9d:81:12:de:6c:e5:66:9b:2f:87:8b:6a:66:8c:
ef:33:a7:99:76:7e:81:e0:31:50:19:26:e1:c2:0a:
54:9f:32:0a:f9:d0:b9:46:7b:2b:21:2d:55:a9:5d:
43:c6:f5:34:10:ee:17:15:a1:d0:bd:24:f5:08:2a:
09:f9:d9:8d:cc:95:32:b1:2f:ae:ea:d6:86:ad:2b:
d1:1d:41:d9:05:d8:de:28:19:d4:04:d8:a4:2c:16:
9f:5e:8a:3e:39:9e:fd:b4:07:b1:ff:7e:0b:1b:fe:
bc:d1:2e:87:b0:d4:90:8a:b4:ce:93:c2:4b:77:7d:
ce:5b:e1:ee:14:83:86:b5:fb:0b:27:44:04:5d:a1:
2f:44:4d:13:c2:aa:f0:f7:11:42:e7:32:77:4e:6f:
be:fa:ba:2f:c0:d7:2f:e7:5e:c9:9b:06:04:2a:f4:
17:b3:e5:cf:3e:64:2e:6f:38:d9:93:d9:fc:ca:d5:
27:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:2B:44:E2:D6:29:6C:8D:72:2A:E0:4B:E6:71:25:C7:D9:DD:40:74
X509v3 Authority Key Identifier:
keyid:49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/SCtE4tYpbI1yKuBL5nElx9ndQHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/SURoDCDRrwHxabGKycd9mHcTPN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.120.0/23
85.255.123.0/24
85.255.125.0-85.255.127.255
178.212.203.0-178.212.205.255
Signature Algorithm: sha256WithRSAEncryption
40:80:1a:e6:cd:f2:74:b1:44:93:99:65:9c:1f:fd:9b:45:72:
cb:e3:41:7c:0b:c2:42:00:1f:99:5a:30:00:d7:fb:a4:6f:a4:
3b:f6:c1:e0:97:17:a7:e6:db:79:0d:6a:1d:f1:80:31:44:a9:
d8:f2:a4:19:16:76:9c:8f:af:9c:98:5b:92:db:67:ac:b0:4e:
e1:c0:a9:58:d8:b2:d8:8a:40:2c:8a:69:ab:70:cf:78:12:62:
bd:9b:55:37:2d:f7:4b:ea:cf:11:ad:a8:f6:0c:4f:6a:fb:43:
f6:00:c3:31:da:f0:36:fa:63:cb:32:1e:26:ad:45:ca:5b:42:
04:b7:21:54:47:63:33:df:74:e4:40:98:ae:dd:13:90:26:1c:
bd:73:ae:92:eb:d3:95:ce:12:da:6b:00:a5:cd:91:85:6b:89:
c1:54:65:31:0b:e6:33:d5:1d:ac:86:0d:31:be:54:40:91:66:
2d:05:a7:d6:1a:2d:4f:81:35:fe:82:08:9a:1d:76:f7:44:79:
8d:94:b4:90:5e:8e:f3:6b:47:c0:76:4b:c7:50:4e:e0:4d:29:
58:c7:be:5e:40:12:78:e7:9b:f7:76:ec:a8:d2:7e:f3:eb:35:
ae:26:ad:d8:d9:66:23:4a:88:cc:f9:1e:7d:bb:bb:d6:07:ec:
49:03:ef:33
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVtk/FumYU1R7bk+PZaOUdBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NDQ2ODBjMjBkMWFmMDFmMTY5YjE4YWM5Yzc3ZDk4Nzcx
MzNjZGUwHhcNMjMwMTAxMTM0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODJiNDRlMmQ2Mjk2YzhkNzIyYWUwNGJlNjcxMjVjN2Q5ZGQ0MDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqFkSIkzthqp8ykk/rM4f98siNaV
UARC5cyvPj1WcS6lRhwf/rGpxA3It81zn1UT840yzv7RTkLdJtLX7lHXFski3Fd9
6/r1t0nWnYES3mzlZpsvh4tqZozvM6eZdn6B4DFQGSbhwgpUnzIK+dC5RnsrIS1V
qV1DxvU0EO4XFaHQvST1CCoJ+dmNzJUysS+u6taGrSvRHUHZBdjeKBnUBNikLBaf
Xoo+OZ79tAex/34LG/680S6HsNSQirTOk8JLd33OW+HuFIOGtfsLJ0QEXaEvRE0T
wqrw9xFC5zJ3Tm+++rovwNcv517JmwYEKvQXs+XPPmQubzjZk9n8ytUnlQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFEgrROLWKWyNcirgS+ZxJcfZ3UB0MB8GA1UdIwQY
MBaAFElEaAwg0a8B8WmxisnHfZh3EzzeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTIt
ZWJkY2MwMmZiYWU5LzEvU0N0RTR0WXBiSTF5S3VCTDVuRWx4OW5kUUhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTItZWJkY2MwMmZiYWU5
LzEvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQBVf94AwQA
Vf97MAwDBABV/30DBAdV/wAwDAMEALLUywMEAbLUzDANBgkqhkiG9w0BAQsFAAOC
AQEAQIAa5s3ydLFEk5llnB/9m0Vyy+NBfAvCQgAfmVowANf7pG+kO/bB4JcXp+bb
eQ1qHfGAMUSp2PKkGRZ2nI+vnJhbkttnrLBO4cCpWNiy2IpALIppq3DPeBJivZtV
Ny33S+rPEa2o9gxPavtD9gDDMdrwNvpjyzIeJq1FyltCBLchVEdjM9905ECYrt0T
kCYcvXOukuvTlc4S2msApc2RhWuJwVRlMQvmM9UdrIYNMb5UQJFmLQWn1hotT4E1
/oIImh1290R5jZS0kF6O82tHwHZLx1BO4E0pWMe+XkASeOeb93bsqNJ+8+s1riat
2NlmI0qIzPkefbu71gfsSQPvMw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:53 2023 by rpki-client on console-fra.rpki-client.org