Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/SbzxzIS2G8OaM715o7srKTm7Bag.roa
File: SbzxzIS2G8OaM715o7srKTm7Bag.roa (raw, json)
Hash identifier: awUzrdh2QzHg6s4Q4UM9XDCssOsHV/cqsAS4rvjN+iM=
Subject key identifier: 49:BC:F1:CC:84:B6:1B:C3:9A:33:BD:79:A3:BB:2B:29:39:BB:05:A8
Certificate issuer: /CN=bc464ba9d26385f54df6254ac248926d370445b0
Certificate serial: 018C5D04D2DD956E23D1BBDF8D57D901B7E4
Authority key identifier: BC:46:4B:A9:D2:63:85:F5:4D:F6:25:4A:C2:48:92:6D:37:04:45:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEZLqdJjhfVN9iVKwkiSbTcERbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/SbzxzIS2G8OaM715o7srKTm7Bag.roa
Signing time: Tue 12 Dec 2023 07:54:06 +0000
ROA not before: Tue 12 Dec 2023 07:54:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8540
IP address blocks: 146.19.52.0/24 maxlen: 24
185.151.20.0/22 maxlen: 24
45.155.184.0/22 maxlen: 24
185.236.166.0/24 maxlen: 24
185.236.164.0/23 maxlen: 24
2a07:7540::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 12 Dec 2023 16:28:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5d:04:d2:dd:95:6e:23:d1:bb:df:8d:57:d9:01:b7:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc464ba9d26385f54df6254ac248926d370445b0
Validity
Not Before: Dec 12 07:54:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49bcf1cc84b61bc39a33bd79a3bb2b2939bb05a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:af:b0:0f:3c:57:62:a5:bf:9d:18:07:d6:5b:
93:a4:33:4b:62:fc:be:16:46:5b:8c:84:29:75:f5:
f7:cd:84:36:80:1c:86:5a:f9:01:f6:6b:91:f0:80:
df:e9:25:99:7c:e5:3f:a7:24:1b:00:0d:14:fc:37:
90:19:7d:4c:95:b4:b6:6e:bb:bd:57:a6:d4:5a:ad:
2f:75:23:81:a1:99:fe:61:4e:06:da:41:49:3b:00:
5f:d6:56:6a:bf:06:a4:6e:2e:99:f6:20:d2:59:02:
53:7d:11:2c:3f:16:16:8e:b0:29:cb:90:30:16:a2:
99:42:f8:97:54:48:9d:a3:72:99:90:07:e7:c5:08:
99:a5:7f:2a:06:2e:8b:78:36:72:91:ee:59:b5:52:
e2:69:8f:22:6a:ab:1a:58:65:21:b3:19:b9:52:e7:
13:e8:4a:93:54:9c:24:4f:af:c1:68:e5:79:73:44:
de:6e:eb:ad:c6:3c:30:26:30:eb:91:56:ac:66:42:
69:53:88:3c:97:55:05:8f:69:9b:b8:02:0f:bf:34:
8c:1c:eb:d0:1e:87:f2:a9:b8:4e:46:a9:c5:45:6c:
00:50:34:f1:63:ab:b7:e9:e0:b5:4e:b1:2d:d0:eb:
df:02:95:37:62:62:9a:81:0d:ac:a8:b6:f0:a7:21:
f1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:BC:F1:CC:84:B6:1B:C3:9A:33:BD:79:A3:BB:2B:29:39:BB:05:A8
X509v3 Authority Key Identifier:
keyid:BC:46:4B:A9:D2:63:85:F5:4D:F6:25:4A:C2:48:92:6D:37:04:45:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEZLqdJjhfVN9iVKwkiSbTcERbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/SbzxzIS2G8OaM715o7srKTm7Bag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/vEZLqdJjhfVN9iVKwkiSbTcERbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.184.0/22
146.19.52.0/24
185.151.20.0/22
185.236.164.0-185.236.166.255
IPv6:
2a07:7540::/29
Signature Algorithm: sha256WithRSAEncryption
20:d3:cf:9b:c9:ee:02:70:ec:e6:e8:ef:f1:ae:00:12:e3:cb:
e4:c4:c4:7f:80:f8:f5:72:4d:48:0f:df:8e:18:7b:b7:0b:7f:
6d:6e:9c:76:ce:6e:fc:4f:b2:4a:0b:87:24:eb:5f:69:c1:4c:
87:0b:de:42:23:7b:6a:13:44:ea:2c:46:37:fe:9c:bf:40:68:
8e:c2:6f:be:a4:8e:f8:07:b1:95:92:8f:f7:2c:b9:6e:cc:33:
1c:da:3e:14:3a:d7:f5:37:6b:9d:21:13:4f:98:81:3f:ec:0c:
e9:35:01:ef:da:4e:25:02:e1:1d:a0:43:9a:a4:f5:25:df:6f:
82:44:98:02:ad:a5:d5:a8:2c:fc:04:a2:67:b4:cd:b6:d3:ad:
b8:02:03:7f:37:8d:b2:e9:73:86:52:0b:82:4f:41:50:87:e6:
56:8e:6b:18:e8:96:02:5e:26:a4:83:32:97:68:b8:94:4d:70:
55:12:0f:09:73:85:57:a6:7f:6f:f8:4d:c8:58:a7:0f:af:d5:
b4:a7:82:f6:84:24:13:2c:9c:02:73:06:5e:f5:16:00:6f:e9:
6e:70:6e:9a:72:bd:67:29:c0:e1:9d:ac:87:d1:43:e3:76:67:
af:83:e8:e0:db:d8:e3:54:51:d7:6f:a9:d4:9d:60:a1:58:90:
f8:55:bf:08
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYxdBNLdlW4j0bvfjVfZAbfkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDY0YmE5ZDI2Mzg1ZjU0ZGY2MjU0YWMyNDg5MjZkMzcw
NDQ1YjAwHhcNMjMxMjEyMDc1NDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWJjZjFjYzg0YjYxYmMzOWEzM2JkNzlhM2JiMmIyOTM5YmIwNWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6+wDzxXYqW/nRgH1luTpDNLYvy+
FkZbjIQpdfX3zYQ2gByGWvkB9muR8IDf6SWZfOU/pyQbAA0U/DeQGX1MlbS2bru9
V6bUWq0vdSOBoZn+YU4G2kFJOwBf1lZqvwakbi6Z9iDSWQJTfREsPxYWjrApy5Aw
FqKZQviXVEido3KZkAfnxQiZpX8qBi6LeDZyke5ZtVLiaY8iaqsaWGUhsxm5UucT
6EqTVJwkT6/BaOV5c0TebuutxjwwJjDrkVasZkJpU4g8l1UFj2mbuAIPvzSMHOvQ
HofyqbhORqnFRWwAUDTxY6u36eC1TrEt0OvfApU3YmKagQ2sqLbwpyHxWQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFEm88cyEthvDmjO9eaO7Kyk5uwWoMB8GA1UdIwQY
MBaAFLxGS6nSY4X1TfYlSsJIkm03BEWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVaTHFkSmpoZlZOOWlWS3draVNiVGNFUmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS81MDFmMmItZmQxZi00NWVhLWI0OTQt
ZDczZGM0YjQxY2UxLzEvU2J6eHpJUzJHOE9hTTcxNW83c3JLVG03QmFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS81MDFmMmItZmQxZi00NWVhLWI0OTQtZDczZGM0YjQxY2Ux
LzEvdkVaTHFkSmpoZlZOOWlWS3draVNiVGNFUmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQCLZu4AwQA
khM0AwQCuZcUMAwDBAK57KQDBAC57KYwDQQCAAIwBwMFAyoHdUAwDQYJKoZIhvcN
AQELBQADggEBACDTz5vJ7gJw7Obo7/GuABLjy+TExH+A+PVyTUgP344Ye7cLf21u
nHbObvxPskoLhyTrX2nBTIcL3kIje2oTROosRjf+nL9AaI7Cb76kjvgHsZWSj/cs
uW7MMxzaPhQ61/U3a50hE0+YgT/sDOk1Ae/aTiUC4R2gQ5qk9SXfb4JEmAKtpdWo
LPwEome0zbbTrbgCA383jbLpc4ZSC4JPQVCH5laOaxjolgJeJqSDMpdouJRNcFUS
DwlzhVemf2/4TchYpw+v1bSngvaEJBMsnAJzBl71FgBv6W5wbppyvWcpwOGdrIfR
Q+N2Z6+D6ODb2ONUUddvqdSdYKFYkPhVvwg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:58 2024 by rpki-client on console-fra.rpki-client.org