Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/SBzdvUmJuXwH7jsQ_tfWjtCN3sc.roa
File: SBzdvUmJuXwH7jsQ_tfWjtCN3sc.roa (raw, json)
Hash identifier: Yg6cbZi6wjIRRafAeOWWlSprjtjnrGmiXVICT3CiY+8=
Subject key identifier: 48:1C:DD:BD:49:89:B9:7C:07:EE:3B:10:FE:D7:D6:8E:D0:8D:DE:C7
Certificate issuer: /CN=844492db9cbb0a0eb6bf69c25c86961f49183c9b
Certificate serial: 018C5E3A45AB49CDEC6CA497272CD611FB50
Authority key identifier: 84:44:92:DB:9C:BB:0A:0E:B6:BF:69:C2:5C:86:96:1F:49:18:3C:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/SBzdvUmJuXwH7jsQ_tfWjtCN3sc.roa
Signing time: Tue 12 Dec 2023 13:32:06 +0000
ROA not before: Tue 12 Dec 2023 13:32:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29684
IP address blocks: 46.235.88.0/21 maxlen: 24
212.12.160.0/23 maxlen: 23
212.12.160.0/19 maxlen: 24
212.12.162.0/23 maxlen: 23
212.12.163.0/24 maxlen: 24
212.12.160.0/20 maxlen: 20
212.12.164.0/24 maxlen: 24
212.12.164.0/23 maxlen: 23
212.12.166.0/24 maxlen: 24
212.12.172.0/23 maxlen: 23
212.12.169.0/24 maxlen: 24
212.12.170.0/24 maxlen: 24
212.12.170.0/23 maxlen: 23
212.12.171.0/24 maxlen: 24
176.241.184.0/21 maxlen: 24
212.12.166.0/23 maxlen: 23
212.12.167.0/24 maxlen: 24
212.12.168.0/24 maxlen: 24
212.12.168.0/23 maxlen: 23
212.12.183.0/24 maxlen: 24
193.242.127.0/24 maxlen: 24
88.85.224.0/19 maxlen: 24
79.110.229.0/24 maxlen: 24
185.10.112.0/22 maxlen: 24
178.20.144.0/21 maxlen: 24
62.204.48.0/24 maxlen: 24
77.75.224.0/24 maxlen: 24
176.97.216.0/24 maxlen: 24
193.105.25.0/24 maxlen: 24
146.19.71.0/24 maxlen: 24
176.98.32.0/24 maxlen: 24
176.98.32.0/22 maxlen: 22
176.98.33.0/24 maxlen: 24
176.98.34.0/24 maxlen: 24
176.98.34.0/23 maxlen: 23
176.98.35.0/24 maxlen: 24
194.104.226.0/24 maxlen: 24
2a00:1560:18::/48 maxlen: 48
2a00:1560:1111::/48 maxlen: 48
2a00:1560:c::/48 maxlen: 48
2a00:1560:10::/48 maxlen: 48
2a00:1560:4::/47 maxlen: 47
2a00:1560:17::/48 maxlen: 48
2a00:1560:5::/48 maxlen: 48
2a00:1560::/32 maxlen: 32
2a00:1560:60::/48 maxlen: 48
2a00:1560:16::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5e:3a:45:ab:49:cd:ec:6c:a4:97:27:2c:d6:11:fb:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=844492db9cbb0a0eb6bf69c25c86961f49183c9b
Validity
Not Before: Dec 12 13:32:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=481cddbd4989b97c07ee3b10fed7d68ed08ddec7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8f:e4:0f:10:76:f0:bf:3a:bb:4f:01:e0:e0:
3a:df:12:27:eb:bc:e5:26:f2:5b:3a:09:b8:8f:4a:
68:0a:96:1b:de:27:ba:04:4c:0f:3e:32:eb:bb:ba:
e0:03:ff:25:37:49:93:23:66:c2:fd:c8:f2:13:a9:
14:1b:1b:f4:75:33:8f:4f:fa:b9:da:7a:82:78:4c:
d0:58:00:d8:e9:cd:1f:bc:81:f7:ce:3a:5f:93:d7:
88:55:0b:a2:f5:e2:22:82:ba:77:26:04:39:b2:d8:
cc:9e:44:e1:f5:49:69:a0:6f:21:25:04:c3:97:3a:
91:71:cd:1e:63:f3:9d:6b:74:b5:09:3d:82:48:2d:
0a:15:d7:e3:99:de:e3:28:d7:a6:40:2d:73:2f:78:
ac:8a:de:2e:7b:bc:7c:cb:9b:c9:84:e8:5c:33:cb:
92:62:bb:88:ad:d9:f9:d4:10:fb:b3:ab:af:4e:bc:
00:5f:8a:09:98:eb:33:ca:98:a2:14:29:b5:9b:72:
ce:d0:fa:ca:48:62:e0:ac:fd:72:66:52:63:86:e0:
be:6a:be:71:a8:0a:56:5a:c3:76:a2:b5:2a:e3:70:
63:32:62:4e:2d:85:0a:f4:b5:86:7f:8d:f8:4c:3f:
e8:ce:5e:ed:3f:63:30:c3:26:67:aa:48:33:19:5b:
21:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:1C:DD:BD:49:89:B9:7C:07:EE:3B:10:FE:D7:D6:8E:D0:8D:DE:C7
X509v3 Authority Key Identifier:
keyid:84:44:92:DB:9C:BB:0A:0E:B6:BF:69:C2:5C:86:96:1F:49:18:3C:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/SBzdvUmJuXwH7jsQ_tfWjtCN3sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.88.0/21
62.204.48.0/24
77.75.224.0/24
79.110.229.0/24
88.85.224.0/19
146.19.71.0/24
176.97.216.0/24
176.98.32.0/22
176.241.184.0/21
178.20.144.0/21
185.10.112.0/22
193.105.25.0/24
193.242.127.0/24
194.104.226.0/24
212.12.160.0/19
IPv6:
2a00:1560::/32
Signature Algorithm: sha256WithRSAEncryption
ab:52:6a:3c:cb:51:c6:e7:bc:5d:4a:3c:70:0d:40:e1:e4:ee:
1d:73:51:00:da:d5:83:13:16:e8:49:bc:51:09:1d:90:81:ef:
99:87:13:76:f1:4b:c2:5c:df:57:47:83:53:07:d2:98:99:60:
f9:34:85:3a:25:3d:20:83:55:c7:c0:b8:be:c7:1e:c3:26:4d:
60:c1:b5:68:f6:d8:35:c8:b9:e7:32:ce:0a:50:0a:c4:b2:c9:
06:fa:38:5b:b5:3f:7e:d7:fb:01:5a:80:e9:79:1a:55:81:9a:
5e:fb:40:51:c0:04:86:fd:48:39:b7:f4:bd:5c:01:e6:f9:9a:
f1:3c:13:a8:fc:87:b2:7f:d8:76:09:6c:c7:df:1a:f2:22:19:
82:09:96:ee:1b:cb:b9:6f:95:1a:e7:d2:53:93:37:dd:86:94:
55:d3:d7:81:65:8d:4a:c6:b0:0a:07:b8:94:86:7a:15:18:09:
76:f9:ec:e9:fb:91:88:d8:c5:a6:14:c8:cb:f3:17:7e:3f:2b:
bc:7d:f4:9d:ae:a4:9d:0c:f4:79:44:b8:a3:ac:da:25:6f:f9:
f5:bc:f1:b2:cc:4e:9e:83:2b:6f:70:a3:52:53:e8:0a:2a:f5:
4c:13:db:df:c8:bc:b5:6b:04:e3:b8:ea:9c:46:b7:49:db:35:
97:82:bb:d7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYxeOkWrSc3sbKSXJyzWEftQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDQ5MmRiOWNiYjBhMGViNmJmNjljMjVjODY5NjFmNDkx
ODNjOWIwHhcNMjMxMjEyMTMzMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODFjZGRiZDQ5ODliOTdjMDdlZTNiMTBmZWQ3ZDY4ZWQwOGRkZWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoo/kDxB28L86u08B4OA63xIn67zl
JvJbOgm4j0poCpYb3ie6BEwPPjLru7rgA/8lN0mTI2bC/cjyE6kUGxv0dTOPT/q5
2nqCeEzQWADY6c0fvIH3zjpfk9eIVQui9eIigrp3JgQ5stjMnkTh9UlpoG8hJQTD
lzqRcc0eY/Oda3S1CT2CSC0KFdfjmd7jKNemQC1zL3isit4ue7x8y5vJhOhcM8uS
YruIrdn51BD7s6uvTrwAX4oJmOszypiiFCm1m3LO0PrKSGLgrP1yZlJjhuC+ar5x
qApWWsN2orUq43BjMmJOLYUK9LWGf434TD/ozl7tP2MwwyZnqkgzGVshpQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFEgc3b1Jibl8B+47EP7X1o7Qjd7HMB8GA1UdIwQY
MBaAFIREktucuwoOtr9pwlyGlh9JGDybMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVTUzI1eTdDZzYydjJuQ1hJYVdIMGtZUEpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8zM2E4ODgtNGNmMy00YThjLTkyOTct
YTFlMGRiMWExN2RmLzEvU0J6ZHZVbUp1WHdIN2pzUV90ZldqdENOM3NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8zM2E4ODgtNGNmMy00YThjLTkyOTctYTFlMGRiMWExN2Rm
LzEvaEVTUzI1eTdDZzYydjJuQ1hJYVdIMGtZUEpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAy7rWAME
AD7MMAMEAE1L4AMEAE9u5QMEBVhV4AMEAJITRwMEALBh2AMEArBiIAMEA7DxuAME
A7IUkAMEArkKcAMEAMFpGQMEAMHyfwMEAMJo4gMEBdQMoDANBAIAAjAHAwUAKgAV
YDANBgkqhkiG9w0BAQsFAAOCAQEAq1JqPMtRxue8XUo8cA1A4eTuHXNRANrVgxMW
6Em8UQkdkIHvmYcTdvFLwlzfV0eDUwfSmJlg+TSFOiU9IINVx8C4vscewyZNYMG1
aPbYNci55zLOClAKxLLJBvo4W7U/ftf7AVqA6XkaVYGaXvtAUcAEhv1IObf0vVwB
5vma8TwTqPyHsn/Ydglsx98a8iIZggmW7hvLuW+VGufSU5M33YaUVdPXgWWNSsaw
Cge4lIZ6FRgJdvns6fuRiNjFphTIy/MXfj8rvH30na6knQz0eUS4o6zaJW/59bzx
ssxOnoMrb3CjUlPoCir1TBPb38i8tWsE47jqnEa3Sds1l4K71w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:08 2024 by rpki-client on console-ams.rpki-client.org