Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/SfIsHw9cUvFaOo4qWmRbWjubrnY.roa
File: SfIsHw9cUvFaOo4qWmRbWjubrnY.roa (raw, json)
Hash identifier: RKgOwl7ahg30ZJnSLyLuxfLTsG/qznM/S2ocLwGzbH4=
Subject key identifier: 49:F2:2C:1F:0F:5C:52:F1:5A:3A:8E:2A:5A:64:5B:5A:3B:9B:AE:76
Certificate issuer: /CN=c8f258ce203e04a33f4e90651153b259cffa3e88
Certificate serial: 01856F0B53566218DE4CE3C368D743368F5A
Authority key identifier: C8:F2:58:CE:20:3E:04:A3:3F:4E:90:65:11:53:B2:59:CF:FA:3E:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yPJYziA-BKM_TpBlEVOyWc_6Pog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/SfIsHw9cUvFaOo4qWmRbWjubrnY.roa
Signing time: Sun 01 Jan 2023 20:34:51 +0000
ROA not before: Sun 01 Jan 2023 20:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200486
IP address blocks: 194.5.100.0/22 maxlen: 24
185.156.204.0/22 maxlen: 24
2a07:a106::/32 maxlen: 32
2a07:a105::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Feb 2023 07:39:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:53:56:62:18:de:4c:e3:c3:68:d7:43:36:8f:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8f258ce203e04a33f4e90651153b259cffa3e88
Validity
Not Before: Jan 1 20:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49f22c1f0f5c52f15a3a8e2a5a645b5a3b9bae76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d9:dc:64:17:ab:02:fa:2e:bb:41:75:d7:1f:
bb:d7:67:f5:01:b7:b4:57:bd:a8:c4:b8:d3:d1:4c:
ae:59:8d:af:51:5a:05:9f:cc:89:d2:9d:bc:4f:4c:
fa:be:f0:48:c4:fe:d8:80:e5:16:66:a8:ba:dd:d7:
c1:ff:fc:ca:c6:dc:d6:4f:b5:8a:66:d1:01:f9:53:
ec:fc:b8:ed:d3:da:08:f8:31:92:36:7d:1b:d2:54:
86:27:2a:68:29:bb:78:a0:8f:a6:3f:84:50:64:55:
c2:41:62:86:59:1b:5f:bf:67:e2:d9:7f:57:d3:60:
f8:bc:69:b3:0b:23:4e:55:01:6d:72:02:1e:02:f0:
e8:7d:36:a3:5f:32:5d:93:34:de:4d:32:bc:4d:c2:
92:cd:a2:59:a0:c2:f7:ee:a3:49:48:4c:d5:ba:f7:
22:33:cd:c1:05:d6:3b:ec:d6:2a:da:44:aa:83:47:
8f:86:87:56:91:1d:ab:39:9f:7d:4e:9a:dd:93:03:
7b:03:1f:6f:f5:84:7e:8f:ec:3b:fb:01:01:38:28:
8f:a5:00:52:64:df:22:9d:28:5c:25:34:09:0c:ec:
67:3f:bd:16:64:11:85:e2:e7:c8:a4:74:f9:10:12:
ef:86:83:80:5c:c3:6d:57:d2:d2:70:55:6a:6f:21:
2b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:F2:2C:1F:0F:5C:52:F1:5A:3A:8E:2A:5A:64:5B:5A:3B:9B:AE:76
X509v3 Authority Key Identifier:
keyid:C8:F2:58:CE:20:3E:04:A3:3F:4E:90:65:11:53:B2:59:CF:FA:3E:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPJYziA-BKM_TpBlEVOyWc_6Pog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/SfIsHw9cUvFaOo4qWmRbWjubrnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/yPJYziA-BKM_TpBlEVOyWc_6Pog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.204.0/22
194.5.100.0/22
IPv6:
2a07:a105::-2a07:a106:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
84:0d:2e:5f:19:c4:19:5d:58:2c:e1:66:4e:53:b6:2b:95:f9:
06:0d:ec:c2:4e:7d:8b:48:69:2d:f2:bb:5a:95:f2:12:6d:93:
c4:1c:f2:bc:30:36:a4:a9:8c:2c:8a:48:86:fe:16:f6:de:2d:
91:00:29:7d:bc:cd:c7:b6:3d:0b:b1:f9:0e:93:83:ea:dd:70:
73:d8:16:01:2f:0b:75:1f:43:a5:73:40:7d:f9:da:9f:8b:6d:
75:53:84:75:de:b8:88:7b:ec:d1:41:ec:c2:92:5a:02:e3:37:
48:46:da:4f:87:b9:08:68:76:a1:ef:39:4c:b0:cf:0f:54:94:
96:e4:83:ee:54:b4:96:14:1a:ae:4e:bb:eb:23:b2:33:74:97:
25:cf:98:2e:2a:03:7f:b0:22:8b:64:d3:b9:5d:64:70:58:e0:
be:3a:2d:51:a4:f9:65:aa:9d:b7:a9:b4:6d:88:5d:ef:d5:62:
bc:2e:8d:4b:44:ad:f1:6f:3b:fc:ac:c7:94:9b:2f:e9:48:19:
4a:bd:88:13:56:9c:51:22:2f:45:93:03:f6:08:eb:a4:6b:b6:
22:63:36:ea:79:19:2f:4a:02:8a:a2:cc:0f:b4:4e:18:79:be:
34:e1:bd:20:31:61:ec:16:0e:82:da:d9:4e:9a:ca:1f:24:e5:
aa:91:9d:ac
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVvC1NWYhjeTOPDaNdDNo9aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZjI1OGNlMjAzZTA0YTMzZjRlOTA2NTExNTNiMjU5Y2Zm
YTNlODgwHhcNMjMwMTAxMjAzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWYyMmMxZjBmNWM1MmYxNWEzYThlMmE1YTY0NWI1YTNiOWJhZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztncZBerAvouu0F11x+712f1Abe0
V72oxLjT0UyuWY2vUVoFn8yJ0p28T0z6vvBIxP7YgOUWZqi63dfB//zKxtzWT7WK
ZtEB+VPs/Ljt09oI+DGSNn0b0lSGJypoKbt4oI+mP4RQZFXCQWKGWRtfv2fi2X9X
02D4vGmzCyNOVQFtcgIeAvDofTajXzJdkzTeTTK8TcKSzaJZoML37qNJSEzVuvci
M83BBdY77NYq2kSqg0ePhodWkR2rOZ99TprdkwN7Ax9v9YR+j+w7+wEBOCiPpQBS
ZN8inShcJTQJDOxnP70WZBGF4ufIpHT5EBLvhoOAXMNtV9LScFVqbyEruwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEnyLB8PXFLxWjqOKlpkW1o7m652MB8GA1UdIwQY
MBaAFMjyWM4gPgSjP06QZRFTslnP+j6IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVBKWXppQS1CS01fVHBCbEVWT3lXY182UG9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8xZjNjNGQtNTllNC00OTM3LWJjMTQt
NmM4OGJmYTdiNTVjLzEvU2ZJc0h3OWNVdkZhT280cVdtUmJXanVicm5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8xZjNjNGQtNTllNC00OTM3LWJjMTQtNmM4OGJmYTdiNTVj
LzEveVBKWXppQS1CS01fVHBCbEVWT3lXY182UG9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuZzMAwQC
wgVkMBYEAgACMBAwDgMFACoHoQUDBQAqB6EGMA0GCSqGSIb3DQEBCwUAA4IBAQCE
DS5fGcQZXVgs4WZOU7YrlfkGDezCTn2LSGkt8rtalfISbZPEHPK8MDakqYwsikiG
/hb23i2RACl9vM3Htj0LsfkOk4Pq3XBz2BYBLwt1H0Olc0B9+dqfi211U4R13riI
e+zRQezCkloC4zdIRtpPh7kIaHah7zlMsM8PVJSW5IPuVLSWFBquTrvrI7IzdJcl
z5guKgN/sCKLZNO5XWRwWOC+Oi1RpPllqp23qbRtiF3v1WK8Lo1LRK3xbzv8rMeU
my/pSBlKvYgTVpxRIi9FkwP2COuka7YiYzbqeRkvSgKKoswPtE4Yeb404b0gMWHs
Fg6C2tlOmsofJOWqkZ2s
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:00 2024 by rpki-client on console-ams.rpki-client.org