Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SGOPGoXFAYJoppuL2P8gTilpc6k.roa
File: SGOPGoXFAYJoppuL2P8gTilpc6k.roa (raw, json)
Hash identifier: 0CkS6nM2JXiExbpxWyQmi1w0LYgAJJnfkEtURLeOVf4=
Subject key identifier: 48:63:8F:1A:85:C5:01:82:68:A6:9B:8B:D8:FF:20:4E:29:69:73:A9
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018D9275744CF91D634A85329516ADF8FFB9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SGOPGoXFAYJoppuL2P8gTilpc6k.roa
Signing time: Sat 10 Feb 2024 09:59:47 +0000
ROA not before: Sat 10 Feb 2024 09:59:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.153.136.0/22 maxlen: 22
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.165.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.173.0/24 maxlen: 24
89.213.180.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
213.152.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 18 Feb 2024 08:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:92:75:74:4c:f9:1d:63:4a:85:32:95:16:ad:f8:ff:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 10 09:59:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48638f1a85c5018268a69b8bd8ff204e296973a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0f:8e:ab:9c:43:fb:9a:25:7a:74:ef:1e:8c:
6b:2c:f4:53:13:2b:56:23:3f:46:55:e7:9c:35:ba:
a3:46:73:05:5a:19:2c:4c:fa:a6:3c:59:41:f1:8b:
0c:7c:b6:fc:3c:0c:b7:9a:67:f2:e4:c2:89:6d:4d:
1e:f2:1e:22:d4:7c:a4:4e:ba:df:e9:93:77:f7:23:
60:f3:9b:e5:41:86:8e:aa:15:3c:1a:42:d7:11:6b:
9c:57:53:76:58:65:60:77:10:3e:5e:3f:f0:91:bd:
d7:2f:4c:52:30:65:9d:a9:45:e8:20:b3:22:52:b5:
cc:23:b3:e8:7b:3b:60:40:9b:0f:82:3a:4c:6d:7f:
da:de:c8:9b:82:57:5f:03:ed:de:75:ec:9c:71:db:
1b:2f:6c:46:ea:ea:12:b1:7d:4c:50:74:4d:0e:60:
c6:55:4d:c6:3e:41:59:97:0c:44:45:ad:85:f6:66:
f2:2d:b4:61:c1:41:8a:13:b7:e2:6f:36:a5:8d:87:
83:a1:a4:72:c9:97:27:57:ef:77:cd:20:0a:35:9e:
5e:25:e7:d4:6b:5f:11:4a:cd:29:cf:07:3e:43:5b:
0d:4e:ff:d5:86:7c:25:83:e3:08:68:3f:4c:40:a0:
ca:4a:5b:13:e0:60:96:cb:b4:62:93:c5:02:17:1f:
e9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:63:8F:1A:85:C5:01:82:68:A6:9B:8B:D8:FF:20:4E:29:69:73:A9
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SGOPGoXFAYJoppuL2P8gTilpc6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.136.0/22
89.213.148.0-89.213.159.255
89.213.165.0/24
89.213.172.0/22
89.213.180.0/24
185.49.126.0/23
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
45:e5:32:05:5c:b9:1f:44:50:81:45:9e:2c:13:56:83:86:4d:
58:4b:d2:1e:8a:4e:05:c9:64:27:a7:f4:3d:23:b4:fa:dc:18:
d2:cb:76:7e:b8:8c:15:8d:39:3a:7a:f7:09:bd:2c:c2:e8:a8:
72:71:5e:24:9e:20:cf:b9:29:40:0d:f1:b1:dd:2d:26:7f:5b:
41:3e:05:49:a3:30:18:c2:f9:75:c2:08:66:1b:4e:2c:1e:1d:
ea:cd:78:7e:74:2e:d1:5c:ae:f6:81:d5:e3:b6:71:d7:49:1d:
ac:e4:5b:19:f3:08:ac:8d:0c:6b:46:bf:09:55:12:c5:99:8d:
66:8a:cd:51:e2:ad:86:0c:1b:54:c9:10:ee:8e:2b:f6:0e:3c:
0b:23:ac:7d:51:f8:59:7f:07:c2:21:de:0c:6f:03:76:f9:31:
d0:a5:e6:6e:15:93:c7:e4:c1:dc:2e:cb:5a:dc:18:a2:55:e2:
34:80:bf:fe:08:73:09:f6:1a:40:57:a1:72:9a:5c:76:bb:cd:
89:47:04:4e:3c:98:86:3e:71:25:c6:62:1e:4d:16:86:d9:e1:
03:cc:69:18:b6:1b:b2:2a:c9:91:0e:8a:85:d8:f6:fd:f6:e1:
aa:20:1b:af:d3:e5:af:a1:64:97:c6:d1:6a:f4:26:84:4c:f2:
a9:c5:44:d0
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY2SdXRM+R1jSoUylRat+P+5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMjEwMDk1OTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODYzOGYxYTg1YzUwMTgyNjhhNjliOGJkOGZmMjA0ZTI5Njk3M2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAog+Oq5xD+5olenTvHoxrLPRTEytW
Iz9GVeecNbqjRnMFWhksTPqmPFlB8YsMfLb8PAy3mmfy5MKJbU0e8h4i1HykTrrf
6ZN39yNg85vlQYaOqhU8GkLXEWucV1N2WGVgdxA+Xj/wkb3XL0xSMGWdqUXoILMi
UrXMI7PoeztgQJsPgjpMbX/a3sibgldfA+3edeyccdsbL2xG6uoSsX1MUHRNDmDG
VU3GPkFZlwxERa2F9mbyLbRhwUGKE7fibzaljYeDoaRyyZcnV+93zSAKNZ5eJefU
a18RSs0pzwc+Q1sNTv/Vhnwlg+MIaD9MQKDKSlsT4GCWy7Rik8UCFx/pAQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFEhjjxqFxQGCaKabi9j/IE4paXOpMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvU0dPUEdvWEZBWUpvcHB1TDJQOGdUaWxwYzZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCUpmIMAwD
BAJZ1ZQDBAVZ1YADBABZ1aUDBAJZ1awDBABZ1bQDBAG5MX4DBADVmCowDQYJKoZI
hvcNAQELBQADggEBAEXlMgVcuR9EUIFFniwTVoOGTVhL0h6KTgXJZCen9D0jtPrc
GNLLdn64jBWNOTp69wm9LMLoqHJxXiSeIM+5KUAN8bHdLSZ/W0E+BUmjMBjC+XXC
CGYbTiweHerNeH50LtFcrvaB1eO2cddJHazkWxnzCKyNDGtGvwlVEsWZjWaKzVHi
rYYMG1TJEO6OK/YOPAsjrH1R+Fl/B8Ih3gxvA3b5MdCl5m4Vk8fkwdwuy1rcGKJV
4jSAv/4Icwn2GkBXoXKaXHa7zYlHBE48mIY+cSXGYh5NFobZ4QPMaRi2G7IqyZEO
ioXY9v324aogG6/T5a+hZJfG0Wr0JoRM8qnFRNA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org