Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/SGw7ctjjqC6IkMrBYPONJqhcYRg.roa
File: SGw7ctjjqC6IkMrBYPONJqhcYRg.roa (raw, json)
Hash identifier: npqGZshruirMjGT0/wKKNrokvxMhGAKqQlZaBWbjchc=
Subject key identifier: 48:6C:3B:72:D8:E3:A8:2E:88:90:CA:C1:60:F3:8D:26:A8:5C:61:18
Certificate issuer: /CN=6ffb0f9bdc3a2fae47b47e70218993c919f10fb0
Certificate serial: 0192BD4B3B10A6A1E7E54759DAC9D4827DC9
Authority key identifier: 6F:FB:0F:9B:DC:3A:2F:AE:47:B4:7E:70:21:89:93:C9:19:F1:0F:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b_sPm9w6L65HtH5wIYmTyRnxD7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/SGw7ctjjqC6IkMrBYPONJqhcYRg.roa
Signing time: Thu 24 Oct 2024 06:51:16 +0000
ROA not before: Thu 24 Oct 2024 06:51:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2799
IP address blocks: 147.186.0.0/16 maxlen: 16
147.186.0.0/17 maxlen: 17
147.186.128.0/17 maxlen: 17
147.186.171.0/24 maxlen: 24
2001:67c:49c::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bd:4b:3b:10:a6:a1:e7:e5:47:59:da:c9:d4:82:7d:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ffb0f9bdc3a2fae47b47e70218993c919f10fb0
Validity
Not Before: Oct 24 06:51:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=486c3b72d8e3a82e8890cac160f38d26a85c6118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a4:7b:4e:80:77:5f:97:b7:e2:5c:a4:ce:16:
52:0c:6d:45:67:31:53:c7:66:25:e7:d9:a2:2b:5c:
b1:38:13:f1:e8:de:df:7a:26:d8:4f:13:e5:25:36:
8f:66:ab:fc:0f:32:ad:98:a4:96:2e:18:ef:7a:0a:
33:b4:54:54:f3:78:62:62:9a:94:2e:e5:d8:10:06:
b8:8b:3b:4b:47:f8:a6:2f:e0:82:12:5e:ad:02:9e:
01:53:f0:de:27:82:8a:17:4a:45:47:14:58:e9:66:
7e:8c:da:2e:85:07:39:5c:fe:38:1e:70:07:78:4a:
50:12:7b:1c:11:6d:d7:79:ea:3c:4a:19:eb:c7:d0:
f6:9b:59:8c:a3:b8:21:df:27:82:7c:79:10:b7:06:
c4:bc:c6:a1:db:ab:b0:8d:52:8e:36:eb:e7:d5:45:
50:7c:91:20:81:fc:e7:4b:37:cb:fc:e2:fa:08:b1:
01:57:ec:a0:34:56:18:e3:ab:0f:85:33:e3:3a:a3:
b3:f6:93:d8:45:67:69:cd:b1:e8:d4:d3:32:27:6e:
bc:3e:c4:9d:df:f9:32:5d:7d:23:09:b2:d4:83:fb:
6c:e2:3e:4f:ea:83:e2:91:94:3b:19:4b:36:62:b6:
2c:8e:ca:9e:c8:37:db:72:bc:cb:71:3e:a3:a4:75:
9c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:6C:3B:72:D8:E3:A8:2E:88:90:CA:C1:60:F3:8D:26:A8:5C:61:18
X509v3 Authority Key Identifier:
keyid:6F:FB:0F:9B:DC:3A:2F:AE:47:B4:7E:70:21:89:93:C9:19:F1:0F:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_sPm9w6L65HtH5wIYmTyRnxD7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/SGw7ctjjqC6IkMrBYPONJqhcYRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/b_sPm9w6L65HtH5wIYmTyRnxD7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.186.0.0/16
IPv6:
2001:67c:49c::/48
Signature Algorithm: sha256WithRSAEncryption
8d:39:29:92:07:86:fb:9c:0f:72:6c:b8:c7:b8:fe:02:2a:06:
86:0e:24:3c:d1:b2:93:74:29:07:26:34:95:fc:1e:34:a8:8c:
bb:79:61:e4:32:5f:7c:49:5e:70:3b:41:44:1e:e9:9c:9a:7b:
5d:06:51:37:3f:88:92:75:3f:90:98:7d:94:7d:19:01:a4:05:
39:1f:a1:15:99:0e:ec:e2:ab:2d:f1:fc:8e:fc:43:88:e2:8d:
c4:50:0d:fe:09:61:53:17:76:eb:f8:40:b4:3d:09:a6:d9:62:
93:0c:2c:0e:c5:e8:48:d2:a2:b0:b4:26:9a:78:c0:88:bc:ac:
60:4c:93:9b:57:99:f0:e9:e2:77:10:04:f2:b7:97:e6:1c:c1:
0e:18:7e:bd:f4:7f:36:32:e0:89:be:0c:d2:93:f8:08:2f:3d:
a7:19:b1:90:15:81:40:25:8a:16:a6:eb:5c:3b:e8:8a:6f:b8:
53:95:3e:f7:23:55:1c:ce:82:f4:5a:10:7b:ce:7e:00:13:7e:
aa:6d:56:02:3d:9d:4d:52:77:6f:57:59:99:37:f5:84:84:25:
0a:16:40:e6:1b:00:4e:e7:ef:e9:da:47:cd:54:4c:ea:06:8f:
2f:6a:bd:b8:e4:af:bd:85:56:a9:35:8e:14:1a:a9:ea:71:ca:
d9:7f:ea:6f
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZK9SzsQpqHn5UdZ2snUgn3JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZmIwZjliZGMzYTJmYWU0N2I0N2U3MDIxODk5M2M5MTlm
MTBmYjAwHhcNMjQxMDI0MDY1MTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODZjM2I3MmQ4ZTNhODJlODg5MGNhYzE2MGYzOGQyNmE4NWM2MTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaR7ToB3X5e34lykzhZSDG1FZzFT
x2Yl59miK1yxOBPx6N7feibYTxPlJTaPZqv8DzKtmKSWLhjvegoztFRU83hiYpqU
LuXYEAa4iztLR/imL+CCEl6tAp4BU/DeJ4KKF0pFRxRY6WZ+jNouhQc5XP44HnAH
eEpQEnscEW3Xeeo8Shnrx9D2m1mMo7gh3yeCfHkQtwbEvMah26uwjVKONuvn1UVQ
fJEggfznSzfL/OL6CLEBV+ygNFYY46sPhTPjOqOz9pPYRWdpzbHo1NMyJ268PsSd
3/kyXX0jCbLUg/ts4j5P6oPikZQ7GUs2YrYsjsqeyDfbcrzLcT6jpHWccwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFEhsO3LY46guiJDKwWDzjSaoXGEYMB8GA1UdIwQY
MBaAFG/7D5vcOi+uR7R+cCGJk8kZ8Q+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYl9zUG05dzZMNjVIdEg1d0lZbVR5Um54RDdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi84NGFjZGYtYmE4NS00YTgxLWEzMDYt
ZjlhYjNiMDUyMzQ5LzEvU0d3N2N0ampxQzZJa01yQllQT05KcWhjWVJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi84NGFjZGYtYmE4NS00YTgxLWEzMDYtZjlhYjNiMDUyMzQ5
LzEvYl9zUG05dzZMNjVIdEg1d0lZbVR5Um54RDdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjALBAIAATAFAwMAk7owDwQC
AAIwCQMHACABBnwEnDANBgkqhkiG9w0BAQsFAAOCAQEAjTkpkgeG+5wPcmy4x7j+
AioGhg4kPNGyk3QpByY0lfweNKiMu3lh5DJffElecDtBRB7pnJp7XQZRNz+IknU/
kJh9lH0ZAaQFOR+hFZkO7OKrLfH8jvxDiOKNxFAN/glhUxd26/hAtD0Jptlikwws
DsXoSNKisLQmmnjAiLysYEyTm1eZ8OnidxAE8reX5hzBDhh+vfR/NjLgib4M0pP4
CC89pxmxkBWBQCWKFqbrXDvoim+4U5U+9yNVHM6C9FoQe85+ABN+qm1WAj2dTVJ3
b1dZmTf1hIQlChZA5hsATufv6dpHzVRM6gaPL2q9uOSvvYVWqTWOFBqp6nHK2X/q
bw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:20 2025 by rpki-client