Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/sMOgC81jbbVcKptRi0Nb4ho_NY0.roa
File: sMOgC81jbbVcKptRi0Nb4ho_NY0.roa (raw, json)
Hash identifier: 1qGcbGEzn24pqmnb9XbnA1awWihBqHTas272mRPr3BU=
Subject key identifier: B0:C3:A0:0B:CD:63:6D:B5:5C:2A:9B:51:8B:43:5B:E2:1A:3F:35:8D
Certificate issuer: /CN=126c660b30f5692b2b16e289b24901c518fda520
Certificate serial: 018CC79583DD5B4AFA585E92DAE5355E81BE
Authority key identifier: 12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/sMOgC81jbbVcKptRi0Nb4ho_NY0.roa
Signing time: Tue 02 Jan 2024 00:31:53 +0000
ROA not before: Tue 02 Jan 2024 00:31:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1239
IP address blocks: 192.144.52.0/22 maxlen: 24
193.187.168.0/22 maxlen: 24
193.9.36.0/22 maxlen: 24
185.220.28.0/22 maxlen: 24
193.9.40.0/22 maxlen: 24
45.83.112.0/22 maxlen: 24
194.39.68.0/22 maxlen: 24
80.254.236.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Feb 2024 14:34:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:83:dd:5b:4a:fa:58:5e:92:da:e5:35:5e:81:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=126c660b30f5692b2b16e289b24901c518fda520
Validity
Not Before: Jan 2 00:31:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0c3a00bcd636db55c2a9b518b435be21a3f358d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:14:ff:bf:5d:15:8b:a6:2a:cb:72:0d:6f:da:
9d:82:0e:4c:fe:7d:74:03:7e:40:44:18:17:ea:de:
6a:c1:9a:90:f1:d6:a5:3e:97:b5:8f:0b:b7:29:ad:
d0:a9:37:76:e2:79:f5:1f:32:f6:00:6a:92:de:07:
53:ce:a0:51:14:98:cd:c0:3e:f9:3a:13:19:54:43:
9c:d7:d9:d2:31:cc:4d:c1:cd:72:68:6a:fa:ff:1e:
88:d3:6c:73:0b:9c:ca:bb:8a:42:8f:0d:ce:6d:ae:
3e:71:e1:72:dc:0f:77:cf:10:d7:2a:49:eb:e8:94:
1d:30:8e:24:2a:f5:41:27:31:9c:e7:ec:a0:6c:8f:
d3:a8:17:48:2a:09:77:53:58:37:16:d7:fb:06:ba:
e3:c1:2d:f5:ac:41:c7:e1:9b:1d:bd:20:4e:cb:fd:
a3:9a:6b:91:ea:67:28:c7:c7:73:b7:46:4f:74:e8:
b3:ac:ad:f9:b0:97:ae:0a:3f:65:39:cb:61:6f:bb:
36:5b:13:95:68:c8:ba:06:c2:3d:6d:a4:3f:3d:f2:
d4:16:6e:39:aa:ae:32:c0:d3:18:fa:26:5b:a9:c3:
41:45:9e:14:b0:86:25:c4:11:77:e4:46:e6:83:34:
aa:6b:f6:13:c0:67:03:6b:76:2b:fb:7d:3c:df:ad:
32:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:C3:A0:0B:CD:63:6D:B5:5C:2A:9B:51:8B:43:5B:E2:1A:3F:35:8D
X509v3 Authority Key Identifier:
keyid:12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/sMOgC81jbbVcKptRi0Nb4ho_NY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.112.0/22
80.254.236.0/22
185.220.28.0/22
192.144.52.0/22
193.9.36.0-193.9.43.255
193.187.168.0/22
194.39.68.0/22
Signature Algorithm: sha256WithRSAEncryption
98:5f:ef:94:b2:95:f2:14:f0:05:7e:66:cc:d2:b9:28:41:47:
e9:86:30:e5:0a:7d:65:6b:e5:5b:d6:c0:78:43:89:f0:53:53:
b7:32:7c:f7:01:b2:63:9f:cb:83:e1:2e:67:e0:4f:59:8c:4c:
ae:83:b2:53:ce:37:8b:31:fe:05:e1:41:d2:fa:cf:00:9a:c5:
44:10:81:70:2c:89:8b:0f:f7:c9:1c:f7:16:c4:2c:d6:2e:0d:
10:04:f3:48:67:ce:0d:97:b6:75:d5:6b:3f:61:1f:de:ab:fb:
85:aa:f3:5b:4c:b5:29:42:f7:c9:68:7f:1e:a6:c2:9d:e1:07:
b1:ca:d7:fb:4c:a4:98:ee:28:02:ce:ce:07:70:59:9c:e7:1a:
ca:d3:11:b3:18:b9:8c:ce:b3:85:95:f4:81:4d:f8:27:98:11:
92:d6:71:60:b2:cf:30:aa:cd:33:86:da:28:37:95:53:4e:f1:
76:3d:af:29:c6:2e:22:a0:98:b5:16:ab:2c:bb:90:36:71:0c:
c4:61:ef:ae:1c:b1:c0:09:55:f2:8c:48:8f:15:40:cf:33:4c:
0c:1f:ab:e2:83:53:98:6e:63:18:d3:26:72:69:da:47:d4:fb:
b3:be:42:af:cf:87:70:32:93:00:d0:ae:ea:5f:3b:06:78:b3:
a2:9e:e0:ee
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzHlYPdW0r6WF6S2uU1XoG+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNmM2NjBiMzBmNTY5MmIyYjE2ZTI4OWIyNDkwMWM1MThm
ZGE1MjAwHhcNMjQwMTAyMDAzMTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGMzYTAwYmNkNjM2ZGI1NWMyYTliNTE4YjQzNWJlMjFhM2YzNThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRT/v10Vi6Yqy3INb9qdgg5M/n10
A35ARBgX6t5qwZqQ8dalPpe1jwu3Ka3QqTd24nn1HzL2AGqS3gdTzqBRFJjNwD75
OhMZVEOc19nSMcxNwc1yaGr6/x6I02xzC5zKu4pCjw3Oba4+ceFy3A93zxDXKknr
6JQdMI4kKvVBJzGc5+ygbI/TqBdIKgl3U1g3Ftf7BrrjwS31rEHH4ZsdvSBOy/2j
mmuR6mcox8dzt0ZPdOizrK35sJeuCj9lOcthb7s2WxOVaMi6BsI9baQ/PfLUFm45
qq4ywNMY+iZbqcNBRZ4UsIYlxBF35EbmgzSqa/YTwGcDa3Yr+308360yYQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFLDDoAvNY221XCqbUYtDW+IaPzWNMB8GA1UdIwQY
MBaAFBJsZgsw9WkrKxbiibJJAcUY/aUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjIt
NDM4YWNiNzJmYzViLzEvc01PZ0M4MWpiYlZjS3B0UmkwTmI0aG9fTlkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjItNDM4YWNiNzJmYzVi
LzEvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCLVNwAwQC
UP7sAwQCudwcAwQCwJA0MAwDBALBCSQDBALBCSgDBALBu6gDBALCJ0QwDQYJKoZI
hvcNAQELBQADggEBAJhf75SylfIU8AV+ZszSuShBR+mGMOUKfWVr5VvWwHhDifBT
U7cyfPcBsmOfy4PhLmfgT1mMTK6DslPON4sx/gXhQdL6zwCaxUQQgXAsiYsP98kc
9xbELNYuDRAE80hnzg2XtnXVaz9hH96r+4Wq81tMtSlC98lofx6mwp3hB7HK1/tM
pJjuKALOzgdwWZznGsrTEbMYuYzOs4WV9IFN+CeYEZLWcWCyzzCqzTOG2ig3lVNO
8XY9rynGLiKgmLUWqyy7kDZxDMRh764cscAJVfKMSI8VQM8zTAwfq+KDU5huYxjT
JnJp2kfU+7O+Qq/Ph3AykwDQrupfOwZ4s6Ke4O4=
-----END CERTIFICATE-----
Generated at Fri Feb 16 17:41:20 2024 by rpki-client on console-fra.rpki-client.org