Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/SF2wpJUaiLRKo978LGPwm5X6fIA.roa
File: SF2wpJUaiLRKo978LGPwm5X6fIA.roa (raw, json)
Hash identifier: htXArJvAHQNwQdTL8beFR+BrpWi3UJY3c58NCCZSiHw=
Subject key identifier: 48:5D:B0:A4:95:1A:88:B4:4A:A3:DE:FC:2C:63:F0:9B:95:FA:7C:80
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 01856D53F36CE6583D5BF34FED2C4F8EA785
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/SF2wpJUaiLRKo978LGPwm5X6fIA.roa
Signing time: Sun 01 Jan 2023 12:34:56 +0000
ROA not before: Sun 01 Jan 2023 12:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211143
IP address blocks: 91.225.12.0/23 maxlen: 23
37.35.54.0/24 maxlen: 24
146.66.210.0/24 maxlen: 24
62.216.76.0/22 maxlen: 22
178.157.109.0/24 maxlen: 24
188.74.130.0/23 maxlen: 23
188.74.246.0/23 maxlen: 23
188.119.160.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 14 Feb 2023 12:58:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:f3:6c:e6:58:3d:5b:f3:4f:ed:2c:4f:8e:a7:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 1 12:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=485db0a4951a88b44aa3defc2c63f09b95fa7c80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:2d:8f:31:0e:fc:a4:51:0d:54:3c:05:e4:c3:
92:5b:db:77:18:08:d4:7a:22:46:dc:8c:3e:da:74:
4b:d4:38:dd:bd:12:75:89:f9:01:9f:7f:c4:a8:1f:
7c:1d:30:f4:6b:f8:da:ee:90:37:19:ad:cd:0e:f6:
2a:8b:8e:0f:c8:45:4c:4f:4b:81:86:a6:e0:19:7f:
5e:b8:ed:af:67:57:40:a7:df:dd:7e:bb:fc:45:90:
07:1a:ff:06:3b:88:c6:36:1d:01:99:4f:76:d5:56:
ab:b3:ea:2f:a2:62:c4:af:ee:e7:0a:ca:e4:aa:55:
cf:ae:32:ab:3d:e2:71:e1:b5:6d:8f:38:92:2a:21:
2a:b1:12:4a:a5:33:04:e4:f0:4e:fb:f9:fe:a9:b1:
fb:61:15:81:fc:7f:e3:79:5c:eb:84:05:4a:b7:7d:
91:1d:a7:40:82:d0:d9:fd:e7:ab:20:df:b6:12:64:
cc:60:20:6d:c3:a0:bf:81:5c:b9:7e:70:21:bd:06:
99:fa:4c:c3:84:73:53:bd:f3:71:6b:b1:cb:4b:5a:
17:88:d6:2b:55:45:33:a1:33:45:85:ec:af:70:70:
af:32:38:da:2f:1f:5c:49:47:38:dc:bb:3b:57:0a:
de:0d:40:8c:c2:4d:cd:63:2a:d6:69:b4:42:27:88:
f8:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:5D:B0:A4:95:1A:88:B4:4A:A3:DE:FC:2C:63:F0:9B:95:FA:7C:80
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/SF2wpJUaiLRKo978LGPwm5X6fIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.54.0/24
62.216.76.0/22
91.225.12.0/23
146.66.210.0/24
178.157.109.0/24
188.74.130.0/23
188.74.246.0/23
188.119.160.0/23
Signature Algorithm: sha256WithRSAEncryption
00:b6:28:58:ef:9c:7d:ed:89:e3:a3:7c:65:38:e5:d9:39:8b:
fa:cd:ae:4c:87:a6:40:8f:1c:fc:93:06:df:e3:48:0d:24:bf:
9a:fe:e2:75:3c:4d:28:44:16:74:2e:bf:64:12:01:3e:68:d5:
bc:bd:a7:ef:fe:15:f9:93:c5:a5:ba:ee:85:43:58:22:9f:a7:
f3:91:e7:b2:d8:9e:5b:c6:7c:16:bb:b3:ba:ec:39:e9:76:e0:
f0:2a:0f:4c:8a:da:54:8d:1f:79:c5:42:48:34:55:b1:93:95:
4b:4a:1f:18:5c:8f:29:cd:1f:d9:91:8a:c9:6e:8f:e1:8f:99:
49:df:70:82:e3:e5:8c:7a:55:8c:f6:6e:d5:30:4f:e3:c4:a6:
29:21:67:04:de:a6:2f:0f:1a:a9:35:0b:15:90:3a:94:f0:20:
dc:20:1e:68:fa:55:e8:09:b8:2a:e7:8c:15:d2:64:51:2d:25:
5f:7a:ee:8d:f4:57:9b:75:85:3e:aa:da:9b:f0:a3:a7:42:2b:
e0:83:f6:17:03:e1:15:36:8c:b6:da:ee:e8:68:ad:15:e0:1a:
fd:fc:4b:4d:2a:a0:ce:24:dc:86:4a:68:0e:e2:05:f2:cb:5e:
c6:d5:13:a0:0a:2c:30:3b:c4:bb:17:07:12:95:e3:b5:ad:6d:
08:4a:b1:a8
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVtU/Ns5lg9W/NP7SxPjqeFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjMwMTAxMTIzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODVkYjBhNDk1MWE4OGI0NGFhM2RlZmMyYzYzZjA5Yjk1ZmE3YzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiS2PMQ78pFENVDwF5MOSW9t3GAjU
eiJG3Iw+2nRL1DjdvRJ1ifkBn3/EqB98HTD0a/ja7pA3Ga3NDvYqi44PyEVMT0uB
hqbgGX9euO2vZ1dAp9/dfrv8RZAHGv8GO4jGNh0BmU921Vars+ovomLEr+7nCsrk
qlXPrjKrPeJx4bVtjziSKiEqsRJKpTME5PBO+/n+qbH7YRWB/H/jeVzrhAVKt32R
HadAgtDZ/eerIN+2EmTMYCBtw6C/gVy5fnAhvQaZ+kzDhHNTvfNxa7HLS1oXiNYr
VUUzoTNFheyvcHCvMjjaLx9cSUc43Ls7VwreDUCMwk3NYyrWabRCJ4j4NwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEhdsKSVGoi0SqPe/Cxj8JuV+nyAMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvU0Yyd3BKVWFpTFJLbzk3OExHUHdtNVg2ZklBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAJSM2AwQC
PthMAwQBW+EMAwQAkkLSAwQAsp1tAwQBvEqCAwQBvEr2AwQBvHegMA0GCSqGSIb3
DQEBCwUAA4IBAQAAtihY75x97Ynjo3xlOOXZOYv6za5Mh6ZAjxz8kwbf40gNJL+a
/uJ1PE0oRBZ0Lr9kEgE+aNW8vafv/hX5k8Wluu6FQ1gin6fzkeey2J5bxnwWu7O6
7DnpduDwKg9MitpUjR95xUJINFWxk5VLSh8YXI8pzR/ZkYrJbo/hj5lJ33CC4+WM
elWM9m7VME/jxKYpIWcE3qYvDxqpNQsVkDqU8CDcIB5o+lXoCbgq54wV0mRRLSVf
eu6N9FebdYU+qtqb8KOnQivgg/YXA+EVNoy22u7oaK0V4Br9/EtNKqDOJNyGSmgO
4gXyy17G1ROgCiwwO8S7FwcSleO1rW0ISrGo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:16 2024 by rpki-client on console-fra.rpki-client.org