Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/SbmFGLHa32HlnXcDmmyFUEVm9kM.roa
File: SbmFGLHa32HlnXcDmmyFUEVm9kM.roa (raw, json)
Hash identifier: 1zTegSwJHgbsenvLPORI37yUYLcrxliexXCBv4yfBRA=
Subject key identifier: 49:B9:85:18:B1:DA:DF:61:E5:9D:77:03:9A:6C:85:50:45:66:F6:43
Certificate issuer: /CN=d87821a7c8761e08121e70c9ff42ff9b6ad34e51
Certificate serial: 018B484223DDCBAD1D9A483B93499EE41057
Authority key identifier: D8:78:21:A7:C8:76:1E:08:12:1E:70:C9:FF:42:FF:9B:6A:D3:4E:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Hghp8h2HggSHnDJ_0L_m2rTTlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/SbmFGLHa32HlnXcDmmyFUEVm9kM.roa
Signing time: Thu 19 Oct 2023 14:06:15 +0000
ROA not before: Thu 19 Oct 2023 14:06:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 217.147.180.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:48:42:23:dd:cb:ad:1d:9a:48:3b:93:49:9e:e4:10:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d87821a7c8761e08121e70c9ff42ff9b6ad34e51
Validity
Not Before: Oct 19 14:06:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49b98518b1dadf61e59d77039a6c85504566f643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:91:ff:1a:1e:5c:ed:97:b4:ee:b9:0a:1c:1c:
86:8c:4d:ab:d8:2b:20:16:a8:58:69:d8:35:59:67:
6f:86:5b:4c:8e:1c:40:40:e1:44:89:5d:41:03:12:
8b:e4:04:c8:27:8d:8f:b7:cd:19:07:48:9a:5c:64:
57:4e:dd:06:4d:e4:df:88:46:eb:58:c4:a1:4a:e5:
1b:0b:d0:bc:fe:e6:6b:94:49:45:5e:13:8b:f4:af:
55:eb:15:0b:35:95:6b:44:de:9c:99:01:3c:ab:a7:
33:4f:b8:b2:2b:7e:7c:9d:78:2b:82:92:2d:4e:79:
0e:c1:c0:fe:ac:a8:0f:13:87:ba:e8:82:bb:dd:be:
fc:00:86:a1:4b:3a:a7:c8:81:68:19:13:a3:1c:b4:
25:8d:71:6d:05:57:78:f6:dd:5b:b5:81:0d:69:ba:
c1:97:a0:97:4c:3c:d5:c8:00:fc:90:bb:3b:cb:4f:
d0:ad:b9:05:56:e3:82:7c:e3:7b:0d:69:d9:d9:4f:
ce:62:ba:c7:cd:cf:30:a9:85:88:9a:c4:e7:89:4e:
49:0d:28:c4:f0:c6:0b:4c:b4:2e:00:e2:0c:59:74:
83:6c:7d:ca:1d:47:48:60:33:77:bd:aa:02:32:aa:
31:07:7e:a1:ce:2e:9a:9d:99:50:d2:40:ce:7e:4e:
9f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:B9:85:18:B1:DA:DF:61:E5:9D:77:03:9A:6C:85:50:45:66:F6:43
X509v3 Authority Key Identifier:
keyid:D8:78:21:A7:C8:76:1E:08:12:1E:70:C9:FF:42:FF:9B:6A:D3:4E:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hghp8h2HggSHnDJ_0L_m2rTTlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/SbmFGLHa32HlnXcDmmyFUEVm9kM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/2Hghp8h2HggSHnDJ_0L_m2rTTlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.180.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:0b:9b:41:2c:3c:46:aa:7f:7a:bd:82:63:05:25:9d:68:5c:
81:73:ed:55:ec:e8:ab:d8:40:38:ba:4e:7d:8e:c5:d2:4e:fd:
64:07:56:da:c7:01:52:13:68:34:8c:8b:6f:e6:da:02:64:30:
24:f6:61:5e:c7:a4:5e:43:bb:06:4a:55:c6:89:2d:3d:bb:16:
0f:6f:15:cd:72:d4:19:a7:1b:1f:ed:73:b3:14:78:50:cb:00:
56:4b:4a:c5:e8:ca:aa:8d:15:05:5b:0d:d9:f1:f7:dc:93:9e:
c3:4c:f6:e9:16:28:97:ec:78:62:ff:cb:14:bd:13:b6:32:aa:
6f:2e:c0:48:07:18:cf:1f:ce:a4:32:67:46:15:21:5a:08:88:
4c:b6:80:35:53:7e:d7:b1:b6:77:bb:ef:89:17:a7:15:3b:6b:
d5:b3:c4:de:ac:6e:75:76:83:b6:cd:64:dd:cc:dd:d3:91:96:
b1:16:7c:24:a0:e2:56:73:3e:36:9d:8e:a4:da:fa:a0:85:20:
bc:b4:22:ee:13:76:c2:86:02:a7:d3:9e:e7:bf:d6:14:c8:88:
72:ac:18:db:4f:c0:43:e5:22:1e:24:64:0f:c8:bb:5a:86:7b:
6e:0e:1b:a2:3b:32:c0:53:70:30:c2:57:b6:d5:a0:4d:cd:39:
71:e3:d0:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtIQiPdy60dmkg7k0me5BBXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NzgyMWE3Yzg3NjFlMDgxMjFlNzBjOWZmNDJmZjliNmFk
MzRlNTEwHhcNMjMxMDE5MTQwNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWI5ODUxOGIxZGFkZjYxZTU5ZDc3MDM5YTZjODU1MDQ1NjZmNjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopH/Gh5c7Ze07rkKHByGjE2r2Csg
FqhYadg1WWdvhltMjhxAQOFEiV1BAxKL5ATIJ42Pt80ZB0iaXGRXTt0GTeTfiEbr
WMShSuUbC9C8/uZrlElFXhOL9K9V6xULNZVrRN6cmQE8q6czT7iyK358nXgrgpIt
TnkOwcD+rKgPE4e66IK73b78AIahSzqnyIFoGROjHLQljXFtBVd49t1btYENabrB
l6CXTDzVyAD8kLs7y0/QrbkFVuOCfON7DWnZ2U/OYrrHzc8wqYWImsTniU5JDSjE
8MYLTLQuAOIMWXSDbH3KHUdIYDN3vaoCMqoxB36hzi6anZlQ0kDOfk6ffwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEm5hRix2t9h5Z13A5pshVBFZvZDMB8GA1UdIwQY
MBaAFNh4IafIdh4IEh5wyf9C/5tq005RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkhnaHA4aDJIZ2dTSG5ESl8wTF9tMnJUVGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9lNTcyNWItMzEyOC00NGIzLTlmODMt
NWFhNjIwYTgxMTQ5LzEvU2JtRkdMSGEzMkhsblhjRG1teUZVRVZtOWtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9lNTcyNWItMzEyOC00NGIzLTlmODMtNWFhNjIwYTgxMTQ5
LzEvMkhnaHA4aDJIZ2dTSG5ESl8wTF9tMnJUVGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2ZO0MA0G
CSqGSIb3DQEBCwUAA4IBAQBbC5tBLDxGqn96vYJjBSWdaFyBc+1V7Oir2EA4uk59
jsXSTv1kB1baxwFSE2g0jItv5toCZDAk9mFex6ReQ7sGSlXGiS09uxYPbxXNctQZ
pxsf7XOzFHhQywBWS0rF6MqqjRUFWw3Z8ffck57DTPbpFiiX7Hhi/8sUvRO2Mqpv
LsBIBxjPH86kMmdGFSFaCIhMtoA1U37XsbZ3u++JF6cVO2vVs8TerG51doO2zWTd
zN3TkZaxFnwkoOJWcz42nY6k2vqghSC8tCLuE3bChgKn057nv9YUyIhyrBjbT8BD
5SIeJGQPyLtahntuDhuiOzLAU3Awwle21aBNzTlx49C0
-----END CERTIFICATE-----
Generated at Tue Oct 24 13:12:12 2023 by rpki-client on console-fra.rpki-client.org