Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/sbkxX0y-OO0u2hQFiztK01SGT-I.roa
File: sbkxX0y-OO0u2hQFiztK01SGT-I.roa (raw, json)
Hash identifier: gRo4MS319xzcL8gMCKsHhFyGf2tleTvIdj0NVtefyMo=
Subject key identifier: B1:B9:31:5F:4C:BE:38:ED:2E:DA:14:05:8B:3B:4A:D3:54:86:4F:E2
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 01864D766829E1EDEC3BBD0F5EDF507DEABE
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/sbkxX0y-OO0u2hQFiztK01SGT-I.roa
Signing time: Tue 14 Feb 2023 01:07:30 +0000
ROA not before: Tue 14 Feb 2023 01:07:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53340
IP address blocks: 176.111.222.0/24 maxlen: 24
193.8.194.0/24 maxlen: 24
147.189.133.0/24 maxlen: 24
5.183.77.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4d:76:68:29:e1:ed:ec:3b:bd:0f:5e:df:50:7d:ea:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Feb 14 01:07:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1b9315f4cbe38ed2eda14058b3b4ad354864fe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:31:bf:d6:11:08:a9:5a:34:58:9e:bf:df:6e:
d7:1a:ea:c8:15:bf:17:5c:ea:5e:b7:f0:df:2a:cd:
f5:57:22:a1:8b:55:5c:2c:9f:9f:b7:2b:c6:e7:6c:
e4:7c:e5:23:6c:68:81:30:0d:07:3a:61:72:b3:b6:
80:f8:39:2b:15:f5:83:fc:b0:62:e3:b5:24:ca:10:
24:41:3b:1b:5d:c7:6a:5e:5e:53:6b:9c:e0:d0:cd:
c9:72:50:49:04:53:0c:30:8f:5f:38:8a:90:0f:b1:
a4:31:0e:fb:6b:c9:f3:cb:9e:f9:3d:86:f9:c6:5a:
7c:e8:0c:1b:2a:4d:93:90:8d:90:31:e7:b1:ab:74:
9e:25:e1:e3:5e:d0:20:40:03:f1:71:29:b5:bd:7d:
6a:a7:3a:bc:14:7b:51:f5:99:ab:e9:17:2b:00:33:
31:c2:bf:b9:76:fe:6a:a6:53:5f:66:83:25:5e:6d:
61:66:3b:c3:7f:f9:a3:85:df:1f:0f:f1:67:24:94:
82:dc:fa:fd:b5:21:44:ac:00:c9:ee:3c:f3:3a:95:
e3:93:e1:b0:f4:aa:1d:e1:b8:bf:64:58:2f:2e:01:
cb:6b:67:87:7e:00:98:67:bf:d7:13:89:58:fe:a4:
cb:6b:72:9e:bb:15:4e:10:6d:63:ba:96:03:18:8c:
e0:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:B9:31:5F:4C:BE:38:ED:2E:DA:14:05:8B:3B:4A:D3:54:86:4F:E2
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/sbkxX0y-OO0u2hQFiztK01SGT-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.77.0/24
147.189.133.0/24
176.111.222.0/24
193.8.194.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:36:f0:d4:a2:6f:9b:c1:54:39:d7:5e:cd:70:79:d6:d7:4b:
41:77:8e:a1:81:04:2e:48:28:33:33:16:ac:66:ff:f4:dc:a2:
f2:44:ef:3d:d8:14:aa:65:c8:1e:5c:b2:45:2e:79:fd:f6:80:
aa:06:b0:b7:9c:07:30:31:45:ab:30:e9:55:9a:ed:ae:b4:5e:
64:22:12:22:c3:8c:33:51:6d:88:3b:ab:66:48:c1:46:fc:73:
a5:9d:69:bc:e4:f8:a4:b8:cc:8a:60:99:fb:e5:0a:ca:dd:12:
04:5a:c6:fe:25:44:f5:1f:a4:67:fd:ba:9f:8f:26:a3:e1:5c:
24:f0:20:a1:49:70:73:59:bc:20:a0:84:b0:3f:ec:f0:d6:30:
53:47:b3:11:10:ed:f6:23:0f:b8:ad:7c:71:3f:43:ed:e3:d4:
a3:e3:11:79:69:2a:51:f9:97:0f:14:a3:fc:a9:fb:19:b8:69:
00:29:a3:64:d4:d5:62:ec:99:10:c8:fa:3f:17:b7:83:93:cb:
01:cb:6d:83:b2:9e:2b:1f:15:af:af:be:37:5b:02:90:66:61:
7c:03:27:65:fe:a7:e7:1a:d3:b2:61:5e:61:39:31:31:1b:88:
ad:fd:f8:57:8c:16:fb:e9:3d:2c:10:b9:8d:09:f2:d1:e3:b7:
8a:da:8f:57
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYZNdmgp4e3sO70PXt9Qfeq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjMwMjE0MDEwNzMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWI5MzE1ZjRjYmUzOGVkMmVkYTE0MDU4YjNiNGFkMzU0ODY0ZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDG/1hEIqVo0WJ6/327XGurIFb8X
XOpet/DfKs31VyKhi1VcLJ+ftyvG52zkfOUjbGiBMA0HOmFys7aA+DkrFfWD/LBi
47UkyhAkQTsbXcdqXl5Ta5zg0M3JclBJBFMMMI9fOIqQD7GkMQ77a8nzy575PYb5
xlp86AwbKk2TkI2QMeexq3SeJeHjXtAgQAPxcSm1vX1qpzq8FHtR9Zmr6RcrADMx
wr+5dv5qplNfZoMlXm1hZjvDf/mjhd8fD/FnJJSC3Pr9tSFErADJ7jzzOpXjk+Gw
9Kod4bi/ZFgvLgHLa2eHfgCYZ7/XE4lY/qTLa3KeuxVOEG1jupYDGIzgTwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLG5MV9MvjjtLtoUBYs7StNUhk/iMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xL3Nia3hYMHktT08wdTJoUUZpenRLMDFTR1QtSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAAFt00D
BACTvYUDBACwb94DBADBCMIwDQYJKoZIhvcNAQELBQADggEBAGo28NSib5vBVDnX
Xs1wedbXS0F3jqGBBC5IKDMzFqxm//TcovJE7z3YFKplyB5cskUuef32gKoGsLec
BzAxRasw6VWa7a60XmQiEiLDjDNRbYg7q2ZIwUb8c6Wdabzk+KS4zIpgmfvlCsrd
EgRaxv4lRPUfpGf9up+PJqPhXCTwIKFJcHNZvCCghLA/7PDWMFNHsxEQ7fYjD7it
fHE/Q+3j1KPjEXlpKlH5lw8Uo/yp+xm4aQApo2TU1WLsmRDI+j8Xt4OTywHLbYOy
nisfFa+vvjdbApBmYXwDJ2X+p+ca07JhXmE5MTEbiK39+FeMFvvpPSwQuY0J8tHj
t4raj1c=
-----END CERTIFICATE-----
Generated at Sun Nov 12 23:41:22 2023 by rpki-client on console-fra.rpki-client.org