Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/sels_7_znNgwO8fhlb7tBghu7HQ.roa
File: sels_7_znNgwO8fhlb7tBghu7HQ.roa (raw, json)
Hash identifier: N+i1ir4fu7LoX3pHTpfCDlkgt7DdAge7n3bcYQRzj7M=
Subject key identifier: B1:E9:6C:FF:BF:F3:9C:D8:30:3B:C7:E1:95:BE:ED:06:08:6E:EC:74
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 018CCA2A5BBCA774324657F8A94ED324A808
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/sels_7_znNgwO8fhlb7tBghu7HQ.roa
Signing time: Tue 02 Jan 2024 12:33:42 +0000
ROA not before: Tue 02 Jan 2024 12:33:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210464
IP address blocks: 185.197.133.0/24 maxlen: 32
2a06:e881:8707::/48 maxlen: 128
2a06:e881:870c::/48 maxlen: 128
2a06:e881:870d::/48 maxlen: 128
2a06:e881:8702::/48 maxlen: 128
2a06:e881:8703::/48 maxlen: 128
2a06:e881:8708::/48 maxlen: 128
2a06:e881:8709::/48 maxlen: 128
2a06:e881:870e::/48 maxlen: 128
2a06:e881:870f::/48 maxlen: 128
2a06:e881:8704::/48 maxlen: 128
2a06:e881:8705::/48 maxlen: 128
2a06:e881:870a::/48 maxlen: 128
2a06:e881:870b::/48 maxlen: 128
2a06:e881:8700::/48 maxlen: 128
2a06:e881:8701::/48 maxlen: 128
2a06:e881:8706::/48 maxlen: 128
Validation: Failed, certificate revoked on Sat 27 Jan 2024 15:32:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:5b:bc:a7:74:32:46:57:f8:a9:4e:d3:24:a8:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 2 12:33:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1e96cffbff39cd8303bc7e195beed06086eec74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:02:2a:31:30:3b:c2:a3:f0:b3:58:68:11:18:
d3:a3:0c:46:29:90:b9:76:25:e7:98:45:76:de:1f:
46:c8:b7:4d:d1:9b:ee:55:e1:3d:4f:30:f9:bd:9d:
31:2e:33:09:1b:3c:a6:61:3a:ef:21:5f:46:2b:ee:
a9:18:cd:fd:ce:f8:f4:26:dd:51:3f:c6:26:cc:1c:
b4:8c:43:68:7f:5f:51:e7:78:b0:00:56:c9:d5:39:
1c:fa:0d:af:91:df:cf:bd:ec:c3:c6:f7:a9:6b:07:
37:7a:92:45:4f:c2:27:09:9d:f7:18:b7:56:10:7d:
2a:19:e0:89:42:9a:83:29:35:23:c0:2c:5a:0f:78:
3b:b7:27:27:e1:22:f6:89:4e:d5:99:7a:b4:3c:f5:
fe:e6:b5:1c:20:2e:11:b9:70:e3:c9:91:28:ed:1e:
6d:a8:82:ca:67:40:84:21:59:85:b2:e0:3c:41:8a:
11:b8:56:15:98:43:70:6d:1e:d5:43:06:79:d8:a9:
81:7c:bc:7f:e6:97:19:07:05:75:54:47:b2:bd:2b:
98:d0:fc:06:ab:a5:91:cf:31:64:c9:53:10:c1:1e:
5b:cd:b4:05:9d:e8:f0:71:f6:4a:cf:36:99:bd:ca:
e2:db:44:74:c8:c2:c1:67:d1:9e:49:cf:bb:84:6c:
23:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:E9:6C:FF:BF:F3:9C:D8:30:3B:C7:E1:95:BE:ED:06:08:6E:EC:74
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/sels_7_znNgwO8fhlb7tBghu7HQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.133.0/24
IPv6:
2a06:e881:8700::/44
Signature Algorithm: sha256WithRSAEncryption
2c:a1:cb:c4:ef:e6:bb:62:6f:f4:12:7b:03:73:d8:48:6e:17:
f4:e9:0e:da:f9:7d:dd:ab:19:98:39:58:a1:aa:2c:1c:20:34:
6f:d3:45:65:62:6d:4c:20:3d:63:60:7f:06:6f:9d:ba:e0:b6:
69:1f:8f:20:a5:3f:01:9a:7d:cd:82:74:7d:cf:84:e0:a5:9e:
6a:33:f0:1b:bf:c4:29:69:0f:25:ba:fd:fc:ba:4b:00:14:9e:
7b:c8:87:a6:63:66:64:f7:b9:3f:da:b0:6e:5b:f0:51:2f:f8:
1f:a9:ac:1d:60:0f:5f:94:0c:bb:7b:45:f3:88:86:88:31:6d:
24:c8:71:10:17:18:e9:b3:65:b3:7a:7b:e0:4b:31:04:93:13:
86:f2:d0:13:0f:30:d1:80:84:60:fd:77:df:30:5b:0d:a0:55:
11:f8:87:fc:22:20:56:4b:05:10:80:65:0d:b3:07:3f:90:0c:
8b:ae:a9:aa:88:d1:50:8a:d3:af:4a:24:2e:66:3c:b4:8e:37:
0e:9f:26:0a:c4:af:27:3a:9f:5e:e5:20:bb:8f:de:89:83:a5:
e5:67:e4:94:c5:cc:05:54:e0:2b:43:fc:78:2c:72:8b:cf:a8:
24:f0:ee:1a:32:a1:47:37:50:8b:1e:5d:0f:99:b9:84:b1:c0:
ed:98:ff:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzKKlu8p3QyRlf4qU7TJKgIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjQwMTAyMTIzMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWU5NmNmZmJmZjM5Y2Q4MzAzYmM3ZTE5NWJlZWQwNjA4NmVlYzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwIqMTA7wqPws1hoERjTowxGKZC5
diXnmEV23h9GyLdN0ZvuVeE9TzD5vZ0xLjMJGzymYTrvIV9GK+6pGM39zvj0Jt1R
P8YmzBy0jENof19R53iwAFbJ1Tkc+g2vkd/PvezDxvepawc3epJFT8InCZ33GLdW
EH0qGeCJQpqDKTUjwCxaD3g7tycn4SL2iU7VmXq0PPX+5rUcIC4RuXDjyZEo7R5t
qILKZ0CEIVmFsuA8QYoRuFYVmENwbR7VQwZ52KmBfLx/5pcZBwV1VEeyvSuY0PwG
q6WRzzFkyVMQwR5bzbQFnejwcfZKzzaZvcri20R0yMLBZ9GeSc+7hGwjCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLHpbP+/85zYMDvH4ZW+7QYIbux0MB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvc2Vsc183X3puTmd3TzhmaGxiN3RCZ2h1N0hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAucWFMA8E
AgACMAkDBwQqBuiBhwAwDQYJKoZIhvcNAQELBQADggEBACyhy8Tv5rtib/QSewNz
2EhuF/TpDtr5fd2rGZg5WKGqLBwgNG/TRWVibUwgPWNgfwZvnbrgtmkfjyClPwGa
fc2CdH3PhOClnmoz8Bu/xClpDyW6/fy6SwAUnnvIh6ZjZmT3uT/asG5b8FEv+B+p
rB1gD1+UDLt7RfOIhogxbSTIcRAXGOmzZbN6e+BLMQSTE4by0BMPMNGAhGD9d98w
Ww2gVRH4h/wiIFZLBRCAZQ2zBz+QDIuuqaqI0VCK069KJC5mPLSONw6fJgrEryc6
n17lILuP3omDpeVn5JTFzAVU4CtD/HgscovPqCTw7hoyoUc3UIseXQ+ZuYSxwO2Y
/yY=
-----END CERTIFICATE-----
Generated at Sat Jan 27 19:42:00 2024 by rpki-client on console-fra.rpki-client.org