Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/SMjARpFIqyA9TR5qvNxLgDmKE4g.roa
File: SMjARpFIqyA9TR5qvNxLgDmKE4g.roa (raw, json)
Hash identifier: VHa0Wxmb0yeOU9eIvZ1279lvP+y38JWcrmM7RwEBy9g=
Subject key identifier: 48:C8:C0:46:91:48:AB:20:3D:4D:1E:6A:BC:DC:4B:80:39:8A:13:88
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 0185727A2B3D8922A18C91696D50EEB9C60F
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/SMjARpFIqyA9TR5qvNxLgDmKE4g.roa
Signing time: Mon 02 Jan 2023 12:34:47 +0000
ROA not before: Mon 02 Jan 2023 12:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51490
IP address blocks: 89.36.139.0/24 maxlen: 24
89.36.38.0/24 maxlen: 24
2a05:7b85::/32 maxlen: 32
2a05:7b87::/32 maxlen: 32
2a05:7b81::/32 maxlen: 32
2a05:76c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 17 Jan 2023 09:21:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:2b:3d:89:22:a1:8c:91:69:6d:50:ee:b9:c6:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: Jan 2 12:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48c8c0469148ab203d4d1e6abcdc4b80398a1388
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:66:8c:3f:b5:a9:04:80:e6:15:c8:4a:16:dd:
3b:76:59:47:00:e1:ac:99:0a:a1:60:a9:84:da:8d:
0c:84:73:65:52:e7:f0:9d:9d:c9:8f:b3:20:01:87:
2d:cf:17:3d:a6:5a:2a:f4:c1:a1:57:40:fa:69:37:
63:db:59:cb:fd:29:6f:16:f7:ef:3f:d6:5e:14:62:
9f:d0:c3:41:7e:fa:a1:07:f3:af:c5:97:d2:d4:98:
81:f3:a9:b4:6c:c6:d7:27:da:24:81:fe:02:d9:21:
f3:2e:3f:82:ba:08:f2:c8:b5:31:46:e2:6d:a7:cb:
60:95:7e:34:e0:18:d8:a0:72:0e:70:73:9c:43:16:
60:ca:86:5c:ab:d6:51:82:54:cb:2f:c9:b6:2b:2d:
6f:66:2d:e5:6c:b7:85:a6:d6:4f:e1:f4:dd:ea:97:
3a:6d:71:02:cd:6f:b3:48:f5:2e:e6:76:e4:f0:3b:
77:19:2a:73:be:92:ee:72:38:7d:56:57:55:6d:6b:
46:81:a4:88:96:28:58:2e:3a:21:ca:d9:46:d2:34:
e4:72:00:6e:12:11:d9:39:0c:01:01:68:65:89:8f:
01:18:c3:3a:80:42:09:9e:cb:2c:68:63:7a:26:c6:
db:17:fa:4e:ba:8d:43:d4:91:99:41:83:44:83:52:
af:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:C8:C0:46:91:48:AB:20:3D:4D:1E:6A:BC:DC:4B:80:39:8A:13:88
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/SMjARpFIqyA9TR5qvNxLgDmKE4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.38.0/24
89.36.139.0/24
IPv6:
2a05:76c0::/29
2a05:7b81::/32
2a05:7b85::/32
2a05:7b87::/32
Signature Algorithm: sha256WithRSAEncryption
16:fb:bc:bf:1a:97:a5:1c:ef:82:fa:15:5e:c4:47:1d:bc:d1:
3a:2c:ce:a7:d7:72:f8:20:42:16:8d:15:29:25:a6:9c:16:b7:
fb:f0:12:06:e3:a0:87:97:7b:97:96:3b:aa:50:d6:76:eb:28:
75:17:15:17:3d:1f:77:c3:63:67:94:eb:54:a9:47:c5:03:d2:
10:c7:2a:a7:12:5e:07:58:2d:2a:df:1d:4c:ea:ce:a9:d9:1c:
68:14:24:e3:db:7c:a8:46:6e:13:90:8b:8d:81:8b:c6:9c:e7:
62:ad:bb:4b:90:53:ba:46:87:4a:ba:a6:40:59:5d:da:ac:ec:
ce:92:1e:1e:34:77:72:2d:49:70:18:95:34:36:ec:b1:d9:19:
09:d7:f1:d5:a2:b7:29:63:3e:d1:cb:0e:19:60:69:8e:b1:b7:
16:be:94:29:32:cb:79:22:85:60:5f:65:85:b4:99:ab:eb:38:
a2:9a:2f:fb:ec:14:bb:9a:0f:56:49:85:86:00:bb:af:80:91:
41:e3:7f:e7:f8:77:08:0f:3f:35:51:99:5a:bd:b0:87:f5:4f:
d0:0f:ee:69:9c:cb:fb:86:3f:30:c3:75:dc:af:28:b8:be:c9:
41:6e:53:37:7b:0c:a4:65:e5:fb:07:b1:0d:1a:c7:c0:42:e7:
61:5a:32:3c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVyeis9iSKhjJFpbVDuucYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjMwMTAyMTIzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGM4YzA0NjkxNDhhYjIwM2Q0ZDFlNmFiY2RjNGI4MDM5OGExMzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGaMP7WpBIDmFchKFt07dllHAOGs
mQqhYKmE2o0MhHNlUufwnZ3Jj7MgAYctzxc9ploq9MGhV0D6aTdj21nL/SlvFvfv
P9ZeFGKf0MNBfvqhB/OvxZfS1JiB86m0bMbXJ9okgf4C2SHzLj+CugjyyLUxRuJt
p8tglX404BjYoHIOcHOcQxZgyoZcq9ZRglTLL8m2Ky1vZi3lbLeFptZP4fTd6pc6
bXECzW+zSPUu5nbk8Dt3GSpzvpLucjh9VldVbWtGgaSIlihYLjohytlG0jTkcgBu
EhHZOQwBAWhliY8BGMM6gEIJnsssaGN6JsbbF/pOuo1D1JGZQYNEg1KvywIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEjIwEaRSKsgPU0earzcS4A5ihOIMB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvU01qQVJwRklxeUE5VFI1cXZOeExnRG1LRTRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODASBAIAATAMAwQAWSQmAwQA
WSSLMCIEAgACMBwDBQMqBXbAAwUAKgV7gQMFACoFe4UDBQAqBXuHMA0GCSqGSIb3
DQEBCwUAA4IBAQAW+7y/GpelHO+C+hVexEcdvNE6LM6n13L4IEIWjRUpJaacFrf7
8BIG46CHl3uXljuqUNZ26yh1FxUXPR93w2NnlOtUqUfFA9IQxyqnEl4HWC0q3x1M
6s6p2RxoFCTj23yoRm4TkIuNgYvGnOdirbtLkFO6RodKuqZAWV3arOzOkh4eNHdy
LUlwGJU0Nuyx2RkJ1/HVorcpYz7Ryw4ZYGmOsbcWvpQpMst5IoVgX2WFtJmr6zii
mi/77BS7mg9WSYWGALuvgJFB43/n+HcIDz81UZlavbCH9U/QD+5pnMv7hj8ww3Xc
ryi4vslBblM3ewykZeX7B7ENGsfAQudhWjI8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:58 2024 by rpki-client on console-ams.rpki-client.org