Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/1a27ec-eb0a-4406-a1d1-07ed46b149c3/1/SXccMRSwda-AajwmXGvjarrDr_I.roa
File: SXccMRSwda-AajwmXGvjarrDr_I.roa (raw, json)
Hash identifier: MGPaq2EpcDZILlU27orHDFHKgFwQYt+d6yCJPhlJydE=
Subject key identifier: 49:77:1C:31:14:B0:75:AF:80:6A:3C:26:5C:6B:E3:6A:BA:C3:AF:F2
Certificate issuer: /CN=31242850cad41cdf75a3c9d60b21fca543f74384
Certificate serial: 018A2C52D10A218296CFF24BB5189941F2B2
Authority key identifier: 31:24:28:50:CA:D4:1C:DF:75:A3:C9:D6:0B:21:FC:A5:43:F7:43:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MSQoUMrUHN91o8nWCyH8pUP3Q4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/1a27ec-eb0a-4406-a1d1-07ed46b149c3/1/SXccMRSwda-AajwmXGvjarrDr_I.roa
Signing time: Fri 25 Aug 2023 10:52:19 +0000
ROA not before: Fri 25 Aug 2023 10:52:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9136
IP address blocks: 62.176.224.0/19 maxlen: 19
91.186.32.0/19 maxlen: 19
5.159.24.0/21 maxlen: 21
213.162.128.0/19 maxlen: 19
185.72.232.0/22 maxlen: 22
2a01:581:9::/48 maxlen: 48
2a01:581:a::/48 maxlen: 48
2a01:581:6::/48 maxlen: 48
2a01:581:b::/48 maxlen: 48
2a01:581:c::/48 maxlen: 48
2a01:581:7::/48 maxlen: 48
2a01:581:8::/48 maxlen: 48
2a01:580::/29 maxlen: 29
2a01:581:d::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2c:52:d1:0a:21:82:96:cf:f2:4b:b5:18:99:41:f2:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31242850cad41cdf75a3c9d60b21fca543f74384
Validity
Not Before: Aug 25 10:52:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49771c3114b075af806a3c265c6be36abac3aff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e0:dd:09:f6:bc:88:8b:a0:14:6d:be:54:d9:
42:8b:39:26:35:95:c6:96:33:38:04:2c:9b:8d:60:
a5:c2:8e:cc:60:98:d8:72:50:b9:62:39:2e:65:1d:
c7:28:9d:ce:dd:9f:37:bc:6b:58:30:16:22:3e:71:
dc:bf:19:bc:b6:d6:cd:1d:6e:60:e7:5d:b2:e1:dd:
cd:dc:39:fa:45:8d:d5:62:72:f6:ca:e1:42:79:39:
4e:64:20:3d:4c:4d:6c:2f:05:55:5b:9e:36:17:2e:
24:d1:63:2e:f6:c5:cd:6a:79:fc:2b:7f:48:d5:26:
34:34:64:f1:78:d8:13:18:b5:de:41:c3:ec:d4:8a:
25:6a:f3:06:85:88:4f:19:65:d6:f5:cd:69:c0:f5:
80:b1:d9:a4:4d:87:84:a2:5a:32:58:c6:00:a9:30:
32:d1:0c:c7:99:86:4f:30:8f:6b:d9:01:44:5e:ea:
15:19:7e:94:d9:a8:ec:77:8a:2b:d7:25:33:48:d3:
f8:f9:e1:f1:70:74:43:7f:7a:b4:ec:f3:f5:74:c4:
d5:81:f2:32:78:d9:7e:df:b2:a6:97:0b:a2:ab:c7:
97:f1:0d:c9:68:78:db:45:1d:7b:46:bb:e6:fc:a1:
05:49:6a:93:4f:59:1e:af:10:94:71:70:ce:ce:c5:
32:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:77:1C:31:14:B0:75:AF:80:6A:3C:26:5C:6B:E3:6A:BA:C3:AF:F2
X509v3 Authority Key Identifier:
keyid:31:24:28:50:CA:D4:1C:DF:75:A3:C9:D6:0B:21:FC:A5:43:F7:43:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MSQoUMrUHN91o8nWCyH8pUP3Q4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1a27ec-eb0a-4406-a1d1-07ed46b149c3/1/SXccMRSwda-AajwmXGvjarrDr_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1a27ec-eb0a-4406-a1d1-07ed46b149c3/1/MSQoUMrUHN91o8nWCyH8pUP3Q4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.24.0/21
62.176.224.0/19
91.186.32.0/19
185.72.232.0/22
213.162.128.0/19
IPv6:
2a01:580::/29
Signature Algorithm: sha256WithRSAEncryption
44:b3:d6:6f:3d:7e:52:f0:f4:ba:cc:1e:d5:0a:43:a0:d2:b7:
9f:c9:99:fa:65:ff:e7:9d:06:65:76:b4:49:86:23:eb:2f:e0:
90:91:f1:ee:62:8c:5e:e5:d1:5a:19:f4:ec:76:34:f2:b4:b7:
c9:44:0f:a9:0a:0a:9a:7b:91:48:8a:7d:de:22:60:3d:07:4d:
1d:32:c1:b0:53:ce:07:eb:cc:02:28:fd:02:70:c3:18:69:02:
e3:82:53:3f:86:75:2c:2d:2d:0b:79:b5:29:40:d9:f7:30:ab:
83:c2:6e:ac:6f:e5:6a:18:70:73:f4:0d:11:1b:1f:76:fe:fb:
5e:16:78:9d:ce:b1:d2:7d:99:72:59:0b:be:32:ae:61:0a:ad:
07:25:00:bc:02:e5:58:c7:01:8f:d8:ee:47:de:04:ce:df:eb:
09:2e:75:9b:a2:15:2a:59:62:e0:30:46:b6:ab:7d:73:05:c6:
2a:bf:0d:2c:b6:2c:5e:f5:34:02:93:b3:24:2a:17:f7:6a:6d:
e4:55:b8:ff:a1:2d:14:c1:88:82:f3:60:8c:75:43:5a:9e:de:
53:db:9d:34:db:92:7a:3d:61:9e:fc:d6:15:d7:44:65:01:b2:
8c:15:fc:b4:8b:e1:e8:fc:93:61:4e:d8:db:ea:29:5e:7d:2a:
05:14:c1:a8
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYosUtEKIYKWz/JLtRiZQfKyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMjQyODUwY2FkNDFjZGY3NWEzYzlkNjBiMjFmY2E1NDNm
NzQzODQwHhcNMjMwODI1MTA1MjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTc3MWMzMTE0YjA3NWFmODA2YTNjMjY1YzZiZTM2YWJhYzNhZmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuDdCfa8iIugFG2+VNlCizkmNZXG
ljM4BCybjWClwo7MYJjYclC5YjkuZR3HKJ3O3Z83vGtYMBYiPnHcvxm8ttbNHW5g
512y4d3N3Dn6RY3VYnL2yuFCeTlOZCA9TE1sLwVVW542Fy4k0WMu9sXNann8K39I
1SY0NGTxeNgTGLXeQcPs1IolavMGhYhPGWXW9c1pwPWAsdmkTYeEoloyWMYAqTAy
0QzHmYZPMI9r2QFEXuoVGX6U2ajsd4or1yUzSNP4+eHxcHRDf3q07PP1dMTVgfIy
eNl+37Kmlwuiq8eX8Q3JaHjbRR17Rrvm/KEFSWqTT1kerxCUcXDOzsUydQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFEl3HDEUsHWvgGo8Jlxr42q6w6/yMB8GA1UdIwQY
MBaAFDEkKFDK1BzfdaPJ1gsh/KVD90OEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVNRb1VNclVITjkxbzhuV0N5SDhwVVAzUTRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xYTI3ZWMtZWIwYS00NDA2LWExZDEt
MDdlZDQ2YjE0OWMzLzEvU1hjY01SU3dkYS1BYWp3bVhHdmphcnJEcl9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xYTI3ZWMtZWIwYS00NDA2LWExZDEtMDdlZDQ2YjE0OWMz
LzEvTVNRb1VNclVITjkxbzhuV0N5SDhwVVAzUTRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBZ8YAwQF
PrDgAwQFW7ogAwQCuUjoAwQF1aKAMA0EAgACMAcDBQMqAQWAMA0GCSqGSIb3DQEB
CwUAA4IBAQBEs9ZvPX5S8PS6zB7VCkOg0refyZn6Zf/nnQZldrRJhiPrL+CQkfHu
Yoxe5dFaGfTsdjTytLfJRA+pCgqae5FIin3eImA9B00dMsGwU84H68wCKP0CcMMY
aQLjglM/hnUsLS0LebUpQNn3MKuDwm6sb+VqGHBz9A0RGx92/vteFnidzrHSfZly
WQu+Mq5hCq0HJQC8AuVYxwGP2O5H3gTO3+sJLnWbohUqWWLgMEa2q31zBcYqvw0s
tixe9TQCk7MkKhf3am3kVbj/oS0UwYiC82CMdUNant5T250025J6PWGe/NYV10Rl
AbKMFfy0i+Ho/JNhTtjb6ilefSoFFMGo
-----END CERTIFICATE-----
Generated at Tue Nov 28 17:03:03 2023 by rpki-client on console-ams.rpki-client.org