Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/SFqyoIzgtTJ9JZkenmy74Fa1NMA.roa
File: SFqyoIzgtTJ9JZkenmy74Fa1NMA.roa (raw, json)
Hash identifier: EF86uTxqnD062qp1ZLuFCc/HOLl0YJ8qGmSGm44FnNA=
Subject key identifier: 48:5A:B2:A0:8C:E0:B5:32:7D:25:99:1E:9E:6C:BB:E0:56:B5:34:C0
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 018BFABE5D30401EEB389FD6528AC52BFE08
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/SFqyoIzgtTJ9JZkenmy74Fa1NMA.roa
Signing time: Thu 23 Nov 2023 05:54:21 +0000
ROA not before: Thu 23 Nov 2023 05:54:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 176.105.228.0/24 maxlen: 24
185.177.27.0/24 maxlen: 24
81.28.253.0/24 maxlen: 24
91.239.149.0/24 maxlen: 24
91.238.92.0/24 maxlen: 24
45.132.80.0/22 maxlen: 24
91.244.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fa:be:5d:30:40:1e:eb:38:9f:d6:52:8a:c5:2b:fe:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Nov 23 05:54:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=485ab2a08ce0b5327d25991e9e6cbbe056b534c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:68:22:b6:0d:32:ab:0f:a5:e6:1e:96:6d:46:
2d:75:cb:bb:00:55:c4:7d:1e:ca:7c:85:5f:85:12:
d9:47:de:8a:bf:d9:ba:e3:61:d1:d8:9a:98:2b:2c:
1c:d9:46:9e:4f:15:26:77:8a:12:58:68:e1:cc:f4:
65:82:e0:24:32:c6:09:11:cb:6c:96:75:34:33:3e:
09:08:5e:3d:28:8b:1f:42:5d:52:88:55:94:09:f0:
7b:11:89:52:d0:34:1c:21:f5:7c:de:5e:f2:60:26:
90:d7:fa:1f:f5:62:9d:48:6b:7c:0a:c9:4d:38:18:
3c:b5:73:32:fb:a1:da:e2:c4:4c:1a:92:da:c5:b2:
84:3d:ab:38:6f:27:cd:b2:a9:90:6b:e4:aa:ba:76:
34:4c:6f:bc:75:a1:ae:b4:d4:e9:df:67:d0:13:14:
5e:0d:13:cc:a4:bc:61:02:66:3c:05:26:3d:d0:9d:
51:a1:b8:7b:d2:8c:4d:17:93:09:ce:16:b0:43:24:
05:96:ec:62:3d:de:0a:dc:13:31:46:b5:95:3d:13:
52:e1:07:ea:32:22:e4:0b:21:62:d7:c4:cd:b7:46:
8f:9a:2a:b8:ea:10:73:3d:b8:f3:2f:e7:84:36:f3:
f7:f1:e6:28:ea:74:15:26:74:dd:88:db:e2:68:ed:
9b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:5A:B2:A0:8C:E0:B5:32:7D:25:99:1E:9E:6C:BB:E0:56:B5:34:C0
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/SFqyoIzgtTJ9JZkenmy74Fa1NMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.80.0/22
81.28.253.0/24
91.238.92.0/24
91.239.149.0/24
91.244.198.0/24
176.105.228.0/24
185.177.27.0/24
Signature Algorithm: sha256WithRSAEncryption
92:51:b7:53:3b:a9:29:6d:62:92:19:03:3d:2b:1c:a2:8e:fb:
9b:57:bd:8e:92:ce:2c:c0:e7:ca:25:9a:70:83:39:22:7b:ef:
18:61:f6:3d:a6:44:dd:bb:ac:09:a4:93:5a:71:1e:e3:5a:60:
64:c9:10:50:32:4d:54:86:7e:d4:4d:f1:13:86:03:de:93:fa:
dc:f6:8a:a7:41:a4:fc:71:11:25:fc:ce:52:2c:b5:e5:b6:80:
23:e5:d0:ee:e1:d3:6f:f9:05:c1:0a:02:81:55:e9:cc:cf:6c:
6f:40:d3:b8:42:a0:d4:0a:2c:1e:1d:65:5d:66:0c:c1:ea:c1:
97:d2:42:14:6f:88:87:75:a5:d7:78:3b:8c:23:44:4d:ab:e6:
f4:13:9c:88:92:d7:d5:4b:bc:32:16:99:d8:b8:93:0d:62:14:
7e:4a:13:85:c6:61:c0:71:7e:7f:6d:6a:19:b3:5b:95:21:08:
12:71:fe:cf:2c:55:d8:49:82:cd:d7:9f:ab:d1:17:29:9c:5d:
67:27:b1:29:bf:04:7d:76:63:a2:9b:f4:13:d9:d5:01:c5:54:
ad:1d:49:60:58:b3:5a:5b:e6:cc:5f:23:98:8d:0b:b0:e0:e2:
49:21:f2:64:2d:a2:40:39:18:3f:fd:4a:ac:84:9e:57:45:ba:
df:4b:e2:6d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYv6vl0wQB7rOJ/WUorFK/4IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjMxMTIzMDU1NDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODVhYjJhMDhjZTBiNTMyN2QyNTk5MWU5ZTZjYmJlMDU2YjUzNGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWgitg0yqw+l5h6WbUYtdcu7AFXE
fR7KfIVfhRLZR96Kv9m642HR2JqYKywc2UaeTxUmd4oSWGjhzPRlguAkMsYJEcts
lnU0Mz4JCF49KIsfQl1SiFWUCfB7EYlS0DQcIfV83l7yYCaQ1/of9WKdSGt8CslN
OBg8tXMy+6Ha4sRMGpLaxbKEPas4byfNsqmQa+SqunY0TG+8daGutNTp32fQExRe
DRPMpLxhAmY8BSY90J1Robh70oxNF5MJzhawQyQFluxiPd4K3BMxRrWVPRNS4Qfq
MiLkCyFi18TNt0aPmiq46hBzPbjzL+eENvP38eYo6nQVJnTdiNviaO2b+QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEhasqCM4LUyfSWZHp5su+BWtTTAMB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEvU0ZxeW9Jemd0VEo5SlprZW5teTc0RmExTk1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLYRQAwQA
URz9AwQAW+5cAwQAW++VAwQAW/TGAwQAsGnkAwQAubEbMA0GCSqGSIb3DQEBCwUA
A4IBAQCSUbdTO6kpbWKSGQM9KxyijvubV72Oks4swOfKJZpwgzkie+8YYfY9pkTd
u6wJpJNacR7jWmBkyRBQMk1Uhn7UTfEThgPek/rc9oqnQaT8cREl/M5SLLXltoAj
5dDu4dNv+QXBCgKBVenMz2xvQNO4QqDUCiweHWVdZgzB6sGX0kIUb4iHdaXXeDuM
I0RNq+b0E5yIktfVS7wyFpnYuJMNYhR+ShOFxmHAcX5/bWoZs1uVIQgScf7PLFXY
SYLN15+r0RcpnF1nJ7EpvwR9dmOim/QT2dUBxVStHUlgWLNaW+bMXyOYjQuw4OJJ
IfJkLaJAORg//UqshJ5XRbrfS+Jt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:00 2024 by rpki-client on console-fra.rpki-client.org