Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/smG-Ij4sY_b8Ogq27WL1izpnyms.roa
File: smG-Ij4sY_b8Ogq27WL1izpnyms.roa (raw, json)
Hash identifier: Fy97Qh85EzEc71GoTdgghFt/fFzJG+B+gIT3jy/LJpM=
Subject key identifier: B2:61:BE:22:3E:2C:63:F6:FC:3A:0A:B6:ED:62:F5:8B:3A:67:CA:6B
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018AEC77F86F8DE6F044AAC63FAFECE71B8A
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/smG-Ij4sY_b8Ogq27WL1izpnyms.roa
Signing time: Sun 01 Oct 2023 18:19:59 +0000
ROA not before: Sun 01 Oct 2023 18:19:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 45.8.196.0/24 maxlen: 24
85.208.106.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ec:77:f8:6f:8d:e6:f0:44:aa:c6:3f:af:ec:e7:1b:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Oct 1 18:19:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b261be223e2c63f6fc3a0ab6ed62f58b3a67ca6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ea:cf:c7:cb:da:7b:5a:fe:94:fe:7a:5b:c1:
eb:ee:86:f5:a1:90:05:e7:1c:9d:3d:bc:eb:4c:bd:
0a:ea:eb:b2:fb:11:88:7a:aa:75:3b:93:b5:fb:7f:
07:af:46:e0:ca:cd:d7:b2:de:dc:14:5f:34:9d:91:
21:95:20:0c:c9:0d:ff:6d:82:80:50:a7:7a:11:53:
d0:62:74:38:ee:dd:c4:a4:77:30:4b:88:0f:a5:8d:
85:c9:f9:da:22:34:30:b3:5c:62:df:00:e9:e9:52:
a0:88:a8:44:9e:05:38:23:eb:ea:c5:c7:f3:2e:b0:
6a:08:02:46:5c:db:7a:eb:70:27:2f:41:96:9c:54:
8e:18:52:10:5e:3a:27:fc:b7:92:54:16:c2:c5:13:
92:40:18:6a:af:53:5f:10:dd:76:10:54:a8:51:b1:
48:33:8c:16:1e:21:06:20:26:6a:ff:c0:0f:4b:7d:
c3:83:a0:52:06:4e:ec:2d:32:86:70:bf:09:fd:2a:
f0:c5:85:c5:02:4b:55:13:68:d1:05:92:b8:91:ba:
47:8a:ba:29:33:cd:d8:88:2a:a3:63:9e:2b:7d:65:
19:f5:be:5b:fd:68:57:fe:d2:b5:13:88:bd:7b:5f:
22:22:26:1f:63:5b:52:88:ef:a9:9c:43:d9:6c:65:
fd:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:61:BE:22:3E:2C:63:F6:FC:3A:0A:B6:ED:62:F5:8B:3A:67:CA:6B
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/smG-Ij4sY_b8Ogq27WL1izpnyms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.196.0/24
85.208.106.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:65:38:f7:87:b9:75:56:29:16:cf:19:ea:2e:4f:13:bb:eb:
87:24:c4:6c:8d:25:cd:31:23:b6:b1:ed:f9:ca:b3:32:88:ef:
79:b1:14:34:e4:67:dc:3e:54:5a:42:48:7a:03:bb:f0:5d:5e:
9e:d7:60:8b:dd:e6:ea:ba:87:3c:7e:79:ff:a4:88:28:2a:70:
6a:28:00:3c:e1:39:e1:2a:a6:4b:bd:a1:d8:26:74:b0:07:ec:
60:88:4a:02:9d:a5:94:d4:f1:0a:58:ff:cb:ca:e4:eb:ca:f9:
bf:be:a7:1a:7a:92:ab:f4:e3:49:cb:af:bc:af:da:14:9b:38:
b6:4b:2d:de:27:ae:e3:2f:98:72:2d:15:72:a2:5a:2d:75:ed:
39:c3:c5:5c:77:94:aa:8d:de:93:ad:28:40:50:05:b8:91:2f:
a3:e4:94:d1:80:14:8a:b1:c6:51:d4:1f:71:c2:bf:9e:3f:c8:
30:3b:a5:a3:95:cc:0c:8b:17:a8:09:01:3b:d9:e2:04:05:c2:
11:37:2c:9e:80:5d:e9:26:31:b1:55:ea:1f:f0:c7:e6:32:1e:
92:14:e4:55:a5:f7:b9:dc:01:aa:79:10:49:de:13:2d:fb:5d:
c4:19:3a:00:6e:57:0c:0f:a8:7a:65:03:db:8a:50:e1:44:9a:
68:df:b4:eb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrsd/hvjebwRKrGP6/s5xuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMxMDAxMTgxOTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjYxYmUyMjNlMmM2M2Y2ZmMzYTBhYjZlZDYyZjU4YjNhNjdjYTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgerPx8vae1r+lP56W8Hr7ob1oZAF
5xydPbzrTL0K6uuy+xGIeqp1O5O1+38Hr0bgys3Xst7cFF80nZEhlSAMyQ3/bYKA
UKd6EVPQYnQ47t3EpHcwS4gPpY2FyfnaIjQws1xi3wDp6VKgiKhEngU4I+vqxcfz
LrBqCAJGXNt663AnL0GWnFSOGFIQXjon/LeSVBbCxROSQBhqr1NfEN12EFSoUbFI
M4wWHiEGICZq/8APS33Dg6BSBk7sLTKGcL8J/SrwxYXFAktVE2jRBZK4kbpHirop
M83YiCqjY54rfWUZ9b5b/WhX/tK1E4i9e18iIiYfY1tSiO+pnEPZbGX9NQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLJhviI+LGP2/DoKtu1i9Ys6Z8prMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvc21HLUlqNHNZX2I4T2dxMjdXTDFpenBueW1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQjEAwQA
VdBqMA0GCSqGSIb3DQEBCwUAA4IBAQBOZTj3h7l1VikWzxnqLk8Tu+uHJMRsjSXN
MSO2se35yrMyiO95sRQ05GfcPlRaQkh6A7vwXV6e12CL3ebquoc8fnn/pIgoKnBq
KAA84TnhKqZLvaHYJnSwB+xgiEoCnaWU1PEKWP/LyuTryvm/vqcaepKr9ONJy6+8
r9oUmzi2Sy3eJ67jL5hyLRVyolotde05w8Vcd5Sqjd6TrShAUAW4kS+j5JTRgBSK
scZR1B9xwr+eP8gwO6WjlcwMixeoCQE72eIEBcIRNyyegF3pJjGxVeof8MfmMh6S
FORVpfe53AGqeRBJ3hMt+13EGToAblcMD6h6ZQPbilDhRJpo37Tr
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:03 2024 by rpki-client on console-ams.rpki-client.org