Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/sb7ya8sf5rlaiF9rBzu1cEw7-g0.roa
File: sb7ya8sf5rlaiF9rBzu1cEw7-g0.roa (raw, json)
Hash identifier: yNdmZ0rUFU9uuWnDZkMBir6ANFuwSjt20BpN4aQnLMQ=
Subject key identifier: B1:BE:F2:6B:CB:1F:E6:B9:5A:88:5F:6B:07:3B:B5:70:4C:3B:FA:0D
Certificate issuer: /CN=87e965e78831a88ba8fa419432a9d7bac9db38a3
Certificate serial: 018C0FCDE6FF7A688435AD3832820424C81B
Authority key identifier: 87:E9:65:E7:88:31:A8:8B:A8:FA:41:94:32:A9:D7:BA:C9:DB:38:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-ll54gxqIuo-kGUMqnXusnbOKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/sb7ya8sf5rlaiF9rBzu1cEw7-g0.roa
Signing time: Mon 27 Nov 2023 08:03:21 +0000
ROA not before: Mon 27 Nov 2023 08:03:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210275
IP address blocks: 83.229.65.0/24 maxlen: 24
185.35.78.0/24 maxlen: 24
185.35.78.0/23 maxlen: 23
2a13:2400::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 27 Nov 2023 08:22:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0f:cd:e6:ff:7a:68:84:35:ad:38:32:82:04:24:c8:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87e965e78831a88ba8fa419432a9d7bac9db38a3
Validity
Not Before: Nov 27 08:03:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1bef26bcb1fe6b95a885f6b073bb5704c3bfa0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:bf:b8:c3:e1:db:45:fc:8c:56:bb:c7:f5:17:
58:14:db:80:4f:98:40:f7:4f:46:42:0f:4d:71:b2:
6e:9b:5c:d4:f7:2a:f3:fb:ca:24:ca:35:3b:aa:21:
ec:b0:fa:31:c5:70:0d:c9:87:db:af:c2:de:e7:21:
b7:51:f2:00:c6:70:47:c1:42:d0:5b:cd:6b:40:b2:
df:42:8d:ef:b5:09:50:56:c5:e8:14:1f:d0:c4:21:
44:e8:84:36:19:a5:53:d8:e3:50:2a:b2:41:aa:de:
d4:ef:d1:12:ff:fd:84:bc:0b:4e:c0:7c:9b:84:95:
93:2b:5f:45:97:36:b0:a1:39:bc:28:90:17:8c:92:
a3:f0:30:4b:c3:38:17:87:c4:fc:d6:5e:cc:e4:64:
fd:3d:05:ed:61:4a:39:46:6f:77:b8:75:7a:82:f7:
9c:68:7d:e1:53:7b:1e:34:c7:54:f4:11:98:0e:61:
84:bc:49:c6:99:01:33:b5:20:5a:24:43:69:ad:1d:
a1:cd:52:ac:b1:df:e3:be:ac:53:22:3d:fd:85:90:
90:b7:54:f5:55:40:aa:6d:b9:6e:4f:58:e3:ca:ce:
99:fb:88:cf:69:09:41:51:d4:28:81:39:06:59:16:
34:92:26:86:43:cb:c1:ae:40:e2:66:f3:e0:33:c4:
8a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:BE:F2:6B:CB:1F:E6:B9:5A:88:5F:6B:07:3B:B5:70:4C:3B:FA:0D
X509v3 Authority Key Identifier:
keyid:87:E9:65:E7:88:31:A8:8B:A8:FA:41:94:32:A9:D7:BA:C9:DB:38:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-ll54gxqIuo-kGUMqnXusnbOKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/sb7ya8sf5rlaiF9rBzu1cEw7-g0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/h-ll54gxqIuo-kGUMqnXusnbOKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.229.65.0/24
185.35.78.0/23
IPv6:
2a13:2400::/29
Signature Algorithm: sha256WithRSAEncryption
51:c9:3b:9b:98:59:78:c6:2d:01:5e:73:85:5a:25:47:b3:90:
6e:07:8a:3f:b3:6f:97:dc:11:3f:30:fa:0b:c4:c0:40:c3:c0:
dd:ae:80:89:8b:82:c5:ab:fd:66:27:13:ba:86:01:04:e7:1e:
48:67:6b:5e:e0:21:d8:a1:37:50:58:fe:d7:44:6b:c1:72:a5:
79:fb:f9:bb:29:25:6a:0c:48:a1:73:61:ec:26:98:ac:98:14:
27:83:70:87:0e:c6:bb:98:a0:7b:3b:09:98:47:34:4d:5f:1c:
79:41:6c:a9:ef:2b:b2:68:93:ed:51:e3:a8:16:fc:74:6b:05:
f9:ff:91:e0:bd:67:75:c5:a9:c1:88:dd:76:c5:81:61:d1:60:
d3:56:a6:c8:80:e1:82:e3:9e:ae:a4:1f:90:c9:14:71:5c:c3:
21:ed:35:48:5e:82:92:3e:7a:ad:68:03:37:9a:30:1b:f3:ce:
9c:1f:3e:ae:66:ba:84:b0:47:cd:ee:a8:ef:93:5c:28:89:a6:
08:5f:b2:4f:f7:11:ee:73:0a:0d:68:0a:36:a6:be:36:b6:b5:
8a:65:14:3a:db:ba:9d:0f:76:b4:0c:27:90:3a:a6:b9:56:58:
68:93:6e:a7:00:e1:01:ec:dc:ab:a5:23:8b:6e:39:73:7d:28:
5d:7b:f7:16
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYwPzeb/emiENa04MoIEJMgbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZTk2NWU3ODgzMWE4OGJhOGZhNDE5NDMyYTlkN2JhYzlk
YjM4YTMwHhcNMjMxMTI3MDgwMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWJlZjI2YmNiMWZlNmI5NWE4ODVmNmIwNzNiYjU3MDRjM2JmYTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlb+4w+HbRfyMVrvH9RdYFNuAT5hA
909GQg9NcbJum1zU9yrz+8okyjU7qiHssPoxxXANyYfbr8Le5yG3UfIAxnBHwULQ
W81rQLLfQo3vtQlQVsXoFB/QxCFE6IQ2GaVT2ONQKrJBqt7U79ES//2EvAtOwHyb
hJWTK19FlzawoTm8KJAXjJKj8DBLwzgXh8T81l7M5GT9PQXtYUo5Rm93uHV6gvec
aH3hU3seNMdU9BGYDmGEvEnGmQEztSBaJENprR2hzVKssd/jvqxTIj39hZCQt1T1
VUCqbbluT1jjys6Z+4jPaQlBUdQogTkGWRY0kiaGQ8vBrkDiZvPgM8SKMwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLG+8mvLH+a5Wohfawc7tXBMO/oNMB8GA1UdIwQY
MBaAFIfpZeeIMaiLqPpBlDKp17rJ2zijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaC1sbDU0Z3hxSXVvLWtHVU1xblh1c25iT0tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8wNTA1MzMtYTU3ZS00YThiLWJmMGQt
Y2VlM2I0OTI5MDJlLzEvc2I3eWE4c2Y1cmxhaUY5ckJ6dTFjRXc3LWcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8wNTA1MzMtYTU3ZS00YThiLWJmMGQtY2VlM2I0OTI5MDJl
LzEvaC1sbDU0Z3hxSXVvLWtHVU1xblh1c25iT0tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAU+VBAwQB
uSNOMA0EAgACMAcDBQMqEyQAMA0GCSqGSIb3DQEBCwUAA4IBAQBRyTubmFl4xi0B
XnOFWiVHs5BuB4o/s2+X3BE/MPoLxMBAw8DdroCJi4LFq/1mJxO6hgEE5x5IZ2te
4CHYoTdQWP7XRGvBcqV5+/m7KSVqDEihc2HsJpismBQng3CHDsa7mKB7OwmYRzRN
Xxx5QWyp7yuyaJPtUeOoFvx0awX5/5HgvWd1xanBiN12xYFh0WDTVqbIgOGC456u
pB+QyRRxXMMh7TVIXoKSPnqtaAM3mjAb886cHz6uZrqEsEfN7qjvk1woiaYIX7JP
9xHucwoNaAo2pr42trWKZRQ627qdD3a0DCeQOqa5Vlhok26nAOEB7NyrpSOLbjlz
fShde/cW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:29 2024 by rpki-client on console-fra.rpki-client.org