Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/SJfyOQL_Q3PtjcfwW4fmjm5OqAI.roa
File: SJfyOQL_Q3PtjcfwW4fmjm5OqAI.roa (raw, json)
Hash identifier: /rGvXuV4lNvJV2U7x28YYAExu31H6J+luj9rRKI1kj8=
Subject key identifier: 48:97:F2:39:02:FF:43:73:ED:8D:C7:F0:5B:87:E6:8E:6E:4E:A8:02
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 01856F5DBE9336AFBE9505F586682FCAD46A
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/SJfyOQL_Q3PtjcfwW4fmjm5OqAI.roa
Signing time: Sun 01 Jan 2023 22:04:52 +0000
ROA not before: Sun 01 Jan 2023 22:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204544
IP address blocks: 87.107.152.0/23 maxlen: 23
87.107.166.0/23 maxlen: 23
81.12.30.0/23 maxlen: 24
87.107.174.0/23 maxlen: 23
87.107.144.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:be:93:36:af:be:95:05:f5:86:68:2f:ca:d4:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 1 22:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4897f23902ff4373ed8dc7f05b87e68e6e4ea802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:45:14:47:f7:59:a9:4d:b5:c9:13:32:a3:bd:
4e:74:f6:e8:9e:0b:00:2f:49:a5:6e:40:98:92:0d:
d4:33:e2:4a:8a:36:bd:91:09:b0:d0:ea:52:eb:dc:
0e:8e:0e:b4:77:57:e2:51:13:af:b9:c0:35:29:5e:
31:9a:2c:9f:d1:80:84:98:2c:55:de:4a:64:e1:2d:
0f:89:68:2c:d6:14:9f:90:41:bf:29:8f:fd:20:4e:
48:71:88:95:f6:2b:3b:44:e4:45:9c:3f:c0:42:04:
62:df:09:49:42:95:50:e7:dd:39:c7:68:7d:47:0c:
8a:cd:3d:54:ea:3b:ae:9e:99:79:14:29:5a:07:52:
8d:94:b8:ca:6b:c8:0a:8f:15:cd:0c:42:cc:0c:df:
e7:3e:13:f5:ed:20:94:6c:91:01:5b:e7:d4:10:0e:
3a:58:15:2b:46:61:45:30:be:78:1b:6c:87:a4:cd:
d9:34:6f:62:87:98:d4:41:e8:09:87:6a:7a:ca:7a:
b1:50:70:4c:9a:94:32:d4:61:e0:ea:43:c7:24:95:
85:aa:33:ed:e5:90:95:1c:46:cd:c5:4c:39:4f:8d:
5c:1a:61:07:60:c8:50:d2:5c:83:0e:6e:66:a4:14:
40:d3:cc:c2:4c:20:5b:88:cc:d6:d5:57:63:6e:ab:
03:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:97:F2:39:02:FF:43:73:ED:8D:C7:F0:5B:87:E6:8E:6E:4E:A8:02
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/SJfyOQL_Q3PtjcfwW4fmjm5OqAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.12.30.0/23
87.107.144.0/24
87.107.152.0/23
87.107.166.0/23
87.107.174.0/23
Signature Algorithm: sha256WithRSAEncryption
22:b8:78:0c:84:44:33:85:f4:0f:94:39:4e:33:06:84:f5:e7:
11:55:3d:ce:4c:1c:07:c0:24:55:ab:43:ac:41:fe:14:14:2b:
7e:a8:c5:3d:d2:28:b7:06:35:0a:dd:ff:a6:40:32:d5:3d:ee:
9b:0e:1d:55:db:a1:c4:80:79:fb:0f:dd:77:12:4c:b6:62:80:
82:fd:aa:80:08:fe:24:10:fb:e4:30:d0:08:2e:19:c0:e3:75:
27:d6:e9:b6:bb:81:12:ee:67:32:e8:34:5d:f3:d6:fa:fd:69:
eb:a2:13:31:42:c1:77:63:8c:35:a6:fd:d4:17:ff:4f:69:78:
92:aa:ed:82:2a:80:a1:66:df:90:51:9b:fb:e2:51:18:da:bd:
ac:d2:71:3a:75:0d:a0:18:15:8f:2f:44:f9:35:5c:c0:ba:c8:
fa:ef:19:06:01:fa:bb:d7:b4:7d:e2:63:3b:79:48:ae:d1:a1:
80:09:eb:05:a6:ee:23:28:44:b2:28:70:df:20:04:26:2d:ce:
f8:4d:0a:0c:0d:bd:ef:ff:ea:46:4c:5e:86:9b:7a:91:a7:53:
62:74:3f:3c:e4:61:97:79:58:0f:5e:01:11:3c:3a:8a:7f:2a:
f5:1e:88:d7:35:5d:ba:42:3c:81:b9:b7:c0:1e:20:ec:cd:31:
43:94:f2:ac
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVvXb6TNq++lQX1hmgvytRqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMwMTAxMjIwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODk3ZjIzOTAyZmY0MzczZWQ4ZGM3ZjA1Yjg3ZTY4ZTZlNGVhODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0UUR/dZqU21yRMyo71OdPbongsA
L0mlbkCYkg3UM+JKija9kQmw0OpS69wOjg60d1fiUROvucA1KV4xmiyf0YCEmCxV
3kpk4S0PiWgs1hSfkEG/KY/9IE5IcYiV9is7RORFnD/AQgRi3wlJQpVQ5905x2h9
RwyKzT1U6juunpl5FClaB1KNlLjKa8gKjxXNDELMDN/nPhP17SCUbJEBW+fUEA46
WBUrRmFFML54G2yHpM3ZNG9ih5jUQegJh2p6ynqxUHBMmpQy1GHg6kPHJJWFqjPt
5ZCVHEbNxUw5T41cGmEHYMhQ0lyDDm5mpBRA08zCTCBbiMzW1VdjbqsD6wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEiX8jkC/0Nz7Y3H8FuH5o5uTqgCMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvU0pmeU9RTF9RM1B0amNmd1c0Zm1qbTVPcUFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBUQweAwQA
V2uQAwQBV2uYAwQBV2umAwQBV2uuMA0GCSqGSIb3DQEBCwUAA4IBAQAiuHgMhEQz
hfQPlDlOMwaE9ecRVT3OTBwHwCRVq0OsQf4UFCt+qMU90ii3BjUK3f+mQDLVPe6b
Dh1V26HEgHn7D913Eky2YoCC/aqACP4kEPvkMNAILhnA43Un1um2u4ES7mcy6DRd
89b6/WnrohMxQsF3Y4w1pv3UF/9PaXiSqu2CKoChZt+QUZv74lEY2r2s0nE6dQ2g
GBWPL0T5NVzAusj67xkGAfq717R94mM7eUiu0aGACesFpu4jKESyKHDfIAQmLc74
TQoMDb3v/+pGTF6Gm3qRp1NidD885GGXeVgPXgERPDqKfyr1HojXNV26QjyBubfA
HiDszTFDlPKs
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:39 2023 by rpki-client on console-fra.rpki-client.org