Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/SXMp7dpWLQCWE9V0nUAmrDJfTus.roa
File: SXMp7dpWLQCWE9V0nUAmrDJfTus.roa (raw, json)
Hash identifier: Vu830/Lv78piWz3QicPdg8a5bQI63Z91DdSu68RwY0k=
Subject key identifier: 49:73:29:ED:DA:56:2D:00:96:13:D5:74:9D:40:26:AC:32:5F:4E:EB
Certificate issuer: /CN=2b8966d0f14fd59993ca4878e774fa4779036694
Certificate serial: 018C440606E26A4E9AD547FBB987A696A3CD
Authority key identifier: 2B:89:66:D0:F1:4F:D5:99:93:CA:48:78:E7:74:FA:47:79:03:66:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K4lm0PFP1ZmTykh453T6R3kDZpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/SXMp7dpWLQCWE9V0nUAmrDJfTus.roa
Signing time: Thu 07 Dec 2023 11:24:54 +0000
ROA not before: Thu 07 Dec 2023 11:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24935
IP address blocks: 195.74.80.0/24 maxlen: 24
185.161.45.0/24 maxlen: 24
185.161.47.0/24 maxlen: 24
185.252.159.0/24 maxlen: 24
185.252.158.0/24 maxlen: 24
185.252.156.0/24 maxlen: 24
46.29.123.0/24 maxlen: 24
46.29.122.0/24 maxlen: 24
37.235.93.0/24 maxlen: 24
37.235.92.0/24 maxlen: 24
194.213.30.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:44:06:06:e2:6a:4e:9a:d5:47:fb:b9:87:a6:96:a3:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b8966d0f14fd59993ca4878e774fa4779036694
Validity
Not Before: Dec 7 11:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=497329edda562d009613d5749d4026ac325f4eeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ae:b5:9e:26:a2:cb:27:f7:d3:d9:a7:2d:c7:
6d:76:ed:3a:b2:2f:a2:e1:2f:fc:5e:b1:03:60:23:
44:0f:8f:f9:90:64:8d:e9:0d:a0:ad:85:44:7d:da:
5a:d3:56:b2:56:5b:70:2b:a4:9e:44:6c:19:f1:fa:
c5:08:5c:27:87:b6:89:8a:9b:35:4f:14:a9:52:4e:
7e:c1:2d:81:50:d5:e6:7c:cd:89:c0:1d:ac:e3:22:
7f:d1:22:c5:15:06:c3:f3:bf:8a:26:78:c2:9c:d6:
98:e8:7f:54:cb:d7:b6:20:ae:c0:0c:0e:7b:28:6e:
65:e3:86:93:f3:f8:f6:26:0b:15:f9:b4:ce:69:43:
1e:f3:2f:df:bd:4e:8b:b8:bf:0a:ae:e8:82:41:42:
85:20:9b:db:41:dc:08:9e:bd:31:3d:91:3d:ea:fc:
29:5f:1c:f7:f2:45:5d:3d:50:61:dc:1c:ea:14:24:
4f:6c:ee:2e:8f:bc:89:2b:dd:91:58:e9:f2:9a:97:
c4:20:b0:a5:ee:34:4c:b2:c2:c6:f7:a2:47:53:48:
f4:2d:ef:76:14:fa:6f:53:57:c6:e6:69:85:b1:59:
a9:57:a6:21:7f:21:a6:82:27:cf:14:ab:24:b0:30:
4b:f2:5a:5d:13:61:61:e4:e5:74:21:a0:1c:83:da:
9c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:73:29:ED:DA:56:2D:00:96:13:D5:74:9D:40:26:AC:32:5F:4E:EB
X509v3 Authority Key Identifier:
keyid:2B:89:66:D0:F1:4F:D5:99:93:CA:48:78:E7:74:FA:47:79:03:66:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K4lm0PFP1ZmTykh453T6R3kDZpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/SXMp7dpWLQCWE9V0nUAmrDJfTus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/K4lm0PFP1ZmTykh453T6R3kDZpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.92.0/23
46.29.122.0/23
185.161.45.0/24
185.161.47.0/24
185.252.156.0/24
185.252.158.0/23
194.213.30.0/24
195.74.80.0/24
Signature Algorithm: sha256WithRSAEncryption
31:35:db:e9:86:98:52:31:7d:a1:a6:cf:79:7f:1e:0d:ec:21:
41:a5:99:64:04:9b:e7:7c:1d:cc:f6:e4:6d:32:35:26:41:f7:
42:77:28:ee:80:31:d8:45:7f:49:3b:c6:0e:e4:69:23:de:d5:
ce:74:18:be:fb:f0:58:b7:3d:8d:e3:12:89:bc:25:9f:2e:82:
5e:15:a7:5c:02:ce:21:46:1a:ca:da:a0:5b:5e:b5:6a:2a:41:
0c:4b:89:d0:2f:36:bf:10:c9:46:92:4f:9b:bc:76:1a:1e:13:
16:cc:15:05:b7:71:ee:20:06:50:2f:a4:ab:59:49:7d:f0:73:
db:88:2b:46:7f:f6:ff:c2:9a:a5:9b:1b:47:4e:47:50:c3:cc:
8b:75:69:59:45:03:3d:6d:d0:5d:b6:a7:75:2a:25:da:3a:9e:
01:d4:9b:df:0b:33:3e:11:b5:01:b9:01:cb:5b:64:10:d2:65:
37:82:e7:e5:b3:76:ff:7c:69:f5:58:22:a1:01:24:28:46:25:
61:7f:6e:2c:2b:99:68:4c:d9:3f:63:57:14:4d:45:e2:93:6e:
cc:22:ac:9d:07:22:d7:1c:d6:db:58:35:d1:86:2b:79:5a:18:
71:13:bf:88:8b:91:7e:f3:1d:33:6d:e9:9b:2d:25:9a:de:80:
3f:2a:1c:d2
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYxEBgbiak6a1Uf7uYemlqPNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiODk2NmQwZjE0ZmQ1OTk5M2NhNDg3OGU3NzRmYTQ3Nzkw
MzY2OTQwHhcNMjMxMjA3MTEyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTczMjllZGRhNTYyZDAwOTYxM2Q1NzQ5ZDQwMjZhYzMyNWY0ZWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvq61niaiyyf309mnLcdtdu06si+i
4S/8XrEDYCNED4/5kGSN6Q2grYVEfdpa01ayVltwK6SeRGwZ8frFCFwnh7aJips1
TxSpUk5+wS2BUNXmfM2JwB2s4yJ/0SLFFQbD87+KJnjCnNaY6H9Uy9e2IK7ADA57
KG5l44aT8/j2JgsV+bTOaUMe8y/fvU6LuL8KruiCQUKFIJvbQdwInr0xPZE96vwp
Xxz38kVdPVBh3BzqFCRPbO4uj7yJK92RWOnympfEILCl7jRMssLG96JHU0j0Le92
FPpvU1fG5mmFsVmpV6YhfyGmgifPFKsksDBL8lpdE2Fh5OV0IaAcg9qcswIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFElzKe3aVi0AlhPVdJ1AJqwyX07rMB8GA1UdIwQY
MBaAFCuJZtDxT9WZk8pIeOd0+kd5A2aUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzRsbTBQRlAxWm1UeWtoNDUzVDZSM2tEWnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvU1hNcDdkcFdMUUNXRTlWMG5VQW1yREpmVHVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEvSzRsbTBQRlAxWm1UeWtoNDUzVDZSM2tEWnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBJetcAwQB
Lh16AwQAuaEtAwQAuaEvAwQAufycAwQBufyeAwQAwtUeAwQAw0pQMA0GCSqGSIb3
DQEBCwUAA4IBAQAxNdvphphSMX2hps95fx4N7CFBpZlkBJvnfB3M9uRtMjUmQfdC
dyjugDHYRX9JO8YO5Gkj3tXOdBi++/BYtz2N4xKJvCWfLoJeFadcAs4hRhrK2qBb
XrVqKkEMS4nQLza/EMlGkk+bvHYaHhMWzBUFt3HuIAZQL6SrWUl98HPbiCtGf/b/
wpqlmxtHTkdQw8yLdWlZRQM9bdBdtqd1KiXaOp4B1JvfCzM+EbUBuQHLW2QQ0mU3
gufls3b/fGn1WCKhASQoRiVhf24sK5loTNk/Y1cUTUXik27MIqydByLXHNbbWDXR
hit5WhhxE7+Ii5F+8x0zbembLSWa3oA/KhzS
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:56 2024 by rpki-client on console-fra.rpki-client.org