Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/f264e0-c8a5-41d5-9cd1-7f355d40c4e7/1/sx-rkv8ltGtAXYySVnxnoF0FxQ4.roa
File: sx-rkv8ltGtAXYySVnxnoF0FxQ4.roa (raw, json)
Hash identifier: 54i+mKrjBuZgACAcfKUv9TePDPjs10yn+3aevqWuGwY=
Subject key identifier: B3:1F:AB:92:FF:25:B4:6B:40:5D:8C:92:56:7C:67:A0:5D:05:C5:0E
Certificate issuer: /CN=ca994929166bbd744165fb64f48c35f9b4436a77
Certificate serial: 01856DE656A1C8832B274D32CCE7C2DDF3E8
Authority key identifier: CA:99:49:29:16:6B:BD:74:41:65:FB:64:F4:8C:35:F9:B4:43:6A:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yplJKRZrvXRBZftk9Iw1-bRDanc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/f264e0-c8a5-41d5-9cd1-7f355d40c4e7/1/sx-rkv8ltGtAXYySVnxnoF0FxQ4.roa
Signing time: Sun 01 Jan 2023 15:14:50 +0000
ROA not before: Sun 01 Jan 2023 15:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60267
IP address blocks: 194.62.56.0/22 maxlen: 22
185.154.56.0/22 maxlen: 22
185.224.48.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:56:a1:c8:83:2b:27:4d:32:cc:e7:c2:dd:f3:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca994929166bbd744165fb64f48c35f9b4436a77
Validity
Not Before: Jan 1 15:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b31fab92ff25b46b405d8c92567c67a05d05c50e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:8f:21:44:90:60:81:e2:74:2d:73:a3:cd:63:
9e:f6:45:58:2e:3c:5f:8e:91:9e:f4:01:42:b4:03:
06:f0:c6:92:28:5a:56:69:5f:29:28:65:b9:84:f2:
6e:0b:2e:51:c2:e9:4b:a7:4d:91:e1:3d:70:a7:0b:
6a:e7:ff:47:35:74:51:e2:85:01:88:c0:5d:66:cf:
03:de:32:35:55:f0:f5:5c:64:73:3e:bc:4e:0d:8d:
bd:75:fa:2d:66:e5:76:8a:73:34:c1:8e:32:db:e7:
a1:d6:fe:d6:58:9c:93:91:08:80:9b:54:b2:a8:4c:
9f:b6:0e:51:a2:fe:82:01:c1:6d:b5:3b:b8:19:19:
bb:65:3a:f1:f2:31:b3:bd:db:f9:0c:3b:0c:d1:00:
32:9f:81:45:6b:33:8e:34:90:69:62:fc:b6:c0:d8:
2e:bb:5a:af:20:9d:43:9b:91:db:39:de:6d:07:6f:
1c:91:53:35:d5:42:73:ba:38:86:5f:96:02:39:f7:
3b:15:f9:cf:c1:b3:31:cb:25:04:f7:45:28:dc:ea:
ae:43:47:1b:04:58:71:b9:5d:ab:1e:66:c6:31:2e:
ad:5f:d3:04:57:a3:37:6d:9f:bd:72:93:37:34:14:
57:c9:14:17:a8:fc:cf:0f:d3:b4:1d:9d:6e:e0:ea:
72:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:1F:AB:92:FF:25:B4:6B:40:5D:8C:92:56:7C:67:A0:5D:05:C5:0E
X509v3 Authority Key Identifier:
keyid:CA:99:49:29:16:6B:BD:74:41:65:FB:64:F4:8C:35:F9:B4:43:6A:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yplJKRZrvXRBZftk9Iw1-bRDanc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/f264e0-c8a5-41d5-9cd1-7f355d40c4e7/1/sx-rkv8ltGtAXYySVnxnoF0FxQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/f264e0-c8a5-41d5-9cd1-7f355d40c4e7/1/yplJKRZrvXRBZftk9Iw1-bRDanc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.56.0/22
185.224.48.0/22
194.62.56.0/22
Signature Algorithm: sha256WithRSAEncryption
87:9c:be:26:4a:f3:38:af:c1:55:54:07:27:85:fb:43:3c:12:
01:70:da:74:6d:07:1f:ea:b9:e6:84:0e:a4:a1:61:fd:29:55:
ab:1a:10:29:d9:54:36:3e:4a:6a:9a:f0:8c:3f:76:7b:47:e9:
42:ad:20:f7:14:a7:05:b6:75:45:8a:f4:72:ec:27:ac:60:d5:
14:b9:7c:d4:ff:4d:81:61:1d:ca:e0:04:3e:cd:a0:db:2a:d6:
6c:2b:a9:db:b8:07:76:11:4b:87:71:cb:9c:4c:0d:e8:7a:3a:
25:2f:d9:a9:77:4f:ab:37:40:36:49:91:6d:50:e7:c2:d5:a4:
c7:06:1f:b2:18:41:a7:af:e5:e8:a9:3f:5e:0e:9d:c1:6d:62:
1a:f2:81:70:cd:ac:23:e1:c9:d1:e9:ab:0c:49:b4:b7:15:5a:
7b:51:d8:76:04:db:a8:78:b6:26:ac:d5:be:14:ff:3d:3a:80:
a3:4f:68:22:32:e7:59:e3:be:be:0d:7d:25:d6:1e:81:6e:0d:
1a:92:e0:35:56:f9:e8:ec:5e:57:a7:61:60:4b:c3:c7:79:a8:
7c:a4:3b:a0:3a:d2:98:74:23:79:73:44:5c:25:02:a4:65:ee:
6a:24:b7:96:80:5b:fe:74:a2:f7:9b:39:e4:1b:16:5a:d2:d3:
95:69:da:dd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVt5lahyIMrJ00yzOfC3fPoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTk0OTI5MTY2YmJkNzQ0MTY1ZmI2NGY0OGMzNWY5YjQ0
MzZhNzcwHhcNMjMwMTAxMTUxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzFmYWI5MmZmMjViNDZiNDA1ZDhjOTI1NjdjNjdhMDVkMDVjNTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyI8hRJBggeJ0LXOjzWOe9kVYLjxf
jpGe9AFCtAMG8MaSKFpWaV8pKGW5hPJuCy5RwulLp02R4T1wpwtq5/9HNXRR4oUB
iMBdZs8D3jI1VfD1XGRzPrxODY29dfotZuV2inM0wY4y2+eh1v7WWJyTkQiAm1Sy
qEyftg5Rov6CAcFttTu4GRm7ZTrx8jGzvdv5DDsM0QAyn4FFazOONJBpYvy2wNgu
u1qvIJ1Dm5HbOd5tB28ckVM11UJzujiGX5YCOfc7FfnPwbMxyyUE90Uo3OquQ0cb
BFhxuV2rHmbGMS6tX9MEV6M3bZ+9cpM3NBRXyRQXqPzPD9O0HZ1u4OpydQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLMfq5L/JbRrQF2MklZ8Z6BdBcUOMB8GA1UdIwQY
MBaAFMqZSSkWa710QWX7ZPSMNfm0Q2p3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBsSktSWnJ2WFJCWmZ0azlJdzEtYlJEYW5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9mMjY0ZTAtYzhhNS00MWQ1LTljZDEt
N2YzNTVkNDBjNGU3LzEvc3gtcmt2OGx0R3RBWFl5U1ZueG5vRjBGeFE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9mMjY0ZTAtYzhhNS00MWQ1LTljZDEtN2YzNTVkNDBjNGU3
LzEveXBsSktSWnJ2WFJCWmZ0azlJdzEtYlJEYW5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuZo4AwQC
ueAwAwQCwj44MA0GCSqGSIb3DQEBCwUAA4IBAQCHnL4mSvM4r8FVVAcnhftDPBIB
cNp0bQcf6rnmhA6koWH9KVWrGhAp2VQ2PkpqmvCMP3Z7R+lCrSD3FKcFtnVFivRy
7CesYNUUuXzU/02BYR3K4AQ+zaDbKtZsK6nbuAd2EUuHccucTA3oejolL9mpd0+r
N0A2SZFtUOfC1aTHBh+yGEGnr+XoqT9eDp3BbWIa8oFwzawj4cnR6asMSbS3FVp7
Udh2BNuoeLYmrNW+FP89OoCjT2giMudZ476+DX0l1h6Bbg0akuA1Vvno7F5Xp2Fg
S8PHeah8pDugOtKYdCN5c0RcJQKkZe5qJLeWgFv+dKL3mznkGxZa0tOVadrd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:14 2024 by rpki-client on console-fra.rpki-client.org