Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/sbGf80S8fl_bsdNXwMpVaSbrS2c.roa
File: sbGf80S8fl_bsdNXwMpVaSbrS2c.roa (raw, json)
Hash identifier: 1r2H/xSxJ9x71UiegKSQ786rjc7OWy0DXrtdRcDjTC0=
Subject key identifier: B1:B1:9F:F3:44:BC:7E:5F:DB:B1:D3:57:C0:CA:55:69:26:EB:4B:67
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B8F781F9EABA50E387CFD70847545E283
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/sbGf80S8fl_bsdNXwMpVaSbrS2c.roa
Signing time: Thu 02 Nov 2023 09:58:16 +0000
ROA not before: Thu 02 Nov 2023 09:58:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 78.142.242.0/23 maxlen: 24
78.142.241.0/24 maxlen: 24
178.239.204.0/24 maxlen: 24
93.114.195.0/24 maxlen: 24
203.0.9.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
223.27.114.0/24 maxlen: 24
89.38.101.0/24 maxlen: 24
103.212.82.0/24 maxlen: 24
89.47.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:78:1f:9e:ab:a5:0e:38:7c:fd:70:84:75:45:e2:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 2 09:58:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1b19ff344bc7e5fdbb1d357c0ca556926eb4b67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a2:2f:d5:fe:6e:63:91:59:61:6e:4a:d1:c7:
7f:6e:bf:a3:f8:fc:cd:c1:b9:08:8c:09:70:81:30:
80:5e:e4:1f:ae:02:f2:f3:7a:be:d2:ca:15:b5:86:
70:16:c1:82:c6:47:c7:85:04:37:10:2b:92:53:86:
4a:8a:bd:fa:91:58:10:20:43:b6:b0:a9:66:93:2e:
e4:0d:c2:28:19:ef:ba:08:2b:cb:f7:53:33:d0:c5:
7e:b3:2d:8e:41:ad:67:ce:84:fd:0e:2a:6c:8e:db:
7d:f2:69:a9:ae:d5:62:58:e9:fd:4f:96:2e:58:ff:
43:0b:f4:dc:e0:ca:6a:04:1c:91:e7:e0:ee:8e:e8:
22:e8:59:bd:bf:01:5b:2b:f8:53:4b:77:22:fd:2a:
10:70:a5:95:75:ab:88:e4:95:4c:19:73:d4:3e:d6:
3f:a6:80:f4:3f:ef:5b:f9:be:9f:1e:4f:23:da:2d:
10:0d:86:75:64:05:a5:28:48:dc:37:d8:b3:af:0a:
44:49:d8:93:d2:c9:5b:0a:b2:d0:e2:08:8b:33:be:
ac:2a:e0:59:f1:76:2d:f5:ac:81:de:ab:c7:f5:e5:
31:65:d7:87:a3:ca:f4:40:af:1d:b5:a2:61:3f:82:
a3:2b:82:44:bb:0a:6e:91:ea:a1:d6:dd:ff:ff:23:
a7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:B1:9F:F3:44:BC:7E:5F:DB:B1:D3:57:C0:CA:55:69:26:EB:4B:67
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/sbGf80S8fl_bsdNXwMpVaSbrS2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.241.0-78.142.243.255
89.38.101.0/24
89.47.89.0/24
93.114.195.0/24
103.212.82.0/24
178.239.204.0/24
203.0.8.0/23
223.27.114.0/24
Signature Algorithm: sha256WithRSAEncryption
30:45:9c:bc:d5:c8:0e:5e:a5:21:bc:90:76:8b:f2:85:7e:03:
ab:65:3c:4d:d7:79:72:84:81:27:4c:55:29:45:26:a0:20:d2:
ae:7a:5b:ed:29:1f:f1:24:57:a9:d4:b1:22:bf:e1:3a:c6:2e:
41:8e:e5:4d:0d:2c:e6:35:5d:b6:cb:7e:6d:9b:39:6a:1c:0e:
ee:bd:e2:74:92:f3:00:a0:7d:de:43:80:c9:ed:7b:1d:c1:d5:
c7:1c:5c:bb:7c:ce:8c:af:6a:8f:16:b2:0e:40:01:9b:57:fe:
1d:67:bb:e0:fd:e1:94:4f:13:5b:97:65:45:f5:67:7d:86:1f:
84:c1:a4:3f:1c:4e:e4:9a:5a:fe:66:fd:04:18:e1:39:80:b4:
79:90:e5:f9:df:8a:74:f4:9b:7c:3a:1d:ac:77:a5:26:9f:4f:
ab:de:d7:c9:4d:dc:d9:f1:05:db:b7:11:f8:8a:11:67:cc:73:
55:07:14:ab:86:04:77:51:2e:26:c1:92:1d:3d:f2:e5:01:e0:
99:8a:fa:7e:94:18:1a:37:0c:7b:92:87:84:05:d1:3d:13:03:
84:b0:87:07:b5:22:84:04:be:1e:6f:3d:1c:ff:0e:f8:24:37:
62:94:8a:97:bb:ec:d5:76:7c:aa:8c:fc:48:ee:2f:b3:78:1b:
a2:9f:67:a6
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYuPeB+eq6UOOHz9cIR1ReKDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTAyMDk1ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWIxOWZmMzQ0YmM3ZTVmZGJiMWQzNTdjMGNhNTU2OTI2ZWI0YjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgaIv1f5uY5FZYW5K0cd/br+j+PzN
wbkIjAlwgTCAXuQfrgLy83q+0soVtYZwFsGCxkfHhQQ3ECuSU4ZKir36kVgQIEO2
sKlmky7kDcIoGe+6CCvL91Mz0MV+sy2OQa1nzoT9Dipsjtt98mmprtViWOn9T5Yu
WP9DC/Tc4MpqBByR5+Dujugi6Fm9vwFbK/hTS3ci/SoQcKWVdauI5JVMGXPUPtY/
poD0P+9b+b6fHk8j2i0QDYZ1ZAWlKEjcN9izrwpESdiT0slbCrLQ4giLM76sKuBZ
8XYt9ayB3qvH9eUxZdeHo8r0QK8dtaJhP4KjK4JEuwpukeqh1t3//yOn+wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFLGxn/NEvH5f27HTV8DKVWkm60tnMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvc2JHZjgwUzhmbF9ic2ROWHdNcFZhU2JyUzJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4MAwDBABOjvED
BAJOjvADBABZJmUDBABZL1kDBABdcsMDBABn1FIDBACy78wDBAHLAAgDBADfG3Iw
DQYJKoZIhvcNAQELBQADggEBADBFnLzVyA5epSG8kHaL8oV+A6tlPE3XeXKEgSdM
VSlFJqAg0q56W+0pH/EkV6nUsSK/4TrGLkGO5U0NLOY1XbbLfm2bOWocDu694nSS
8wCgfd5DgMntex3B1cccXLt8zoyvao8Wsg5AAZtX/h1nu+D94ZRPE1uXZUX1Z32G
H4TBpD8cTuSaWv5m/QQY4TmAtHmQ5fnfinT0m3w6Hax3pSafT6ve18lN3NnxBdu3
EfiKEWfMc1UHFKuGBHdRLibBkh098uUB4JmK+n6UGBo3DHuSh4QF0T0TA4Swhwe1
IoQEvh5vPRz/DvgkN2KUipe77NV2fKqM/EjuL7N4G6KfZ6Y=
-----END CERTIFICATE-----
Generated at Thu Nov 23 07:35:26 2023 by rpki-client on console-ams.rpki-client.org