Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/scegSBKpSiefhRye51IDqzrPUD8.roa
File: scegSBKpSiefhRye51IDqzrPUD8.roa (raw, json)
Hash identifier: aSHeJLFIVkmU74simL5ccn/ExLYq6UgaeEV66dSQs+w=
Subject key identifier: B1:C7:A0:48:12:A9:4A:27:9F:85:1C:9E:E7:52:03:AB:3A:CF:50:3F
Certificate issuer: /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Certificate serial: 01856C780C547B194D52F3462A6B0A3A7525
Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/scegSBKpSiefhRye51IDqzrPUD8.roa
Signing time: Sun 01 Jan 2023 08:34:44 +0000
ROA not before: Sun 01 Jan 2023 08:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34665
IP address blocks: 45.143.202.0/24 maxlen: 24
92.63.202.0/24 maxlen: 24
185.156.75.0/24 maxlen: 24
2a0e:e5c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:0c:54:7b:19:4d:52:f3:46:2a:6b:0a:3a:75:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Validity
Not Before: Jan 1 08:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1c7a04812a94a279f851c9ee75203ab3acf503f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:13:84:b8:12:99:30:6c:f1:2a:45:85:45:a9:
78:c1:a6:a1:a0:59:21:61:54:c9:43:a0:81:9c:49:
55:68:50:df:fe:bd:b5:61:80:ab:88:b3:72:3f:a9:
54:f5:ad:35:3d:5b:83:7a:d5:ef:fa:f0:df:d2:60:
da:b0:6d:47:28:50:b8:61:10:c4:45:9f:55:ee:6c:
63:0a:f8:16:a1:97:74:99:21:99:67:fe:21:13:ad:
e3:f9:95:55:6a:2a:fa:09:6b:69:15:06:82:84:7c:
73:b6:d1:1b:d6:8c:a0:4a:5c:87:73:d0:db:da:63:
50:d9:8b:a6:3f:1e:80:40:3a:b7:c2:85:ac:ee:3f:
bd:c5:77:ad:c8:56:ac:cb:d6:c5:4d:0e:76:32:91:
55:7f:84:29:d1:b6:58:32:90:62:ed:fc:96:78:9b:
5a:c4:25:2f:f4:66:6b:8c:17:b5:44:f9:65:1f:8d:
33:87:ea:fd:2d:f2:de:87:9a:de:8c:05:ab:23:9c:
f8:97:a0:a9:3f:89:d3:d2:90:ee:7b:9c:ae:26:bd:
d2:f2:cd:c7:6d:49:e3:76:ca:30:cb:e1:ff:61:8a:
1d:62:b3:66:c1:f6:2f:6a:3a:a2:6c:3c:75:72:1e:
2e:d8:9a:ca:ce:02:95:1e:3b:16:10:d4:c4:8f:c1:
a1:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:C7:A0:48:12:A9:4A:27:9F:85:1C:9E:E7:52:03:AB:3A:CF:50:3F
X509v3 Authority Key Identifier:
keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/scegSBKpSiefhRye51IDqzrPUD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.202.0/24
92.63.202.0/24
185.156.75.0/24
IPv6:
2a0e:e5c0::/29
Signature Algorithm: sha256WithRSAEncryption
6c:08:ff:fb:45:f0:d2:66:5b:67:0e:c8:fa:d0:37:85:f0:97:
db:a9:94:fd:d1:c3:31:cc:41:27:cb:32:58:1a:db:27:e0:a0:
b5:95:e7:9f:02:31:02:d2:3f:83:2b:ab:65:a1:9e:81:78:69:
29:44:23:e7:a1:35:c5:e9:d6:ce:06:23:11:85:9d:b1:d8:1d:
f8:c4:96:57:b0:9b:7c:35:c7:a3:52:11:da:74:96:c9:f1:48:
3d:0c:ee:cb:b4:6d:8f:e6:5a:55:ca:45:f1:d8:df:0f:f3:0e:
7e:92:76:c9:0b:17:1d:85:37:39:1e:fa:96:cd:74:21:c3:f8:
54:99:c9:70:c1:09:af:66:10:13:e5:d6:d6:ec:e7:6c:c9:46:
50:80:64:6d:b5:a6:92:8e:65:82:ee:4d:32:fb:a9:72:40:b7:
f5:dd:5b:d1:7a:0a:60:2f:dd:26:59:6a:c8:a5:46:0b:42:7f:
6b:15:cc:c7:02:43:cd:58:d2:61:cf:99:8f:90:b6:61:50:90:
c1:aa:86:01:e5:aa:6f:2d:e7:05:af:98:16:5c:0c:9b:75:c5:
3f:52:74:0f:ab:20:43:af:68:fa:5b:d4:5a:c1:60:d1:d4:1a:
b8:5d:c2:8e:02:b8:07:e0:71:0d:51:5b:bd:e3:8e:66:34:a8:
62:67:23:d7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVseAxUexlNUvNGKmsKOnUlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYWYxMmY1Y2E3NWM5MjJhNGFhNWRhY2I0OWMwNGE5MzIz
N2Y0ZWQwHhcNMjMwMTAxMDgzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWM3YTA0ODEyYTk0YTI3OWY4NTFjOWVlNzUyMDNhYjNhY2Y1MDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxOEuBKZMGzxKkWFRal4waahoFkh
YVTJQ6CBnElVaFDf/r21YYCriLNyP6lU9a01PVuDetXv+vDf0mDasG1HKFC4YRDE
RZ9V7mxjCvgWoZd0mSGZZ/4hE63j+ZVVair6CWtpFQaChHxzttEb1oygSlyHc9Db
2mNQ2YumPx6AQDq3woWs7j+9xXetyFasy9bFTQ52MpFVf4Qp0bZYMpBi7fyWeJta
xCUv9GZrjBe1RPllH40zh+r9LfLeh5rejAWrI5z4l6CpP4nT0pDue5yuJr3S8s3H
bUnjdsowy+H/YYodYrNmwfYvajqibDx1ch4u2JrKzgKVHjsWENTEj8Gh9wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLHHoEgSqUonn4UcnudSA6s6z1A/MB8GA1UdIwQY
MBaAFLGvEvXKdckipKpdrLScBKkyN/TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUt
NTc2MGVmYmNjNjU0LzEvc2NlZ1NCS3BTaWVmaFJ5ZTUxSURxenJQVUQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUtNTc2MGVmYmNjNjU0
LzEvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALY/KAwQA
XD/KAwQAuZxLMA0EAgACMAcDBQMqDuXAMA0GCSqGSIb3DQEBCwUAA4IBAQBsCP/7
RfDSZltnDsj60DeF8JfbqZT90cMxzEEnyzJYGtsn4KC1leefAjEC0j+DK6tloZ6B
eGkpRCPnoTXF6dbOBiMRhZ2x2B34xJZXsJt8NcejUhHadJbJ8Ug9DO7LtG2P5lpV
ykXx2N8P8w5+knbJCxcdhTc5HvqWzXQhw/hUmclwwQmvZhAT5dbW7OdsyUZQgGRt
taaSjmWC7k0y+6lyQLf13VvRegpgL90mWWrIpUYLQn9rFczHAkPNWNJhz5mPkLZh
UJDBqoYB5apvLecFr5gWXAybdcU/UnQPqyBDr2j6W9RawWDR1Bq4XcKOArgH4HEN
UVu9445mNKhiZyPX
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:21:49 2023 by rpki-client on console-ams.rpki-client.org