Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/SMh9urUf1hbufrWvYQxKd1trq3s.roa
File: SMh9urUf1hbufrWvYQxKd1trq3s.roa (raw, json)
Hash identifier: yxqlg3mt/taxyiaKcuIBpV387NqhOUx3uiTKZESPJ/o=
Subject key identifier: 48:C8:7D:BA:B5:1F:D6:16:EE:7E:B5:AF:61:0C:4A:77:5B:6B:AB:7B
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 01874BA87EC2D2936FE4C73F9BE14C7CC944
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/SMh9urUf1hbufrWvYQxKd1trq3s.roa
Signing time: Tue 04 Apr 2023 09:45:46 +0000
ROA not before: Tue 04 Apr 2023 09:45:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197600
IP address blocks: 157.25.123.0/24 maxlen: 24
85.219.142.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4b:a8:7e:c2:d2:93:6f:e4:c7:3f:9b:e1:4c:7c:c9:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Apr 4 09:45:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48c87dbab51fd616ee7eb5af610c4a775b6bab7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ac:b0:d9:e4:3a:a6:f5:66:d5:49:59:85:37:
25:f6:e5:08:ee:0a:03:1c:6d:cc:f2:84:f3:db:72:
36:14:46:f7:b6:ad:f0:15:5c:8e:c7:ff:cb:33:3c:
75:cc:76:3d:5f:1e:5e:57:5b:1c:8e:83:e9:c3:06:
2c:da:16:91:a7:cf:79:29:29:0a:43:db:ad:9b:b7:
1e:a6:41:59:af:d8:9a:c2:0e:0d:90:08:57:46:16:
de:d6:2d:42:a6:fc:0a:50:05:53:16:ce:49:7b:18:
7a:b8:5b:f5:81:d0:51:e4:d6:b8:24:6c:93:bd:6e:
0b:97:77:fc:cf:62:96:b3:2e:80:1e:05:81:1e:5c:
27:1b:5f:36:35:7c:eb:33:a6:69:a2:9e:15:ee:03:
27:d2:00:29:e0:89:41:0f:5b:15:00:b9:c4:08:b5:
fb:b3:6b:58:c5:1e:66:bc:f5:c8:0c:3f:94:0e:06:
46:7d:72:8f:ae:85:de:2e:ef:1d:a9:35:79:99:bc:
7f:8b:3d:b3:53:8a:3f:58:8a:08:90:1c:f3:fa:fc:
da:01:81:45:56:b2:f7:ff:c0:5f:7f:95:7f:a2:99:
43:46:14:f4:d0:c1:50:c8:ac:4e:c3:81:b3:92:80:
dd:4e:ab:cf:3f:ae:15:52:01:8b:3f:da:a8:6e:d5:
9c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:C8:7D:BA:B5:1F:D6:16:EE:7E:B5:AF:61:0C:4A:77:5B:6B:AB:7B
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/SMh9urUf1hbufrWvYQxKd1trq3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.219.142.0/24
157.25.123.0/24
Signature Algorithm: sha256WithRSAEncryption
28:e7:6a:31:d8:a7:55:1c:56:8f:f9:8d:31:3a:26:66:3f:a3:
17:5b:e1:2c:d4:56:e8:22:40:24:9f:e8:4d:7d:bb:ab:17:a8:
7d:7f:19:6b:fb:6e:b2:d5:04:97:0f:4e:a6:7a:24:4c:a1:1d:
d0:56:fd:88:dc:c4:26:4f:46:b5:b5:86:93:cd:f2:9a:c7:d3:
57:7c:ed:75:f9:24:d9:b1:f7:b4:65:8f:3a:4f:14:ca:e4:c5:
d2:9a:63:b1:70:97:40:29:97:12:4f:04:17:54:e8:29:bc:70:
58:31:df:af:b9:9b:75:6f:7c:b5:88:18:e2:b0:bb:b9:1a:cc:
f0:68:ba:e7:3c:3f:1a:e3:4f:5e:d0:aa:f0:43:28:c8:a7:43:
60:50:da:5b:bc:b0:fc:9f:f8:c6:07:01:c2:4b:d5:aa:05:28:
94:19:07:22:5c:58:fe:c2:f7:63:dc:30:e7:53:95:f1:eb:41:
54:85:62:7d:e8:bf:70:b7:b4:f3:c5:c6:fa:cd:6d:dc:b3:2b:
4c:b4:28:52:00:82:4d:f5:f7:29:e0:9c:79:18:aa:25:0d:c8:
90:60:c2:22:c9:8d:23:6a:a7:bc:c7:67:8b:16:97:7f:64:a5:
93:d9:5d:52:b9:6c:90:4c:23:49:2b:e0:0e:4b:06:59:c8:c8:
c9:f0:53:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdLqH7C0pNv5Mc/m+FMfMlEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwNDA0MDk0NTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGM4N2RiYWI1MWZkNjE2ZWU3ZWI1YWY2MTBjNGE3NzViNmJhYjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkayw2eQ6pvVm1UlZhTcl9uUI7goD
HG3M8oTz23I2FEb3tq3wFVyOx//LMzx1zHY9Xx5eV1scjoPpwwYs2haRp895KSkK
Q9utm7cepkFZr9iawg4NkAhXRhbe1i1CpvwKUAVTFs5Jexh6uFv1gdBR5Na4JGyT
vW4Ll3f8z2KWsy6AHgWBHlwnG182NXzrM6Zpop4V7gMn0gAp4IlBD1sVALnECLX7
s2tYxR5mvPXIDD+UDgZGfXKProXeLu8dqTV5mbx/iz2zU4o/WIoIkBzz+vzaAYFF
VrL3/8Bff5V/oplDRhT00MFQyKxOw4GzkoDdTqvPP64VUgGLP9qobtWcHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEjIfbq1H9YW7n61r2EMSndba6t7MB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvU01oOXVyVWYxaGJ1ZnJXdllReEtkMXRycTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVduOAwQA
nRl7MA0GCSqGSIb3DQEBCwUAA4IBAQAo52ox2KdVHFaP+Y0xOiZmP6MXW+Es1Fbo
IkAkn+hNfburF6h9fxlr+26y1QSXD06meiRMoR3QVv2I3MQmT0a1tYaTzfKax9NX
fO11+STZsfe0ZY86TxTK5MXSmmOxcJdAKZcSTwQXVOgpvHBYMd+vuZt1b3y1iBji
sLu5GszwaLrnPD8a409e0KrwQyjIp0NgUNpbvLD8n/jGBwHCS9WqBSiUGQciXFj+
wvdj3DDnU5Xx60FUhWJ96L9wt7Tzxcb6zW3csytMtChSAIJN9fcp4Jx5GKolDciQ
YMIiyY0jaqe8x2eLFpd/ZKWT2V1SuWyQTCNJK+AOSwZZyMjJ8FO6
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:22 2024 by rpki-client on console-ams.rpki-client.org