Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/sjIUYiehhwxNSKAycJ7WfX7fOU8.roa
File: sjIUYiehhwxNSKAycJ7WfX7fOU8.roa (raw, json)
Hash identifier: ot4TbrtEincX/f+DR5cmvqhR+7giR1wsyCYcx5hIBKU=
Subject key identifier: B2:32:14:62:27:A1:87:0C:4D:48:A0:32:70:9E:D6:7D:7E:DF:39:4F
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 018571155FCCAC66B2CB98D86E8F8702B2BB
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/sjIUYiehhwxNSKAycJ7WfX7fOU8.roa
Signing time: Mon 02 Jan 2023 06:05:04 +0000
ROA not before: Mon 02 Jan 2023 06:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206957
IP address blocks: 78.133.237.0/24 maxlen: 24
89.174.109.0/24 maxlen: 24
89.174.117.0/24 maxlen: 24
89.174.116.0/24 maxlen: 24
89.174.228.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:5f:cc:ac:66:b2:cb:98:d8:6e:8f:87:02:b2:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 2 06:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b232146227a1870c4d48a032709ed67d7edf394f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f1:a5:f2:9a:65:28:55:d3:db:ac:f3:35:65:
3c:43:7e:f8:43:f3:4c:0c:e1:f4:1e:00:6c:79:6d:
3c:c0:68:e7:56:d2:4b:86:fa:6a:bb:c1:2d:c6:3f:
d4:4c:c6:c1:44:61:d5:d0:48:36:66:99:0c:67:91:
02:33:93:4a:89:bf:7f:9c:96:78:3b:f3:f1:99:21:
9e:3c:17:1b:26:9b:59:aa:42:09:09:14:7a:97:b8:
d1:d8:ab:f9:db:d1:fa:9c:c6:1e:17:3f:03:1c:90:
52:29:3e:b2:a8:c0:1e:d0:0d:28:4a:eb:26:f3:46:
a7:4e:6b:8c:13:54:94:7c:36:4e:a8:6b:2f:f7:f1:
47:2f:5b:3e:41:1a:d3:bf:cb:5b:37:1d:7a:64:6f:
1d:24:12:a8:95:ae:11:b0:c5:09:55:5c:2f:82:34:
dc:cd:30:83:17:37:73:70:81:9f:a8:39:7c:6e:aa:
5d:09:63:73:6e:d6:8a:00:4e:cd:0d:25:f5:02:92:
5e:3d:e2:d7:bb:66:e2:36:48:7f:9f:7a:d8:6f:a9:
30:51:94:4b:0e:55:3d:2f:9f:4a:f6:43:8a:96:d7:
99:9b:09:da:c2:d2:4d:7a:42:fe:8c:f8:f7:8b:0e:
73:9a:dd:06:f4:62:d1:57:3e:ec:b9:57:e8:4b:b1:
33:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:32:14:62:27:A1:87:0C:4D:48:A0:32:70:9E:D6:7D:7E:DF:39:4F
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/sjIUYiehhwxNSKAycJ7WfX7fOU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.133.237.0/24
89.174.109.0/24
89.174.116.0/23
89.174.228.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:69:a9:49:16:78:af:46:9b:6d:8b:22:99:b0:43:4b:74:4a:
ea:df:ed:ef:75:ae:65:62:a7:83:16:8b:47:c2:e3:22:4d:fb:
d7:08:63:a8:7e:4f:47:a2:22:1a:bb:66:46:cc:6b:f3:33:6d:
24:d8:85:95:5b:25:17:83:94:b5:58:32:2c:cf:43:d1:69:f8:
09:4a:9d:ca:6d:34:f5:80:14:e8:f3:22:43:52:b6:12:14:e7:
a1:b7:4c:5c:81:b4:de:7b:dd:97:2f:0e:8e:85:34:a5:74:53:
e8:4a:ec:6d:43:dd:8f:f9:5e:74:99:e3:58:4e:dd:8b:80:08:
a4:4b:25:cc:51:1f:5f:93:98:55:83:42:0d:f9:2a:af:35:59:
b8:40:22:59:b5:32:d0:e0:bf:c5:5b:55:2d:7c:49:f1:50:86:
f6:09:42:a5:bb:50:c8:89:82:cd:a2:92:a5:7b:b1:92:f3:5d:
0b:66:7b:36:5d:b6:aa:4a:86:e0:66:04:93:cc:6c:09:59:8c:
c6:0c:c2:8b:6e:81:c6:92:dd:6c:37:49:47:3f:35:45:d4:41:
6f:fa:cd:2e:e0:b0:3f:e1:33:27:c2:7c:28:e4:d9:72:15:6b:
d8:6b:52:ef:a0:f6:c9:76:6b:da:ff:0a:db:c5:ec:fe:1d:2f:
80:09:10:f1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVxFV/MrGayy5jYbo+HArK7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjMyMTQ2MjI3YTE4NzBjNGQ0OGEwMzI3MDllZDY3ZDdlZGYzOTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/Gl8pplKFXT26zzNWU8Q374Q/NM
DOH0HgBseW08wGjnVtJLhvpqu8Etxj/UTMbBRGHV0Eg2ZpkMZ5ECM5NKib9/nJZ4
O/PxmSGePBcbJptZqkIJCRR6l7jR2Kv529H6nMYeFz8DHJBSKT6yqMAe0A0oSusm
80anTmuME1SUfDZOqGsv9/FHL1s+QRrTv8tbNx16ZG8dJBKola4RsMUJVVwvgjTc
zTCDFzdzcIGfqDl8bqpdCWNzbtaKAE7NDSX1ApJePeLXu2biNkh/n3rYb6kwUZRL
DlU9L59K9kOKlteZmwnawtJNekL+jPj3iw5zmt0G9GLRVz7suVfoS7EzJwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLIyFGInoYcMTUigMnCe1n1+3zlPMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvc2pJVVlpZWhod3hOU0tBeWNKN1dmWDdmT1U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAToXtAwQA
Wa5tAwQBWa50AwQAWa7kMA0GCSqGSIb3DQEBCwUAA4IBAQAraalJFnivRpttiyKZ
sENLdErq3+3vda5lYqeDFotHwuMiTfvXCGOofk9HoiIau2ZGzGvzM20k2IWVWyUX
g5S1WDIsz0PRafgJSp3KbTT1gBTo8yJDUrYSFOeht0xcgbTee92XLw6OhTSldFPo
SuxtQ92P+V50meNYTt2LgAikSyXMUR9fk5hVg0IN+SqvNVm4QCJZtTLQ4L/FW1Ut
fEnxUIb2CUKlu1DIiYLNopKle7GS810LZns2XbaqSobgZgSTzGwJWYzGDMKLboHG
kt1sN0lHPzVF1EFv+s0u4LA/4TMnwnwo5NlyFWvYa1LvoPbJdmva/wrbxez+HS+A
CRDx
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:29 2024 by rpki-client on console-fra.rpki-client.org