Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/STuwccCLa_wDH0kDcQeDrBCFrvQ.roa
File: STuwccCLa_wDH0kDcQeDrBCFrvQ.roa (raw, json)
Hash identifier: pceV/zUy5JcR5KZ0BiE0E7pf0/XphzGDL9dknupkcfU=
Subject key identifier: 49:3B:B0:71:C0:8B:6B:FC:03:1F:49:03:71:07:83:AC:10:85:AE:F4
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 0188C3E154AEB56A41A0C728E0964AFA7179
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/STuwccCLa_wDH0kDcQeDrBCFrvQ.roa
Signing time: Fri 16 Jun 2023 11:05:04 +0000
ROA not before: Fri 16 Jun 2023 11:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212157
IP address blocks: 185.52.4.0/22 maxlen: 24
147.181.0.0/22 maxlen: 24
2a04:9a00:1010::/44 maxlen: 48
Validation: Failed, certificate revoked on Fri 16 Jun 2023 11:22:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c3:e1:54:ae:b5:6a:41:a0:c7:28:e0:96:4a:fa:71:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jun 16 11:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=493bb071c08b6bfc031f4903710783ac1085aef4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:10:70:f8:96:1d:9c:0c:9b:03:31:59:0a:5f:
6a:cb:12:b0:03:f6:10:13:d2:1e:21:2e:16:74:f6:
e0:37:c0:ed:22:fa:8f:df:67:c2:c5:cf:39:a7:3a:
2b:f2:6f:ee:88:36:19:de:d3:9e:be:62:61:ce:b7:
f8:8e:45:92:af:f4:11:4d:e7:ef:6c:cf:67:a7:a6:
43:65:cd:7b:53:69:df:34:09:12:b7:a1:49:02:16:
a1:d3:54:b6:88:de:09:aa:19:3c:85:0f:bc:b1:1d:
22:40:17:48:db:b0:43:9e:c1:15:4c:56:99:81:37:
56:7e:1f:a3:72:4c:51:1d:3c:0a:3e:d2:f1:0d:9e:
bd:51:f6:fd:e8:5b:02:bd:7c:eb:c1:94:6a:9f:a6:
d9:51:4e:0a:ad:f7:00:7a:12:b1:9d:13:35:b5:3d:
e8:c3:40:f6:af:aa:e4:67:49:40:71:cb:39:2b:28:
36:15:f7:c3:30:02:71:ed:7f:d4:f3:d9:c2:09:2e:
37:31:c7:51:47:e1:b7:e9:4e:a2:3f:27:48:46:39:
31:f9:12:83:57:ec:8e:27:3a:22:d9:99:06:10:e0:
8d:91:62:12:fe:7a:dd:d0:8d:db:d6:85:9a:48:1c:
fe:b9:d5:4d:3b:14:16:4e:f7:34:72:77:0c:e6:7a:
28:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:3B:B0:71:C0:8B:6B:FC:03:1F:49:03:71:07:83:AC:10:85:AE:F4
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/STuwccCLa_wDH0kDcQeDrBCFrvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.181.0.0/22
185.52.4.0/22
IPv6:
2a04:9a00:1010::/44
Signature Algorithm: sha256WithRSAEncryption
1f:cf:05:2d:46:69:ee:4c:55:89:6f:7f:1b:f7:53:e8:f4:72:
f3:b1:39:55:aa:ba:8e:e1:70:41:ec:c6:67:5d:5d:4c:7b:a6:
6c:68:3f:c0:71:e1:d7:dd:63:c4:f6:81:50:d3:80:7c:0a:ca:
aa:bc:04:94:55:55:18:32:e0:b0:91:05:d2:be:bb:1d:23:7f:
33:32:8c:84:8b:87:57:8a:b4:b9:3c:55:d3:b4:e6:9d:1e:3c:
e8:48:3b:23:4e:89:db:a3:86:1d:c2:0a:8a:db:46:99:fd:61:
fa:7e:d0:88:1c:9d:2d:a0:77:5d:1d:bd:81:63:00:86:eb:88:
09:76:ed:c3:53:d6:e1:70:22:f5:ca:85:cf:8d:03:99:f3:fe:
0b:b9:94:25:7b:3e:d4:60:01:c1:85:52:72:f9:1a:d5:35:9e:
5a:bf:04:7c:0b:be:9e:66:02:e6:97:91:ef:1b:d9:6a:fa:c3:
16:a5:6c:23:b4:88:bf:4d:1d:33:8f:b4:a5:79:b7:ca:ae:05:
2b:5e:e0:3e:c1:5b:0e:6d:fe:bb:43:c9:46:b9:0f:ad:95:4d:
b9:c9:40:75:7c:f9:43:34:0e:19:a9:d1:c3:7d:ca:9d:9e:8e:
9e:e2:44:8d:a3:30:2a:85:98:ea:cf:01:2d:e9:3b:f1:dc:dc:
c2:74:0a:09
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYjD4VSutWpBoMco4JZK+nF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjMwNjE2MTEwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTNiYjA3MWMwOGI2YmZjMDMxZjQ5MDM3MTA3ODNhYzEwODVhZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7RBw+JYdnAybAzFZCl9qyxKwA/YQ
E9IeIS4WdPbgN8DtIvqP32fCxc85pzor8m/uiDYZ3tOevmJhzrf4jkWSr/QRTefv
bM9np6ZDZc17U2nfNAkSt6FJAhah01S2iN4Jqhk8hQ+8sR0iQBdI27BDnsEVTFaZ
gTdWfh+jckxRHTwKPtLxDZ69Ufb96FsCvXzrwZRqn6bZUU4KrfcAehKxnRM1tT3o
w0D2r6rkZ0lAccs5Kyg2FffDMAJx7X/U89nCCS43McdRR+G36U6iPydIRjkx+RKD
V+yOJzoi2ZkGEOCNkWIS/nrd0I3b1oWaSBz+udVNOxQWTvc0cncM5nooOQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFEk7sHHAi2v8Ax9JA3EHg6wQha70MB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvU1R1d2NjQ0xhX3dESDBrRGNRZURyQkNGcnZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCk7UAAwQC
uTQEMA8EAgACMAkDBwQqBJoAEBAwDQYJKoZIhvcNAQELBQADggEBAB/PBS1Gae5M
VYlvfxv3U+j0cvOxOVWquo7hcEHsxmddXUx7pmxoP8Bx4dfdY8T2gVDTgHwKyqq8
BJRVVRgy4LCRBdK+ux0jfzMyjISLh1eKtLk8VdO05p0ePOhIOyNOidujhh3CCorb
Rpn9Yfp+0IgcnS2gd10dvYFjAIbriAl27cNT1uFwIvXKhc+NA5nz/gu5lCV7PtRg
AcGFUnL5GtU1nlq/BHwLvp5mAuaXke8b2Wr6wxalbCO0iL9NHTOPtKV5t8quBSte
4D7BWw5t/rtDyUa5D62VTbnJQHV8+UM0Dhmp0cN9yp2ejp7iRI2jMCqFmOrPAS3p
O/Hc3MJ0Cgk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:54 2024 by rpki-client on console-fra.rpki-client.org