Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/sQPCKpZ5Tw-YacSyfp8EyW5MsQA.roa
File: sQPCKpZ5Tw-YacSyfp8EyW5MsQA.roa (raw, json)
Hash identifier: sC7o+hYKttLy1N2R5xEGL3Ihry7LMQuLiBKaobYzD3g=
Subject key identifier: B1:03:C2:2A:96:79:4F:0F:98:69:C4:B2:7E:9F:04:C9:6E:4C:B1:00
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0185AFB675ADBDD4FB23B9554A889FFE400C
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/sQPCKpZ5Tw-YacSyfp8EyW5MsQA.roa
Signing time: Sat 14 Jan 2023 09:57:28 +0000
ROA not before: Sat 14 Jan 2023 09:57:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202973
IP address blocks: 185.106.92.0/24 maxlen: 24
45.9.74.0/24 maxlen: 24
194.36.177.0/24 maxlen: 24
82.115.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Jan 2023 15:08:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:af:b6:75:ad:bd:d4:fb:23:b9:55:4a:88:9f:fe:40:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 14 09:57:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b103c22a96794f0f9869c4b27e9f04c96e4cb100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:80:42:77:30:d7:f8:d6:62:56:8f:61:59:50:
c7:51:cd:1c:ec:2c:93:c5:46:89:74:6f:30:46:76:
d8:7e:b5:6d:4d:93:cf:66:54:b2:d1:c1:17:a5:7e:
7d:4c:ed:2d:0f:36:77:c0:6f:8f:11:b0:c5:02:67:
3b:e2:e5:d9:74:93:fd:48:02:de:c4:b6:43:24:f5:
07:d0:c9:00:ba:97:bb:24:13:bb:eb:ea:83:41:de:
70:e3:7a:eb:f4:44:91:de:e5:87:a2:13:dd:81:34:
82:e4:9d:3f:92:78:18:6b:48:b3:c5:96:62:e7:bd:
38:08:d8:ec:a4:84:74:00:4c:87:cc:6d:4f:7b:cc:
14:5a:2f:72:f1:08:a5:93:ca:14:a6:b8:d9:46:60:
41:51:d1:01:81:55:06:e5:9d:c5:9d:2f:c6:ed:be:
cf:d7:9d:3c:99:55:ba:60:ef:f7:79:c7:06:c3:10:
f8:6a:ec:ad:0c:eb:54:d8:04:e6:06:f6:e1:b6:a7:
73:85:13:fb:39:0a:16:46:e2:8c:c2:4c:e4:c5:5c:
8c:ad:18:ee:b6:52:da:42:2e:d2:3b:94:f1:ce:9e:
99:90:e6:b3:2c:c1:04:dc:15:42:a0:7c:56:99:a8:
c8:66:95:ed:b6:c7:30:f1:a7:81:45:55:d3:3c:82:
03:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:03:C2:2A:96:79:4F:0F:98:69:C4:B2:7E:9F:04:C9:6E:4C:B1:00
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/sQPCKpZ5Tw-YacSyfp8EyW5MsQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.74.0/24
82.115.223.0/24
185.106.92.0/24
194.36.177.0/24
Signature Algorithm: sha256WithRSAEncryption
77:40:e4:cd:56:69:94:e0:cc:b2:f5:6a:fd:f3:11:ad:db:75:
eb:e8:c2:eb:0b:c2:38:e6:d5:91:98:bc:34:b1:08:6e:1b:f0:
5d:58:c2:da:ab:4a:15:72:bc:07:34:8f:03:5e:1f:ce:42:eb:
6e:af:eb:f6:0b:0a:a4:14:25:64:f2:99:fa:38:27:66:9f:1c:
0d:6b:63:2b:75:f6:92:9a:dd:59:16:07:50:ca:00:20:1d:eb:
fe:68:ca:a5:a8:8b:a2:32:38:5e:c0:6b:ff:41:68:2d:12:16:
f4:ef:04:1b:de:32:09:e4:0a:35:02:62:a9:6f:00:5e:ff:cf:
dd:c3:4a:32:07:9f:04:4e:e7:ec:0d:3a:26:5c:92:c4:10:90:
af:c4:03:32:f2:ca:37:42:45:93:2d:6b:b9:ae:0e:9d:c6:1e:
85:c4:25:2d:71:06:4d:f5:31:5e:5c:52:56:d1:be:6d:15:61:
61:c9:76:49:79:87:61:05:32:d0:80:d8:75:94:9f:43:e9:ce:
f4:46:44:12:54:3e:e8:5b:7e:62:0a:99:28:ef:0f:cd:7a:ad:
19:4e:43:9d:a6:0f:9f:f2:41:6f:b7:8e:cf:6f:3e:a1:eb:02:
26:09:3e:a7:e5:46:5e:3b:c6:f1:48:7b:7c:a0:ef:2b:49:34:
87:79:e3:81
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYWvtnWtvdT7I7lVSoif/kAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTE0MDk1NzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTAzYzIyYTk2Nzk0ZjBmOTg2OWM0YjI3ZTlmMDRjOTZlNGNiMTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14BCdzDX+NZiVo9hWVDHUc0c7CyT
xUaJdG8wRnbYfrVtTZPPZlSy0cEXpX59TO0tDzZ3wG+PEbDFAmc74uXZdJP9SALe
xLZDJPUH0MkAupe7JBO76+qDQd5w43rr9ESR3uWHohPdgTSC5J0/kngYa0izxZZi
5704CNjspIR0AEyHzG1Pe8wUWi9y8Qilk8oUprjZRmBBUdEBgVUG5Z3FnS/G7b7P
1508mVW6YO/3eccGwxD4auytDOtU2ATmBvbhtqdzhRP7OQoWRuKMwkzkxVyMrRju
tlLaQi7SO5Txzp6ZkOazLMEE3BVCoHxWmajIZpXttscw8aeBRVXTPIIDsQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLEDwiqWeU8PmGnEsn6fBMluTLEAMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvc1FQQ0twWjVUdy1ZYWNTeWZwOEV5VzVNc1FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQlKAwQA
UnPfAwQAuWpcAwQAwiSxMA0GCSqGSIb3DQEBCwUAA4IBAQB3QOTNVmmU4Myy9Wr9
8xGt23Xr6MLrC8I45tWRmLw0sQhuG/BdWMLaq0oVcrwHNI8DXh/OQutur+v2Cwqk
FCVk8pn6OCdmnxwNa2MrdfaSmt1ZFgdQygAgHev+aMqlqIuiMjhewGv/QWgtEhb0
7wQb3jIJ5Ao1AmKpbwBe/8/dw0oyB58ETufsDTomXJLEEJCvxAMy8so3QkWTLWu5
rg6dxh6FxCUtcQZN9TFeXFJW0b5tFWFhyXZJeYdhBTLQgNh1lJ9D6c70RkQSVD7o
W35iCpko7w/Neq0ZTkOdpg+f8kFvt47Pbz6h6wImCT6n5UZeO8bxSHt8oO8rSTSH
eeOB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:11 2024 by rpki-client on console-ams.rpki-client.org