Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/c743cb-8137-455a-a573-d808b1afa881/1/sfc-5MZanNcY22Z3C-iqxEdCdwY.roa
File: sfc-5MZanNcY22Z3C-iqxEdCdwY.roa (raw, json)
Hash identifier: KUAqkQTa0ka6uYIKwsCHkej+OVeJuSD7TZyM9pZO9Ro=
Subject key identifier: B1:F7:3E:E4:C6:5A:9C:D7:18:DB:66:77:0B:E8:AA:C4:47:42:77:06
Certificate issuer: /CN=0bed43f409cb35ceb5e77b56d0bbc9a4cc2d2693
Certificate serial: 01856DA651714404E22840D730E27AA2888E
Authority key identifier: 0B:ED:43:F4:09:CB:35:CE:B5:E7:7B:56:D0:BB:C9:A4:CC:2D:26:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C-1D9AnLNc6153tW0LvJpMwtJpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/c743cb-8137-455a-a573-d808b1afa881/1/sfc-5MZanNcY22Z3C-iqxEdCdwY.roa
Signing time: Sun 01 Jan 2023 14:04:54 +0000
ROA not before: Sun 01 Jan 2023 14:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 193.176.186.0/24 maxlen: 24
193.176.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Feb 2023 08:36:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:a6:51:71:44:04:e2:28:40:d7:30:e2:7a:a2:88:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bed43f409cb35ceb5e77b56d0bbc9a4cc2d2693
Validity
Not Before: Jan 1 14:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1f73ee4c65a9cd718db66770be8aac447427706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ef:06:6b:4d:0f:3c:31:f4:54:17:82:56:f6:
1d:8b:2a:3c:5c:27:85:2c:b6:cf:b4:d1:32:ea:ff:
1c:7b:7c:92:18:20:be:b4:52:4b:93:56:08:d9:c6:
1e:ff:cc:d7:77:c6:09:00:c0:bc:fc:84:85:bc:a0:
67:ec:8d:dd:5f:69:f5:47:e3:b0:66:ac:82:fe:2d:
a8:2c:05:20:84:45:e5:7d:cb:17:86:2c:f8:f3:16:
e4:b0:b2:5b:83:30:4d:d7:35:c5:9e:59:e3:a8:c1:
d3:13:39:35:54:db:0f:ea:80:1b:69:9b:9b:dd:fc:
9a:91:da:30:07:3a:71:05:e0:3f:c8:0e:0b:0d:2b:
fd:db:03:f6:5a:09:e1:ff:4b:57:39:fc:53:e8:b1:
65:9d:d0:21:46:4f:53:86:51:db:f5:7b:b3:c6:7e:
f7:3f:0a:26:fc:ef:ba:91:91:be:67:ae:40:fd:82:
b3:11:9d:0b:0e:0c:92:ed:d5:0f:35:68:15:91:ee:
f3:6c:71:47:d9:c4:ae:fe:f0:df:9f:b4:ab:30:0f:
3d:be:e3:73:ab:1b:d6:12:bc:d5:cf:b6:a7:92:0f:
d2:00:4a:19:33:2d:a3:0d:16:95:38:cc:50:0d:77:
97:fa:17:79:52:39:a7:be:54:45:27:64:50:ac:c6:
81:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:F7:3E:E4:C6:5A:9C:D7:18:DB:66:77:0B:E8:AA:C4:47:42:77:06
X509v3 Authority Key Identifier:
keyid:0B:ED:43:F4:09:CB:35:CE:B5:E7:7B:56:D0:BB:C9:A4:CC:2D:26:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C-1D9AnLNc6153tW0LvJpMwtJpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/c743cb-8137-455a-a573-d808b1afa881/1/sfc-5MZanNcY22Z3C-iqxEdCdwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/c743cb-8137-455a-a573-d808b1afa881/1/C-1D9AnLNc6153tW0LvJpMwtJpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.186.0/23
Signature Algorithm: sha256WithRSAEncryption
75:57:a4:8c:6b:b5:46:7f:94:10:1e:8c:c2:e2:84:b9:c7:24:
b8:4c:78:79:a7:1f:1e:6f:80:10:70:9e:13:c7:66:36:cf:d6:
dd:79:96:9c:a2:b9:c8:c3:92:83:e2:92:d1:c4:2b:3e:f2:1a:
d1:a6:dd:b4:ae:f3:9f:64:b2:79:13:c5:78:35:50:62:f8:a7:
50:24:0a:11:8b:20:72:a1:d3:aa:21:c7:73:21:63:7a:77:9a:
e9:16:a4:15:2d:2c:7f:54:3e:f1:2e:c5:43:a7:bc:28:b8:df:
d2:c3:e5:ae:37:6d:8a:33:d6:f9:42:43:c1:d9:13:fc:70:53:
51:69:5a:8e:35:9f:8f:9a:05:c4:f3:5b:fc:8f:07:26:99:06:
a4:37:fe:06:08:53:57:7c:f5:a4:c7:a4:c5:c2:9e:14:ef:42:
84:0a:2f:f2:73:a7:75:06:ae:3c:c5:2c:8f:ed:63:de:93:02:
2f:88:19:14:67:e6:8a:25:e7:99:ba:ec:08:04:f4:e6:dc:46:
a9:4f:43:47:87:39:7d:89:18:4b:f1:e7:fc:8c:4c:35:6c:bd:
74:bc:11:15:2e:6c:4c:0d:8e:9d:82:34:38:9c:bb:cc:4b:44:
98:6a:77:41:4c:c0:52:34:c5:72:ff:a0:65:bb:7b:bb:b2:b2:
85:10:23:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtplFxRATiKEDXMOJ6ooiOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZWQ0M2Y0MDljYjM1Y2ViNWU3N2I1NmQwYmJjOWE0Y2My
ZDI2OTMwHhcNMjMwMTAxMTQwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWY3M2VlNGM2NWE5Y2Q3MThkYjY2NzcwYmU4YWFjNDQ3NDI3NzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAju8Ga00PPDH0VBeCVvYdiyo8XCeF
LLbPtNEy6v8ce3ySGCC+tFJLk1YI2cYe/8zXd8YJAMC8/ISFvKBn7I3dX2n1R+Ow
ZqyC/i2oLAUghEXlfcsXhiz48xbksLJbgzBN1zXFnlnjqMHTEzk1VNsP6oAbaZub
3fyakdowBzpxBeA/yA4LDSv92wP2Wgnh/0tXOfxT6LFlndAhRk9ThlHb9Xuzxn73
Pwom/O+6kZG+Z65A/YKzEZ0LDgyS7dUPNWgVke7zbHFH2cSu/vDfn7SrMA89vuNz
qxvWErzVz7ankg/SAEoZMy2jDRaVOMxQDXeX+hd5UjmnvlRFJ2RQrMaB1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLH3PuTGWpzXGNtmdwvoqsRHQncGMB8GA1UdIwQY
MBaAFAvtQ/QJyzXOted7VtC7yaTMLSaTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQy0xRDlBbkxOYzYxNTN0VzBMdkpwTXd0SnBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9jNzQzY2ItODEzNy00NTVhLWE1NzMt
ZDgwOGIxYWZhODgxLzEvc2ZjLTVNWmFuTmNZMjJaM0MtaXF4RWRDZHdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9jNzQzY2ItODEzNy00NTVhLWE1NzMtZDgwOGIxYWZhODgx
LzEvQy0xRDlBbkxOYzYxNTN0VzBMdkpwTXd0SnBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwbC6MA0G
CSqGSIb3DQEBCwUAA4IBAQB1V6SMa7VGf5QQHozC4oS5xyS4THh5px8eb4AQcJ4T
x2Y2z9bdeZacornIw5KD4pLRxCs+8hrRpt20rvOfZLJ5E8V4NVBi+KdQJAoRiyBy
odOqIcdzIWN6d5rpFqQVLSx/VD7xLsVDp7wouN/Sw+WuN22KM9b5QkPB2RP8cFNR
aVqONZ+PmgXE81v8jwcmmQakN/4GCFNXfPWkx6TFwp4U70KECi/yc6d1Bq48xSyP
7WPekwIviBkUZ+aKJeeZuuwIBPTm3EapT0NHhzl9iRhL8ef8jEw1bL10vBEVLmxM
DY6dgjQ4nLvMS0SYandBTMBSNMVy/6Blu3u7srKFECOl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:24 2024 by rpki-client on console-ams.rpki-client.org