Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/slbtSM5RYlS9s94jLtVvlzg7lyc.roa
File: slbtSM5RYlS9s94jLtVvlzg7lyc.roa (raw, json)
Hash identifier: WpOmr9QTB2vurkV0Id3cyJCrQh8X/UTiULq4n37mcaM=
Subject key identifier: B2:56:ED:48:CE:51:62:54:BD:B3:DE:23:2E:D5:6F:97:38:3B:97:27
Certificate issuer: /CN=ab4f00f5c3ab3df4c674a410d8a0f0182fb5e918
Certificate serial: 0186B8B69D188C7AAE3798C214B886D0A15A
Authority key identifier: AB:4F:00:F5:C3:AB:3D:F4:C6:74:A4:10:D8:A0:F0:18:2F:B5:E9:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q08A9cOrPfTGdKQQ2KDwGC-16Rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/slbtSM5RYlS9s94jLtVvlzg7lyc.roa
Signing time: Mon 06 Mar 2023 20:57:00 +0000
ROA not before: Mon 06 Mar 2023 20:57:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204384
IP address blocks: 178.209.80.0/21 maxlen: 24
178.209.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b8:b6:9d:18:8c:7a:ae:37:98:c2:14:b8:86:d0:a1:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab4f00f5c3ab3df4c674a410d8a0f0182fb5e918
Validity
Not Before: Mar 6 20:57:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b256ed48ce516254bdb3de232ed56f97383b9727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:19:96:4d:88:35:c2:1b:dc:04:4f:77:75:77:
96:43:03:a4:0c:bc:52:c1:e1:15:86:4c:b8:47:f3:
56:c9:b7:d6:1e:f1:fd:7f:f0:c2:b8:8b:21:65:e4:
6b:dc:f6:4f:52:7d:38:59:a7:64:20:08:48:42:50:
63:0c:c5:87:54:fe:1d:1e:6b:6c:33:2c:46:2d:98:
20:5e:f8:7f:c8:a9:97:ea:8b:54:28:4a:aa:23:be:
c3:6b:47:a8:3c:53:ec:52:e9:a5:3a:49:af:15:fa:
38:82:25:31:54:9b:42:e5:9b:a1:cc:62:c7:a1:79:
c5:04:90:92:94:45:ba:4c:2d:e6:9b:34:b0:b2:87:
1c:39:7d:ce:1c:b1:30:0d:4f:c7:b1:e1:65:93:07:
33:c4:2b:8f:22:0c:f0:67:05:ae:a3:7b:85:f4:1b:
d9:e2:d7:8c:86:10:ce:e7:8e:dc:a3:5a:94:63:3d:
3d:46:8c:c5:74:ad:ce:69:ef:98:6a:ed:e8:5f:62:
2d:b5:7d:42:72:c4:58:97:6f:a8:c5:68:4c:1d:92:
72:64:fc:7d:66:43:e2:d0:df:f8:3f:fd:6a:e6:36:
7e:65:8a:bb:e6:98:a3:2f:f6:7a:b3:13:63:ed:b6:
78:d3:23:44:12:3d:f3:b9:4f:6c:93:c6:e9:3f:57:
77:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:56:ED:48:CE:51:62:54:BD:B3:DE:23:2E:D5:6F:97:38:3B:97:27
X509v3 Authority Key Identifier:
keyid:AB:4F:00:F5:C3:AB:3D:F4:C6:74:A4:10:D8:A0:F0:18:2F:B5:E9:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q08A9cOrPfTGdKQQ2KDwGC-16Rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/slbtSM5RYlS9s94jLtVvlzg7lyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/q08A9cOrPfTGdKQQ2KDwGC-16Rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.209.80.0/21
Signature Algorithm: sha256WithRSAEncryption
a9:93:0f:90:43:f9:7c:6a:e7:8b:77:c0:fa:af:52:f8:5d:28:
da:33:cf:a2:69:3a:0a:13:19:cc:9f:91:90:ce:b6:a3:70:b6:
92:64:4a:90:0b:02:59:69:df:a1:c1:f9:09:2c:98:2d:de:a0:
ea:e3:74:dd:fd:4d:cd:e2:67:3c:45:5c:65:19:96:60:59:92:
ea:79:15:eb:ff:f8:22:8e:aa:df:b4:82:37:50:dc:ee:3a:7c:
86:b0:ee:ef:04:ef:c8:d7:04:73:34:e8:85:fa:d4:20:37:07:
d5:ce:88:69:66:2b:e6:68:95:b3:25:37:a3:09:a2:8d:b6:e0:
a1:25:f8:cf:67:97:8d:84:e4:61:ab:ce:b4:0a:8a:be:ca:a7:
cd:6d:09:e2:b0:2e:67:ce:aa:b8:76:1e:08:d9:e6:13:d8:e2:
c1:a7:f5:22:b7:1f:81:a5:7f:c6:b7:83:4d:bd:a2:2e:e1:e9:
e0:10:85:7a:de:af:7b:cd:16:0a:ac:2c:1f:e6:e0:b9:8a:48:
e4:87:ec:6f:4f:2e:8e:8f:0c:55:90:55:4c:20:72:9a:d0:f0:
8f:6f:6f:46:51:18:2e:de:fe:9f:2e:3e:f1:72:ab:39:4a:41:
e3:46:0b:ea:8d:12:33:a2:59:40:1b:94:f4:d7:9f:5b:ce:c1:
30:a4:86:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa4tp0YjHquN5jCFLiG0KFaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNGYwMGY1YzNhYjNkZjRjNjc0YTQxMGQ4YTBmMDE4MmZi
NWU5MTgwHhcNMjMwMzA2MjA1NzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjU2ZWQ0OGNlNTE2MjU0YmRiM2RlMjMyZWQ1NmY5NzM4M2I5NzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRmWTYg1whvcBE93dXeWQwOkDLxS
weEVhky4R/NWybfWHvH9f/DCuIshZeRr3PZPUn04WadkIAhIQlBjDMWHVP4dHmts
MyxGLZggXvh/yKmX6otUKEqqI77Da0eoPFPsUumlOkmvFfo4giUxVJtC5ZuhzGLH
oXnFBJCSlEW6TC3mmzSwsoccOX3OHLEwDU/HseFlkwczxCuPIgzwZwWuo3uF9BvZ
4teMhhDO547co1qUYz09RozFdK3Oae+Yau3oX2IttX1CcsRYl2+oxWhMHZJyZPx9
ZkPi0N/4P/1q5jZ+ZYq75pijL/Z6sxNj7bZ40yNEEj3zuU9sk8bpP1d3mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLJW7UjOUWJUvbPeIy7Vb5c4O5cnMB8GA1UdIwQY
MBaAFKtPAPXDqz30xnSkENig8BgvtekYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTA4QTljT3JQZlRHZEtRUTJLRHdHQy0xNlJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hMWYyMTItYmEzNS00NjZiLWI1MmUt
Mzg1M2QzNDBjOWE2LzEvc2xidFNNNVJZbFM5czk0akx0VnZsemc3bHljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9hMWYyMTItYmEzNS00NjZiLWI1MmUtMzg1M2QzNDBjOWE2
LzEvcTA4QTljT3JQZlRHZEtRUTJLRHdHQy0xNlJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDstFQMA0G
CSqGSIb3DQEBCwUAA4IBAQCpkw+QQ/l8aueLd8D6r1L4XSjaM8+iaToKExnMn5GQ
zrajcLaSZEqQCwJZad+hwfkJLJgt3qDq43Td/U3N4mc8RVxlGZZgWZLqeRXr//gi
jqrftII3UNzuOnyGsO7vBO/I1wRzNOiF+tQgNwfVzohpZivmaJWzJTejCaKNtuCh
JfjPZ5eNhORhq860Coq+yqfNbQnisC5nzqq4dh4I2eYT2OLBp/Uitx+BpX/Gt4NN
vaIu4engEIV63q97zRYKrCwf5uC5ikjkh+xvTy6OjwxVkFVMIHKa0PCPb29GURgu
3v6fLj7xcqs5SkHjRgvqjRIzollAG5T0159bzsEwpIbj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:57 2024 by rpki-client on console-fra.rpki-client.org