Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/sgKVGT7IFZTtEThi09APUf6h-IU.roa
File: sgKVGT7IFZTtEThi09APUf6h-IU.roa (raw, json)
Hash identifier: NhwkuGg4mFmsj7HmuexBVI9f5jo9h4AE999hceW2awE=
Subject key identifier: B2:02:95:19:3E:C8:15:94:ED:11:38:62:D3:D0:0F:51:FE:A1:F8:85
Certificate issuer: /CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Certificate serial: 01856FCBBB2D654484DF9A995A5BC4023099
Authority key identifier: D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/sgKVGT7IFZTtEThi09APUf6h-IU.roa
Signing time: Mon 02 Jan 2023 00:05:00 +0000
ROA not before: Mon 02 Jan 2023 00:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2027
IP address blocks: 45.13.104.0/22 maxlen: 22
193.58.42.0/24 maxlen: 24
2a0e:e700::/31 maxlen: 31
Validation: Failed, certificate revoked on Thu 28 Dec 2023 20:26:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:bb:2d:65:44:84:df:9a:99:5a:5b:c4:02:30:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Validity
Not Before: Jan 2 00:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b20295193ec81594ed113862d3d00f51fea1f885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:3d:3d:97:df:66:b8:15:37:c3:46:9e:b8:7d:
2d:32:83:c2:3b:1d:df:a3:35:0f:9c:88:ac:99:60:
7f:9b:2d:a4:97:eb:db:f0:5a:e4:a3:cc:9c:21:cb:
f6:72:8d:65:2c:39:7e:61:58:7e:b2:ab:30:03:4d:
9a:65:af:33:b9:0b:25:48:75:12:c1:f7:74:0c:b4:
70:5f:62:05:f3:90:3f:21:c6:ec:6a:5e:3c:1e:d5:
1d:87:a8:20:2d:74:a8:35:b5:4b:d5:b2:ae:90:90:
44:ea:a5:9a:01:a3:b8:30:57:4c:da:26:88:33:ba:
38:83:fe:c9:e4:f2:99:f7:18:b4:27:89:c6:c3:1c:
9c:6c:e5:05:f5:59:7a:33:e8:f7:82:5d:12:07:3c:
a5:1c:ce:8b:11:2c:c2:01:fc:31:8e:6b:bb:73:57:
69:5f:49:92:14:d4:b5:42:c2:8e:26:24:9e:55:bf:
d4:3c:92:18:5b:55:6d:46:f3:82:bc:8f:cb:ba:c0:
6b:1c:83:36:bc:04:e8:a6:9c:0f:32:40:bb:25:d5:
4c:b9:a0:13:75:06:68:5e:21:0b:b4:60:e0:f5:75:
37:bf:71:d8:9e:99:91:7e:c9:a4:a8:00:4c:78:c9:
09:15:9a:37:e4:76:e7:13:e2:1c:09:6e:88:f0:78:
c1:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:02:95:19:3E:C8:15:94:ED:11:38:62:D3:D0:0F:51:FE:A1:F8:85
X509v3 Authority Key Identifier:
keyid:D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/sgKVGT7IFZTtEThi09APUf6h-IU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/1g9F98xLaR_UoxwfHAtPYF13pu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.104.0/22
193.58.42.0/24
IPv6:
2a0e:e700::/31
Signature Algorithm: sha256WithRSAEncryption
a5:35:24:db:29:bd:6a:e5:81:cd:f0:c6:a3:c4:0b:8c:02:b9:
78:4d:64:5a:23:09:e9:59:53:75:85:53:dd:c6:83:5c:2d:3c:
7c:d6:0b:63:6c:d2:84:3a:37:ad:2e:22:65:06:cc:2e:ff:eb:
4f:1b:98:12:af:87:e1:66:c4:83:30:f3:f2:90:92:39:e0:ea:
53:69:6c:06:bd:a5:90:62:28:62:5d:87:da:82:e2:97:1c:77:
f6:b5:51:35:68:cc:d3:5d:2e:5b:03:ba:24:ce:66:1b:b5:4c:
c5:60:9f:bf:00:f0:71:21:13:91:58:73:fd:66:08:6f:ea:7d:
48:3b:99:82:d6:29:ae:db:ac:ba:82:fc:e8:90:92:23:22:f5:
58:16:47:48:44:e5:c7:e8:c0:c7:fb:a8:b8:f8:28:ba:ad:5f:
79:91:b5:88:45:05:b6:b3:a3:4b:96:bd:7e:15:dd:06:4b:ff:
b4:a2:45:8b:c5:75:8f:0d:97:64:be:6f:4d:49:b6:bd:85:cc:
b4:4f:36:24:d0:10:1d:f5:1e:40:af:14:10:d2:0e:4d:d6:70:
61:e1:23:3f:6f:94:9d:76:79:91:e3:10:95:05:9f:31:df:42:
c9:7f:5f:22:59:33:ef:60:a6:85:e4:2b:af:3b:7c:7c:5b:69:
ee:ca:6b:33
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvy7stZUSE35qZWlvEAjCZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MGY0NWY3Y2M0YjY5MWZkNGEzMWMxZjFjMGI0ZjYwNWQ3
N2E2ZWYwHhcNMjMwMTAyMDAwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjAyOTUxOTNlYzgxNTk0ZWQxMTM4NjJkM2QwMGY1MWZlYTFmODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjD09l99muBU3w0aeuH0tMoPCOx3f
ozUPnIismWB/my2kl+vb8Frko8ycIcv2co1lLDl+YVh+sqswA02aZa8zuQslSHUS
wfd0DLRwX2IF85A/Icbsal48HtUdh6ggLXSoNbVL1bKukJBE6qWaAaO4MFdM2iaI
M7o4g/7J5PKZ9xi0J4nGwxycbOUF9Vl6M+j3gl0SBzylHM6LESzCAfwxjmu7c1dp
X0mSFNS1QsKOJiSeVb/UPJIYW1VtRvOCvI/LusBrHIM2vAToppwPMkC7JdVMuaAT
dQZoXiELtGDg9XU3v3HYnpmRfsmkqABMeMkJFZo35HbnE+IcCW6I8HjBHwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLIClRk+yBWU7RE4YtPQD1H+ofiFMB8GA1UdIwQY
MBaAFNYPRffMS2kf1KMcHxwLT2Bdd6bvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzkt
YTk1NGQwNTM5OTRhLzEvc2dLVkdUN0lGWlR0RVRoaTA5QVBVZjZoLUlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzktYTk1NGQwNTM5OTRh
LzEvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLQ1oAwQA
wToqMA0EAgACMAcDBQEqDucAMA0GCSqGSIb3DQEBCwUAA4IBAQClNSTbKb1q5YHN
8MajxAuMArl4TWRaIwnpWVN1hVPdxoNcLTx81gtjbNKEOjetLiJlBswu/+tPG5gS
r4fhZsSDMPPykJI54OpTaWwGvaWQYihiXYfaguKXHHf2tVE1aMzTXS5bA7okzmYb
tUzFYJ+/APBxIRORWHP9Zghv6n1IO5mC1imu26y6gvzokJIjIvVYFkdIROXH6MDH
+6i4+Ci6rV95kbWIRQW2s6NLlr1+Fd0GS/+0okWLxXWPDZdkvm9NSba9hcy0TzYk
0BAd9R5ArxQQ0g5N1nBh4SM/b5SddnmR4xCVBZ8x30LJf18iWTPvYKaF5CuvO3x8
W2nuymsz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:13 2024 by rpki-client on console-fra.rpki-client.org