Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/SbTSf6d9F6qEHp7VkMFqsZR1Dgs.roa
File: SbTSf6d9F6qEHp7VkMFqsZR1Dgs.roa (raw, json)
Hash identifier: QFgsEWI4wP30zK9TPM6WoU1KVFBZNodQ63Jo+TDEv2w=
Subject key identifier: 49:B4:D2:7F:A7:7D:17:AA:84:1E:9E:D5:90:C1:6A:B1:94:75:0E:0B
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 01857070784385901B5CD5493022BA992DA1
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/SbTSf6d9F6qEHp7VkMFqsZR1Dgs.roa
Signing time: Mon 02 Jan 2023 03:04:57 +0000
ROA not before: Mon 02 Jan 2023 03:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49999
IP address blocks: 217.25.1.0/24 maxlen: 24
87.254.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Jan 2023 10:16:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:78:43:85:90:1b:5c:d5:49:30:22:ba:99:2d:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jan 2 03:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49b4d27fa77d17aa841e9ed590c16ab194750e0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e2:95:0d:f2:72:f2:df:93:55:8c:06:b9:a5:
3a:a1:38:26:bc:78:16:02:03:fd:65:02:40:99:b9:
97:08:fc:03:98:b3:a8:44:53:15:28:b5:46:13:5e:
00:de:52:0c:94:5b:2d:82:c1:72:7f:01:34:de:56:
c9:e1:60:97:1f:4c:68:03:8b:7c:d1:13:23:df:f9:
cf:81:d0:84:c3:5b:9a:d5:41:4a:19:8a:0a:a6:29:
c6:99:39:28:7b:73:81:b6:0f:5d:d0:0f:4d:80:b6:
a1:63:b3:ea:0b:27:be:a5:d2:9f:7b:cf:f3:89:e9:
6a:c3:bb:cc:79:e4:19:a8:47:b9:3d:51:5d:9a:5b:
08:c4:9b:ca:88:0b:cd:28:80:53:ed:d9:ec:94:da:
b1:14:93:9e:23:82:24:f9:a3:72:18:d2:cd:1e:b5:
72:45:45:e8:94:5a:75:3d:de:b9:db:53:d2:8c:ed:
51:c0:e2:8a:10:3d:9e:cc:b7:d9:92:ff:0f:3d:5d:
4d:88:88:4f:28:d7:14:4f:2c:0b:b4:3f:6e:fe:3e:
44:d2:73:d7:67:76:bf:ac:21:5f:fb:06:ed:3e:bd:
ba:8d:6f:c6:e7:2e:90:0e:74:71:f8:da:7e:ba:e2:
58:87:ad:77:09:36:ab:e4:96:4a:77:93:d9:c1:2b:
3c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:B4:D2:7F:A7:7D:17:AA:84:1E:9E:D5:90:C1:6A:B1:94:75:0E:0B
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/SbTSf6d9F6qEHp7VkMFqsZR1Dgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.18.0/24
217.25.1.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:84:b9:39:4f:87:a8:70:07:bc:e8:32:ce:95:66:81:6c:cb:
c8:2d:6b:66:5a:77:2f:17:87:53:91:dc:56:17:a1:14:f0:fa:
ef:75:cf:26:05:d2:1c:8e:2b:bc:87:b6:a3:00:c3:ba:0c:26:
a2:8c:26:5e:b5:1d:88:97:fa:ea:d8:f7:96:d3:7b:ec:66:26:
0d:c2:72:c9:85:a1:e6:ae:55:80:c5:ad:16:3a:1e:ed:b5:2b:
9e:cd:da:df:43:68:d9:95:2e:3f:70:e2:57:9b:ea:4b:ee:68:
a3:1d:74:13:11:b4:48:46:54:ed:8d:1b:23:c3:39:a9:c8:d9:
38:b6:53:60:28:b0:49:64:20:a8:d9:0b:03:a8:7b:ef:b5:e5:
9f:64:85:12:43:8a:43:a6:1f:d3:4a:9a:fe:b3:f4:f4:c1:ca:
e7:8d:ed:49:3f:7a:76:85:f1:61:96:9e:87:71:b3:cf:3d:67:
13:6d:c3:4f:a9:09:64:46:b2:6a:77:59:01:17:d2:fc:76:be:
6a:12:6f:c0:6d:80:41:8a:d3:a8:96:0a:76:37:fe:0b:5a:4b:
23:a5:a5:cc:b3:16:27:ce:88:6b:66:e2:7e:73:9c:36:fc:90:
ad:58:8c:9c:4d:51:8b:a6:92:b4:a7:6b:d4:35:da:14:59:59:
c9:11:bf:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwcHhDhZAbXNVJMCK6mS2hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwMTAyMDMwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWI0ZDI3ZmE3N2QxN2FhODQxZTllZDU5MGMxNmFiMTk0NzUwZTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeKVDfJy8t+TVYwGuaU6oTgmvHgW
AgP9ZQJAmbmXCPwDmLOoRFMVKLVGE14A3lIMlFstgsFyfwE03lbJ4WCXH0xoA4t8
0RMj3/nPgdCEw1ua1UFKGYoKpinGmTkoe3OBtg9d0A9NgLahY7PqCye+pdKfe8/z
ielqw7vMeeQZqEe5PVFdmlsIxJvKiAvNKIBT7dnslNqxFJOeI4Ik+aNyGNLNHrVy
RUXolFp1Pd6521PSjO1RwOKKED2ezLfZkv8PPV1NiIhPKNcUTywLtD9u/j5E0nPX
Z3a/rCFf+wbtPr26jW/G5y6QDnRx+Np+uuJYh613CTar5JZKd5PZwSs8WQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEm00n+nfReqhB6e1ZDBarGUdQ4LMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvU2JUU2Y2ZDlGNnFFSHA3VmtNRnFzWlIxRGdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV/4SAwQA
2RkBMA0GCSqGSIb3DQEBCwUAA4IBAQA7hLk5T4eocAe86DLOlWaBbMvILWtmWncv
F4dTkdxWF6EU8Prvdc8mBdIcjiu8h7ajAMO6DCaijCZetR2Il/rq2PeW03vsZiYN
wnLJhaHmrlWAxa0WOh7ttSuezdrfQ2jZlS4/cOJXm+pL7mijHXQTEbRIRlTtjRsj
wzmpyNk4tlNgKLBJZCCo2QsDqHvvteWfZIUSQ4pDph/TSpr+s/T0wcrnje1JP3p2
hfFhlp6HcbPPPWcTbcNPqQlkRrJqd1kBF9L8dr5qEm/AbYBBitOolgp2N/4LWksj
paXMsxYnzohrZuJ+c5w2/JCtWIycTVGLppK0p2vUNdoUWVnJEb+k
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:04 2024 by rpki-client on console-fra.rpki-client.org