Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/sbkQZbFTaAdRA2yH9Kql8MNUOeI.roa
File: sbkQZbFTaAdRA2yH9Kql8MNUOeI.roa (raw, json)
Hash identifier: HUSOkIQf4Bz5EzhaBCNQ2uVvdVjKQj+1aboW47qfTbU=
Subject key identifier: B1:B9:10:65:B1:53:68:07:51:03:6C:87:F4:AA:A5:F0:C3:54:39:E2
Certificate issuer: /CN=18e1732f2c80e3ea4d7279d252b874a6164c35b4
Certificate serial: 01856F4B4FC92B8E71EB95FB9C711B14FD72
Authority key identifier: 18:E1:73:2F:2C:80:E3:EA:4D:72:79:D2:52:B8:74:A6:16:4C:35:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GOFzLyyA4-pNcnnSUrh0phZMNbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/sbkQZbFTaAdRA2yH9Kql8MNUOeI.roa
Signing time: Sun 01 Jan 2023 21:44:44 +0000
ROA not before: Sun 01 Jan 2023 21:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202984
IP address blocks: 45.139.239.0/24 maxlen: 24
45.139.238.0/24 maxlen: 24
45.139.237.0/24 maxlen: 24
45.139.236.0/24 maxlen: 24
185.211.246.0/24 maxlen: 24
185.211.245.0/24 maxlen: 24
185.211.244.0/24 maxlen: 24
185.211.247.0/24 maxlen: 24
2a0b:6cc1:7::/48 maxlen: 48
2a0b:6cc0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:4f:c9:2b:8e:71:eb:95:fb:9c:71:1b:14:fd:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18e1732f2c80e3ea4d7279d252b874a6164c35b4
Validity
Not Before: Jan 1 21:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1b91065b153680751036c87f4aaa5f0c35439e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:55:e5:27:dc:d6:61:a6:29:f0:a2:bc:1f:8d:
e8:bb:d5:a3:d1:7b:2f:5d:94:c1:21:ac:04:65:aa:
78:64:e5:95:bf:63:57:fe:ac:8e:17:67:7c:7c:61:
14:92:af:cc:5a:8e:48:0c:dc:65:c0:c9:4f:41:5e:
7a:7a:f8:36:27:e1:37:ca:fa:a3:4d:21:b5:ab:e4:
cf:4c:e0:b6:4a:b1:c7:ea:7f:b6:79:24:ac:85:db:
da:e4:15:c5:37:9d:92:5f:96:21:bc:1e:df:34:eb:
25:76:c7:b2:7e:b0:f5:39:79:7b:95:16:f2:10:50:
41:71:66:35:65:4f:85:ce:41:59:46:03:f5:e5:df:
fa:be:13:4d:e1:b6:7a:5f:8e:22:14:e2:a9:a2:a5:
f8:30:9f:88:47:19:c3:79:88:48:af:05:e2:34:8f:
ae:3f:a4:88:ff:ae:a9:cf:e2:c3:f4:f5:ed:65:6b:
85:51:be:28:1d:19:d4:f2:1f:53:37:cf:79:70:e1:
45:e0:37:ae:7b:23:f9:57:ff:f5:18:d8:41:b1:16:
6a:8e:1e:c9:36:0c:d1:14:78:4a:cc:1d:ad:1a:7a:
4d:f6:98:70:0d:ca:d8:15:1c:0d:37:e6:bb:8a:6a:
d0:1d:6f:9c:47:d3:97:b1:1d:4b:84:ad:36:fb:c0:
3a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:B9:10:65:B1:53:68:07:51:03:6C:87:F4:AA:A5:F0:C3:54:39:E2
X509v3 Authority Key Identifier:
keyid:18:E1:73:2F:2C:80:E3:EA:4D:72:79:D2:52:B8:74:A6:16:4C:35:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GOFzLyyA4-pNcnnSUrh0phZMNbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/sbkQZbFTaAdRA2yH9Kql8MNUOeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/GOFzLyyA4-pNcnnSUrh0phZMNbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.236.0/22
185.211.244.0/22
IPv6:
2a0b:6cc0::/29
Signature Algorithm: sha256WithRSAEncryption
86:90:67:1f:ba:6a:2a:14:f9:23:ea:98:3a:6a:20:fc:19:b4:
c1:bd:60:86:c6:dc:a6:ed:15:df:8c:87:5d:1d:27:11:14:68:
a0:2b:8f:01:37:f0:96:25:fc:1b:3b:4f:09:fa:73:a1:89:47:
cb:5e:ac:a6:37:b0:b7:1d:99:a0:e0:2a:b8:79:c4:ec:fe:ae:
1d:09:07:01:f7:73:18:47:78:61:f7:34:7c:e3:28:5c:c2:77:
38:24:3d:75:b3:9b:43:17:c9:24:4d:84:48:18:2c:b8:03:64:
40:5c:02:96:a8:c0:d9:76:c4:6c:c6:b1:59:21:9e:c5:1d:77:
f1:7b:05:87:7e:ba:27:9d:a2:d3:fc:c0:c4:c0:99:f9:38:b5:
88:4c:95:05:28:84:63:fc:1d:47:dc:b2:8f:4f:14:8f:26:bd:
1c:19:81:f3:74:0b:39:06:a2:2a:a5:24:93:c1:dc:4f:f6:8b:
79:92:da:b2:ae:f5:fa:00:43:56:eb:9c:8c:61:0a:98:0c:a0:
11:fa:91:5c:a6:78:d9:9d:c0:c1:9f:58:c0:4d:2b:1f:35:82:
84:9d:96:c8:6c:30:3d:3a:f5:55:7a:19:95:21:a8:53:03:1a:
01:cb:07:d9:df:fa:7b:df:c0:4f:ba:88:10:f9:fa:7f:9a:2d:
49:25:06:56
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvS0/JK45x65X7nHEbFP1yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZTE3MzJmMmM4MGUzZWE0ZDcyNzlkMjUyYjg3NGE2MTY0
YzM1YjQwHhcNMjMwMTAxMjE0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWI5MTA2NWIxNTM2ODA3NTEwMzZjODdmNGFhYTVmMGMzNTQzOWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVXlJ9zWYaYp8KK8H43ou9Wj0Xsv
XZTBIawEZap4ZOWVv2NX/qyOF2d8fGEUkq/MWo5IDNxlwMlPQV56evg2J+E3yvqj
TSG1q+TPTOC2SrHH6n+2eSSshdva5BXFN52SX5YhvB7fNOsldseyfrD1OXl7lRby
EFBBcWY1ZU+FzkFZRgP15d/6vhNN4bZ6X44iFOKpoqX4MJ+IRxnDeYhIrwXiNI+u
P6SI/66pz+LD9PXtZWuFUb4oHRnU8h9TN895cOFF4DeueyP5V//1GNhBsRZqjh7J
NgzRFHhKzB2tGnpN9phwDcrYFRwNN+a7imrQHW+cR9OXsR1LhK02+8A6qQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLG5EGWxU2gHUQNsh/SqpfDDVDniMB8GA1UdIwQY
MBaAFBjhcy8sgOPqTXJ50lK4dKYWTDW0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR09Gekx5eUE0LXBOY25uU1VyaDBwaFpNTmJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9hY2UxOGYtZWQ3Yy00NzlmLTg1NWQt
ZTQwOTI2MDAxNWVmLzEvc2JrUVpiRlRhQWRSQTJ5SDlLcWw4TU5VT2VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9hY2UxOGYtZWQ3Yy00NzlmLTg1NWQtZTQwOTI2MDAxNWVm
LzEvR09Gekx5eUE0LXBOY25uU1VyaDBwaFpNTmJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLYvsAwQC
udP0MA0EAgACMAcDBQMqC2zAMA0GCSqGSIb3DQEBCwUAA4IBAQCGkGcfumoqFPkj
6pg6aiD8GbTBvWCGxtym7RXfjIddHScRFGigK48BN/CWJfwbO08J+nOhiUfLXqym
N7C3HZmg4Cq4ecTs/q4dCQcB93MYR3hh9zR84yhcwnc4JD11s5tDF8kkTYRIGCy4
A2RAXAKWqMDZdsRsxrFZIZ7FHXfxewWHfronnaLT/MDEwJn5OLWITJUFKIRj/B1H
3LKPTxSPJr0cGYHzdAs5BqIqpSSTwdxP9ot5ktqyrvX6AENW65yMYQqYDKAR+pFc
pnjZncDBn1jATSsfNYKEnZbIbDA9OvVVehmVIahTAxoBywfZ3/p738BPuogQ+fp/
mi1JJQZW
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:53:08 2024 by rpki-client on console-fra.rpki-client.org