Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/SaNUv9q5zLwwRjUwFx39xeAnK5Y.roa
File: SaNUv9q5zLwwRjUwFx39xeAnK5Y.roa (raw, json)
Hash identifier: 4jqiIuMLErkkjHngj95yKdcP6rdBwJ6sCXsBvB6ElG4=
Subject key identifier: 49:A3:54:BF:DA:B9:CC:BC:30:46:35:30:17:1D:FD:C5:E0:27:2B:96
Certificate issuer: /CN=1817a5ec18c4f2c44784adc5038356be5ae89429
Certificate serial: 0185732813BF5A4EFDEA2879C650D69AB335
Authority key identifier: 18:17:A5:EC:18:C4:F2:C4:47:84:AD:C5:03:83:56:BE:5A:E8:94:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBel7BjE8sRHhK3FA4NWvlrolCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/SaNUv9q5zLwwRjUwFx39xeAnK5Y.roa
Signing time: Mon 02 Jan 2023 15:44:44 +0000
ROA not before: Mon 02 Jan 2023 15:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 193.0.184.0/24 maxlen: 24
193.0.212.0/24 maxlen: 24
193.0.129.0/24 maxlen: 24
192.251.230.0/24 maxlen: 24
2a0f:7ac0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:28:13:bf:5a:4e:fd:ea:28:79:c6:50:d6:9a:b3:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1817a5ec18c4f2c44784adc5038356be5ae89429
Validity
Not Before: Jan 2 15:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49a354bfdab9ccbc30463530171dfdc5e0272b96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0b:8c:16:23:55:f0:24:6f:1c:03:67:b4:53:
77:df:e1:01:0f:49:c3:ca:f1:ae:58:7b:af:64:01:
29:6d:88:83:42:24:7c:01:0b:25:4d:ce:7e:70:ec:
75:6d:6a:b5:bd:c8:62:c4:47:80:f1:0b:bc:df:57:
ef:f1:a5:50:70:90:94:71:54:98:23:6b:77:37:6c:
56:79:f6:d0:c4:8d:2b:45:93:87:82:38:d6:66:60:
84:5b:0f:e3:63:b1:06:1f:0e:c8:93:be:94:d7:ab:
ef:3a:a7:f3:30:a8:6b:d5:4a:16:08:5d:0d:89:1d:
88:d0:e7:a5:68:68:fe:f2:a0:66:00:83:7c:c3:62:
af:9f:51:11:e2:69:8e:30:56:d1:88:1e:b6:3a:ea:
97:5c:8a:61:1a:fa:4d:5c:7b:ad:61:2f:52:d9:a8:
b0:ee:77:7e:c1:dc:1d:8d:8b:51:dd:15:a0:fd:34:
71:4c:c3:95:f5:04:ef:1c:42:11:22:56:c1:0e:87:
bb:ab:f0:34:a6:61:f4:0b:1d:d5:97:09:39:d4:24:
52:ff:ea:8e:0e:63:27:aa:8f:c3:57:3c:8d:5a:4f:
1c:ff:63:1a:63:91:b7:69:c6:10:5d:26:81:d0:50:
e0:9f:a6:12:09:e4:f2:45:47:47:d0:5c:e6:25:ef:
94:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:A3:54:BF:DA:B9:CC:BC:30:46:35:30:17:1D:FD:C5:E0:27:2B:96
X509v3 Authority Key Identifier:
keyid:18:17:A5:EC:18:C4:F2:C4:47:84:AD:C5:03:83:56:BE:5A:E8:94:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBel7BjE8sRHhK3FA4NWvlrolCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/SaNUv9q5zLwwRjUwFx39xeAnK5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/GBel7BjE8sRHhK3FA4NWvlrolCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.251.230.0/24
193.0.129.0/24
193.0.184.0/24
193.0.212.0/24
IPv6:
2a0f:7ac0::/29
Signature Algorithm: sha256WithRSAEncryption
3e:51:3e:0d:bf:b0:f0:df:69:a2:08:ad:03:ee:0f:3a:76:aa:
61:6c:3e:37:bb:1a:81:5c:31:b9:22:f7:ef:db:56:45:c5:66:
58:b0:8f:48:db:bf:98:18:de:81:57:73:fe:ac:d6:c6:27:69:
a4:81:2b:fc:99:7a:75:8b:39:d4:c1:e7:b9:f6:56:53:e4:18:
43:b7:24:89:fb:19:dd:4c:cd:e1:3b:ba:f8:6e:07:c4:0e:79:
4f:fd:46:d9:4b:64:23:b1:16:2b:02:bc:4d:75:7f:34:cf:da:
2e:3b:69:08:28:04:fc:7e:3a:4e:50:db:69:7b:85:be:d2:97:
0c:94:b3:bb:5d:38:e5:a7:ba:1f:02:86:48:70:0f:43:b8:e7:
f2:94:13:f0:2f:c5:7e:5b:c1:86:3d:e7:27:2c:36:23:0c:13:
57:44:d9:51:8a:fa:ff:7b:29:42:44:9b:77:05:62:86:aa:82:
3f:12:6c:2d:c7:ef:50:5f:6e:5f:09:30:95:b2:4e:09:0b:70:
09:87:8f:ea:28:67:b6:79:08:54:27:fa:1e:c4:09:6a:3b:da:
db:2f:7c:05:62:08:43:d4:0b:d7:eb:49:eb:c6:1e:6a:50:20:
f0:8a:eb:c1:53:3c:7c:06:8f:74:5f:5f:14:4a:15:72:cd:87:
64:22:21:3a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVzKBO/Wk796ih5xlDWmrM1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTdhNWVjMThjNGYyYzQ0Nzg0YWRjNTAzODM1NmJlNWFl
ODk0MjkwHhcNMjMwMTAyMTU0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWEzNTRiZmRhYjljY2JjMzA0NjM1MzAxNzFkZmRjNWUwMjcyYjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAuMFiNV8CRvHANntFN33+EBD0nD
yvGuWHuvZAEpbYiDQiR8AQslTc5+cOx1bWq1vchixEeA8Qu831fv8aVQcJCUcVSY
I2t3N2xWefbQxI0rRZOHgjjWZmCEWw/jY7EGHw7Ik76U16vvOqfzMKhr1UoWCF0N
iR2I0OelaGj+8qBmAIN8w2Kvn1ER4mmOMFbRiB62OuqXXIphGvpNXHutYS9S2aiw
7nd+wdwdjYtR3RWg/TRxTMOV9QTvHEIRIlbBDoe7q/A0pmH0Cx3Vlwk51CRS/+qO
DmMnqo/DVzyNWk8c/2MaY5G3acYQXSaB0FDgn6YSCeTyRUdH0FzmJe+UrQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEmjVL/aucy8MEY1MBcd/cXgJyuWMB8GA1UdIwQY
MBaAFBgXpewYxPLER4StxQODVr5a6JQpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JlbDdCakU4c1JIaEszRkE0Tld2bHJvbENrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC83NzM2NzgtZTIwMC00NmFmLTg2YzEt
NmJkODAyMmQyZWFlLzEvU2FOVXY5cTV6THd3UmpVd0Z4Mzl4ZUFuSzVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC83NzM2NzgtZTIwMC00NmFmLTg2YzEtNmJkODAyMmQyZWFl
LzEvR0JlbDdCakU4c1JIaEszRkE0Tld2bHJvbENrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwPvmAwQA
wQCBAwQAwQC4AwQAwQDUMA0EAgACMAcDBQMqD3rAMA0GCSqGSIb3DQEBCwUAA4IB
AQA+UT4Nv7Dw32miCK0D7g86dqphbD43uxqBXDG5Ivfv21ZFxWZYsI9I27+YGN6B
V3P+rNbGJ2mkgSv8mXp1iznUwee59lZT5BhDtySJ+xndTM3hO7r4bgfEDnlP/UbZ
S2QjsRYrArxNdX80z9ouO2kIKAT8fjpOUNtpe4W+0pcMlLO7XTjlp7ofAoZIcA9D
uOfylBPwL8V+W8GGPecnLDYjDBNXRNlRivr/eylCRJt3BWKGqoI/Emwtx+9QX25f
CTCVsk4JC3AJh4/qKGe2eQhUJ/oexAlqO9rbL3wFYghD1AvX60nrxh5qUCDwiuvB
Uzx8Bo90X18UShVyzYdkIiE6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:08 2024 by rpki-client on console-fra.rpki-client.org