Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/e4e531-6bee-4189-ba7c-203e45616306/1/SDZ9JpL10KgS1Jtr5EZWFIY7-uI.roa
File: SDZ9JpL10KgS1Jtr5EZWFIY7-uI.roa (raw, json)
Hash identifier: LkXq5l7dg/kVT2IpNNY1EzNGtYLd0zVCvRFrIAwTPYo=
Subject key identifier: 48:36:7D:26:92:F5:D0:A8:12:D4:9B:6B:E4:46:56:14:86:3B:FA:E2
Certificate issuer: /CN=13764a52c85e07e33749743d23a5a24d096df147
Certificate serial: 01856D4AC56291A0A184B9A176EC752C3A62
Authority key identifier: 13:76:4A:52:C8:5E:07:E3:37:49:74:3D:23:A5:A2:4D:09:6D:F1:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E3ZKUsheB-M3SXQ9I6WiTQlt8Uc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/e4e531-6bee-4189-ba7c-203e45616306/1/SDZ9JpL10KgS1Jtr5EZWFIY7-uI.roa
Signing time: Sun 01 Jan 2023 12:24:54 +0000
ROA not before: Sun 01 Jan 2023 12:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49083
IP address blocks: 185.147.148.0/22 maxlen: 22
95.131.240.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:c5:62:91:a0:a1:84:b9:a1:76:ec:75:2c:3a:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13764a52c85e07e33749743d23a5a24d096df147
Validity
Not Before: Jan 1 12:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48367d2692f5d0a812d49b6be4465614863bfae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f6:24:9e:58:35:17:37:0b:0d:8e:c2:39:ac:
dd:94:64:b2:1f:b8:3b:1b:86:5f:de:ea:35:f9:01:
e9:34:c1:af:84:23:13:ac:fd:a8:2d:8c:8b:94:82:
1b:aa:3f:aa:ad:ca:db:9e:91:7b:fa:d0:2f:f0:90:
c6:59:40:f9:99:b1:7d:35:15:c0:f3:6a:4f:91:c2:
3d:06:be:e6:aa:7e:c5:74:13:f8:bd:b8:b7:3d:fe:
57:04:a6:5b:ff:0e:ae:95:8a:91:93:31:ab:d2:3e:
0f:c3:a9:82:5e:52:e8:80:16:e7:51:dd:e2:92:6e:
ff:2d:54:fa:2d:a8:fe:25:3a:ce:43:af:20:4b:41:
e5:eb:e0:1e:fd:48:a4:c9:76:d6:90:4e:c7:85:48:
25:0b:84:8b:5d:10:9e:6f:b1:97:32:60:90:37:1b:
d6:08:2f:1c:58:f2:d3:a4:93:03:e4:15:fa:d6:ed:
e2:7f:25:27:9f:94:c0:4e:78:1c:8a:eb:2d:4f:c0:
35:82:c8:06:d4:62:66:4c:92:25:a9:ad:9d:d0:1d:
08:69:5e:3b:9a:c2:81:d0:28:cd:2e:6e:7c:3c:c3:
73:32:c4:da:ba:0d:48:ab:f1:8c:08:c8:e7:b5:0c:
17:23:3f:44:c3:16:ac:28:a5:31:a7:39:bf:08:55:
7c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:36:7D:26:92:F5:D0:A8:12:D4:9B:6B:E4:46:56:14:86:3B:FA:E2
X509v3 Authority Key Identifier:
keyid:13:76:4A:52:C8:5E:07:E3:37:49:74:3D:23:A5:A2:4D:09:6D:F1:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E3ZKUsheB-M3SXQ9I6WiTQlt8Uc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/e4e531-6bee-4189-ba7c-203e45616306/1/SDZ9JpL10KgS1Jtr5EZWFIY7-uI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/e4e531-6bee-4189-ba7c-203e45616306/1/E3ZKUsheB-M3SXQ9I6WiTQlt8Uc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.131.240.0/21
185.147.148.0/22
Signature Algorithm: sha256WithRSAEncryption
37:bf:f7:e3:11:95:e5:a4:1f:81:6e:e9:f0:0d:89:3a:df:7c:
f8:92:3a:e6:55:21:12:5c:78:c7:96:7a:c5:61:3f:d5:bc:ca:
7c:53:8f:39:b7:68:58:34:23:6f:bc:ad:ed:03:17:40:ba:62:
a9:5a:61:97:85:85:7a:b1:8d:47:58:89:a0:74:d1:10:4f:92:
e9:c3:a8:ab:cf:b7:1f:c3:e2:7d:d5:64:4d:9f:2d:67:44:5a:
0c:b2:1e:7c:4e:39:ae:16:89:70:1b:3e:9f:cd:5b:6a:54:d9:
56:9b:6e:60:95:3d:aa:0c:39:3e:41:df:79:3e:0c:e3:ab:dd:
e2:31:4e:4f:c5:db:6f:d7:1d:7a:50:19:69:da:f8:37:74:8c:
95:9e:50:a4:4e:10:b4:1c:22:ae:ff:fc:d2:fd:6d:21:71:1b:
9b:0c:e4:3d:50:85:47:da:15:ce:65:73:1b:42:da:88:12:bb:
d8:79:17:9b:d1:9e:4f:36:f2:a8:6a:31:da:67:1e:28:54:8e:
e0:90:d7:b4:60:ee:17:4e:4c:e9:3a:89:6a:d8:3f:1b:a1:f0:
77:2a:46:ed:5c:a9:83:33:55:1a:29:02:30:06:95:3a:18:78:
ef:24:aa:8c:1d:0d:fd:51:8d:f3:f4:65:1d:d6:11:46:f1:ad:
53:59:a8:35
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtSsVikaChhLmhdux1LDpiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNzY0YTUyYzg1ZTA3ZTMzNzQ5NzQzZDIzYTVhMjRkMDk2
ZGYxNDcwHhcNMjMwMTAxMTIyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODM2N2QyNjkyZjVkMGE4MTJkNDliNmJlNDQ2NTYxNDg2M2JmYWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfYknlg1FzcLDY7COazdlGSyH7g7
G4Zf3uo1+QHpNMGvhCMTrP2oLYyLlIIbqj+qrcrbnpF7+tAv8JDGWUD5mbF9NRXA
82pPkcI9Br7mqn7FdBP4vbi3Pf5XBKZb/w6ulYqRkzGr0j4Pw6mCXlLogBbnUd3i
km7/LVT6Laj+JTrOQ68gS0Hl6+Ae/UikyXbWkE7HhUglC4SLXRCeb7GXMmCQNxvW
CC8cWPLTpJMD5BX61u3ifyUnn5TATngciustT8A1gsgG1GJmTJIlqa2d0B0IaV47
msKB0CjNLm58PMNzMsTaug1Iq/GMCMjntQwXIz9EwxasKKUxpzm/CFV8CwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEg2fSaS9dCoEtSba+RGVhSGO/riMB8GA1UdIwQY
MBaAFBN2SlLIXgfjN0l0PSOlok0JbfFHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTNaS1VzaGVCLU0zU1hROUk2V2lUUWx0OFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9lNGU1MzEtNmJlZS00MTg5LWJhN2Mt
MjAzZTQ1NjE2MzA2LzEvU0RaOUpwTDEwS2dTMUp0cjVFWldGSVk3LXVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9lNGU1MzEtNmJlZS00MTg5LWJhN2MtMjAzZTQ1NjE2MzA2
LzEvRTNaS1VzaGVCLU0zU1hROUk2V2lUUWx0OFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDX4PwAwQC
uZOUMA0GCSqGSIb3DQEBCwUAA4IBAQA3v/fjEZXlpB+BbunwDYk633z4kjrmVSES
XHjHlnrFYT/VvMp8U485t2hYNCNvvK3tAxdAumKpWmGXhYV6sY1HWImgdNEQT5Lp
w6irz7cfw+J91WRNny1nRFoMsh58TjmuFolwGz6fzVtqVNlWm25glT2qDDk+Qd95
Pgzjq93iMU5Pxdtv1x16UBlp2vg3dIyVnlCkThC0HCKu//zS/W0hcRubDOQ9UIVH
2hXOZXMbQtqIErvYeReb0Z5PNvKoajHaZx4oVI7gkNe0YO4XTkzpOolq2D8bofB3
KkbtXKmDM1UaKQIwBpU6GHjvJKqMHQ39UY3z9GUd1hFG8a1TWag1
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:42 2024 by rpki-client on console-fra.rpki-client.org