Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/f4863a-aeae-42f7-ba14-ed4a138c4113/1/SjFpCsDoNxS8fCO3dZxs6D9ZALU.roa
File: SjFpCsDoNxS8fCO3dZxs6D9ZALU.roa (raw, json)
Hash identifier: cx034DZisKbx3Chb09pumbCXyqAxpS5kUUyAjK72bFg=
Subject key identifier: 4A:31:69:0A:C0:E8:37:14:BC:7C:23:B7:75:9C:6C:E8:3F:59:00:B5
Certificate issuer: /CN=9d8ada352982a319b54d5e483d34426346733ea4
Certificate serial: 01856EC22776B328B3BC03BCA9D026E534D7
Authority key identifier: 9D:8A:DA:35:29:82:A3:19:B5:4D:5E:48:3D:34:42:63:46:73:3E:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nYraNSmCoxm1TV5IPTRCY0ZzPqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/f4863a-aeae-42f7-ba14-ed4a138c4113/1/SjFpCsDoNxS8fCO3dZxs6D9ZALU.roa
Signing time: Sun 01 Jan 2023 19:14:55 +0000
ROA not before: Sun 01 Jan 2023 19:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202862
IP address blocks: 194.146.90.0/23 maxlen: 23
194.146.88.0/22 maxlen: 22
194.146.88.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:27:76:b3:28:b3:bc:03:bc:a9:d0:26:e5:34:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d8ada352982a319b54d5e483d34426346733ea4
Validity
Not Before: Jan 1 19:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a31690ac0e83714bc7c23b7759c6ce83f5900b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:eb:92:27:45:5d:fb:c7:3b:3b:5d:bf:64:e3:
0e:3c:48:e6:1d:10:f6:24:45:83:df:fa:e5:5a:14:
ce:ed:ca:8d:7e:ba:ae:53:f4:89:29:e3:8e:ce:9e:
17:ff:25:47:6f:5b:56:51:40:af:34:fe:38:15:22:
72:a7:50:f6:bd:4b:88:79:d8:c2:78:ae:29:21:99:
37:f3:10:13:38:3b:65:9c:07:4d:e0:dd:f3:5f:41:
f9:64:cd:f6:34:44:8e:50:fb:ea:08:42:e1:69:41:
53:82:cb:86:d7:9d:5b:54:6b:57:70:e6:3d:2c:e7:
91:f9:4e:31:41:96:69:9d:64:7d:f3:bd:ea:94:60:
ed:39:60:93:9e:23:9b:36:f3:a7:9d:6f:f2:a9:52:
01:0d:22:42:e5:06:95:7e:cd:ad:2d:8c:a2:1d:10:
3d:d1:0a:1b:60:a3:7a:f8:45:99:31:12:04:73:62:
ef:e3:fb:c2:53:af:cf:d2:4c:fb:f9:1f:dd:5c:c6:
32:4b:11:a6:3e:0c:f6:77:a0:3e:7c:b4:76:ca:a3:
b3:5d:58:11:9f:ec:c1:a7:41:60:26:46:8c:fc:97:
ee:87:35:7c:c9:77:c1:a5:f4:90:5b:7b:cb:8e:dc:
e1:3e:cc:a9:f5:b7:34:ab:89:0b:d2:b2:db:5a:90:
07:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:31:69:0A:C0:E8:37:14:BC:7C:23:B7:75:9C:6C:E8:3F:59:00:B5
X509v3 Authority Key Identifier:
keyid:9D:8A:DA:35:29:82:A3:19:B5:4D:5E:48:3D:34:42:63:46:73:3E:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nYraNSmCoxm1TV5IPTRCY0ZzPqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/f4863a-aeae-42f7-ba14-ed4a138c4113/1/SjFpCsDoNxS8fCO3dZxs6D9ZALU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/f4863a-aeae-42f7-ba14-ed4a138c4113/1/nYraNSmCoxm1TV5IPTRCY0ZzPqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.88.0/22
Signature Algorithm: sha256WithRSAEncryption
39:53:d3:68:2a:46:1c:7f:71:e4:e7:3f:c2:d2:de:4a:45:b7:
2f:e1:5c:19:9b:0c:2a:97:e6:d7:69:0d:3f:ec:ac:65:4e:32:
d6:55:9e:78:82:54:04:f1:5e:cd:65:da:f4:5c:ce:e5:06:fc:
10:9f:c8:d9:22:a9:dc:2c:84:63:31:65:d6:5e:3a:e1:54:c4:
bb:69:c7:c2:ba:f4:1e:b1:6d:2a:18:e4:a9:5e:30:b9:0c:96:
6d:76:d2:51:db:93:59:42:40:17:53:4c:26:76:bd:fe:74:2a:
8b:80:b3:2d:cb:d5:3a:cb:82:4b:a2:48:45:05:b2:7f:42:6d:
c7:c2:7a:d3:c3:90:1f:2d:6f:26:91:49:1a:0b:0a:2a:dd:f0:
7b:3b:97:a0:0d:9c:e7:97:19:65:7d:ee:32:1a:fe:b0:3e:70:
ad:7e:4b:59:f8:35:ec:3c:82:28:2e:ee:c5:c9:d2:34:21:43:
bc:f9:a9:4f:92:bd:37:95:7b:2c:e2:7d:56:69:68:a5:45:ed:
85:71:30:61:92:ba:b6:3a:b0:8c:88:f7:00:e4:e2:d5:30:28:
e7:fc:da:d7:14:9c:8b:00:e5:d1:88:b0:9b:f4:50:df:1f:ab:
31:41:41:35:2f:d0:95:bf:c9:43:9c:f7:5b:f2:4d:3c:28:fc:
c7:bf:9d:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwid2syizvAO8qdAm5TTXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkOGFkYTM1Mjk4MmEzMTliNTRkNWU0ODNkMzQ0MjYzNDY3
MzNlYTQwHhcNMjMwMTAxMTkxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTMxNjkwYWMwZTgzNzE0YmM3YzIzYjc3NTljNmNlODNmNTkwMGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+uSJ0Vd+8c7O12/ZOMOPEjmHRD2
JEWD3/rlWhTO7cqNfrquU/SJKeOOzp4X/yVHb1tWUUCvNP44FSJyp1D2vUuIedjC
eK4pIZk38xATODtlnAdN4N3zX0H5ZM32NESOUPvqCELhaUFTgsuG151bVGtXcOY9
LOeR+U4xQZZpnWR9873qlGDtOWCTniObNvOnnW/yqVIBDSJC5QaVfs2tLYyiHRA9
0QobYKN6+EWZMRIEc2Lv4/vCU6/P0kz7+R/dXMYySxGmPgz2d6A+fLR2yqOzXVgR
n+zBp0FgJkaM/JfuhzV8yXfBpfSQW3vLjtzhPsyp9bc0q4kL0rLbWpAHwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEoxaQrA6DcUvHwjt3WcbOg/WQC1MB8GA1UdIwQY
MBaAFJ2K2jUpgqMZtU1eSD00QmNGcz6kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbllyYU5TbUNveG0xVFY1SVBUUkNZMFp6UHFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9mNDg2M2EtYWVhZS00MmY3LWJhMTQt
ZWQ0YTEzOGM0MTEzLzEvU2pGcENzRG9OeFM4ZkNPM2RaeHM2RDlaQUxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9mNDg2M2EtYWVhZS00MmY3LWJhMTQtZWQ0YTEzOGM0MTEz
LzEvbllyYU5TbUNveG0xVFY1SVBUUkNZMFp6UHFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwpJYMA0G
CSqGSIb3DQEBCwUAA4IBAQA5U9NoKkYcf3Hk5z/C0t5KRbcv4VwZmwwql+bXaQ0/
7KxlTjLWVZ54glQE8V7NZdr0XM7lBvwQn8jZIqncLIRjMWXWXjrhVMS7acfCuvQe
sW0qGOSpXjC5DJZtdtJR25NZQkAXU0wmdr3+dCqLgLMty9U6y4JLokhFBbJ/Qm3H
wnrTw5AfLW8mkUkaCwoq3fB7O5egDZznlxllfe4yGv6wPnCtfktZ+DXsPIIoLu7F
ydI0IUO8+alPkr03lXss4n1WaWilRe2FcTBhkrq2OrCMiPcA5OLVMCjn/NrXFJyL
AOXRiLCb9FDfH6sxQUE1L9CVv8lDnPdb8k08KPzHv52G
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:07 2024 by rpki-client on console-ams.rpki-client.org