Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/SjMVxzKK05ptPih7hzApLHo2W-U.roa
File: SjMVxzKK05ptPih7hzApLHo2W-U.roa (raw, json)
Hash identifier: ZTHTJT+eBnqyQkmuOAnZebFFkJ1er3OkWTIyXNQtkrY=
Subject key identifier: 4A:33:15:C7:32:8A:D3:9A:6D:3E:28:7B:87:30:29:2C:7A:36:5B:E5
Certificate issuer: /CN=e479af1716dc461e5bb3f876215bcb94e8808ba0
Certificate serial: 018570E7723729C77A1B0CF6CC4051975815
Authority key identifier: E4:79:AF:17:16:DC:46:1E:5B:B3:F8:76:21:5B:CB:94:E8:80:8B:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5HmvFxbcRh5bs_h2IVvLlOiAi6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/SjMVxzKK05ptPih7hzApLHo2W-U.roa
Signing time: Mon 02 Jan 2023 05:14:54 +0000
ROA not before: Mon 02 Jan 2023 05:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8218
IP address blocks: 158.255.96.0/19 maxlen: 19
158.255.106.0/24 maxlen: 24
91.194.208.0/23 maxlen: 24
195.216.192.0/23 maxlen: 24
141.255.136.0/21 maxlen: 21
83.167.32.0/19 maxlen: 19
94.103.128.0/20 maxlen: 20
213.179.76.0/22 maxlen: 22
193.34.130.0/23 maxlen: 24
185.110.192.0/22 maxlen: 22
213.152.0.0/19 maxlen: 19
46.255.176.0/21 maxlen: 21
212.69.160.0/19 maxlen: 19
193.227.248.0/23 maxlen: 24
2001:1b48::/32 maxlen: 32
2a00:1f60::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:72:37:29:c7:7a:1b:0c:f6:cc:40:51:97:58:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e479af1716dc461e5bb3f876215bcb94e8808ba0
Validity
Not Before: Jan 2 05:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a3315c7328ad39a6d3e287b8730292c7a365be5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0e:9c:0a:2e:90:a9:f4:11:bb:32:82:93:7e:
d2:dd:04:0c:ed:2b:08:cf:bf:d9:80:ae:b5:2f:d4:
5e:ab:1b:35:43:01:ce:3a:1c:88:e9:89:24:b9:c2:
dd:28:09:be:d5:29:32:0b:42:16:82:e0:72:f6:24:
c5:af:03:98:96:cc:68:aa:df:86:c8:c2:43:1b:4f:
be:2c:c5:33:79:22:e6:01:2d:01:7c:a4:80:85:d9:
c1:3d:d5:bf:8e:3a:7b:9e:f6:5f:3b:be:6a:b1:e5:
60:8b:27:27:f7:49:8b:90:08:0f:ed:97:8d:3c:34:
53:6c:7a:ae:22:11:7f:20:9d:86:b0:e1:e8:df:7f:
cd:cc:12:0e:d7:76:23:49:e4:51:fa:6b:36:ef:d3:
ce:30:31:45:9b:93:f7:76:50:a6:a3:1c:e6:9a:1b:
6f:05:e6:c6:78:70:88:24:9f:3f:b0:40:9e:5a:94:
32:33:d7:25:75:77:52:6b:be:17:e6:59:3f:39:f4:
7e:18:7c:a7:3f:8d:0b:6d:02:20:21:f9:f5:f2:b5:
f5:3f:49:85:00:98:f3:79:4e:c8:6f:a2:ae:14:dd:
e2:26:d5:e7:c6:8c:dc:f1:66:fb:2a:6e:18:88:99:
49:77:41:7c:d4:75:2b:06:5f:d0:ee:c8:bf:2e:4a:
b8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:33:15:C7:32:8A:D3:9A:6D:3E:28:7B:87:30:29:2C:7A:36:5B:E5
X509v3 Authority Key Identifier:
keyid:E4:79:AF:17:16:DC:46:1E:5B:B3:F8:76:21:5B:CB:94:E8:80:8B:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5HmvFxbcRh5bs_h2IVvLlOiAi6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/SjMVxzKK05ptPih7hzApLHo2W-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/5HmvFxbcRh5bs_h2IVvLlOiAi6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.176.0/21
83.167.32.0/19
91.194.208.0/23
94.103.128.0/20
141.255.136.0/21
158.255.96.0/19
185.110.192.0/22
193.34.130.0/23
193.227.248.0/23
195.216.192.0/23
212.69.160.0/19
213.152.0.0/19
213.179.76.0/22
IPv6:
2001:1b48::/32
2a00:1f60::/32
Signature Algorithm: sha256WithRSAEncryption
18:62:42:d7:3f:b8:4d:bd:64:59:94:be:f1:07:a7:b9:ba:5d:
f6:83:b5:43:eb:12:c0:b1:c0:38:c6:5b:6d:6e:f3:38:42:67:
2e:c0:e7:fd:8c:4c:d8:73:7d:a7:1d:0f:32:68:58:37:84:53:
4c:0f:fc:26:f1:e0:f8:96:27:ce:d8:8d:bf:b1:2d:18:8c:4a:
dd:8b:8d:4c:f1:9f:49:a4:d6:13:20:4e:8e:db:d5:70:77:cd:
60:a0:8a:b2:bf:39:0b:79:e0:a0:e6:1c:00:70:ad:27:3c:7e:
3b:37:c7:64:01:4c:19:c2:63:2d:6f:9c:eb:6d:5d:e8:f6:b4:
5f:3c:55:60:0c:c9:51:68:b8:0b:8b:92:11:d4:4f:77:c4:f5:
57:2c:47:4f:36:97:11:91:a4:67:a7:5c:92:d3:9e:5b:09:8f:
45:d7:27:4a:c4:ac:c1:db:5b:89:f0:71:4e:75:f6:b6:c5:93:
d0:f7:70:72:84:89:55:2a:97:bf:0e:68:57:93:36:9d:bc:37:
7a:b2:b0:fe:62:a0:bd:5c:a5:f8:63:1a:bc:bf:0a:48:26:df:
9d:3d:8d:e5:79:ac:47:9e:90:58:43:c7:ca:f8:1f:4a:20:c8:
e9:0e:35:b2:a2:46:72:37:88:87:4c:d1:57:19:78:1d:35:27:
58:4d:f8:5d
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYVw53I3Kcd6Gwz2zEBRl1gVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NzlhZjE3MTZkYzQ2MWU1YmIzZjg3NjIxNWJjYjk0ZTg4
MDhiYTAwHhcNMjMwMTAyMDUxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTMzMTVjNzMyOGFkMzlhNmQzZTI4N2I4NzMwMjkyYzdhMzY1YmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwA6cCi6QqfQRuzKCk37S3QQM7SsI
z7/ZgK61L9Reqxs1QwHOOhyI6YkkucLdKAm+1SkyC0IWguBy9iTFrwOYlsxoqt+G
yMJDG0++LMUzeSLmAS0BfKSAhdnBPdW/jjp7nvZfO75qseVgiycn90mLkAgP7ZeN
PDRTbHquIhF/IJ2GsOHo33/NzBIO13YjSeRR+ms279POMDFFm5P3dlCmoxzmmhtv
BebGeHCIJJ8/sECeWpQyM9cldXdSa74X5lk/OfR+GHynP40LbQIgIfn18rX1P0mF
AJjzeU7Ib6KuFN3iJtXnxozc8Wb7Km4YiJlJd0F81HUrBl/Q7si/Lkq4dwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFEozFccyitOabT4oe4cwKSx6NlvlMB8GA1UdIwQY
MBaAFOR5rxcW3EYeW7P4diFby5TogIugMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUhtdkZ4YmNSaDVic19oMklWdkxsT2lBaTZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS82MzI5OWEtODZiMi00OWZmLWI2ZTIt
MjQxZWFiNjE0ODNmLzEvU2pNVnh6S0swNXB0UGloN2h6QXBMSG8yVy1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS82MzI5OWEtODZiMi00OWZmLWI2ZTItMjQxZWFiNjE0ODNm
LzEvNUhtdkZ4YmNSaDVic19oMklWdkxsT2lBaTZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQDLv+wAwQF
U6cgAwQBW8LQAwQEXmeAAwQDjf+IAwQFnv9gAwQCuW7AAwQBwSKCAwQBweP4AwQB
w9jAAwQF1EWgAwQF1ZgAAwQC1bNMMBQEAgACMA4DBQAgARtIAwUAKgAfYDANBgkq
hkiG9w0BAQsFAAOCAQEAGGJC1z+4Tb1kWZS+8Qenubpd9oO1Q+sSwLHAOMZbbW7z
OEJnLsDn/YxM2HN9px0PMmhYN4RTTA/8JvHg+JYnztiNv7EtGIxK3YuNTPGfSaTW
EyBOjtvVcHfNYKCKsr85C3ngoOYcAHCtJzx+OzfHZAFMGcJjLW+c621d6Pa0XzxV
YAzJUWi4C4uSEdRPd8T1VyxHTzaXEZGkZ6dcktOeWwmPRdcnSsSswdtbifBxTnX2
tsWT0PdwcoSJVSqXvw5oV5M2nbw3erKw/mKgvVyl+GMavL8KSCbfnT2N5XmsR56Q
WEPHyvgfSiDI6Q41sqJGcjeIh0zRVxl4HTUnWE34XQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:20 2024 by rpki-client on console-fra.rpki-client.org