Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/SZgkqye8IBrOLh7zwa1aLaXKRGQ.roa
File: SZgkqye8IBrOLh7zwa1aLaXKRGQ.roa (raw, json)
Hash identifier: QPon/Te6SqrCLEKXJgXJbW1V8fCQ9KKHCiAkM1DI0g0=
Subject key identifier: 49:98:24:AB:27:BC:20:1A:CE:2E:1E:F3:C1:AD:5A:2D:A5:CA:44:64
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018F1ADB8D1A3D077F65045F7B0727324CDD
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/SZgkqye8IBrOLh7zwa1aLaXKRGQ.roa
Signing time: Fri 26 Apr 2024 14:42:27 +0000
ROA not before: Fri 26 Apr 2024 14:42:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52053
IP address blocks: 185.255.112.0/24 maxlen: 24
192.144.34.0/24 maxlen: 24
193.38.250.0/24 maxlen: 24
194.110.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Apr 2024 17:51:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1a:db:8d:1a:3d:07:7f:65:04:5f:7b:07:27:32:4c:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Apr 26 14:42:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=499824ab27bc201ace2e1ef3c1ad5a2da5ca4464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:84:c5:3c:9b:ef:52:95:c4:b6:42:8a:57:12:
28:b5:3c:78:30:5c:8a:ca:f4:0c:d3:3b:ca:95:c2:
84:b5:ec:69:65:19:33:4f:0e:60:12:4d:18:8c:cd:
da:97:c9:12:48:41:d4:41:27:08:72:d6:fc:15:1e:
1d:67:d2:21:c9:7e:72:10:74:a4:48:19:a9:50:44:
40:ae:4a:fc:e2:0d:b5:26:b9:9d:80:c7:12:5e:30:
ec:7b:38:3e:36:8c:3a:75:53:f9:f5:9d:76:5c:5c:
ef:7c:76:eb:1d:2e:4c:73:ed:47:5f:12:6d:e5:69:
06:55:88:7d:0f:4b:2a:03:cc:53:ab:d7:48:f4:17:
57:8e:31:81:11:38:61:1d:08:bc:55:f5:ce:f5:99:
01:0d:a1:66:58:7e:3a:be:a0:74:a1:8e:59:dd:11:
7e:58:f7:62:d0:45:a4:44:bb:fc:2b:7e:04:66:3a:
f7:4f:21:a4:9c:18:43:71:69:cc:40:3d:fb:f3:46:
c2:0f:14:d6:00:07:7d:27:00:68:c2:41:8c:ac:88:
78:82:1a:f1:a0:e5:aa:12:40:5a:8b:0e:e2:1b:af:
09:63:95:d1:0f:98:08:f7:1b:04:08:e0:62:f7:5e:
29:f1:81:0c:3e:02:c4:bf:31:c5:5e:16:7f:ba:0e:
7e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:98:24:AB:27:BC:20:1A:CE:2E:1E:F3:C1:AD:5A:2D:A5:CA:44:64
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/SZgkqye8IBrOLh7zwa1aLaXKRGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.112.0/24
192.144.34.0/24
193.38.250.0/24
194.110.174.0/24
Signature Algorithm: sha256WithRSAEncryption
83:7c:21:a6:20:d8:90:a2:3a:07:d7:d1:31:d4:a6:b9:eb:80:
24:47:88:64:fd:b1:c3:36:6b:5a:c9:a1:ee:4a:2f:68:d6:af:
4f:6a:51:5d:37:e7:47:a9:3b:9a:2b:32:a5:ad:bc:60:1e:c3:
f9:1c:87:46:75:90:dc:31:3a:49:41:99:47:c2:e3:11:4e:77:
b3:20:b1:c0:97:1e:69:85:34:9f:13:89:f7:e7:9d:15:7e:bf:
9e:dd:68:29:cb:9f:ec:8c:4c:a3:24:ef:10:33:83:22:d3:01:
59:4f:b4:47:5d:98:00:b7:15:d7:52:dc:86:a4:0a:1c:cd:6f:
3c:17:02:55:a7:a5:4c:24:67:a8:e2:7f:ec:a7:67:1d:bf:0d:
54:40:84:a9:73:cf:0f:0c:7e:d7:df:92:4a:c6:e5:b8:c2:8f:
03:a6:76:5c:62:ac:ba:ef:f4:c9:d5:e5:37:2e:72:6a:50:0b:
43:9b:27:7c:18:41:71:3d:a3:60:09:91:6f:e4:0d:1a:e0:01:
ec:48:7d:45:66:ab:6d:bb:f3:c5:52:89:34:c5:18:6d:9c:31:
9c:a3:7e:9c:05:51:14:8e:17:de:4c:4f:87:5d:17:53:e8:56:
20:f7:97:2a:d7:68:b2:e0:55:5c:5b:35:c3:64:43:56:bb:05:
89:9c:40:5b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY8a240aPQd/ZQRfewcnMkzdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwNDI2MTQ0MjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTk4MjRhYjI3YmMyMDFhY2UyZTFlZjNjMWFkNWEyZGE1Y2E0NDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4TFPJvvUpXEtkKKVxIotTx4MFyK
yvQM0zvKlcKEtexpZRkzTw5gEk0YjM3al8kSSEHUQScIctb8FR4dZ9IhyX5yEHSk
SBmpUERArkr84g21JrmdgMcSXjDsezg+Now6dVP59Z12XFzvfHbrHS5Mc+1HXxJt
5WkGVYh9D0sqA8xTq9dI9BdXjjGBEThhHQi8VfXO9ZkBDaFmWH46vqB0oY5Z3RF+
WPdi0EWkRLv8K34EZjr3TyGknBhDcWnMQD3780bCDxTWAAd9JwBowkGMrIh4ghrx
oOWqEkBaiw7iG68JY5XRD5gI9xsECOBi914p8YEMPgLEvzHFXhZ/ug5+6QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEmYJKsnvCAazi4e88GtWi2lykRkMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvU1pna3F5ZThJQnJPTGg3endhMWFMYVhLUkdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuf9wAwQA
wJAiAwQAwSb6AwQAwm6uMA0GCSqGSIb3DQEBCwUAA4IBAQCDfCGmINiQojoH19Ex
1Ka564AkR4hk/bHDNmtayaHuSi9o1q9PalFdN+dHqTuaKzKlrbxgHsP5HIdGdZDc
MTpJQZlHwuMRTnezILHAlx5phTSfE4n3550Vfr+e3Wgpy5/sjEyjJO8QM4Mi0wFZ
T7RHXZgAtxXXUtyGpAoczW88FwJVp6VMJGeo4n/sp2cdvw1UQISpc88PDH7X35JK
xuW4wo8DpnZcYqy67/TJ1eU3LnJqUAtDmyd8GEFxPaNgCZFv5A0a4AHsSH1FZqtt
u/PFUok0xRhtnDGco36cBVEUjhfeTE+HXRdT6FYg95cq12iy4FVcWzXDZENWuwWJ
nEBb
-----END CERTIFICATE-----
Generated at Fri Apr 26 22:47:21 2024 by rpki-client on console.sobornost.net