Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/z8HLwbFdh-HfZ1TDskHMvMtz9S0.roa
File: z8HLwbFdh-HfZ1TDskHMvMtz9S0.roa (raw, json)
Hash identifier: 9stCHQQSgZRa4zcD4jbhYOfi8iKEXep25wNn3+zDZUU=
Subject key identifier: CF:C1:CB:C1:B1:5D:87:E1:DF:67:54:C3:B2:41:CC:BC:CB:73:F5:2D
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018CCAE648E92213E3C18F17ACD17C993914
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/z8HLwbFdh-HfZ1TDskHMvMtz9S0.roa
Signing time: Tue 02 Jan 2024 15:58:58 +0000
ROA not before: Tue 02 Jan 2024 15:58:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 92.118.205.0/24 maxlen: 24
92.118.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Mar 2024 20:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:e6:48:e9:22:13:e3:c1:8f:17:ac:d1:7c:99:39:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 2 15:58:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfc1cbc1b15d87e1df6754c3b241ccbccb73f52d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f3:f7:02:ce:db:bb:09:f9:68:ee:3b:a1:ab:
14:7b:09:57:cd:fa:01:3a:b3:64:ba:1f:4c:48:7f:
e3:f3:8f:6c:cd:a7:a8:06:7b:d2:16:25:dd:82:8e:
d9:84:10:8e:b4:83:be:74:b2:9d:f5:7f:40:cc:60:
b1:67:6b:67:72:96:27:d9:c6:39:88:61:b3:5a:bf:
b6:e5:5a:42:80:80:d7:8d:04:76:0d:92:e4:5b:31:
71:a1:dd:e7:24:43:9b:87:cc:94:de:c7:10:fa:fd:
d3:19:fc:a3:6a:09:88:ad:44:47:50:54:b0:f3:56:
62:e4:b3:00:68:0d:d5:51:25:e7:e2:53:f2:de:aa:
ac:ad:d4:6f:02:00:31:de:1c:5d:0a:0f:85:db:d3:
12:c4:c8:69:68:d5:7e:28:60:c1:74:5a:ab:02:dc:
3b:21:c8:9e:10:2a:4d:75:24:ed:d8:7e:7b:1e:f2:
e1:33:a7:6a:d4:44:1a:81:f1:a7:fe:5e:18:bd:5d:
3e:1e:1f:e2:9c:7f:df:da:4c:c9:cc:ab:bd:c8:d0:
5f:e1:ff:16:77:a6:77:39:87:11:4f:f2:0e:22:7e:
8c:90:42:23:ec:e3:38:ec:3f:e3:39:4d:3e:bc:16:
3d:9a:cb:0e:a0:76:4f:4c:58:39:dc:e1:d2:dd:07:
9c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:C1:CB:C1:B1:5D:87:E1:DF:67:54:C3:B2:41:CC:BC:CB:73:F5:2D
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/z8HLwbFdh-HfZ1TDskHMvMtz9S0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.205.0-92.118.206.255
Signature Algorithm: sha256WithRSAEncryption
1a:9d:ae:ee:e8:90:19:2f:54:19:b9:a4:d0:bd:28:54:b3:eb:
9a:1b:fa:53:83:04:b8:7e:df:a0:e6:96:41:44:7e:ef:9a:76:
43:0b:86:0e:28:56:3b:e1:59:1e:4b:67:42:79:d4:54:bb:c6:
ae:23:aa:5c:9e:08:a7:30:38:95:6d:94:19:b4:fa:c2:5c:87:
e2:24:89:42:9f:40:40:90:14:e8:a3:31:2d:3f:be:aa:dc:e4:
21:f6:06:29:bb:ec:10:93:48:02:f6:a0:43:ec:f4:d8:7e:27:
07:55:db:4d:55:90:cd:75:93:50:90:f6:14:3e:fa:6f:47:65:
3d:3a:a8:47:8e:1f:01:99:60:7c:2b:5b:70:d1:a2:9c:85:b5:
57:66:0b:44:7a:94:11:da:82:19:f3:7b:79:da:95:0b:34:ea:
1b:53:4b:82:7d:94:ef:cd:46:c2:6b:07:a9:98:71:fa:f9:af:
80:30:be:36:94:8e:6f:80:e2:2a:f3:5f:3c:af:27:23:6c:2f:
a1:d0:21:ef:78:29:f4:57:a3:c6:55:19:7f:14:8c:e7:fe:85:
32:85:82:e7:95:b3:79:04:fb:72:a8:a8:ca:4a:ff:3a:4b:96:
d6:92:e2:ec:81:40:c5:ee:f3:5a:73:1f:e2:55:19:8f:71:7b:
c8:c5:50:09
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzK5kjpIhPjwY8XrNF8mTkUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwMTAyMTU1ODU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmMxY2JjMWIxNWQ4N2UxZGY2NzU0YzNiMjQxY2NiY2NiNzNmNTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfP3As7buwn5aO47oasUewlXzfoB
OrNkuh9MSH/j849szaeoBnvSFiXdgo7ZhBCOtIO+dLKd9X9AzGCxZ2tncpYn2cY5
iGGzWr+25VpCgIDXjQR2DZLkWzFxod3nJEObh8yU3scQ+v3TGfyjagmIrURHUFSw
81Zi5LMAaA3VUSXn4lPy3qqsrdRvAgAx3hxdCg+F29MSxMhpaNV+KGDBdFqrAtw7
IcieECpNdSTt2H57HvLhM6dq1EQagfGn/l4YvV0+Hh/inH/f2kzJzKu9yNBf4f8W
d6Z3OYcRT/IOIn6MkEIj7OM47D/jOU0+vBY9mssOoHZPTFg53OHS3QecBQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFM/By8GxXYfh32dUw7JBzLzLc/UtMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvejhITHdiRmRoLUhmWjFURHNrSE12TXR6OVMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABcds0D
BABcds4wDQYJKoZIhvcNAQELBQADggEBABqdru7okBkvVBm5pNC9KFSz65ob+lOD
BLh+36DmlkFEfu+adkMLhg4oVjvhWR5LZ0J51FS7xq4jqlyeCKcwOJVtlBm0+sJc
h+IkiUKfQECQFOijMS0/vqrc5CH2Bim77BCTSAL2oEPs9Nh+JwdV201VkM11k1CQ
9hQ++m9HZT06qEeOHwGZYHwrW3DRopyFtVdmC0R6lBHaghnze3nalQs06htTS4J9
lO/NRsJrB6mYcfr5r4AwvjaUjm+A4irzXzyvJyNsL6HQIe94KfRXo8ZVGX8UjOf+
hTKFgueVs3kE+3KoqMpK/zpLltaS4uyBQMXu81pzH+JVGY9xe8jFUAk=
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:36:58 2024 by rpki-client on console-fra.rpki-client.org