Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/m8vEdiee55lirSMpPMxgBAV-AHI.roa
File: m8vEdiee55lirSMpPMxgBAV-AHI.roa (raw, json)
Hash identifier: iW3unREMJlgwXxciuTK/rpeLm/qKN/G0jLz1YlEjOCc=
Subject key identifier: 9B:CB:C4:76:27:9E:E7:99:62:AD:23:29:3C:CC:60:04:05:7E:00:72
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 018CB0052D3E354B450631646ABC492FE1F8
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/m8vEdiee55lirSMpPMxgBAV-AHI.roa
Signing time: Thu 28 Dec 2023 10:42:58 +0000
ROA not before: Thu 28 Dec 2023 10:42:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199785
IP address blocks: 146.19.207.0/24 maxlen: 24
217.114.43.0/24 maxlen: 24
176.126.103.0/24 maxlen: 24
89.107.10.0/24 maxlen: 24
178.250.186.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b0:05:2d:3e:35:4b:45:06:31:64:6a:bc:49:2f:e1:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: Dec 28 10:42:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9bcbc476279ee79962ad23293ccc6004057e0072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:cb:d5:6a:52:ef:cf:45:6b:b6:c2:9b:b4:8a:
e8:c7:54:75:6b:bf:94:d1:25:32:8d:f8:67:e2:09:
4b:1d:b9:8b:0b:e0:41:6a:9f:83:ee:1d:ef:c4:e6:
79:61:ad:ae:3d:d5:eb:59:d5:1a:eb:1b:e9:0d:62:
e3:8d:06:9f:8f:06:e5:57:c7:22:26:ca:f2:1d:63:
44:86:98:97:bc:bc:4a:60:af:8e:6e:c3:66:34:68:
bd:9e:4c:09:01:ea:a4:fc:51:a2:8d:79:95:4f:fd:
fd:5d:15:91:cf:84:75:c6:48:5d:1d:db:14:79:40:
3a:5c:cb:09:09:3a:69:43:00:f1:ec:d1:3c:1c:dc:
16:17:c0:5a:60:9d:e1:3d:c1:dc:59:a0:ca:86:73:
18:be:ae:bf:c8:d6:24:28:b6:ec:63:b1:9e:20:be:
63:0f:f5:b8:08:ba:f0:d2:7b:49:a1:8c:7b:9d:34:
b8:4f:31:d6:f2:1e:4a:4a:9b:d5:0e:3f:8d:0c:1f:
1c:55:96:03:cf:fe:89:69:c6:2f:0b:2c:9a:d5:0c:
b9:d7:b7:ed:64:dc:ec:47:d4:08:6b:4e:59:21:17:
2a:bc:7a:e3:d2:57:87:7e:81:d6:8e:e6:37:b1:93:
ba:71:f6:f9:ae:b0:2e:a8:31:9c:3c:df:fd:23:b7:
3c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:CB:C4:76:27:9E:E7:99:62:AD:23:29:3C:CC:60:04:05:7E:00:72
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/m8vEdiee55lirSMpPMxgBAV-AHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.10.0/24
146.19.207.0/24
176.126.103.0/24
178.250.186.0/24
217.114.43.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:98:33:7b:e8:93:e3:d8:fe:b7:fe:c7:fc:01:ac:95:94:d2:
d5:03:b6:dc:71:c1:09:12:94:d0:77:5b:0a:83:a4:e1:85:67:
83:60:81:f9:a9:b5:2c:60:ee:4e:7e:e9:ef:0b:99:1e:a1:7d:
3f:2d:5b:ef:92:04:55:7c:e4:dc:60:8e:61:af:5a:90:76:9c:
49:92:04:10:26:b3:40:d3:6d:6e:db:fe:db:ec:a5:da:09:b9:
d4:4d:c6:51:da:25:b1:3d:ed:c0:86:75:65:e8:8d:de:fc:5b:
9e:df:28:e6:fc:65:f0:8e:90:1d:0b:f0:4e:ea:fc:4a:e4:d7:
21:4b:af:a2:42:66:56:f8:62:30:36:05:8b:50:79:14:69:f7:
86:ab:a8:c0:f5:44:84:b9:79:c4:8d:77:f9:94:91:b2:1f:d9:
05:f8:58:ec:52:0e:c5:27:07:dc:da:2c:5d:49:0b:9e:f1:3f:
09:3f:c2:23:cf:b3:19:5c:bb:6c:2b:de:88:f7:ff:bd:ac:82:
d0:9a:e1:20:e3:33:88:ae:24:32:12:ee:23:9d:de:42:a8:2e:
a4:99:0b:9c:56:58:cf:fc:e7:1f:e9:b9:17:71:a4:76:ce:c0:
4f:8a:90:cf:2d:9e:ce:55:7d:ed:b9:fa:3a:ac:5c:67:08:03:
a3:5c:b7:8c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYywBS0+NUtFBjFkarxJL+H4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjMxMjI4MTA0MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmNiYzQ3NjI3OWVlNzk5NjJhZDIzMjkzY2NjNjAwNDA1N2UwMDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8vValLvz0VrtsKbtIrox1R1a7+U
0SUyjfhn4glLHbmLC+BBap+D7h3vxOZ5Ya2uPdXrWdUa6xvpDWLjjQafjwblV8ci
JsryHWNEhpiXvLxKYK+ObsNmNGi9nkwJAeqk/FGijXmVT/39XRWRz4R1xkhdHdsU
eUA6XMsJCTppQwDx7NE8HNwWF8BaYJ3hPcHcWaDKhnMYvq6/yNYkKLbsY7GeIL5j
D/W4CLrw0ntJoYx7nTS4TzHW8h5KSpvVDj+NDB8cVZYDz/6JacYvCyya1Qy517ft
ZNzsR9QIa05ZIRcqvHrj0leHfoHWjuY3sZO6cfb5rrAuqDGcPN/9I7c8AQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJvLxHYnnueZYq0jKTzMYAQFfgByMB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvbTh2RWRpZWU1NWxpclNNcFBNeGdCQVYtQUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWWsKAwQA
khPPAwQAsH5nAwQAsvq6AwQA2XIrMA0GCSqGSIb3DQEBCwUAA4IBAQBvmDN76JPj
2P63/sf8AayVlNLVA7bcccEJEpTQd1sKg6ThhWeDYIH5qbUsYO5OfunvC5keoX0/
LVvvkgRVfOTcYI5hr1qQdpxJkgQQJrNA021u2/7b7KXaCbnUTcZR2iWxPe3AhnVl
6I3e/Fue3yjm/GXwjpAdC/BO6vxK5NchS6+iQmZW+GIwNgWLUHkUafeGq6jA9USE
uXnEjXf5lJGyH9kF+FjsUg7FJwfc2ixdSQue8T8JP8Ijz7MZXLtsK96I9/+9rILQ
muEg4zOIriQyEu4jnd5CqC6kmQucVljP/Ocf6bkXcaR2zsBPipDPLZ7OVX3tufo6
rFxnCAOjXLeM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:33 2024 by rpki-client on console-fra.rpki-client.org