Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/8lWfjUftQCOT55tGrGYDz5yx5Vk.roa
File: 8lWfjUftQCOT55tGrGYDz5yx5Vk.roa (raw, json)
Hash identifier: lrTo628KQh7K3SmzoJFLVSRLI+vO0/vRAEH8GiWuubs=
Subject key identifier: F2:55:9F:8D:47:ED:40:23:93:E7:9B:46:AC:66:03:CF:9C:B1:E5:59
Certificate issuer: /CN=f6af433974df373b70abd76b13e1c70c775f554b
Certificate serial: 0189B25CD9128D3045E05A4B7B596A28F36E
Authority key identifier: F6:AF:43:39:74:DF:37:3B:70:AB:D7:6B:13:E1:C7:0C:77:5F:55:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9q9DOXTfNztwq9drE-HHDHdfVUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/8lWfjUftQCOT55tGrGYDz5yx5Vk.roa
Signing time: Tue 01 Aug 2023 18:29:36 +0000
ROA not before: Tue 01 Aug 2023 18:29:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 193.187.255.0/24 maxlen: 24
2a12:3e80:401::/48 maxlen: 48
2a12:3e80:402::/48 maxlen: 48
2a12:3e80:500::/40 maxlen: 40
2a12:3e80:300::/40 maxlen: 40
2a12:3e80:200::/40 maxlen: 40
2a12:3e80::/40 maxlen: 40
Validation: Failed, certificate revoked on Fri 27 Oct 2023 11:10:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b2:5c:d9:12:8d:30:45:e0:5a:4b:7b:59:6a:28:f3:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6af433974df373b70abd76b13e1c70c775f554b
Validity
Not Before: Aug 1 18:29:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2559f8d47ed402393e79b46ac6603cf9cb1e559
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:44:34:40:73:91:92:ca:0a:fd:36:de:b8:06:
15:9f:84:73:6d:b1:42:71:80:55:dd:28:3e:93:fd:
c0:95:57:9a:32:5d:f6:9d:a3:42:2d:ee:6c:13:b3:
70:3f:59:46:b4:ad:27:d1:34:d0:4f:d2:c3:ac:88:
7d:1a:ad:3a:b4:99:7f:e5:af:d3:52:70:42:6b:64:
d9:37:91:88:ea:b2:bf:ab:2e:e8:12:67:41:27:a5:
7c:33:e5:5c:41:bf:e0:d9:cb:16:8a:d9:f6:27:85:
c3:be:ac:3b:6f:df:d6:63:5f:c7:27:2e:96:da:87:
51:25:d4:ad:0d:a4:c9:93:f8:05:7f:e8:89:ad:c1:
ec:50:0e:b6:8f:6c:bf:3a:a6:7b:4c:06:fd:0e:5e:
b5:0a:26:e9:50:9f:7a:e4:36:55:58:09:e9:37:13:
b7:f3:89:9e:cf:60:72:2e:b4:92:35:75:41:78:56:
45:8c:a5:0a:85:a3:08:aa:2a:07:4c:86:57:7f:58:
89:6b:a0:f2:e7:42:8f:b4:84:16:d2:2b:63:e2:2c:
eb:1a:c5:7d:f7:b7:7c:b4:36:ca:bd:da:8d:f2:d6:
35:ea:4e:53:7e:01:0a:bb:c1:41:61:4b:b0:5d:49:
fe:62:40:d6:2f:6a:54:56:73:1d:cd:75:50:21:b5:
58:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:55:9F:8D:47:ED:40:23:93:E7:9B:46:AC:66:03:CF:9C:B1:E5:59
X509v3 Authority Key Identifier:
keyid:F6:AF:43:39:74:DF:37:3B:70:AB:D7:6B:13:E1:C7:0C:77:5F:55:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9q9DOXTfNztwq9drE-HHDHdfVUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/8lWfjUftQCOT55tGrGYDz5yx5Vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/9q9DOXTfNztwq9drE-HHDHdfVUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.187.255.0/24
IPv6:
2a12:3e80::/40
2a12:3e80:200::/39
2a12:3e80:401::-2a12:3e80:402:ffff:ffff:ffff:ffff:ffff
2a12:3e80:500::/40
Signature Algorithm: sha256WithRSAEncryption
7e:39:c0:e7:ca:fb:65:fd:5f:11:ef:a7:86:c4:13:49:57:9b:
b5:84:13:d6:4d:4d:c8:fe:11:05:dd:a8:b2:a0:6d:e7:f4:56:
b4:2c:3f:67:a5:33:e1:c7:8d:2d:fa:7b:83:4f:80:ed:63:cb:
95:12:35:d4:9e:2e:81:5f:9e:ed:69:ce:d5:0c:9d:6d:bd:20:
66:8f:50:73:0b:db:c7:dd:79:47:11:c4:2c:80:62:f3:3f:2f:
99:ed:90:ab:c4:29:2d:0a:82:4b:6c:33:3d:30:12:f5:c7:87:
5f:b0:75:85:84:76:7c:fd:45:e1:d4:50:92:f2:fd:c6:66:bb:
ac:11:27:06:3c:2d:57:70:e6:c1:e9:b2:ab:6e:ba:46:ef:f2:
73:0c:21:9c:c6:a1:5b:2c:a8:38:76:c6:69:c0:0c:12:93:a2:
3c:1f:1e:5c:81:89:2f:76:64:78:81:24:b9:3f:36:04:bf:cb:
37:b1:2a:f4:00:81:22:16:c8:6f:c4:ec:a6:91:14:b9:b4:47:
4a:d2:51:95:8f:c0:9e:ae:f1:31:16:22:25:26:2f:69:36:94:
5a:54:66:7a:9e:ea:44:bd:66:dc:51:d1:bf:1e:f9:81:ab:ca:
b3:3b:bd:62:0a:6c:1c:be:53:7d:9e:d0:ee:41:71:43:6a:16:
da:97:ed:67
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYmyXNkSjTBF4FpLe1lqKPNuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YWY0MzM5NzRkZjM3M2I3MGFiZDc2YjEzZTFjNzBjNzc1
ZjU1NGIwHhcNMjMwODAxMTgyOTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjU1OWY4ZDQ3ZWQ0MDIzOTNlNzliNDZhYzY2MDNjZjljYjFlNTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkQ0QHORksoK/TbeuAYVn4RzbbFC
cYBV3Sg+k/3AlVeaMl32naNCLe5sE7NwP1lGtK0n0TTQT9LDrIh9Gq06tJl/5a/T
UnBCa2TZN5GI6rK/qy7oEmdBJ6V8M+VcQb/g2csWitn2J4XDvqw7b9/WY1/HJy6W
2odRJdStDaTJk/gFf+iJrcHsUA62j2y/OqZ7TAb9Dl61CibpUJ965DZVWAnpNxO3
84mez2ByLrSSNXVBeFZFjKUKhaMIqioHTIZXf1iJa6Dy50KPtIQW0itj4izrGsV9
97d8tDbKvdqN8tY16k5TfgEKu8FBYUuwXUn+YkDWL2pUVnMdzXVQIbVY3wIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFPJVn41H7UAjk+ebRqxmA8+cseVZMB8GA1UdIwQY
MBaAFPavQzl03zc7cKvXaxPhxwx3X1VLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXE5RE9YVGZOenR3cTlkckUtSEhESGRmVlVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9mOWNhZjAtMmMyZS00ODk3LThhM2It
YTI2YmM2NTNiMDZiLzEvOGxXZmpVZnRRQ09UNTV0R3JHWUR6NXl4NVZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9mOWNhZjAtMmMyZS00ODk3LThhM2ItYTI2YmM2NTNiMDZi
LzEvOXE5RE9YVGZOenR3cTlkckUtSEhESGRmVlVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAMBAIAATAGAwQAwbv/MDIE
AgACMCwDBgAqEj6AAAMGASoSPoACMBIDBwAqEj6ABAEDBwAqEj6ABAIDBgAqEj6A
BTANBgkqhkiG9w0BAQsFAAOCAQEAfjnA58r7Zf1fEe+nhsQTSVebtYQT1k1NyP4R
Bd2osqBt5/RWtCw/Z6Uz4ceNLfp7g0+A7WPLlRI11J4ugV+e7WnO1Qydbb0gZo9Q
cwvbx915RxHELIBi8z8vme2Qq8QpLQqCS2wzPTAS9ceHX7B1hYR2fP1F4dRQkvL9
xma7rBEnBjwtV3Dmwemyq266Ru/ycwwhnMahWyyoOHbGacAMEpOiPB8eXIGJL3Zk
eIEkuT82BL/LN7Eq9ACBIhbIb8TsppEUubRHStJRlY/Anq7xMRYiJSYvaTaUWlRm
ep7qRL1m3FHRvx75gavKszu9YgpsHL5TfZ7Q7kFxQ2oW2pftZw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:18 2024 by rpki-client on console-ams.rpki-client.org