Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/8b1nHE8joicGkhacU08zqX4_EnM.roa
File: 8b1nHE8joicGkhacU08zqX4_EnM.roa (raw, json)
Hash identifier: AB1pxvm+duQq+LZxOJ+KejASTgFkj3/poxtG/aHICvk=
Subject key identifier: F1:BD:67:1C:4F:23:A2:27:06:92:16:9C:53:4F:33:A9:7E:3F:12:73
Certificate issuer: /CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Certificate serial: 01860C1DE9AE9CA44F21F88B9FE58576CC4E
Authority key identifier: DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/8b1nHE8joicGkhacU08zqX4_EnM.roa
Signing time: Wed 01 Feb 2023 08:35:32 +0000
ROA not before: Wed 01 Feb 2023 08:35:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205892
IP address blocks: 95.129.28.0/22 maxlen: 24
185.190.72.0/22 maxlen: 24
2a0a:540::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 30 Aug 2023 08:47:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0c:1d:e9:ae:9c:a4:4f:21:f8:8b:9f:e5:85:76:cc:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Validity
Not Before: Feb 1 08:35:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1bd671c4f23a2270692169c534f33a97e3f1273
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:74:81:0b:d9:ec:31:f4:85:51:e2:67:71:3b:
0e:10:41:95:76:66:c7:40:c1:9a:96:fc:4d:39:1b:
4d:a5:e6:0c:97:85:d0:72:38:b7:17:69:da:1b:5a:
20:fb:d1:c7:94:dc:3f:b2:a2:e7:59:b0:97:26:3a:
cc:31:6d:14:a6:0a:3d:20:42:74:c2:f8:48:65:e6:
d8:93:34:46:d6:3b:76:55:e7:c2:b7:d7:73:6c:f9:
29:71:ef:cf:fd:8c:d0:2d:f5:c1:03:52:ed:e2:70:
c6:61:70:67:02:a2:5b:9c:2f:ed:15:d6:cf:9f:eb:
de:e1:aa:73:70:c4:33:e6:0a:ed:4f:fb:b3:13:e1:
fd:1d:83:c0:91:bd:3a:52:da:9f:b5:bb:a3:89:b3:
e5:54:ae:a8:6f:39:92:60:43:1a:c4:79:a9:7b:34:
44:11:0b:61:1b:4a:c3:07:7a:8f:e7:b2:b0:86:54:
5b:0c:25:d1:2b:d8:0c:00:49:28:53:5c:aa:de:a8:
ae:fa:ab:f0:d5:e3:fb:ea:3d:3c:83:b5:b9:08:a1:
0e:21:98:7c:0c:0d:1f:7e:6b:30:5b:6c:ae:cc:86:
37:a6:01:f8:dd:55:d5:fa:a3:c0:ce:8b:ff:3a:4e:
97:e3:90:6d:5b:e8:7f:c7:9a:89:d8:7b:36:3d:d2:
a3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:BD:67:1C:4F:23:A2:27:06:92:16:9C:53:4F:33:A9:7E:3F:12:73
X509v3 Authority Key Identifier:
keyid:DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/8b1nHE8joicGkhacU08zqX4_EnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.129.28.0/22
185.190.72.0/22
IPv6:
2a0a:540::/29
Signature Algorithm: sha256WithRSAEncryption
43:9b:50:1d:73:74:65:d1:f8:5d:97:47:64:d1:b7:59:5b:b1:
45:c2:2d:f2:2c:0b:0a:75:22:f9:97:3c:55:46:3a:7b:ca:5b:
4f:a4:7c:fc:29:e9:de:52:6a:8e:04:2a:ab:1a:f5:1e:4b:fb:
76:c4:f5:93:bd:8a:83:22:02:6c:fd:c4:b0:fa:f6:43:e2:a7:
c6:e8:9a:48:48:3e:ee:71:ca:c4:af:78:0e:ef:50:02:27:44:
f2:08:bf:2b:f6:8f:f9:b9:36:52:07:34:b4:2b:af:ee:c6:b8:
87:a5:ec:b5:a7:8e:f0:db:bb:4d:dd:cd:5e:0e:b6:94:14:20:
01:bb:af:67:26:79:8f:0b:17:97:11:6a:cf:a7:cd:1b:54:7f:
b0:7f:1e:9b:ca:94:34:3e:d9:d2:5d:d9:2c:1a:71:7c:9e:47:
59:b1:64:59:68:9f:c5:ae:f7:4a:09:0b:91:f4:66:96:e2:54:
66:54:6c:71:9c:07:be:90:cd:39:8a:08:43:5b:36:71:40:0d:
04:04:60:93:9e:52:68:27:31:55:5f:7b:c3:f3:ae:3e:70:7e:
00:0d:cf:8f:a2:1a:93:c1:89:18:09:4a:25:fe:6d:b9:19:05:
cd:61:dd:cc:42:4e:da:6a:22:3e:36:1d:2b:9b:1a:79:f9:38:
3a:8b:67:24
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYYMHemunKRPIfiLn+WFdsxOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMjRmMzU3MjFjYTMxYTgzZTJmNmU5MzdlMTc0MDhlNmU3
YjJjNjEwHhcNMjMwMjAxMDgzNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWJkNjcxYzRmMjNhMjI3MDY5MjE2OWM1MzRmMzNhOTdlM2YxMjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHSBC9nsMfSFUeJncTsOEEGVdmbH
QMGalvxNORtNpeYMl4XQcji3F2naG1og+9HHlNw/sqLnWbCXJjrMMW0Upgo9IEJ0
wvhIZebYkzRG1jt2VefCt9dzbPkpce/P/YzQLfXBA1Lt4nDGYXBnAqJbnC/tFdbP
n+ve4apzcMQz5grtT/uzE+H9HYPAkb06UtqftbujibPlVK6obzmSYEMaxHmpezRE
EQthG0rDB3qP57KwhlRbDCXRK9gMAEkoU1yq3qiu+qvw1eP76j08g7W5CKEOIZh8
DA0ffmswW2yuzIY3pgH43VXV+qPAzov/Ok6X45BtW+h/x5qJ2Hs2PdKjWwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPG9ZxxPI6InBpIWnFNPM6l+PxJzMB8GA1UdIwQY
MBaAFNok81chyjGoPi9uk34XQI5ueyxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQt
ODBmMzFkM2VhMTUyLzEvOGIxbkhFOGpvaWNHa2hhY1UwOHpxWDRfRW5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQtODBmMzFkM2VhMTUy
LzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCX4EcAwQC
ub5IMA0EAgACMAcDBQMqCgVAMA0GCSqGSIb3DQEBCwUAA4IBAQBDm1Adc3Rl0fhd
l0dk0bdZW7FFwi3yLAsKdSL5lzxVRjp7yltPpHz8KeneUmqOBCqrGvUeS/t2xPWT
vYqDIgJs/cSw+vZD4qfG6JpISD7uccrEr3gO71ACJ0TyCL8r9o/5uTZSBzS0K6/u
xriHpey1p47w27tN3c1eDraUFCABu69nJnmPCxeXEWrPp80bVH+wfx6bypQ0PtnS
XdksGnF8nkdZsWRZaJ/FrvdKCQuR9GaW4lRmVGxxnAe+kM05ighDWzZxQA0EBGCT
nlJoJzFVX3vD864+cH4ADc+PohqTwYkYCUol/m25GQXNYd3MQk7aaiI+Nh0rmxp5
+Tg6i2ck
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:00 2024 by rpki-client on console-ams.rpki-client.org