Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/8umVQa4I3JVbDjQfFzs1Y7wV3Nk.roa
File: 8umVQa4I3JVbDjQfFzs1Y7wV3Nk.roa (raw, json)
Hash identifier: Q+BkaoXs8jVjDkA/JXdpJyKq5F0ItSk5PSvrHMnFwpU=
Subject key identifier: F2:E9:95:41:AE:08:DC:95:5B:0E:34:1F:17:3B:35:63:BC:15:DC:D9
Certificate issuer: /CN=4a9c5e56aacd01ffb2825a931ed5ede41c3f92e6
Certificate serial: 01899C0AE6AF2040A35A70A67C46FA850457
Authority key identifier: 4A:9C:5E:56:AA:CD:01:FF:B2:82:5A:93:1E:D5:ED:E4:1C:3F:92:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SpxeVqrNAf-yglqTHtXt5Bw_kuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/8umVQa4I3JVbDjQfFzs1Y7wV3Nk.roa
Signing time: Fri 28 Jul 2023 10:28:27 +0000
ROA not before: Fri 28 Jul 2023 10:28:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56867
IP address blocks: 185.112.24.0/22 maxlen: 22
188.94.216.0/21 maxlen: 21
2a01:6f80::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9c:0a:e6:af:20:40:a3:5a:70:a6:7c:46:fa:85:04:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a9c5e56aacd01ffb2825a931ed5ede41c3f92e6
Validity
Not Before: Jul 28 10:28:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2e99541ae08dc955b0e341f173b3563bc15dcd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ba:e1:8d:ab:b6:d6:6b:76:b1:b1:5c:55:a0:
46:d6:fb:68:b1:6a:67:70:dc:39:bb:5c:0a:9e:87:
23:28:d2:f8:60:4f:5f:20:0a:e2:16:0b:4d:0e:4c:
ac:3c:d8:68:83:7f:d7:75:c1:d6:56:e2:93:57:09:
a6:22:8e:fc:51:c6:7e:88:91:33:7a:95:9a:68:e9:
d6:63:f3:61:78:e2:d2:f9:7a:1a:6d:7a:f9:8f:f8:
c2:e3:73:20:c7:e5:f3:f8:bc:19:52:23:58:2b:b1:
5f:a4:f5:39:fd:fe:30:dd:31:ca:91:1c:68:4b:61:
ba:57:5e:25:55:0e:98:85:93:6c:eb:af:b3:27:a1:
c3:cd:da:2d:83:91:bd:0c:2e:0d:d6:97:b0:42:3f:
a0:28:8d:fb:46:a3:23:96:67:af:0c:f6:c3:7b:44:
aa:ca:7f:6b:ab:6b:d3:6d:63:0e:43:3c:80:bc:0a:
41:70:c9:02:72:fa:46:30:9f:36:6e:82:47:6c:d4:
7b:b9:6d:ff:fb:a8:36:8e:13:73:5e:00:11:45:cc:
53:45:84:2c:0b:81:14:f6:3b:f3:fe:a0:27:83:68:
71:4a:26:54:3e:ad:d5:42:c5:ea:76:23:f7:13:7a:
97:18:05:c2:00:81:d3:c5:c2:73:0c:6f:1f:93:22:
94:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:E9:95:41:AE:08:DC:95:5B:0E:34:1F:17:3B:35:63:BC:15:DC:D9
X509v3 Authority Key Identifier:
keyid:4A:9C:5E:56:AA:CD:01:FF:B2:82:5A:93:1E:D5:ED:E4:1C:3F:92:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SpxeVqrNAf-yglqTHtXt5Bw_kuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/8umVQa4I3JVbDjQfFzs1Y7wV3Nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/SpxeVqrNAf-yglqTHtXt5Bw_kuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.24.0/22
188.94.216.0/21
IPv6:
2a01:6f80::/32
Signature Algorithm: sha256WithRSAEncryption
5f:cd:e0:ba:d3:3c:bc:bb:45:d8:4a:08:10:9f:f0:4a:55:30:
e7:26:dc:07:22:d0:89:92:98:36:f4:90:64:69:e3:78:15:2c:
2c:82:1b:e4:f3:fe:66:f0:46:1a:80:85:9f:b7:4d:ec:2a:12:
59:83:c9:bb:ea:1f:7e:3a:d1:c2:4c:23:4d:e9:1e:65:ae:f3:
10:27:3e:a9:84:8e:59:26:cd:36:13:61:f1:5f:f7:54:0a:1d:
16:dd:57:95:cb:fd:17:f2:b6:d0:a1:1c:19:43:9b:e6:bb:a2:
10:8a:de:a8:09:cb:91:1e:50:43:6a:82:b1:85:e8:6b:12:3f:
c9:3a:bd:21:b9:48:66:f1:f1:5b:f5:d5:f3:47:ff:0d:ff:32:
df:52:04:2e:7b:23:7d:76:14:16:d9:15:27:b7:9b:52:d5:56:
f1:e8:25:1b:eb:d4:fe:64:5b:47:a1:2a:c4:02:d3:72:72:54:
d3:db:c9:70:a6:59:16:ae:33:f1:5e:cf:c9:c1:e4:93:90:14:
68:9a:8c:c9:3f:0f:eb:c4:49:d9:28:0a:ed:a1:0a:0a:f3:9f:
21:5f:8c:21:3e:57:0b:29:5c:2c:97:9f:31:7d:ea:95:25:0a:
51:ce:00:27:88:53:2a:2d:81:80:21:a8:dc:fe:d2:af:4a:d3:
a1:dd:0a:fb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYmcCuavIECjWnCmfEb6hQRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOWM1ZTU2YWFjZDAxZmZiMjgyNWE5MzFlZDVlZGU0MWMz
ZjkyZTYwHhcNMjMwNzI4MTAyODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmU5OTU0MWFlMDhkYzk1NWIwZTM0MWYxNzNiMzU2M2JjMTVkY2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLrhjau21mt2sbFcVaBG1vtosWpn
cNw5u1wKnocjKNL4YE9fIAriFgtNDkysPNhog3/XdcHWVuKTVwmmIo78UcZ+iJEz
epWaaOnWY/NheOLS+XoabXr5j/jC43Mgx+Xz+LwZUiNYK7FfpPU5/f4w3THKkRxo
S2G6V14lVQ6YhZNs66+zJ6HDzdotg5G9DC4N1pewQj+gKI37RqMjlmevDPbDe0Sq
yn9rq2vTbWMOQzyAvApBcMkCcvpGMJ82boJHbNR7uW3/+6g2jhNzXgARRcxTRYQs
C4EU9jvz/qAng2hxSiZUPq3VQsXqdiP3E3qXGAXCAIHTxcJzDG8fkyKU6wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPLplUGuCNyVWw40Hxc7NWO8FdzZMB8GA1UdIwQY
MBaAFEqcXlaqzQH/soJakx7V7eQcP5LmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3B4ZVZxck5BZi15Z2xxVEh0WHQ1Qndfa3VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jMDEwZGMtMDkxMC00MzQxLThiMzMt
MmU2OTRiMzM5OTMzLzEvOHVtVlFhNEkzSlZiRGpRZkZ6czFZN3dWM05rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jMDEwZGMtMDkxMC00MzQxLThiMzMtMmU2OTRiMzM5OTMz
LzEvU3B4ZVZxck5BZi15Z2xxVEh0WHQ1Qndfa3VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuXAYAwQD
vF7YMA0EAgACMAcDBQAqAW+AMA0GCSqGSIb3DQEBCwUAA4IBAQBfzeC60zy8u0XY
SggQn/BKVTDnJtwHItCJkpg29JBkaeN4FSwsghvk8/5m8EYagIWft03sKhJZg8m7
6h9+OtHCTCNN6R5lrvMQJz6phI5ZJs02E2HxX/dUCh0W3VeVy/0X8rbQoRwZQ5vm
u6IQit6oCcuRHlBDaoKxhehrEj/JOr0huUhm8fFb9dXzR/8N/zLfUgQueyN9dhQW
2RUnt5tS1Vbx6CUb69T+ZFtHoSrEAtNyclTT28lwplkWrjPxXs/JweSTkBRomozJ
Pw/rxEnZKArtoQoK858hX4whPlcLKVwsl58xfeqVJQpRzgAniFMqLYGAIajc/tKv
StOh3Qr7
-----END CERTIFICATE-----
Generated at Wed Dec 20 14:16:20 2023 by rpki-client on console-fra.rpki-client.org