Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0p8kASctjTFIo2XUS22BnAq6le0.roa
File: 0p8kASctjTFIo2XUS22BnAq6le0.roa (raw, json)
Hash identifier: rkNQ1PekIVfSd+nNyuDlcJ6BLV8rcWFTQKPjFbOH7Qc=
Subject key identifier: D2:9F:24:01:27:2D:8D:31:48:A3:65:D4:4B:6D:81:9C:0A:BA:95:ED
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01864EB5ED5630F644943BD1855126E9B541
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0p8kASctjTFIo2XUS22BnAq6le0.roa
Signing time: Tue 14 Feb 2023 06:56:30 +0000
ROA not before: Tue 14 Feb 2023 06:56:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399587
IP address blocks: 193.8.186.0/24 maxlen: 24
193.8.184.0/24 maxlen: 24
193.8.185.0/24 maxlen: 24
193.8.187.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4e:b5:ed:56:30:f6:44:94:3b:d1:85:51:26:e9:b5:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 14 06:56:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d29f2401272d8d3148a365d44b6d819c0aba95ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8f:a2:1e:ca:c9:3b:9b:aa:1a:63:10:04:28:
7a:33:72:bb:4b:89:fe:f6:00:32:92:96:24:d8:a6:
5b:f8:cc:cc:64:78:f2:56:cb:92:14:2e:88:36:4b:
f1:c8:56:3b:cd:65:8d:3f:a9:46:ec:64:19:9e:6a:
58:0c:e7:03:7f:58:0b:48:7c:dd:c4:a6:86:c7:b5:
37:04:05:82:d6:18:11:34:c0:81:c7:e0:22:c6:73:
ee:6e:3e:5b:03:23:09:08:fd:39:a3:7e:08:c8:fc:
03:61:c6:1b:b4:68:eb:ca:98:25:f4:56:3a:5a:2c:
1a:db:59:0a:e3:5d:8c:f3:d3:5b:de:2f:ab:be:88:
a3:81:12:3d:2d:bf:ca:2a:94:15:22:5a:a0:c9:53:
dd:39:2b:55:dc:1b:fc:53:92:6f:14:5e:8f:ff:bf:
98:94:51:59:2f:f9:fb:b5:40:42:b0:cb:9b:94:8e:
eb:51:76:88:b3:99:f1:a4:2a:8d:8a:c0:29:2e:86:
ab:85:13:06:6e:07:ff:88:54:61:6f:ff:a3:2b:c9:
cf:ed:01:fa:65:1f:31:80:f8:84:de:12:b5:29:1b:
38:7a:4e:cb:59:43:6c:06:8e:f8:78:d1:5e:af:87:
e2:2d:6f:e1:1b:52:73:f2:3b:46:27:99:08:6f:e6:
a2:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:9F:24:01:27:2D:8D:31:48:A3:65:D4:4B:6D:81:9C:0A:BA:95:ED
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0p8kASctjTFIo2XUS22BnAq6le0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.88.0/24
193.8.184.0/22
Signature Algorithm: sha256WithRSAEncryption
45:11:d6:97:e6:4e:cd:11:8c:74:31:99:f7:27:99:0d:a8:fe:
bc:d2:df:1b:f5:b7:26:c1:56:0f:f6:a5:89:21:54:dc:60:c4:
9b:ae:72:43:1d:5e:23:51:3d:23:8c:c1:6a:33:f4:cf:d8:a4:
ee:f5:9f:de:5f:fc:82:17:e5:fa:7a:a5:ca:47:de:49:37:a9:
47:18:95:c8:b4:45:63:d9:74:6b:2c:d5:1f:3c:8e:53:fa:71:
db:64:14:75:36:36:26:a2:00:87:46:1b:ec:7b:96:9a:4b:b1:
1e:b4:8a:2a:00:bc:a3:69:bb:44:e8:f9:d1:50:f5:50:32:75:
0e:5d:7e:78:ec:dc:aa:33:6d:1a:50:ec:6f:bf:80:62:f6:df:
dd:bd:1a:a2:b8:53:3b:80:21:ed:ce:b6:1c:ca:cf:f5:e8:70:
db:b8:1e:31:dd:28:52:79:47:d6:01:ea:25:c7:f4:41:a5:2f:
89:76:14:da:f1:14:cb:8d:1d:44:21:d6:b6:6f:54:e3:4e:c5:
cf:12:48:3a:f5:ce:55:f4:15:ca:d3:19:eb:f2:a3:ca:b4:2a:
dc:92:60:da:60:13:a3:91:ae:1b:20:c2:27:da:f0:86:49:b5:
3d:f8:fa:de:1a:19:b4:12:04:74:ab:10:91:1d:7b:77:78:2e:
b2:e0:81:e1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZOte1WMPZElDvRhVEm6bVBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMjE0MDY1NjMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjlmMjQwMTI3MmQ4ZDMxNDhhMzY1ZDQ0YjZkODE5YzBhYmE5NWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo+iHsrJO5uqGmMQBCh6M3K7S4n+
9gAykpYk2KZb+MzMZHjyVsuSFC6INkvxyFY7zWWNP6lG7GQZnmpYDOcDf1gLSHzd
xKaGx7U3BAWC1hgRNMCBx+AixnPubj5bAyMJCP05o34IyPwDYcYbtGjrypgl9FY6
Wiwa21kK412M89Nb3i+rvoijgRI9Lb/KKpQVIlqgyVPdOStV3Bv8U5JvFF6P/7+Y
lFFZL/n7tUBCsMublI7rUXaIs5nxpCqNisApLoarhRMGbgf/iFRhb/+jK8nP7QH6
ZR8xgPiE3hK1KRs4ek7LWUNsBo74eNFer4fiLW/hG1Jz8jtGJ5kIb+aieQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNKfJAEnLY0xSKNl1EttgZwKupXtMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMHA4a0FTY3RqVEZJbzJYVVMyMkJuQXE2bGUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVhYAwQC
wQi4MA0GCSqGSIb3DQEBCwUAA4IBAQBFEdaX5k7NEYx0MZn3J5kNqP680t8b9bcm
wVYP9qWJIVTcYMSbrnJDHV4jUT0jjMFqM/TP2KTu9Z/eX/yCF+X6eqXKR95JN6lH
GJXItEVj2XRrLNUfPI5T+nHbZBR1NjYmogCHRhvse5aaS7EetIoqALyjabtE6PnR
UPVQMnUOXX547NyqM20aUOxvv4Bi9t/dvRqiuFM7gCHtzrYcys/16HDbuB4x3ShS
eUfWAeolx/RBpS+JdhTa8RTLjR1EIda2b1TjTsXPEkg69c5V9BXK0xnr8qPKtCrc
kmDaYBOjka4bIMIn2vCGSbU9+PreGhm0EgR0qxCRHXt3eC6y4IHh
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:30 2023 by rpki-client on console-ams.rpki-client.org