Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/8d8eHo5BMO1USXAr-SH57vuIduU.roa
File: 8d8eHo5BMO1USXAr-SH57vuIduU.roa (raw, json)
Hash identifier: 0On0apJAMiqgJP0clZj7ZtZUC5pFgjZMyuCzE/g5qpg=
Subject key identifier: F1:DF:1E:1E:8E:41:30:ED:54:49:70:2B:F9:21:F9:EE:FB:88:76:E5
Certificate issuer: /CN=7ee5c0f95ab7be8b85f711fa433665c14e6e9359
Certificate serial: 0185708CCC1DC8F76965CB1D7AAE6347A6B3
Authority key identifier: 7E:E5:C0:F9:5A:B7:BE:8B:85:F7:11:FA:43:36:65:C1:4E:6E:93:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fuXA-Vq3vouF9xH6QzZlwU5uk1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/8d8eHo5BMO1USXAr-SH57vuIduU.roa
Signing time: Mon 02 Jan 2023 03:35:53 +0000
ROA not before: Mon 02 Jan 2023 03:35:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64433
IP address blocks: 185.117.29.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:cc:1d:c8:f7:69:65:cb:1d:7a:ae:63:47:a6:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ee5c0f95ab7be8b85f711fa433665c14e6e9359
Validity
Not Before: Jan 2 03:35:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1df1e1e8e4130ed5449702bf921f9eefb8876e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:2f:bc:ef:90:23:63:c2:8d:4e:28:3a:9b:c4:
84:91:5d:9b:42:83:ef:84:9e:2e:75:c7:27:03:90:
72:68:9e:7b:80:d2:63:d2:9e:34:cd:1e:5d:a3:14:
f6:bb:d4:fe:59:00:f4:b6:03:24:a3:60:ea:43:29:
81:ca:17:15:00:32:c6:29:a8:3e:52:8c:6f:df:eb:
24:c4:05:ce:34:3a:e6:84:cd:6d:ac:d9:24:cb:03:
e3:ea:bb:db:3d:c6:05:11:e3:9b:fb:87:a4:92:c4:
64:b9:d3:4f:bd:a2:78:37:cf:2a:92:45:df:76:6f:
6e:68:bf:1f:d0:bc:54:24:66:85:b5:21:f6:cb:97:
29:64:60:a1:da:92:17:78:40:25:a6:13:85:ff:ca:
a8:28:50:80:a6:55:62:38:26:74:21:47:3c:32:37:
de:78:8d:87:e2:ca:8c:7c:b0:d7:48:6c:3f:7f:7a:
69:86:6b:31:6d:8a:54:f8:af:31:99:1b:a9:8c:36:
b0:e2:85:50:5e:9d:0e:3e:ec:f8:b3:d6:21:51:d4:
7c:ea:57:f0:01:84:57:b7:0c:ae:ee:a2:96:4a:78:
07:c5:ff:9a:00:06:ca:54:1d:b4:db:a8:e0:13:75:
f1:80:51:ba:0e:1b:75:71:78:bd:a2:c4:0b:58:24:
db:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:DF:1E:1E:8E:41:30:ED:54:49:70:2B:F9:21:F9:EE:FB:88:76:E5
X509v3 Authority Key Identifier:
keyid:7E:E5:C0:F9:5A:B7:BE:8B:85:F7:11:FA:43:36:65:C1:4E:6E:93:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fuXA-Vq3vouF9xH6QzZlwU5uk1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/8d8eHo5BMO1USXAr-SH57vuIduU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/fuXA-Vq3vouF9xH6QzZlwU5uk1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.29.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:b9:78:d6:e2:77:50:e9:2e:1e:4a:5e:31:94:4a:91:53:d7:
2e:75:c9:ae:27:3d:31:5b:dc:ac:eb:ef:f5:74:45:9a:e7:87:
08:06:48:88:53:45:d1:41:1b:8d:a2:e1:03:0d:ac:9b:57:0b:
28:8c:b5:45:35:11:11:b9:31:f9:3e:1c:61:a4:6d:14:a5:94:
f1:eb:cc:f0:d3:42:30:bb:30:79:8f:19:5b:29:12:7d:2f:fa:
e1:1e:37:54:f1:9e:73:d4:20:a1:38:29:e9:14:f1:aa:a8:ff:
52:91:9b:50:24:c1:b8:c1:9e:a6:6e:6f:a4:74:e1:62:6a:75:
a5:25:36:b0:94:c4:44:a1:89:ca:97:e0:25:d9:4f:2a:33:40:
4e:90:16:5e:85:1b:b2:69:71:a4:77:5e:86:02:4a:76:03:3b:
02:a5:09:be:1a:6e:5d:8c:f7:82:7e:fd:da:3a:27:50:50:07:
ba:f0:f6:43:8a:21:58:1a:9b:e6:70:c2:d1:7b:10:38:a0:ca:
2e:49:08:0b:f6:36:89:bb:6a:9c:d5:20:59:d5:58:bd:9f:61:
e0:e5:aa:ba:d3:35:cc:b2:56:1e:4b:5a:fc:e7:d7:e1:28:dc:
39:2a:d2:7f:a4:63:b2:fa:e2:bf:1b:05:f8:31:2c:63:78:10:
46:09:8f:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjMwdyPdpZcsdeq5jR6azMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlZTVjMGY5NWFiN2JlOGI4NWY3MTFmYTQzMzY2NWMxNGU2
ZTkzNTkwHhcNMjMwMTAyMDMzNTUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWRmMWUxZThlNDEzMGVkNTQ0OTcwMmJmOTIxZjllZWZiODg3NmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4S+875AjY8KNTig6m8SEkV2bQoPv
hJ4udccnA5ByaJ57gNJj0p40zR5doxT2u9T+WQD0tgMko2DqQymByhcVADLGKag+
Uoxv3+skxAXONDrmhM1trNkkywPj6rvbPcYFEeOb+4ekksRkudNPvaJ4N88qkkXf
dm9uaL8f0LxUJGaFtSH2y5cpZGCh2pIXeEAlphOF/8qoKFCAplViOCZ0IUc8Mjfe
eI2H4sqMfLDXSGw/f3pphmsxbYpU+K8xmRupjDaw4oVQXp0OPuz4s9YhUdR86lfw
AYRXtwyu7qKWSngHxf+aAAbKVB2026jgE3XxgFG6Dht1cXi9osQLWCTbiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPHfHh6OQTDtVElwK/kh+e77iHblMB8GA1UdIwQY
MBaAFH7lwPlat76LhfcR+kM2ZcFObpNZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnVYQS1WcTN2b3VGOXhINlF6Wmx3VTV1azFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hODM4ODYtOGI0YS00YjIzLWI0YWEt
OTAxOTRiZDY4NDI4LzEvOGQ4ZUhvNUJNTzFVU1hBci1TSDU3dnVJZHVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hODM4ODYtOGI0YS00YjIzLWI0YWEtOTAxOTRiZDY4NDI4
LzEvZnVYQS1WcTN2b3VGOXhINlF6Wmx3VTV1azFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXUdMA0G
CSqGSIb3DQEBCwUAA4IBAQA/uXjW4ndQ6S4eSl4xlEqRU9cudcmuJz0xW9ys6+/1
dEWa54cIBkiIU0XRQRuNouEDDaybVwsojLVFNRERuTH5PhxhpG0UpZTx68zw00Iw
uzB5jxlbKRJ9L/rhHjdU8Z5z1CChOCnpFPGqqP9SkZtQJMG4wZ6mbm+kdOFianWl
JTawlMREoYnKl+Al2U8qM0BOkBZehRuyaXGkd16GAkp2AzsCpQm+Gm5djPeCfv3a
OidQUAe68PZDiiFYGpvmcMLRexA4oMouSQgL9jaJu2qc1SBZ1Vi9n2Hg5aq60zXM
slYeS1r859fhKNw5KtJ/pGOy+uK/GwX4MSxjeBBGCY+5
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:36:58 2024 by rpki-client on console-fra.rpki-client.org