Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/8fP8cJoKJYUsgqRpRpvIqSu6plU.roa
File: 8fP8cJoKJYUsgqRpRpvIqSu6plU.roa (raw, json)
Hash identifier: 9V93e9B+lYHtAu+oj2WTDPY4AWYqZvD3nxk35l0fg/c=
Subject key identifier: F1:F3:FC:70:9A:0A:25:85:2C:82:A4:69:46:9B:C8:A9:2B:BA:A6:55
Certificate issuer: /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial: 0189681769624BC01DDD6BBA4B3921F901D8
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/8fP8cJoKJYUsgqRpRpvIqSu6plU.roa
Signing time: Tue 18 Jul 2023 08:21:52 +0000
ROA not before: Tue 18 Jul 2023 08:21:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.31.232.0/24 maxlen: 24
81.31.242.0/23 maxlen: 23
81.31.244.0/22 maxlen: 24
185.84.160.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 04 Aug 2023 16:05:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:68:17:69:62:4b:c0:1d:dd:6b:ba:4b:39:21:f9:01:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
Validity
Not Before: Jul 18 08:21:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1f3fc709a0a25852c82a469469bc8a92bbaa655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:09:e2:ce:36:ca:1a:c9:ad:fa:4f:cd:e7:15:
3c:88:e9:df:86:08:7c:ca:78:bd:0e:5e:e7:6a:3b:
4b:ca:3d:1f:9f:e6:a7:9b:b4:eb:4c:ec:78:24:8f:
62:1a:e2:d9:5f:91:1d:1c:f1:94:28:3a:62:c8:7a:
ad:05:60:79:26:91:90:c1:60:0b:c3:3b:2a:3d:12:
d3:bc:c2:67:a0:5c:54:81:5b:57:24:9d:03:84:81:
53:73:46:df:ce:25:9f:80:33:ae:58:dd:79:1c:c2:
3b:3d:d0:dd:4d:a5:bc:55:66:6c:12:ce:23:b4:d2:
72:f5:72:b5:bd:49:d8:55:f3:ef:85:23:2c:a4:5e:
49:2b:ed:85:b8:50:ec:a6:28:0d:88:43:2f:04:78:
10:60:b4:bd:b4:07:27:d4:fe:1c:67:eb:f2:89:6f:
77:4b:b9:8e:65:19:24:04:a8:3b:79:32:71:27:6b:
59:04:e5:59:f3:1a:4a:9f:b0:ea:b3:70:1e:2d:ff:
15:f5:c0:d0:98:a8:87:74:62:36:d8:45:8e:d4:ac:
34:e6:3f:b5:91:25:90:51:fe:4b:ec:a2:82:07:5d:
d1:57:67:20:13:f6:6e:af:88:02:2b:ef:17:82:87:
5d:b1:63:45:45:6a:b5:9a:0b:78:4a:ee:f7:60:e9:
eb:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:F3:FC:70:9A:0A:25:85:2C:82:A4:69:46:9B:C8:A9:2B:BA:A6:55
X509v3 Authority Key Identifier:
keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/8fP8cJoKJYUsgqRpRpvIqSu6plU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.232.0/24
81.31.242.0-81.31.247.255
185.84.160.0/23
Signature Algorithm: sha256WithRSAEncryption
81:cf:c2:be:e0:03:db:c1:b0:03:07:2b:9a:9b:5e:ca:13:57:
85:1c:92:09:4a:a9:0e:1c:ae:2a:a6:f6:78:e4:77:35:77:5d:
64:ea:58:bd:b7:28:a9:73:2a:d0:be:a5:0e:60:0f:9e:b7:8b:
3c:82:51:13:5b:bf:d9:3d:2f:1b:89:ed:dc:35:96:f8:4d:29:
e1:75:c7:fd:5d:72:fc:41:5a:ac:ea:5a:71:bb:1b:c8:df:a4:
ae:96:e7:2b:6f:f8:10:93:b1:e2:d2:d2:58:8c:4e:51:7c:67:
6d:ad:d1:a7:1b:19:52:35:79:f6:44:dc:9d:ef:be:13:59:14:
c3:a1:35:fa:0c:a8:72:2d:fe:cc:e1:d0:fd:c3:7f:80:33:aa:
0d:37:7a:2c:31:20:17:a3:1b:4f:57:f6:46:1f:23:b5:92:5a:
c3:6d:12:d3:a5:dd:f0:44:00:a4:4d:be:52:0c:b8:08:5a:c0:
41:fe:1e:13:50:14:b6:db:06:7b:5a:47:ae:18:ec:dc:9e:2a:
76:3c:a2:a1:39:39:7d:fc:c4:e4:b9:8f:ca:1e:03:d5:a8:31:
eb:b8:e1:61:2f:79:d1:d4:6d:6f:2a:62:60:02:1b:a6:e7:07:
17:fb:9d:a3:21:a6:f5:a4:75:c0:13:f0:4a:08:61:93:84:ef:
1f:ca:8d:1f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYloF2liS8Ad3Wu6Szkh+QHYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjMwNzE4MDgyMTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWYzZmM3MDlhMGEyNTg1MmM4MmE0Njk0NjliYzhhOTJiYmFhNjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAnizjbKGsmt+k/N5xU8iOnfhgh8
yni9Dl7najtLyj0fn+anm7TrTOx4JI9iGuLZX5EdHPGUKDpiyHqtBWB5JpGQwWAL
wzsqPRLTvMJnoFxUgVtXJJ0DhIFTc0bfziWfgDOuWN15HMI7PdDdTaW8VWZsEs4j
tNJy9XK1vUnYVfPvhSMspF5JK+2FuFDspigNiEMvBHgQYLS9tAcn1P4cZ+vyiW93
S7mOZRkkBKg7eTJxJ2tZBOVZ8xpKn7Dqs3AeLf8V9cDQmKiHdGI22EWO1Kw05j+1
kSWQUf5L7KKCB13RV2cgE/Zur4gCK+8XgoddsWNFRWq1mgt4Su73YOnrAQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPHz/HCaCiWFLIKkaUabyKkruqZVMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvOGZQOGNKb0tKWVVzZ3FScFJwdklxU3U2cGxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAUR/oMAwD
BAFRH/IDBANRH/ADBAG5VKAwDQYJKoZIhvcNAQELBQADggEBAIHPwr7gA9vBsAMH
K5qbXsoTV4UckglKqQ4criqm9njkdzV3XWTqWL23KKlzKtC+pQ5gD563izyCURNb
v9k9LxuJ7dw1lvhNKeF1x/1dcvxBWqzqWnG7G8jfpK6W5ytv+BCTseLS0liMTlF8
Z22t0acbGVI1efZE3J3vvhNZFMOhNfoMqHIt/szh0P3Df4Azqg03eiwxIBejG09X
9kYfI7WSWsNtEtOl3fBEAKRNvlIMuAhawEH+HhNQFLbbBntaR64Y7NyeKnY8oqE5
OX38xOS5j8oeA9WoMeu44WEvedHUbW8qYmACG6bnBxf7naMhpvWkdcAT8EoIYZOE
7x/KjR8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:33 2024 by rpki-client on console-ams.rpki-client.org