Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/8Px47JkIpAfMROoI1II3_jtT73Y.roa
File: 8Px47JkIpAfMROoI1II3_jtT73Y.roa (raw, json)
Hash identifier: TAagA3ZX1Z/bMxuN1YGVcZE0iPcncmClpZMMPg6vLtc=
Subject key identifier: F0:FC:78:EC:99:08:A4:07:CC:44:EA:08:D4:82:37:FE:3B:53:EF:76
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 018C3A95F46BDAD977D2A5006D5CF08B8782
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/8Px47JkIpAfMROoI1II3_jtT73Y.roa
Signing time: Tue 05 Dec 2023 15:25:54 +0000
ROA not before: Tue 05 Dec 2023 15:25:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205552
IP address blocks: 185.224.218.0/24 maxlen: 24
194.40.240.0/24 maxlen: 24
194.40.242.0/24 maxlen: 24
194.40.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3a:95:f4:6b:da:d9:77:d2:a5:00:6d:5c:f0:8b:87:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Dec 5 15:25:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0fc78ec9908a407cc44ea08d48237fe3b53ef76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e1:b8:d5:c8:bf:59:04:6d:c0:13:2a:10:6c:
82:9a:33:ba:c3:90:f1:39:89:99:22:85:db:40:d1:
5a:5e:09:c6:41:a0:c6:59:c2:f5:da:b1:46:15:25:
03:de:ed:05:50:5a:56:01:9e:6a:85:fb:34:3f:83:
bd:6e:51:10:b2:cc:95:bb:18:6c:c5:6b:ad:8a:9b:
da:a2:d9:d2:d5:2b:79:7e:08:5b:54:e3:43:c4:12:
2a:e5:6e:a8:5b:48:cb:09:3d:fa:09:aa:3f:cb:47:
aa:5a:fa:14:aa:65:ce:58:e5:55:93:f1:af:d7:93:
bc:5c:51:8e:c0:e1:ef:fa:cc:e2:1f:2e:8c:74:48:
96:41:d3:87:ad:13:be:f7:4d:57:2f:7a:a8:19:98:
3e:63:02:3f:dc:8c:21:a3:7d:18:2b:a1:a1:ab:94:
44:5b:d9:04:51:71:4c:7b:94:e4:73:24:6d:a6:86:
0c:39:1a:23:52:d3:24:e2:c9:e3:f7:87:a9:0c:86:
5d:12:4e:5e:ed:67:b8:6d:6c:8b:40:02:f3:7c:8f:
03:39:1a:b8:69:35:94:85:db:f5:55:88:9e:c2:e1:
9d:1e:28:1d:f7:da:d0:5b:7a:6c:86:70:c0:9e:c4:
66:14:a2:f1:e7:c2:23:83:d8:c8:2b:38:0b:6a:dd:
3d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:FC:78:EC:99:08:A4:07:CC:44:EA:08:D4:82:37:FE:3B:53:EF:76
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/8Px47JkIpAfMROoI1II3_jtT73Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.218.0/24
194.40.240.0-194.40.242.255
Signature Algorithm: sha256WithRSAEncryption
19:6b:63:06:78:07:8e:40:7d:f8:c1:b0:8a:ed:b8:7f:5e:41:
e9:eb:f2:d3:67:65:29:7b:f8:ee:cc:1e:32:41:f5:6b:41:ad:
09:b1:24:68:67:91:60:b1:63:6d:6d:4d:e1:32:c5:59:b8:41:
fc:ec:62:dd:28:74:0b:b9:48:78:d2:cf:b5:91:1c:15:4a:3f:
f0:30:b6:3b:c7:0f:64:ec:04:9f:26:d5:e0:c8:d5:85:fd:9c:
0e:48:ed:ed:2a:f6:7d:a7:e0:e4:c6:8f:6d:85:a4:b5:d5:4c:
5f:01:b3:f1:41:f6:2d:4d:8a:9f:5d:e0:a1:b5:3a:ae:ea:f9:
05:f8:b9:b3:f0:e1:c0:20:4e:dd:09:83:b2:bf:7f:b8:f0:46:
70:2c:87:c5:be:1c:31:2f:c0:16:46:f5:fe:43:8f:ed:39:a8:
7f:ac:68:0e:10:21:ac:f8:d2:01:5f:0e:4d:9d:f0:4c:a5:7f:
b8:7e:66:b7:37:87:d5:a2:ef:82:ab:4d:11:4b:36:b6:3c:db:
2c:d4:69:fe:ef:bc:ef:81:84:07:c0:0f:16:b1:00:ff:3b:f9:
74:54:c6:02:cc:60:12:d8:1e:0a:71:8a:58:ce:b3:49:1a:a7:
03:b0:5c:ac:6d:14:f7:44:52:61:d0:29:d9:7e:3b:a1:da:8d:
e3:a3:3c:12
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYw6lfRr2tl30qUAbVzwi4eCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjMxMjA1MTUyNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGZjNzhlYzk5MDhhNDA3Y2M0NGVhMDhkNDgyMzdmZTNiNTNlZjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveG41ci/WQRtwBMqEGyCmjO6w5Dx
OYmZIoXbQNFaXgnGQaDGWcL12rFGFSUD3u0FUFpWAZ5qhfs0P4O9blEQssyVuxhs
xWutipvaotnS1St5fghbVONDxBIq5W6oW0jLCT36Cao/y0eqWvoUqmXOWOVVk/Gv
15O8XFGOwOHv+sziHy6MdEiWQdOHrRO+901XL3qoGZg+YwI/3Iwho30YK6Ghq5RE
W9kEUXFMe5TkcyRtpoYMORojUtMk4snj94epDIZdEk5e7We4bWyLQALzfI8DORq4
aTWUhdv1VYiewuGdHigd99rQW3pshnDAnsRmFKLx58Ijg9jIKzgLat09+wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPD8eOyZCKQHzETqCNSCN/47U+92MB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvOFB4NDdKa0lwQWZNUk9vSTFJSTNfanRUNzNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAueDaMAwD
BATCKPADBADCKPIwDQYJKoZIhvcNAQELBQADggEBABlrYwZ4B45AffjBsIrtuH9e
Qenr8tNnZSl7+O7MHjJB9WtBrQmxJGhnkWCxY21tTeEyxVm4QfzsYt0odAu5SHjS
z7WRHBVKP/AwtjvHD2TsBJ8m1eDI1YX9nA5I7e0q9n2n4OTGj22FpLXVTF8Bs/FB
9i1Nip9d4KG1Oq7q+QX4ubPw4cAgTt0Jg7K/f7jwRnAsh8W+HDEvwBZG9f5Dj+05
qH+saA4QIaz40gFfDk2d8Eylf7h+Zrc3h9Wi74KrTRFLNrY82yzUaf7vvO+BhAfA
DxaxAP87+XRUxgLMYBLYHgpxiljOs0kapwOwXKxtFPdEUmHQKdl+O6HajeOjPBI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:54 2024 by rpki-client on console-ams.rpki-client.org