Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/jN7lnMxta9slASN20i47Bz1cKd0.roa
File: jN7lnMxta9slASN20i47Bz1cKd0.roa (raw, json)
Hash identifier: imIMVCxe5LIjfOxCPVWiJyI6zJEMB2dYOp6JS3BziUc=
Subject key identifier: 8C:DE:E5:9C:CC:6D:6B:DB:25:01:23:76:D2:2E:3B:07:3D:5C:29:DD
Certificate issuer: /CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Certificate serial: 018A1B79D8EBD98472439F936DD4D08B7DA4
Authority key identifier: 4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/jN7lnMxta9slASN20i47Bz1cKd0.roa
Signing time: Tue 22 Aug 2023 04:21:24 +0000
ROA not before: Tue 22 Aug 2023 04:21:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 185.87.218.0/24 maxlen: 28
2a13:85c0::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 30 Oct 2023 12:18:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1b:79:d8:eb:d9:84:72:43:9f:93:6d:d4:d0:8b:7d:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Validity
Not Before: Aug 22 04:21:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8cdee59ccc6d6bdb25012376d22e3b073d5c29dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c5:b3:61:85:da:0c:3f:52:18:e2:27:8c:2a:
51:d3:80:d8:2a:48:eb:97:0c:02:c8:d9:e7:ff:59:
4e:b1:01:0e:32:7d:36:5b:8f:9f:5e:82:e9:6c:20:
83:dd:9e:90:4f:c3:ea:8e:42:67:c9:88:d1:04:99:
e5:62:f9:e0:5e:74:cf:68:ca:4a:f7:ef:8a:4a:27:
27:de:70:e3:a9:57:2e:d1:dd:c9:05:29:ae:97:06:
5f:5f:b4:41:48:57:eb:34:0e:77:e5:e9:23:1b:94:
78:55:69:1b:a0:23:fd:ec:d7:63:f5:d1:d5:b9:de:
68:81:c9:88:de:6b:93:f5:77:81:d9:f3:f1:e1:a1:
f6:2f:1a:fa:7b:5c:13:74:c2:dc:3e:87:28:e6:68:
8f:e6:de:88:ca:e2:60:8e:5d:96:e9:ec:82:b5:af:
36:6c:0d:52:67:68:9c:fa:4b:51:09:ba:92:08:94:
c7:cf:a8:8b:78:03:4b:28:1e:0a:81:83:4d:60:d6:
37:75:da:94:d0:eb:ad:05:99:a3:5b:7d:aa:17:89:
5c:76:52:0d:6f:ec:81:54:08:7a:2b:58:0f:71:c3:
3b:d0:7d:0c:b2:8b:2d:70:35:47:7b:ca:96:42:f4:
37:ad:b7:d2:ae:0f:4e:c1:cd:a4:31:73:6f:64:5d:
73:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:DE:E5:9C:CC:6D:6B:DB:25:01:23:76:D2:2E:3B:07:3D:5C:29:DD
X509v3 Authority Key Identifier:
keyid:4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/jN7lnMxta9slASN20i47Bz1cKd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/TIEnPcsDw0V7eSUL4Qnhml508P0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.218.0/24
IPv6:
2a13:85c0::/40
Signature Algorithm: sha256WithRSAEncryption
13:4c:39:28:d5:5d:aa:b2:df:c2:62:d0:5d:00:fa:94:59:d6:
a3:59:01:8b:8a:3b:b1:ab:db:d3:3e:88:b9:cd:f1:f5:12:31:
d1:de:12:c8:a0:3e:c5:8b:61:b7:ee:d9:f1:7b:ca:36:0b:3e:
d3:0b:3b:5d:6c:d7:e4:a2:30:1c:c0:e9:7e:7e:94:16:a8:22:
b8:b8:08:ed:e3:78:52:32:27:e8:81:ea:cb:cf:9e:4b:11:86:
98:48:c7:d1:38:bd:f3:e8:97:85:b3:0a:4b:e1:b4:a5:5d:f9:
c9:72:c8:bd:32:e2:f0:bf:b5:9a:0d:0f:3a:a0:cf:20:99:4c:
6a:e7:3b:45:fb:5e:f5:3c:51:fd:34:13:4a:1f:33:0d:db:38:
69:2b:ab:32:e1:f1:98:64:a7:71:54:66:9c:b7:19:54:9d:ae:
11:bd:a6:a0:65:90:94:02:24:d6:12:66:1c:9a:24:ce:c2:36:
f6:97:4e:f0:99:5e:a1:e4:be:fb:ac:e0:4e:62:bc:26:77:1f:
d3:d4:36:a8:76:a3:8e:d8:e8:f6:fd:e6:f2:70:24:a1:60:c8:
61:d1:a9:97:41:50:be:67:dd:66:df:62:90:f9:23:11:66:4e:
d8:10:89:61:74:af:7c:fd:65:c8:77:fb:53:14:c1:91:dd:8b:
b5:16:7c:68
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYobedjr2YRyQ5+TbdTQi32kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjODEyNzNkY2IwM2MzNDU3Yjc5MjUwYmUxMDllMTlhNWU3
NGYwZmQwHhcNMjMwODIyMDQyMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2RlZTU5Y2NjNmQ2YmRiMjUwMTIzNzZkMjJlM2IwNzNkNWMyOWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMWzYYXaDD9SGOInjCpR04DYKkjr
lwwCyNnn/1lOsQEOMn02W4+fXoLpbCCD3Z6QT8PqjkJnyYjRBJnlYvngXnTPaMpK
9++KSicn3nDjqVcu0d3JBSmulwZfX7RBSFfrNA535ekjG5R4VWkboCP97Ndj9dHV
ud5ogcmI3muT9XeB2fPx4aH2Lxr6e1wTdMLcPoco5miP5t6IyuJgjl2W6eyCta82
bA1SZ2ic+ktRCbqSCJTHz6iLeANLKB4KgYNNYNY3ddqU0OutBZmjW32qF4lcdlIN
b+yBVAh6K1gPccM70H0MsostcDVHe8qWQvQ3rbfSrg9Owc2kMXNvZF1zPwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIze5ZzMbWvbJQEjdtIuOwc9XCndMB8GA1UdIwQY
MBaAFEyBJz3LA8NFe3klC+EJ4ZpedPD9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYt
Nzc3OTRmYmZkMmU0LzEvak43bG5NeHRhOXNsQVNOMjBpNDdCejFjS2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYtNzc3OTRmYmZkMmU0
LzEvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuVfaMA4E
AgACMAgDBgAqE4XAADANBgkqhkiG9w0BAQsFAAOCAQEAE0w5KNVdqrLfwmLQXQD6
lFnWo1kBi4o7savb0z6Iuc3x9RIx0d4SyKA+xYtht+7Z8XvKNgs+0ws7XWzX5KIw
HMDpfn6UFqgiuLgI7eN4UjIn6IHqy8+eSxGGmEjH0Ti98+iXhbMKS+G0pV35yXLI
vTLi8L+1mg0POqDPIJlMauc7Rfte9TxR/TQTSh8zDds4aSurMuHxmGSncVRmnLcZ
VJ2uEb2moGWQlAIk1hJmHJokzsI29pdO8JleoeS++6zgTmK8Jncf09Q2qHajjtjo
9v3m8nAkoWDIYdGpl0FQvmfdZt9ikPkjEWZO2BCJYXSvfP1lyHf7UxTBkd2LtRZ8
aA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:27 2024 by rpki-client on console-ams.rpki-client.org