Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/8MXluqnCPUy6KPh3ZcKKsQ--VDw.roa
File: 8MXluqnCPUy6KPh3ZcKKsQ--VDw.roa (raw, json)
Hash identifier: hRLr/HuZ+5F5m46nPSVQ7h4pSKWNKSkF1iyWG1AVCX4=
Subject key identifier: F0:C5:E5:BA:A9:C2:3D:4C:BA:28:F8:77:65:C2:8A:B1:0F:BE:54:3C
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018D6FEE7AB57A4C202922B03770EC9CF855
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/8MXluqnCPUy6KPh3ZcKKsQ--VDw.roa
Signing time: Sat 03 Feb 2024 17:05:16 +0000
ROA not before: Sat 03 Feb 2024 17:05:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8342
IP address blocks: 147.45.117.0/24 maxlen: 24
147.45.118.0/24 maxlen: 24
147.45.119.0/24 maxlen: 24
147.45.120.0/22 maxlen: 22
193.233.60.0/24 maxlen: 24
193.233.62.0/24 maxlen: 24
193.233.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Feb 2024 11:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6f:ee:7a:b5:7a:4c:20:29:22:b0:37:70:ec:9c:f8:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Feb 3 17:05:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0c5e5baa9c23d4cba28f87765c28ab10fbe543c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b1:0f:e1:bb:78:b1:b0:fd:a3:de:36:a8:7a:
20:ed:0b:34:5e:7f:1d:a5:69:22:eb:84:73:e5:c3:
30:54:36:3e:79:44:15:38:1b:32:c5:b3:95:96:8f:
fd:0c:86:8a:b1:b3:24:7f:7a:2e:4c:82:dc:ba:bc:
96:be:10:87:b3:53:5f:68:a2:92:7a:a1:1f:b0:b1:
6a:ff:a5:b2:a2:5b:b6:5b:1c:a9:ad:00:c6:e5:2f:
88:79:b7:88:35:f4:e8:62:19:9c:d7:f8:28:89:66:
9b:f4:1d:e9:8c:1f:a2:8d:81:7a:dc:47:e2:e6:a7:
de:7a:8e:00:84:42:20:75:13:bb:2c:46:2c:e1:01:
2d:33:bd:ea:89:92:7f:81:bc:a7:97:5b:ab:60:49:
a2:51:11:10:be:fe:0b:57:75:4b:8c:4d:92:d8:99:
13:0f:03:3b:93:c2:05:eb:80:3a:64:ee:fa:5b:74:
21:3b:73:a9:71:c2:51:4d:71:9f:a3:30:10:c2:0b:
f2:be:7a:f5:67:44:29:e2:b5:11:59:f8:26:60:e3:
59:c0:ec:dd:ae:34:6a:2a:a1:7e:1d:f5:4b:06:23:
43:3d:8c:e2:e4:d7:3d:eb:fb:e7:80:fe:31:39:6a:
9b:61:f2:c3:a5:65:e0:1c:e5:18:d3:fc:57:8b:dc:
10:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:C5:E5:BA:A9:C2:3D:4C:BA:28:F8:77:65:C2:8A:B1:0F:BE:54:3C
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/8MXluqnCPUy6KPh3ZcKKsQ--VDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.117.0-147.45.123.255
193.233.60.0/24
193.233.62.0/24
193.233.170.0/24
Signature Algorithm: sha256WithRSAEncryption
35:09:8f:56:53:38:df:59:b5:05:56:da:6b:c4:92:00:7a:4b:
dc:93:74:89:b4:d8:00:58:47:2e:ff:95:2b:ba:90:69:68:28:
b9:d3:d8:ad:84:66:8f:d1:32:b5:2f:c4:af:60:75:64:a9:26:
ac:fa:8b:f4:a0:68:ff:7a:88:2e:eb:c9:92:c0:c9:9f:1c:cb:
9d:70:81:19:ed:e5:02:b8:74:f8:7d:9f:ce:0a:be:e0:65:bd:
e2:c7:dd:a6:8f:36:a6:75:0d:9f:03:c5:9d:34:2c:b5:cc:a5:
b3:3f:58:3c:50:06:50:17:f7:a3:28:ae:c2:10:9b:a6:29:04:
f8:c0:12:72:b0:48:e1:3c:47:ea:c6:ed:8c:2a:eb:19:3c:4e:
0e:ed:89:56:18:c8:9e:48:b0:ae:82:99:60:31:cb:b3:76:fa:
9f:c3:53:85:93:ac:cd:04:7e:21:74:c0:e6:4b:84:b2:10:5c:
60:51:bc:43:d7:92:66:9a:2f:e6:fd:55:2b:a0:bc:a6:bf:44:
d7:99:29:79:f5:ff:47:05:83:60:79:a4:5a:e5:b7:d9:4e:96:
26:4f:98:cb:c7:5e:f7:42:0b:70:95:fb:da:20:3e:6a:d5:98:
74:55:9e:bf:90:f8:cb:15:20:41:7b:20:de:9e:9d:58:ab:41:
b6:2b:f3:ce
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY1v7nq1ekwgKSKwN3DsnPhVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMjAzMTcwNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGM1ZTViYWE5YzIzZDRjYmEyOGY4Nzc2NWMyOGFiMTBmYmU1NDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirEP4bt4sbD9o942qHog7Qs0Xn8d
pWki64Rz5cMwVDY+eUQVOBsyxbOVlo/9DIaKsbMkf3ouTILcuryWvhCHs1NfaKKS
eqEfsLFq/6Wyolu2WxyprQDG5S+IebeINfToYhmc1/goiWab9B3pjB+ijYF63Efi
5qfeeo4AhEIgdRO7LEYs4QEtM73qiZJ/gbynl1urYEmiUREQvv4LV3VLjE2S2JkT
DwM7k8IF64A6ZO76W3QhO3OpccJRTXGfozAQwgvyvnr1Z0Qp4rURWfgmYONZwOzd
rjRqKqF+HfVLBiNDPYzi5Nc96/vngP4xOWqbYfLDpWXgHOUY0/xXi9wQXQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPDF5bqpwj1Muij4d2XCirEPvlQ8MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvOE1YbHVxbkNQVXk2S1BoM1pjS0tzUS0tVkR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBACTLXUD
BAKTLXgDBADB6TwDBADB6T4DBADB6aowDQYJKoZIhvcNAQELBQADggEBADUJj1ZT
ON9ZtQVW2mvEkgB6S9yTdIm02ABYRy7/lSu6kGloKLnT2K2EZo/RMrUvxK9gdWSp
Jqz6i/SgaP96iC7ryZLAyZ8cy51wgRnt5QK4dPh9n84KvuBlveLH3aaPNqZ1DZ8D
xZ00LLXMpbM/WDxQBlAX96MorsIQm6YpBPjAEnKwSOE8R+rG7Ywq6xk8Tg7tiVYY
yJ5IsK6CmWAxy7N2+p/DU4WTrM0EfiF0wOZLhLIQXGBRvEPXkmaaL+b9VSugvKa/
RNeZKXn1/0cFg2B5pFrlt9lOliZPmMvHXvdCC3CV+9ogPmrVmHRVnr+Q+MsVIEF7
IN6enVirQbYr884=
-----END CERTIFICATE-----
Generated at Wed Feb 7 14:43:10 2024 by rpki-client on console-fra.rpki-client.org