Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/8bxnBYXJV5OOz21bv2I8kA2bY_E.roa
File: 8bxnBYXJV5OOz21bv2I8kA2bY_E.roa (raw, json)
Hash identifier: ao9ldt8v6DMLwrNcC6enjbO5wog//J30Hzc3qteaBd4=
Subject key identifier: F1:BC:67:05:85:C9:57:93:8E:CF:6D:5B:BF:62:3C:90:0D:9B:63:F1
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01856F14EBA8B943D1D6502F6A89C9EEE46F
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/8bxnBYXJV5OOz21bv2I8kA2bY_E.roa
Signing time: Sun 01 Jan 2023 20:45:19 +0000
ROA not before: Sun 01 Jan 2023 20:45:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12302
IP address blocks: 193.231.120.0/24 maxlen: 24
193.231.121.0/24 maxlen: 24
193.231.126.0/24 maxlen: 24
194.102.90.0/24 maxlen: 24
80.96.134.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 30 Aug 2023 16:25:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:eb:a8:b9:43:d1:d6:50:2f:6a:89:c9:ee:e4:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 20:45:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1bc670585c957938ecf6d5bbf623c900d9b63f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:8d:53:52:de:15:6b:75:b1:d4:17:57:c1:54:
bf:85:97:89:93:53:2c:eb:51:6c:50:dd:08:27:df:
5b:32:1f:c8:36:67:11:2d:e4:33:68:45:f1:15:4a:
28:c8:6e:4a:3f:6f:30:3a:70:5f:7f:64:9a:75:f3:
08:33:78:31:67:79:fe:9c:91:df:98:72:49:e0:53:
63:3b:75:50:4f:f5:94:82:2e:36:bb:90:94:b9:ed:
de:a7:05:ab:58:f4:83:17:07:3c:f5:91:60:12:54:
a3:66:81:b8:fe:90:ec:2e:11:a2:94:72:db:d7:32:
7f:67:79:34:61:aa:63:5b:17:5a:92:8b:d3:a1:56:
3c:e7:da:86:96:e0:a6:85:3e:ac:6f:8e:1b:0f:26:
70:ce:d4:ae:c5:46:dd:c8:ec:08:cc:29:e7:12:eb:
ef:22:de:14:b9:85:97:fb:a8:fc:70:15:90:3a:eb:
0a:f2:e2:7b:40:01:55:31:dd:6f:33:0b:ab:3b:c6:
81:17:15:a2:41:b2:d9:91:31:9a:5b:75:ba:4f:15:
52:c8:07:8a:a1:c3:0e:46:87:9f:11:64:94:e6:59:
ff:0f:6a:74:32:ca:51:fd:f7:67:5a:01:2a:13:62:
bc:41:c6:d9:fa:df:00:73:6c:cb:37:8a:6a:79:2c:
ea:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:BC:67:05:85:C9:57:93:8E:CF:6D:5B:BF:62:3C:90:0D:9B:63:F1
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/8bxnBYXJV5OOz21bv2I8kA2bY_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.134.0/23
193.231.120.0/23
193.231.126.0/24
194.102.90.0/24
Signature Algorithm: sha256WithRSAEncryption
40:56:16:bf:8a:5f:65:a8:77:2b:bd:72:87:5b:25:fe:bf:fd:
f3:90:f5:48:78:63:c7:2b:0b:ae:d8:8e:ba:97:89:89:4f:78:
49:55:29:1f:ce:54:be:0e:f7:11:a5:2e:9e:0a:e7:aa:a2:5e:
4c:af:9d:a7:90:e8:a2:7e:f1:39:c8:47:d1:27:13:63:58:30:
47:8e:87:28:db:9a:1c:b6:2f:60:0d:21:6f:29:2c:51:12:2f:
73:87:ab:80:f3:a2:11:de:d7:70:aa:14:7e:74:66:8c:e0:eb:
9e:d4:53:95:cc:c3:ac:95:0c:30:c8:27:c9:59:d2:b1:63:1c:
5d:4c:d6:05:40:40:b8:0c:1f:09:f6:39:f5:a3:11:b1:9d:87:
66:41:5f:63:4f:3d:9f:2d:cf:a6:95:29:7d:58:36:dd:87:cd:
6a:33:4e:af:6c:f9:9a:dc:08:0d:bd:f7:20:11:d2:31:7a:60:
52:62:96:d5:4f:30:04:39:79:ec:19:29:2e:30:51:28:d0:99:
02:89:93:b6:e4:82:25:68:33:86:08:d0:36:88:84:db:a0:4b:
5e:68:03:87:cc:02:ca:23:16:bb:86:81:6a:08:0d:4f:ee:4a:
9c:a7:68:25:cf:a0:70:65:85:e4:5a:59:51:27:5c:3e:03:9c:
64:9a:c0:f9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvFOuouUPR1lAvaonJ7uRvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwMTAxMjA0NTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWJjNjcwNTg1Yzk1NzkzOGVjZjZkNWJiZjYyM2M5MDBkOWI2M2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjY1TUt4Va3Wx1BdXwVS/hZeJk1Ms
61FsUN0IJ99bMh/INmcRLeQzaEXxFUooyG5KP28wOnBff2SadfMIM3gxZ3n+nJHf
mHJJ4FNjO3VQT/WUgi42u5CUue3epwWrWPSDFwc89ZFgElSjZoG4/pDsLhGilHLb
1zJ/Z3k0YapjWxdakovToVY859qGluCmhT6sb44bDyZwztSuxUbdyOwIzCnnEuvv
It4UuYWX+6j8cBWQOusK8uJ7QAFVMd1vMwurO8aBFxWiQbLZkTGaW3W6TxVSyAeK
ocMORoefEWSU5ln/D2p0MspR/fdnWgEqE2K8QcbZ+t8Ac2zLN4pqeSzqeQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPG8ZwWFyVeTjs9tW79iPJANm2PxMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvOGJ4bkJZWEpWNU9PejIxYnYySThrQTJiWV9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBUGCGAwQB
wed4AwQAwed+AwQAwmZaMA0GCSqGSIb3DQEBCwUAA4IBAQBAVha/il9lqHcrvXKH
WyX+v/3zkPVIeGPHKwuu2I66l4mJT3hJVSkfzlS+DvcRpS6eCueqol5Mr52nkOii
fvE5yEfRJxNjWDBHjoco25octi9gDSFvKSxREi9zh6uA86IR3tdwqhR+dGaM4Oue
1FOVzMOslQwwyCfJWdKxYxxdTNYFQEC4DB8J9jn1oxGxnYdmQV9jTz2fLc+mlSl9
WDbdh81qM06vbPma3AgNvfcgEdIxemBSYpbVTzAEOXnsGSkuMFEo0JkCiZO25IIl
aDOGCNA2iITboEteaAOHzALKIxa7hoFqCA1P7kqcp2glz6BwZYXkWllRJ1w+A5xk
msD5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:21 2024 by rpki-client on console-fra.rpki-client.org