Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/9252e2-45de-4bcc-8f58-fa4117db1555/1/8F2cah6KkGUpRHlePTeNf_nmi38.roa
File: 8F2cah6KkGUpRHlePTeNf_nmi38.roa (raw, json)
Hash identifier: R6nigWXG2DJZ+IHN0ocAWUP0yT/4jNxM1VIC08i+oNg=
Subject key identifier: F0:5D:9C:6A:1E:8A:90:65:29:44:79:5E:3D:37:8D:7F:F9:E6:8B:7F
Certificate issuer: /CN=cc27531ad999b6d5a0441b75faea7d578653e42a
Certificate serial: 018CC726EB75C8DC9EDED8D4B3BA4CB4A802
Authority key identifier: CC:27:53:1A:D9:99:B6:D5:A0:44:1B:75:FA:EA:7D:57:86:53:E4:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zCdTGtmZttWgRBt1-up9V4ZT5Co.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/9252e2-45de-4bcc-8f58-fa4117db1555/1/8F2cah6KkGUpRHlePTeNf_nmi38.roa
Signing time: Mon 01 Jan 2024 22:31:05 +0000
ROA not before: Mon 01 Jan 2024 22:31:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197589
IP address blocks: 85.204.112.0/22 maxlen: 22
89.42.0.0/21 maxlen: 21
94.177.68.0/22 maxlen: 22
185.96.20.0/22 maxlen: 22
94.176.44.0/22 maxlen: 22
46.235.136.0/21 maxlen: 21
2a04:d680::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 23 Feb 2024 14:41:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:eb:75:c8:dc:9e:de:d8:d4:b3:ba:4c:b4:a8:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc27531ad999b6d5a0441b75faea7d578653e42a
Validity
Not Before: Jan 1 22:31:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f05d9c6a1e8a90652944795e3d378d7ff9e68b7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c7:94:27:5d:0f:6b:f3:4b:70:a2:a3:2c:76:
79:c2:13:7e:f4:fd:18:60:9f:87:61:94:cf:d0:40:
8d:92:de:70:fd:67:d7:20:09:bc:28:10:1f:82:f7:
94:dc:1f:95:ef:49:01:f0:09:69:65:a2:86:5d:44:
dd:a3:50:a7:3a:d0:1e:53:2e:44:bd:14:7c:cd:87:
bb:49:4e:e6:e8:f2:47:60:72:80:e2:e3:43:a7:4a:
28:29:bd:a9:ab:6a:ac:dd:16:27:02:e7:ca:53:23:
ab:e2:6d:0c:24:0e:0d:f6:5d:f6:94:47:ed:f6:60:
43:68:ce:34:34:00:cb:96:8c:77:f3:c1:cb:c7:d5:
a4:94:69:4d:1e:20:ff:a3:a6:10:b0:79:28:06:ce:
98:96:1d:68:1f:38:3f:31:51:b1:99:e2:9a:40:a4:
d4:43:bf:d3:c6:08:5c:54:f1:47:a3:93:93:7a:16:
8a:76:b8:f8:ab:8d:54:16:4b:85:e3:33:ec:55:70:
7e:c2:be:bd:ed:38:44:1a:5d:ff:89:1e:bb:3c:13:
d3:51:1e:fd:b6:27:92:f2:76:4f:40:7e:31:85:84:
ae:ce:62:fa:14:84:c3:26:eb:22:07:23:3b:46:dd:
fa:a5:75:f9:b5:66:88:a3:d0:41:89:6d:30:52:dd:
2f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:5D:9C:6A:1E:8A:90:65:29:44:79:5E:3D:37:8D:7F:F9:E6:8B:7F
X509v3 Authority Key Identifier:
keyid:CC:27:53:1A:D9:99:B6:D5:A0:44:1B:75:FA:EA:7D:57:86:53:E4:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zCdTGtmZttWgRBt1-up9V4ZT5Co.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/9252e2-45de-4bcc-8f58-fa4117db1555/1/8F2cah6KkGUpRHlePTeNf_nmi38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/9252e2-45de-4bcc-8f58-fa4117db1555/1/zCdTGtmZttWgRBt1-up9V4ZT5Co.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.136.0/21
85.204.112.0/22
89.42.0.0/21
94.176.44.0/22
94.177.68.0/22
185.96.20.0/22
IPv6:
2a04:d680::/29
Signature Algorithm: sha256WithRSAEncryption
21:ca:52:03:64:03:dd:ab:6e:27:96:3d:98:84:e9:7b:66:b0:
a1:bc:d7:b7:0e:d5:97:6d:c0:b9:de:74:aa:4b:c8:4b:65:2a:
af:02:f8:46:fb:48:bc:88:2b:ee:45:ec:ad:1f:cf:40:e8:4d:
dc:a4:01:f2:ea:98:86:93:90:10:3e:0e:1e:af:86:f2:a4:3d:
a7:be:66:a3:d1:b4:e2:5a:7a:9b:9b:ef:de:51:ad:ab:38:a1:
e5:0f:7b:82:36:b3:ef:8f:84:86:d9:cd:e4:ce:fb:88:0e:a0:
30:a6:f9:b9:bd:5a:d1:30:46:15:d9:f0:86:f6:0e:37:11:be:
5e:83:42:47:2f:b8:0b:ca:df:a4:05:8d:d7:9b:9e:e3:12:77:
f1:3e:c0:1d:66:fa:8f:42:28:5e:94:fc:75:85:d0:64:a9:b1:
17:88:d6:22:3d:01:6a:50:c8:41:84:32:cf:1d:09:f8:82:ac:
e7:93:62:d7:39:60:cd:5b:bc:ef:a7:35:81:b2:ee:f6:c2:5c:
79:9a:e3:5d:cb:3c:d1:04:f7:32:7a:7a:29:7e:f3:60:85:f2:
22:d9:76:3f:f5:32:7b:62:f1:28:0e:73:40:e3:9d:1f:6e:ea:
41:b6:4e:62:6b:ce:1d:da:8d:ab:91:98:2a:45:5f:3f:38:22:
30:ee:1e:5c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzHJut1yNye3tjUs7pMtKgCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMjc1MzFhZDk5OWI2ZDVhMDQ0MWI3NWZhZWE3ZDU3ODY1
M2U0MmEwHhcNMjQwMTAxMjIzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDVkOWM2YTFlOGE5MDY1Mjk0NDc5NWUzZDM3OGQ3ZmY5ZTY4YjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8eUJ10Pa/NLcKKjLHZ5whN+9P0Y
YJ+HYZTP0ECNkt5w/WfXIAm8KBAfgveU3B+V70kB8AlpZaKGXUTdo1CnOtAeUy5E
vRR8zYe7SU7m6PJHYHKA4uNDp0ooKb2pq2qs3RYnAufKUyOr4m0MJA4N9l32lEft
9mBDaM40NADLlox388HLx9WklGlNHiD/o6YQsHkoBs6Ylh1oHzg/MVGxmeKaQKTU
Q7/TxghcVPFHo5OTehaKdrj4q41UFkuF4zPsVXB+wr697ThEGl3/iR67PBPTUR79
tieS8nZPQH4xhYSuzmL6FITDJusiByM7Rt36pXX5tWaIo9BBiW0wUt0v2wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPBdnGoeipBlKUR5Xj03jX/55ot/MB8GA1UdIwQY
MBaAFMwnUxrZmbbVoEQbdfrqfVeGU+QqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekNkVEd0bVp0dFdnUkJ0MS11cDlWNFpUNUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC85MjUyZTItNDVkZS00YmNjLThmNTgt
ZmE0MTE3ZGIxNTU1LzEvOEYyY2FoNktrR1VwUkhsZVBUZU5mX25taTM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC85MjUyZTItNDVkZS00YmNjLThmNTgtZmE0MTE3ZGIxNTU1
LzEvekNkVEd0bVp0dFdnUkJ0MS11cDlWNFpUNUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDLuuIAwQC
VcxwAwQDWSoAAwQCXrAsAwQCXrFEAwQCuWAUMA0EAgACMAcDBQMqBNaAMA0GCSqG
SIb3DQEBCwUAA4IBAQAhylIDZAPdq24nlj2YhOl7ZrChvNe3DtWXbcC53nSqS8hL
ZSqvAvhG+0i8iCvuReytH89A6E3cpAHy6piGk5AQPg4er4bypD2nvmaj0bTiWnqb
m+/eUa2rOKHlD3uCNrPvj4SG2c3kzvuIDqAwpvm5vVrRMEYV2fCG9g43Eb5eg0JH
L7gLyt+kBY3Xm57jEnfxPsAdZvqPQihelPx1hdBkqbEXiNYiPQFqUMhBhDLPHQn4
gqznk2LXOWDNW7zvpzWBsu72wlx5muNdyzzRBPcyenopfvNghfIi2XY/9TJ7YvEo
DnNA450fbupBtk5ia84d2o2rkZgqRV8/OCIw7h5c
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:15 2024 by rpki-client on console-ams.rpki-client.org