Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/1-8_WRrSGYhDc1QpGOhgesdvQhis.roa
File: 1-8_WRrSGYhDc1QpGOhgesdvQhis.roa (raw, json)
Hash identifier: bt29yE5ax14Rd0xMKej5/Z1Hu7qCBQfSp0uT3vVzmn0=
Subject key identifier: FB:CF:D6:46:B4:86:62:10:DC:D5:0A:46:3A:18:1E:B1:DB:D0:86:2B
Certificate issuer: /CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Certificate serial: 018C34A458CC7FE769FFDB6F4B0E2C294C69
Authority key identifier: 01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/1-8_WRrSGYhDc1QpGOhgesdvQhis.roa
Signing time: Mon 04 Dec 2023 11:43:54 +0000
ROA not before: Mon 04 Dec 2023 11:43:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 138.12.128.0/17 maxlen: 24
37.98.232.0/21 maxlen: 24
136.242.128.0/17 maxlen: 24
165.171.0.0/17 maxlen: 24
163.120.128.0/17 maxlen: 24
148.139.0.0/16 maxlen: 24
2a04:37c0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:a4:58:cc:7f:e7:69:ff:db:6f:4b:0e:2c:29:4c:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Validity
Not Before: Dec 4 11:43:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbcfd646b4866210dcd50a463a181eb1dbd0862b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:70:27:1d:3d:70:67:96:7f:af:d8:25:7a:fc:
02:21:58:09:12:3a:b4:4e:e6:f6:17:71:68:62:57:
e1:7e:87:07:34:f3:bf:f7:9b:ff:82:bf:2f:1b:a0:
64:5a:1f:80:e7:f2:90:b4:43:21:0a:14:4b:dc:5d:
67:2a:b4:c5:88:18:15:5a:c7:0d:36:d3:53:3c:5c:
d6:82:2b:65:75:5e:1e:66:05:35:32:a3:51:e9:30:
91:62:03:5f:1a:4e:a7:f5:7a:6e:bc:7f:7b:57:fc:
34:94:7c:c3:7c:eb:b1:3b:94:d5:d1:90:05:dc:a6:
7d:e6:19:ac:c5:3e:39:61:ef:d1:df:29:cd:e6:82:
b7:37:7e:20:6a:61:07:e3:9b:0b:bb:8c:4f:2e:05:
84:03:75:f7:0d:e1:60:3b:77:36:7b:90:22:64:9a:
50:b8:5d:e2:9c:3b:43:f6:41:0d:c1:d0:8a:ea:ee:
21:5a:f8:6d:c2:ef:94:bc:94:c0:79:94:5b:b4:1d:
7d:3c:55:17:b5:7b:f1:68:50:da:70:d1:05:0b:4c:
95:07:db:a5:44:58:45:e8:38:a7:da:23:8c:81:a5:
af:6f:13:51:73:2c:70:59:49:ad:1a:ef:d1:93:0f:
93:0e:24:32:a7:24:7d:b0:44:46:ce:0b:d4:b3:0e:
8b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:CF:D6:46:B4:86:62:10:DC:D5:0A:46:3A:18:1E:B1:DB:D0:86:2B
X509v3 Authority Key Identifier:
keyid:01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/1-8_WRrSGYhDc1QpGOhgesdvQhis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.232.0/21
136.242.128.0/17
138.12.128.0/17
148.139.0.0/16
163.120.128.0/17
165.171.0.0/17
IPv6:
2a04:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
82:9f:01:16:ae:ca:66:ff:ed:ea:07:f4:fe:1c:b1:ee:be:d8:
41:5c:79:86:6e:98:b5:1e:ef:15:93:62:9c:7f:8d:c7:05:d5:
34:d0:f3:bb:c5:d1:7e:4e:54:08:ed:74:aa:e2:63:dd:e4:9a:
f3:09:cc:2d:7f:1d:eb:97:fe:7f:ff:f5:a6:00:5c:68:4f:74:
22:f9:ef:15:d9:87:a0:bd:71:13:65:ed:75:85:4e:5a:ed:ba:
59:07:82:85:4c:96:59:b8:19:eb:be:1f:22:df:0f:4f:3e:70:
d1:62:d2:ad:92:f4:4c:1b:de:0b:6c:fe:e1:01:ca:f8:db:93:
8f:87:f7:ad:b8:72:3f:ac:b2:85:90:b5:d9:63:b7:f1:90:02:
18:97:6c:0a:90:ef:75:ce:6e:19:22:01:5e:f0:a2:c1:a7:05:
63:2d:58:29:8e:cb:77:17:cf:b4:45:88:f2:49:ac:10:6d:f3:
02:22:26:a4:cf:a7:61:e0:72:91:fa:a1:e5:36:10:5f:58:21:
9c:a2:06:94:f9:55:51:f3:3a:80:4f:f6:25:7d:2f:58:d3:78:
35:e2:9b:f8:f2:4c:b9:59:29:a1:af:9e:25:46:9d:70:cd:4e:
78:d6:40:36:9b:1c:3d:c6:2e:e4:64:73:7b:7d:f7:71:51:c8:
03:cb:36:6b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYw0pFjMf+dp/9tvSw4sKUxpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYzM4YTA2YTM5YjIwYjhkYTQwMDA5MjM3ZDc2YWNkZDI4
ZTcxYTUwHhcNMjMxMjA0MTE0MzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmNmZDY0NmI0ODY2MjEwZGNkNTBhNDYzYTE4MWViMWRiZDA4NjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHAnHT1wZ5Z/r9glevwCIVgJEjq0
Tub2F3FoYlfhfocHNPO/95v/gr8vG6BkWh+A5/KQtEMhChRL3F1nKrTFiBgVWscN
NtNTPFzWgitldV4eZgU1MqNR6TCRYgNfGk6n9XpuvH97V/w0lHzDfOuxO5TV0ZAF
3KZ95hmsxT45Ye/R3ynN5oK3N34gamEH45sLu4xPLgWEA3X3DeFgO3c2e5AiZJpQ
uF3inDtD9kENwdCK6u4hWvhtwu+UvJTAeZRbtB19PFUXtXvxaFDacNEFC0yVB9ul
RFhF6Din2iOMgaWvbxNRcyxwWUmtGu/Rkw+TDiQypyR9sERGzgvUsw6L+QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPvP1ka0hmIQ3NUKRjoYHrHb0IYrMB8GA1UdIwQY
MBaAFAHDigajmyC42kAAkjfXas3SjnGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAt
YjI5ZjEwY2MwMzI4LzEvMS04X1dSclNHWWhEYzFRcEdPaGdlc2R2UWhpcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjUvNmE4ZTVlLTM5YjYtNDdlMy1iYmIwLWIyOWYxMGNjMDMy
OC8xL0FjT0tCcU9iSUxqYVFBQ1NOOWRxemRLT2NhVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBLBggrBgEFBQcBBwEB/wQ8MDowKQQCAAEwIwMEAyVi6AME
B4jygAMEB4oMgAMDAJSLAwQHo3iAAwQHpasAMA0EAgACMAcDBQMqBDfAMA0GCSqG
SIb3DQEBCwUAA4IBAQCCnwEWrspm/+3qB/T+HLHuvthBXHmGbpi1Hu8Vk2Kcf43H
BdU00PO7xdF+TlQI7XSq4mPd5JrzCcwtfx3rl/5///WmAFxoT3Qi+e8V2YegvXET
Ze11hU5a7bpZB4KFTJZZuBnrvh8i3w9PPnDRYtKtkvRMG94LbP7hAcr425OPh/et
uHI/rLKFkLXZY7fxkAIYl2wKkO91zm4ZIgFe8KLBpwVjLVgpjst3F8+0RYjySawQ
bfMCIiakz6dh4HKR+qHlNhBfWCGcogaU+VVR8zqAT/YlfS9Y03g14pv48ky5WSmh
r54lRp1wzU541kA2mxw9xi7kZHN7ffdxUcgDyzZr
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:01 2024 by rpki-client on console-fra.rpki-client.org