Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/81aa49-8b4a-4c28-a578-a605717d34ae/1/8k_jztXnZBT-81K4IvrxAHmMiCk.roa
File: 8k_jztXnZBT-81K4IvrxAHmMiCk.roa (raw, json)
Hash identifier: C9o5OK4UFDZiD1SnSxLid7PwHokm4Ocj2d88qNQKfRk=
Subject key identifier: F2:4F:E3:CE:D5:E7:64:14:FE:F3:52:B8:22:FA:F1:00:79:8C:88:29
Certificate issuer: /CN=b05a0604e76876fa03e6ad8687fa1db6c63d3908
Certificate serial: 01856B8A21B6916D030EFB25C35E2F555162
Authority key identifier: B0:5A:06:04:E7:68:76:FA:03:E6:AD:86:87:FA:1D:B6:C6:3D:39:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sFoGBOdodvoD5q2Gh_odtsY9OQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/81aa49-8b4a-4c28-a578-a605717d34ae/1/8k_jztXnZBT-81K4IvrxAHmMiCk.roa
Signing time: Sun 01 Jan 2023 04:14:52 +0000
ROA not before: Sun 01 Jan 2023 04:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200490
IP address blocks: 185.243.20.0/22 maxlen: 22
2001:67c:22f4::/48 maxlen: 48
2a0c:fe80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:21:b6:91:6d:03:0e:fb:25:c3:5e:2f:55:51:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05a0604e76876fa03e6ad8687fa1db6c63d3908
Validity
Not Before: Jan 1 04:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f24fe3ced5e76414fef352b822faf100798c8829
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:eb:b3:d2:40:32:8c:d7:0d:cd:32:be:d2:0d:
ad:bd:cf:0b:8c:ed:71:46:4f:dd:f4:bd:03:27:5a:
b0:b6:8f:cf:8d:93:73:b8:34:6e:2c:2d:7b:b6:54:
dc:7b:21:37:de:a0:53:1f:00:ea:ac:9a:71:3c:a4:
24:25:01:9f:95:36:fc:2c:e4:99:74:47:0a:07:95:
aa:40:a8:2e:1a:c7:2f:61:1c:c1:5a:2e:ba:a9:41:
24:e7:c9:54:65:56:74:aa:a5:14:df:3a:fb:5f:90:
5b:94:fc:a4:01:3e:5d:40:85:5d:1d:06:5e:7c:9e:
63:4f:b7:52:5b:8d:61:e9:db:5f:84:ec:3c:4c:95:
b9:87:8d:a5:a8:7d:1d:6f:ab:ab:96:67:aa:0c:b3:
5c:90:3c:e8:48:06:d8:0b:4e:da:9c:5d:a6:53:c6:
dc:31:3c:9d:02:8a:ae:a5:00:f1:eb:85:83:70:73:
a2:e5:3e:87:a4:6e:0f:91:44:7d:9f:6f:10:f5:e2:
f5:a1:87:c6:fe:c2:be:06:20:2d:1a:8e:2d:fd:39:
76:ad:b7:14:f7:1b:ac:21:56:f9:b6:d1:ea:fc:8a:
80:64:f0:19:9e:f6:32:17:87:0d:e9:1c:21:89:95:
b6:0a:2e:e3:65:ac:d5:31:4f:31:93:5d:c4:98:b3:
68:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:4F:E3:CE:D5:E7:64:14:FE:F3:52:B8:22:FA:F1:00:79:8C:88:29
X509v3 Authority Key Identifier:
keyid:B0:5A:06:04:E7:68:76:FA:03:E6:AD:86:87:FA:1D:B6:C6:3D:39:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sFoGBOdodvoD5q2Gh_odtsY9OQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/81aa49-8b4a-4c28-a578-a605717d34ae/1/8k_jztXnZBT-81K4IvrxAHmMiCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/81aa49-8b4a-4c28-a578-a605717d34ae/1/sFoGBOdodvoD5q2Gh_odtsY9OQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.20.0/22
IPv6:
2001:67c:22f4::/48
2a0c:fe80::/29
Signature Algorithm: sha256WithRSAEncryption
65:b0:44:be:41:1a:18:21:4a:20:59:f7:85:f0:a6:0a:ca:11:
a7:04:bc:eb:61:2e:3c:49:b2:e7:1c:7a:3d:d2:eb:36:2a:a0:
57:89:dd:a7:95:ee:c8:c4:9a:be:76:1a:79:1b:ab:ad:e5:b0:
9e:39:6a:b8:af:cf:78:6f:c6:a7:97:03:c2:f0:46:ab:21:5d:
c2:ea:0a:6a:c7:1d:44:51:ba:e6:11:da:d2:f4:fd:64:53:05:
1d:07:19:43:50:4d:d5:82:b3:1d:3e:c5:af:58:fc:48:02:e3:
aa:2f:74:d6:22:5a:17:1a:0c:79:f1:d2:73:0b:40:f6:67:a5:
fc:f3:e3:fa:51:dc:69:5d:23:d1:d0:5c:20:ed:9b:59:bf:84:
a7:4e:51:51:2b:4d:73:b2:85:b4:5c:13:17:ad:39:df:27:7e:
6c:91:67:c7:2d:5c:d6:a8:7e:7b:f5:7d:fd:2f:a1:3d:4e:d5:
51:a2:c4:0b:b9:65:0e:bf:36:ef:ca:e0:90:50:c2:96:ef:ad:
6f:02:bd:62:df:4d:c8:b7:71:2b:f6:19:77:82:ed:02:a4:4a:
e2:cd:bf:5b:b0:8b:7c:d9:ae:83:30:4d:92:e3:65:26:fd:5b:
be:af:ba:8e:07:d3:c5:35:86:d1:3d:c5:21:81:e6:17:ca:06:
14:dc:a1:3f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVriiG2kW0DDvslw14vVVFiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWEwNjA0ZTc2ODc2ZmEwM2U2YWQ4Njg3ZmExZGI2YzYz
ZDM5MDgwHhcNMjMwMTAxMDQxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjRmZTNjZWQ1ZTc2NDE0ZmVmMzUyYjgyMmZhZjEwMDc5OGM4ODI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeuz0kAyjNcNzTK+0g2tvc8LjO1x
Rk/d9L0DJ1qwto/PjZNzuDRuLC17tlTceyE33qBTHwDqrJpxPKQkJQGflTb8LOSZ
dEcKB5WqQKguGscvYRzBWi66qUEk58lUZVZ0qqUU3zr7X5BblPykAT5dQIVdHQZe
fJ5jT7dSW41h6dtfhOw8TJW5h42lqH0db6urlmeqDLNckDzoSAbYC07anF2mU8bc
MTydAoqupQDx64WDcHOi5T6HpG4PkUR9n28Q9eL1oYfG/sK+BiAtGo4t/Tl2rbcU
9xusIVb5ttHq/IqAZPAZnvYyF4cN6RwhiZW2Ci7jZazVMU8xk13EmLNoSwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPJP487V52QU/vNSuCL68QB5jIgpMB8GA1UdIwQY
MBaAFLBaBgTnaHb6A+athof6HbbGPTkIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0ZvR0JPZG9kdm9ENXEyR2hfb2R0c1k5T1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi84MWFhNDktOGI0YS00YzI4LWE1Nzgt
YTYwNTcxN2QzNGFlLzEvOGtfanp0WG5aQlQtODFLNEl2cnhBSG1NaUNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi84MWFhNDktOGI0YS00YzI4LWE1NzgtYTYwNTcxN2QzNGFl
LzEvc0ZvR0JPZG9kdm9ENXEyR2hfb2R0c1k5T1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCufMUMBYE
AgACMBADBwAgAQZ8IvQDBQMqDP6AMA0GCSqGSIb3DQEBCwUAA4IBAQBlsES+QRoY
IUogWfeF8KYKyhGnBLzrYS48SbLnHHo90us2KqBXid2nle7IxJq+dhp5G6ut5bCe
OWq4r894b8anlwPC8EarIV3C6gpqxx1EUbrmEdrS9P1kUwUdBxlDUE3VgrMdPsWv
WPxIAuOqL3TWIloXGgx58dJzC0D2Z6X88+P6UdxpXSPR0Fwg7ZtZv4SnTlFRK01z
soW0XBMXrTnfJ35skWfHLVzWqH579X39L6E9TtVRosQLuWUOvzbvyuCQUMKW761v
Ar1i303It3Er9hl3gu0CpErizb9bsIt82a6DME2S42Um/Vu+r7qOB9PFNYbRPcUh
geYXygYU3KE/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org