Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/bea3d0-d33e-44bc-8296-94e4c9fd718a/1/8B2JqqQw0TFkV6DWBiv1aVdvVOs.roa
File: 8B2JqqQw0TFkV6DWBiv1aVdvVOs.roa (raw, json)
Hash identifier: WIdzj1Bcy6WkKvFLlW75CaUMLWz0kLpUbF90lij4qd8=
Subject key identifier: F0:1D:89:AA:A4:30:D1:31:64:57:A0:D6:06:2B:F5:69:57:6F:54:EB
Certificate issuer: /CN=e760b00fb0cc595fe542d6226e3f0a3e5165f1cc
Certificate serial: 018D605B5B1C1DCDAC2AE39663944F84FE64
Authority key identifier: E7:60:B0:0F:B0:CC:59:5F:E5:42:D6:22:6E:3F:0A:3E:51:65:F1:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/52CwD7DMWV_lQtYibj8KPlFl8cw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/bea3d0-d33e-44bc-8296-94e4c9fd718a/1/8B2JqqQw0TFkV6DWBiv1aVdvVOs.roa
Signing time: Wed 31 Jan 2024 16:30:16 +0000
ROA not before: Wed 31 Jan 2024 16:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41098
IP address blocks: 178.212.8.0/21 maxlen: 21
195.114.2.0/24 maxlen: 24
195.114.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Feb 2024 09:29:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:60:5b:5b:1c:1d:cd:ac:2a:e3:96:63:94:4f:84:fe:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e760b00fb0cc595fe542d6226e3f0a3e5165f1cc
Validity
Not Before: Jan 31 16:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f01d89aaa430d1316457a0d6062bf569576f54eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:17:0a:c6:ac:77:45:27:a6:f0:18:41:81:49:
f1:92:5c:09:55:1e:58:91:0e:ca:50:68:7a:f2:a6:
54:3a:e8:b3:f7:98:8d:04:75:f1:18:39:3f:da:02:
d1:8e:93:59:db:50:e0:3d:e1:3c:e4:7d:81:5e:fa:
3d:8f:79:03:06:77:c9:a9:ae:6f:55:60:63:3f:0d:
0a:e0:b2:3a:cd:8c:e8:35:45:e2:d6:a4:0e:92:f9:
aa:f8:c2:b1:b8:6e:35:2d:d6:e8:d3:cc:5b:7a:38:
81:a5:91:55:12:1a:01:09:eb:fd:5a:fa:6c:32:07:
3d:c9:be:17:1e:b3:50:7d:23:f9:49:af:65:e9:40:
f0:05:4f:d4:0c:0f:3d:e6:94:b1:fe:20:66:10:1a:
f1:f1:61:dd:b3:17:42:7b:09:b5:b9:68:dd:fe:e0:
b6:8d:e6:f9:09:d4:f8:c6:95:40:dd:97:91:a1:cc:
7b:07:64:64:9e:a3:25:e3:f3:66:53:5c:a3:d9:83:
78:62:82:47:40:7e:9d:c5:71:fa:c8:22:5a:47:2c:
7a:26:23:d9:65:f0:18:34:de:f0:82:31:a5:86:06:
14:52:bf:dd:fb:40:ce:a4:7c:40:91:5d:10:dd:4f:
52:6d:b4:4a:16:b5:4f:4e:ba:c0:4f:32:f6:55:36:
84:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:1D:89:AA:A4:30:D1:31:64:57:A0:D6:06:2B:F5:69:57:6F:54:EB
X509v3 Authority Key Identifier:
keyid:E7:60:B0:0F:B0:CC:59:5F:E5:42:D6:22:6E:3F:0A:3E:51:65:F1:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52CwD7DMWV_lQtYibj8KPlFl8cw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/bea3d0-d33e-44bc-8296-94e4c9fd718a/1/8B2JqqQw0TFkV6DWBiv1aVdvVOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/bea3d0-d33e-44bc-8296-94e4c9fd718a/1/52CwD7DMWV_lQtYibj8KPlFl8cw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.212.8.0/21
195.114.2.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:95:d4:33:c8:03:bc:c4:14:f0:3c:68:3b:a8:5c:ba:2a:09:
c4:60:30:17:59:8b:6f:7a:6b:38:de:79:a1:7c:ed:77:23:4a:
bd:ee:04:27:ea:52:10:46:07:40:96:2d:ec:40:35:05:b8:33:
32:59:b1:c8:2f:a8:6c:ac:32:da:a2:ec:b0:3d:d6:aa:db:90:
07:16:e8:1d:d4:5f:b2:f4:33:74:65:d6:c8:1b:18:ee:7e:68:
15:3c:77:f3:bc:af:11:e8:af:1f:84:4f:4c:c7:3a:95:3a:dc:
bf:3b:69:cd:c8:30:67:0c:eb:f2:ba:29:78:30:25:31:b3:4f:
74:85:8d:ed:39:cf:85:92:e0:c9:b0:48:e1:37:09:66:ff:0d:
df:3a:61:8f:e1:6f:09:fb:9b:d9:9e:cf:26:eb:cf:dc:5b:0c:
6e:12:88:f8:b7:3a:53:50:26:81:64:ad:ab:9c:27:a0:04:74:
c5:06:d8:03:2f:e0:c2:df:5c:08:92:28:b2:8a:c0:af:3c:d3:
38:e8:e0:f1:eb:7d:1e:46:b6:44:9b:36:75:82:f3:c9:2e:f7:
eb:75:4e:1f:43:9a:00:5e:9e:81:90:a5:d9:49:6f:e2:fe:31:
7c:ee:fb:f2:98:63:e2:67:b4:9b:3e:b3:48:13:0f:7e:e6:07:
06:1a:c3:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1gW1scHc2sKuOWY5RPhP5kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NjBiMDBmYjBjYzU5NWZlNTQyZDYyMjZlM2YwYTNlNTE2
NWYxY2MwHhcNMjQwMTMxMTYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDFkODlhYWE0MzBkMTMxNjQ1N2EwZDYwNjJiZjU2OTU3NmY1NGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxcKxqx3RSem8BhBgUnxklwJVR5Y
kQ7KUGh68qZUOuiz95iNBHXxGDk/2gLRjpNZ21DgPeE85H2BXvo9j3kDBnfJqa5v
VWBjPw0K4LI6zYzoNUXi1qQOkvmq+MKxuG41Ldbo08xbejiBpZFVEhoBCev9Wvps
Mgc9yb4XHrNQfSP5Sa9l6UDwBU/UDA895pSx/iBmEBrx8WHdsxdCewm1uWjd/uC2
jeb5CdT4xpVA3ZeRocx7B2RknqMl4/NmU1yj2YN4YoJHQH6dxXH6yCJaRyx6JiPZ
ZfAYNN7wgjGlhgYUUr/d+0DOpHxAkV0Q3U9SbbRKFrVPTrrATzL2VTaEyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPAdiaqkMNExZFeg1gYr9WlXb1TrMB8GA1UdIwQY
MBaAFOdgsA+wzFlf5ULWIm4/Cj5RZfHMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJDd0Q3RE1XVl9sUXRZaWJqOEtQbEZsOGN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9iZWEzZDAtZDMzZS00NGJjLTgyOTYt
OTRlNGM5ZmQ3MThhLzEvOEIySnFxUXcwVEZrVjZEV0JpdjFhVmR2Vk9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9iZWEzZDAtZDMzZS00NGJjLTgyOTYtOTRlNGM5ZmQ3MThh
LzEvNTJDd0Q3RE1XVl9sUXRZaWJqOEtQbEZsOGN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDstQIAwQB
w3ICMA0GCSqGSIb3DQEBCwUAA4IBAQAuldQzyAO8xBTwPGg7qFy6KgnEYDAXWYtv
ems43nmhfO13I0q97gQn6lIQRgdAli3sQDUFuDMyWbHIL6hsrDLaouywPdaq25AH
Fugd1F+y9DN0ZdbIGxjufmgVPHfzvK8R6K8fhE9MxzqVOty/O2nNyDBnDOvyuil4
MCUxs090hY3tOc+FkuDJsEjhNwlm/w3fOmGP4W8J+5vZns8m68/cWwxuEoj4tzpT
UCaBZK2rnCegBHTFBtgDL+DC31wIkiiyisCvPNM46ODx630eRrZEmzZ1gvPJLvfr
dU4fQ5oAXp6BkKXZSW/i/jF87vvymGPiZ7SbPrNIEw9+5gcGGsOk
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:54 2024 by rpki-client on console-ams.rpki-client.org