Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/S8A8HKp6bMWuy1f8aDw3TcDsNTc.roa
File: S8A8HKp6bMWuy1f8aDw3TcDsNTc.roa (raw, json)
Hash identifier: 2B7UaYwhhFucz6xijZ00tt090jYHKJIS/bX72+HkNAE=
Subject key identifier: 4B:C0:3C:1C:AA:7A:6C:C5:AE:CB:57:FC:68:3C:37:4D:C0:EC:35:37
Certificate issuer: /CN=9bc6fd3f32ca4594c96075659a7089b27ae3fef3
Certificate serial: 01857321D468CD27F27DB5C131C71A6EBF8B
Authority key identifier: 9B:C6:FD:3F:32:CA:45:94:C9:60:75:65:9A:70:89:B2:7A:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m8b9PzLKRZTJYHVlmnCJsnrj_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/S8A8HKp6bMWuy1f8aDw3TcDsNTc.roa
Signing time: Mon 02 Jan 2023 15:37:54 +0000
ROA not before: Mon 02 Jan 2023 15:37:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12312
IP address blocks: 192.109.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:21:d4:68:cd:27:f2:7d:b5:c1:31:c7:1a:6e:bf:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bc6fd3f32ca4594c96075659a7089b27ae3fef3
Validity
Not Before: Jan 2 15:37:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bc03c1caa7a6cc5aecb57fc683c374dc0ec3537
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:61:76:a4:e3:7e:d9:4f:8a:bb:44:49:d9:9f:
59:5d:c5:0f:64:82:92:f3:72:f9:cd:43:5b:1c:e1:
a5:8f:dd:4b:cd:71:d3:9b:22:d4:83:09:e4:d8:c7:
9b:57:bb:8a:29:4a:72:e7:39:bd:aa:de:4b:ce:a8:
25:4d:8d:52:a1:eb:98:c9:2b:7b:d5:70:3d:cd:1c:
e9:35:da:0d:2d:d5:75:06:42:7d:e1:83:65:18:d4:
27:73:81:34:e3:c2:34:25:25:7d:4b:70:02:00:34:
0f:26:a8:8b:08:db:39:40:c2:1a:f6:9a:68:7c:33:
04:2f:d6:2c:b4:d0:00:c2:42:dc:72:c8:69:a0:7b:
88:87:62:f4:14:06:df:bb:9f:9d:1e:66:5a:b3:b7:
ed:26:2a:a9:ec:bb:77:60:e7:fc:d4:c8:46:1e:68:
22:ce:de:86:b2:3a:97:e0:63:50:14:b0:1b:13:e3:
1a:70:a3:24:4a:bb:ec:ff:17:7b:b8:0b:6e:2d:bf:
2f:be:87:ec:95:b0:be:f5:70:1f:bb:8f:0d:3b:cb:
69:c8:98:1d:54:e8:5d:b2:56:d8:61:4c:0f:d2:8f:
db:7c:02:81:34:82:af:e4:74:a7:39:e7:dd:02:1b:
c8:66:09:42:a9:77:54:5d:3f:fd:45:45:d9:43:5e:
dc:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:C0:3C:1C:AA:7A:6C:C5:AE:CB:57:FC:68:3C:37:4D:C0:EC:35:37
X509v3 Authority Key Identifier:
keyid:9B:C6:FD:3F:32:CA:45:94:C9:60:75:65:9A:70:89:B2:7A:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m8b9PzLKRZTJYHVlmnCJsnrj_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/S8A8HKp6bMWuy1f8aDw3TcDsNTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/m8b9PzLKRZTJYHVlmnCJsnrj_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.111.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:49:4d:35:5c:4d:d3:71:3f:ff:69:9d:92:af:1a:a4:c0:55:
18:0c:b1:d8:df:36:96:65:36:a3:d6:28:66:da:e9:9b:bf:0a:
f5:8b:b2:d6:07:5f:d1:5e:e8:ca:60:82:ad:7f:80:06:cf:1a:
69:50:81:c8:f2:7e:7b:30:5b:ef:b6:8f:b0:41:41:e7:7b:22:
b1:4f:8c:55:c3:12:74:b4:30:df:87:b1:1b:b3:28:91:73:0c:
97:44:55:27:ef:a2:90:73:cf:9f:f7:91:8b:2e:9a:d7:8b:5b:
69:31:9e:05:6f:f8:87:a6:2b:dd:60:7f:dd:77:df:65:6e:03:
95:93:78:46:8f:5a:01:42:9a:fa:22:3f:76:5f:11:6a:7a:d6:
b6:44:29:c5:88:f0:22:ae:15:1e:09:de:6b:a6:9d:74:e8:41:
12:4a:57:3d:34:df:6f:ea:b1:57:31:f4:8c:ee:04:af:1b:f0:
cd:ab:48:6f:65:15:4e:8f:c8:5a:b4:0a:a9:08:aa:10:05:b6:
b1:ec:9b:76:6a:48:b6:de:65:3c:97:1a:d7:02:21:e1:50:7c:
5a:4c:7c:52:e6:44:b8:57:74:10:51:45:4e:df:60:51:d7:6a:
ed:cf:bc:b8:94:d5:4f:e3:1b:70:5b:65:12:4e:a7:3e:e8:42:
11:d3:16:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzIdRozSfyfbXBMccabr+LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYzZmZDNmMzJjYTQ1OTRjOTYwNzU2NTlhNzA4OWIyN2Fl
M2ZlZjMwHhcNMjMwMTAyMTUzNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmMwM2MxY2FhN2E2Y2M1YWVjYjU3ZmM2ODNjMzc0ZGMwZWMzNTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWF2pON+2U+Ku0RJ2Z9ZXcUPZIKS
83L5zUNbHOGlj91LzXHTmyLUgwnk2MebV7uKKUpy5zm9qt5LzqglTY1SoeuYySt7
1XA9zRzpNdoNLdV1BkJ94YNlGNQnc4E048I0JSV9S3ACADQPJqiLCNs5QMIa9ppo
fDMEL9YstNAAwkLccshpoHuIh2L0FAbfu5+dHmZas7ftJiqp7Lt3YOf81MhGHmgi
zt6GsjqX4GNQFLAbE+MacKMkSrvs/xd7uAtuLb8vvofslbC+9XAfu48NO8tpyJgd
VOhdslbYYUwP0o/bfAKBNIKv5HSnOefdAhvIZglCqXdUXT/9RUXZQ17chwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEvAPByqemzFrstX/Gg8N03A7DU3MB8GA1UdIwQY
MBaAFJvG/T8yykWUyWB1ZZpwibJ64/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbThiOVB6TEtSWlRKWUhWbG1uQ0pzbnJqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9kYTI0NDctYjI1Mi00YjZhLWE4MmYt
ZGNiZTUzZGE3ODYwLzEvUzhBOEhLcDZiTVd1eTFmOGFEdzNUY0RzTlRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9kYTI0NDctYjI1Mi00YjZhLWE4MmYtZGNiZTUzZGE3ODYw
LzEvbThiOVB6TEtSWlRKWUhWbG1uQ0pzbnJqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG1vMA0G
CSqGSIb3DQEBCwUAA4IBAQC4SU01XE3TcT//aZ2SrxqkwFUYDLHY3zaWZTaj1ihm
2umbvwr1i7LWB1/RXujKYIKtf4AGzxppUIHI8n57MFvvto+wQUHneyKxT4xVwxJ0
tDDfh7EbsyiRcwyXRFUn76KQc8+f95GLLprXi1tpMZ4Fb/iHpivdYH/dd99lbgOV
k3hGj1oBQpr6Ij92XxFqeta2RCnFiPAirhUeCd5rpp106EESSlc9NN9v6rFXMfSM
7gSvG/DNq0hvZRVOj8hatAqpCKoQBbax7Jt2aki23mU8lxrXAiHhUHxaTHxS5kS4
V3QQUUVO32BR12rtz7y4lNVP4xtwW2USTqc+6EIR0xau
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:53 2024 by rpki-client on console-fra.rpki-client.org