Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/i-l6g4W8RMQWpJakm4rkLvi4o_8.roa
File: i-l6g4W8RMQWpJakm4rkLvi4o_8.roa (raw, json)
Hash identifier: QS/8oTBQPzpANBybZr3T3bEVmbGQa83Qd9smT8oCeco=
Subject key identifier: 8B:E9:7A:83:85:BC:44:C4:16:A4:96:A4:9B:8A:E4:2E:F8:B8:A3:FF
Certificate issuer: /CN=aa70fbb3db228437d605799ac4f4598d22e13e1b
Certificate serial: 018571DE90536DF457014CD305D9ADB6C1FB
Authority key identifier: AA:70:FB:B3:DB:22:84:37:D6:05:79:9A:C4:F4:59:8D:22:E1:3E:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qnD7s9sihDfWBXmaxPRZjSLhPhs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/i-l6g4W8RMQWpJakm4rkLvi4o_8.roa
Signing time: Mon 02 Jan 2023 09:44:49 +0000
ROA not before: Mon 02 Jan 2023 09:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35223
IP address blocks: 193.168.168.0/22 maxlen: 22
82.117.0.0/19 maxlen: 19
2a03:5480::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:90:53:6d:f4:57:01:4c:d3:05:d9:ad:b6:c1:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa70fbb3db228437d605799ac4f4598d22e13e1b
Validity
Not Before: Jan 2 09:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8be97a8385bc44c416a496a49b8ae42ef8b8a3ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e0:fd:92:fa:62:e2:03:85:53:97:91:c5:e5:
0d:70:96:34:8e:d0:22:33:40:89:03:d2:45:f1:b8:
58:2c:20:89:ad:a5:a6:55:42:8a:2b:89:2b:b6:93:
8d:04:8f:1d:3f:f7:1b:b3:ab:31:90:64:42:39:41:
b7:82:21:8e:c8:fb:a5:92:af:de:93:c9:02:7c:46:
14:69:7c:17:9d:91:86:db:c4:39:a2:34:6c:45:b8:
81:6a:19:c5:89:8a:a2:29:fc:76:a6:81:6c:c0:b9:
5f:80:85:6c:26:b8:96:2a:9c:2c:85:7b:2f:6a:93:
4f:c6:b4:0f:14:ba:8d:cb:75:05:7b:4e:e9:61:b5:
98:29:79:4d:c4:27:ec:0e:99:99:ff:5f:23:1f:20:
86:d4:b5:43:89:e2:9a:91:10:b0:98:83:b2:cf:98:
37:a6:a5:79:65:6a:bd:24:64:b7:c9:01:6a:b3:17:
42:f9:a6:f9:70:fd:a0:b3:78:da:af:6e:cc:fc:20:
dc:70:96:a1:63:57:40:f3:16:af:a9:d3:df:61:26:
27:c7:2d:c9:79:80:ee:d7:c8:1a:bb:0f:16:5b:7a:
81:c6:c0:81:70:53:33:ed:71:8d:1f:7e:03:12:17:
a5:9c:f2:e1:b5:de:46:da:61:20:cd:d5:7f:01:58:
8f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:E9:7A:83:85:BC:44:C4:16:A4:96:A4:9B:8A:E4:2E:F8:B8:A3:FF
X509v3 Authority Key Identifier:
keyid:AA:70:FB:B3:DB:22:84:37:D6:05:79:9A:C4:F4:59:8D:22:E1:3E:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnD7s9sihDfWBXmaxPRZjSLhPhs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/i-l6g4W8RMQWpJakm4rkLvi4o_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.117.0.0/19
193.168.168.0/22
IPv6:
2a03:5480::/29
Signature Algorithm: sha256WithRSAEncryption
a4:03:c6:55:13:ee:92:5b:db:d3:b2:a7:31:4f:fd:a6:3e:4a:
8b:dd:9e:cf:46:4a:d9:4d:9b:f9:0c:31:53:36:bc:e2:fe:c4:
94:32:bb:1c:38:ca:97:75:c9:d6:6a:8b:ad:29:bc:87:36:82:
9a:d8:37:df:d4:dc:4f:6b:78:20:16:7d:46:76:77:ae:d8:d2:
62:90:1f:a0:d3:49:88:b3:14:97:30:f7:da:e4:6d:db:70:e0:
65:2a:ff:0c:e3:4d:06:66:b0:af:cc:ae:91:99:6e:40:c4:c0:
f3:ca:99:21:90:1e:fd:f8:ab:37:63:74:75:6f:e1:b5:fd:57:
de:ae:bb:f2:9d:04:0e:9e:4c:6d:14:c7:3a:19:f1:d6:b2:8d:
e3:d6:12:d8:99:8d:09:ec:3b:27:c2:ab:34:80:5d:33:7d:4f:
e9:be:d8:99:eb:fe:4f:67:57:09:ba:8a:13:52:d9:02:ae:cd:
50:5c:11:2d:34:c8:ac:c5:45:65:07:c3:98:80:af:a1:95:47:
0f:e7:ba:54:70:59:06:ef:3b:94:39:69:2c:32:01:1e:d3:d6:
1b:db:5c:e4:e9:48:c3:68:00:9c:44:2e:98:cc:38:31:d6:11:
dc:d6:f0:86:c8:0f:cd:f7:e8:a6:2a:dd:cc:df:94:3e:23:33:
c8:6a:f6:09
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVx3pBTbfRXAUzTBdmttsH7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNzBmYmIzZGIyMjg0MzdkNjA1Nzk5YWM0ZjQ1OThkMjJl
MTNlMWIwHhcNMjMwMTAyMDk0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmU5N2E4Mzg1YmM0NGM0MTZhNDk2YTQ5YjhhZTQyZWY4YjhhM2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeD9kvpi4gOFU5eRxeUNcJY0jtAi
M0CJA9JF8bhYLCCJraWmVUKKK4krtpONBI8dP/cbs6sxkGRCOUG3giGOyPulkq/e
k8kCfEYUaXwXnZGG28Q5ojRsRbiBahnFiYqiKfx2poFswLlfgIVsJriWKpwshXsv
apNPxrQPFLqNy3UFe07pYbWYKXlNxCfsDpmZ/18jHyCG1LVDieKakRCwmIOyz5g3
pqV5ZWq9JGS3yQFqsxdC+ab5cP2gs3jar27M/CDccJahY1dA8xavqdPfYSYnxy3J
eYDu18gauw8WW3qBxsCBcFMz7XGNH34DEhelnPLhtd5G2mEgzdV/AViPPwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIvpeoOFvETEFqSWpJuK5C74uKP/MB8GA1UdIwQY
MBaAFKpw+7PbIoQ31gV5msT0WY0i4T4bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW5EN3M5c2loRGZXQlhtYXhQUlpqU0xoUGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kOGUxODQtZTc5Yi00N2ZlLTk2ZGMt
NWJhNDIzNWNlNjE5LzEvaS1sNmc0VzhSTVFXcEpha200cmtMdmk0b184LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9kOGUxODQtZTc5Yi00N2ZlLTk2ZGMtNWJhNDIzNWNlNjE5
LzEvcW5EN3M5c2loRGZXQlhtYXhQUlpqU0xoUGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFUnUAAwQC
waioMA0EAgACMAcDBQMqA1SAMA0GCSqGSIb3DQEBCwUAA4IBAQCkA8ZVE+6SW9vT
sqcxT/2mPkqL3Z7PRkrZTZv5DDFTNrzi/sSUMrscOMqXdcnWaoutKbyHNoKa2Dff
1NxPa3ggFn1Gdneu2NJikB+g00mIsxSXMPfa5G3bcOBlKv8M400GZrCvzK6RmW5A
xMDzypkhkB79+Ks3Y3R1b+G1/VferrvynQQOnkxtFMc6GfHWso3j1hLYmY0J7Dsn
wqs0gF0zfU/pvtiZ6/5PZ1cJuooTUtkCrs1QXBEtNMisxUVlB8OYgK+hlUcP57pU
cFkG7zuUOWksMgEe09Yb21zk6UjDaACcRC6YzDgx1hHc1vCGyA/N9+imKt3M35Q+
IzPIavYJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:01 2024 by rpki-client on console-fra.rpki-client.org