Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/d84a54-188f-4faf-9d45-6f21f4c751f3/1/e8gfWBGlloNTPQQMg58_A7fvUhk.roa
File: e8gfWBGlloNTPQQMg58_A7fvUhk.roa (raw, json)
Hash identifier: iLVOQAFrq5/yOR/cyeo+S/Ak4R4NJE//FptNqgKuQfs=
Subject key identifier: 7B:C8:1F:58:11:A5:96:83:53:3D:04:0C:83:9F:3F:03:B7:EF:52:19
Certificate issuer: /CN=39a3cebb811046a0966e9554d07e5d16b36dbf04
Certificate serial: 01856F42AFD5B1203A1B5251D48B9AB0821C
Authority key identifier: 39:A3:CE:BB:81:10:46:A0:96:6E:95:54:D0:7E:5D:16:B3:6D:BF:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OaPOu4EQRqCWbpVU0H5dFrNtvwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/d84a54-188f-4faf-9d45-6f21f4c751f3/1/e8gfWBGlloNTPQQMg58_A7fvUhk.roa
Signing time: Sun 01 Jan 2023 21:35:19 +0000
ROA not before: Sun 01 Jan 2023 21:35:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8943
IP address blocks: 185.98.212.0/22 maxlen: 22
2a06:ec0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 20 Oct 2023 14:54:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:af:d5:b1:20:3a:1b:52:51:d4:8b:9a:b0:82:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39a3cebb811046a0966e9554d07e5d16b36dbf04
Validity
Not Before: Jan 1 21:35:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7bc81f5811a59683533d040c839f3f03b7ef5219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5e:f4:20:57:fd:cb:68:5f:77:40:4e:91:1a:
d0:10:3c:cd:af:d1:19:75:3d:7b:f0:cd:c1:bc:d5:
08:51:7a:18:c7:5f:81:97:4d:0e:3b:fb:d9:24:7f:
af:b0:cf:a8:87:bc:2f:f8:a3:8c:20:db:7f:34:8d:
22:54:56:b2:d7:5b:82:c8:50:9f:90:47:af:7d:42:
36:f5:fa:d6:1e:ee:fa:9e:d6:1c:d6:84:6f:ca:62:
46:49:2e:e9:93:ec:8c:8f:fc:5d:03:c9:45:13:33:
14:74:a9:84:28:23:e2:70:d3:dd:4f:ab:d5:38:33:
b2:1a:4c:71:d8:ad:1e:f3:31:76:fe:95:59:73:4f:
e7:d1:a5:9a:1d:80:52:2d:9f:df:8c:bc:46:11:17:
37:bd:6e:4e:2b:98:8a:97:f3:4f:bc:b8:67:8d:bd:
67:c8:71:aa:19:4d:99:b3:74:93:31:da:24:ff:ec:
f5:83:01:22:2c:cf:ee:9b:54:e6:a7:db:8b:80:5c:
f1:8a:1c:3b:33:3e:5e:69:b6:4f:ac:a9:e0:d4:78:
94:c7:76:06:f4:2d:cb:b2:90:20:8e:a9:47:d8:1c:
38:e5:f0:b7:2c:07:95:81:8a:1f:60:d3:9a:7e:5a:
dc:88:37:3a:8f:b7:c2:c3:c6:a3:3f:4e:b7:b4:d1:
26:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:C8:1F:58:11:A5:96:83:53:3D:04:0C:83:9F:3F:03:B7:EF:52:19
X509v3 Authority Key Identifier:
keyid:39:A3:CE:BB:81:10:46:A0:96:6E:95:54:D0:7E:5D:16:B3:6D:BF:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OaPOu4EQRqCWbpVU0H5dFrNtvwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d84a54-188f-4faf-9d45-6f21f4c751f3/1/e8gfWBGlloNTPQQMg58_A7fvUhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d84a54-188f-4faf-9d45-6f21f4c751f3/1/OaPOu4EQRqCWbpVU0H5dFrNtvwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.212.0/22
IPv6:
2a06:ec0::/32
Signature Algorithm: sha256WithRSAEncryption
12:20:4e:26:cc:d5:02:d3:1a:db:10:ad:31:db:54:44:b6:4f:
3b:9d:32:92:4c:f8:23:34:82:14:96:85:d2:46:d8:ec:b4:7e:
bc:6e:37:b0:de:d4:56:0d:94:ff:13:58:5c:7d:73:e1:93:3f:
82:94:b6:c5:5a:9e:a7:6c:60:1d:e9:76:4d:6d:62:a9:d9:04:
01:fa:ca:7f:3d:84:96:8a:f2:6a:ef:f3:8c:84:69:bb:61:cc:
3a:80:b9:dd:4d:52:7b:c9:8b:03:cc:7f:bc:95:7d:f8:27:64:
e3:44:5a:cb:1d:97:06:f0:fa:fb:9b:a2:d4:93:f2:fe:6d:14:
b1:5b:28:fc:eb:87:cc:5f:e8:2f:00:52:6c:9d:3f:c2:41:e6:
8b:2c:da:cd:31:15:fc:1f:fc:21:a5:ad:9e:cc:fc:2f:c4:2e:
ac:a8:a2:34:c1:ae:bf:89:75:a8:59:ca:56:22:75:c6:6f:bb:
1e:e8:77:aa:ab:ae:8c:ef:89:66:1e:85:50:16:fa:33:fd:78:
21:66:69:a6:58:e1:d5:02:6e:9e:60:32:af:3b:a6:f9:06:59:
b2:e2:ce:3e:ae:2f:3b:cd:da:85:1e:e1:8b:d9:9e:fa:c3:40:
31:a3:3e:d6:60:e5:c2:fc:8d:72:88:aa:bf:95:a2:21:75:35:
c8:05:41:dd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvQq/VsSA6G1JR1IuasIIcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5YTNjZWJiODExMDQ2YTA5NjZlOTU1NGQwN2U1ZDE2YjM2
ZGJmMDQwHhcNMjMwMTAxMjEzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmM4MWY1ODExYTU5NjgzNTMzZDA0MGM4MzlmM2YwM2I3ZWY1MjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1F70IFf9y2hfd0BOkRrQEDzNr9EZ
dT178M3BvNUIUXoYx1+Bl00OO/vZJH+vsM+oh7wv+KOMINt/NI0iVFay11uCyFCf
kEevfUI29frWHu76ntYc1oRvymJGSS7pk+yMj/xdA8lFEzMUdKmEKCPicNPdT6vV
ODOyGkxx2K0e8zF2/pVZc0/n0aWaHYBSLZ/fjLxGERc3vW5OK5iKl/NPvLhnjb1n
yHGqGU2Zs3STMdok/+z1gwEiLM/um1Tmp9uLgFzxihw7Mz5eabZPrKng1HiUx3YG
9C3LspAgjqlH2Bw45fC3LAeVgYofYNOaflrciDc6j7fCw8ajP063tNEmBwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHvIH1gRpZaDUz0EDIOfPwO371IZMB8GA1UdIwQY
MBaAFDmjzruBEEaglm6VVNB+XRazbb8EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2FQT3U0RVFScUNXYnBWVTBINWRGck50dndRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9kODRhNTQtMTg4Zi00ZmFmLTlkNDUt
NmYyMWY0Yzc1MWYzLzEvZThnZldCR2xsb05UUFFRTWc1OF9BN2Z2VWhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9kODRhNTQtMTg4Zi00ZmFmLTlkNDUtNmYyMWY0Yzc1MWYz
LzEvT2FQT3U0RVFScUNXYnBWVTBINWRGck50dndRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWLUMA0E
AgACMAcDBQAqBg7AMA0GCSqGSIb3DQEBCwUAA4IBAQASIE4mzNUC0xrbEK0x21RE
tk87nTKSTPgjNIIUloXSRtjstH68bjew3tRWDZT/E1hcfXPhkz+ClLbFWp6nbGAd
6XZNbWKp2QQB+sp/PYSWivJq7/OMhGm7Ycw6gLndTVJ7yYsDzH+8lX34J2TjRFrL
HZcG8Pr7m6LUk/L+bRSxWyj864fMX+gvAFJsnT/CQeaLLNrNMRX8H/whpa2ezPwv
xC6sqKI0wa6/iXWoWcpWInXGb7se6Heqq66M74lmHoVQFvoz/XghZmmmWOHVAm6e
YDKvO6b5Blmy4s4+ri87zdqFHuGL2Z76w0Axoz7WYOXC/I1yiKq/laIhdTXIBUHd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:21 2024 by rpki-client on console-fra.rpki-client.org