Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/8msY_sriRRJ1uxLUydlY5brtP78.roa
File: 8msY_sriRRJ1uxLUydlY5brtP78.roa (raw, json)
Hash identifier: JMbMGsw+hqfFZhDguMFIaA6J1aJrOL+dQUDfYLMlfDY=
Subject key identifier: F2:6B:18:FE:CA:E2:45:12:75:BB:12:D4:C9:D9:58:E5:BA:ED:3F:BF
Certificate issuer: /CN=d10d5b30b46c7b97b2dbc4589cea3622ad756156
Certificate serial: 01856F8B768FADE5A4E67991434F3B6E2E64
Authority key identifier: D1:0D:5B:30:B4:6C:7B:97:B2:DB:C4:58:9C:EA:36:22:AD:75:61:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Q1bMLRse5ey28RYnOo2Iq11YVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/8msY_sriRRJ1uxLUydlY5brtP78.roa
Signing time: Sun 01 Jan 2023 22:54:48 +0000
ROA not before: Sun 01 Jan 2023 22:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15830
IP address blocks: 87.108.0.0/16 maxlen: 16
217.64.176.0/20 maxlen: 20
194.187.212.0/22 maxlen: 22
82.133.128.0/17 maxlen: 17
81.17.200.0/21 maxlen: 21
109.75.232.0/21 maxlen: 21
81.90.64.0/20 maxlen: 20
2001:a68::/32 maxlen: 48
2a00:16a0::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:76:8f:ad:e5:a4:e6:79:91:43:4f:3b:6e:2e:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d10d5b30b46c7b97b2dbc4589cea3622ad756156
Validity
Not Before: Jan 1 22:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f26b18fecae2451275bb12d4c9d958e5baed3fbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:df:d5:67:59:24:e4:3f:52:a5:8e:f4:dc:b9:
a0:29:2b:21:64:19:61:1a:4c:6d:d9:62:60:35:61:
0e:a7:88:91:a8:fe:05:ef:e4:69:f4:af:c6:80:d4:
90:e5:fd:04:07:a1:f4:f2:75:f2:93:7a:00:67:c4:
0d:eb:be:c6:1b:4e:a2:4d:49:06:44:e4:e9:cd:62:
4f:e3:c0:b5:de:00:b8:cd:de:89:87:c5:11:94:c5:
7b:9b:a7:a9:b6:22:3d:5f:39:69:f9:fe:bf:fb:de:
57:66:40:7c:0c:15:28:70:bf:87:d8:e9:04:c2:7c:
40:4d:b6:7d:1d:fb:03:cf:b5:9c:c6:11:7f:07:3b:
81:49:02:c8:b8:50:6c:fc:a6:f7:d9:ac:00:e6:59:
62:78:5c:97:b3:2d:af:51:a2:02:c9:b5:30:fa:12:
67:b8:66:4a:e2:eb:d8:75:25:c7:2f:30:d3:74:58:
6e:bc:06:f4:08:6b:48:fa:a7:af:80:66:92:68:31:
b2:cb:85:0c:26:6e:62:ea:26:52:e6:67:c2:24:3a:
17:d0:14:05:29:b5:2d:48:b0:87:a9:1c:51:0a:5b:
20:b7:f7:43:7a:9f:2a:ad:50:41:40:ef:36:30:bb:
08:3f:1e:a9:dd:79:44:6b:88:9e:57:e4:81:8a:cb:
93:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:6B:18:FE:CA:E2:45:12:75:BB:12:D4:C9:D9:58:E5:BA:ED:3F:BF
X509v3 Authority Key Identifier:
keyid:D1:0D:5B:30:B4:6C:7B:97:B2:DB:C4:58:9C:EA:36:22:AD:75:61:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Q1bMLRse5ey28RYnOo2Iq11YVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/8msY_sriRRJ1uxLUydlY5brtP78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/0Q1bMLRse5ey28RYnOo2Iq11YVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.17.200.0/21
81.90.64.0/20
82.133.128.0/17
87.108.0.0/16
109.75.232.0/21
194.187.212.0/22
217.64.176.0/20
IPv6:
2001:a68::/32
2a00:16a0::/32
Signature Algorithm: sha256WithRSAEncryption
8c:3b:8d:e4:90:8b:cc:34:2d:6c:b2:7f:91:20:50:d7:29:7e:
25:7a:f3:2d:7f:88:eb:38:12:27:d1:32:0d:9c:7e:42:32:2a:
40:f0:32:42:7b:08:b8:38:15:cf:bd:32:58:02:24:86:1c:5d:
44:dc:09:7d:17:47:1c:08:f6:c9:50:2d:36:4d:9c:4a:b4:df:
87:be:d8:51:44:18:ae:4b:4e:9f:1e:8a:43:05:18:01:1d:af:
53:ec:fb:a0:58:60:53:e4:70:f9:df:4a:30:ef:07:2d:4b:66:
76:86:76:4d:a1:c0:04:35:d9:a3:c8:0d:a6:cf:17:15:62:78:
11:5f:17:10:06:26:59:2c:0d:ba:dc:68:e6:58:b6:d0:e0:c2:
6c:fb:29:14:aa:ac:1e:73:bc:8b:f5:d0:bf:6c:b2:c4:ed:53:
eb:be:85:e5:a5:29:e8:42:9a:76:51:37:a6:33:6e:1b:eb:d9:
eb:c2:fd:85:4a:fd:49:9a:fb:73:70:59:25:a2:a1:98:56:a2:
82:de:0a:c8:cb:e2:66:c1:9e:66:2c:ca:c6:4f:87:4b:12:33:
e2:ea:88:80:12:0a:ef:5a:85:a9:dc:84:12:62:99:29:7f:30:
70:21:d0:fd:44:91:f5:b9:37:a0:f8:03:63:6e:8b:24:e3:93:
50:33:cb:c8
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVvi3aPreWk5nmRQ087bi5kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMGQ1YjMwYjQ2YzdiOTdiMmRiYzQ1ODljZWEzNjIyYWQ3
NTYxNTYwHhcNMjMwMTAxMjI1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjZiMThmZWNhZTI0NTEyNzViYjEyZDRjOWQ5NThlNWJhZWQzZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAit/VZ1kk5D9SpY703LmgKSshZBlh
Gkxt2WJgNWEOp4iRqP4F7+Rp9K/GgNSQ5f0EB6H08nXyk3oAZ8QN677GG06iTUkG
ROTpzWJP48C13gC4zd6Jh8URlMV7m6eptiI9Xzlp+f6/+95XZkB8DBUocL+H2OkE
wnxATbZ9HfsDz7WcxhF/BzuBSQLIuFBs/Kb32awA5llieFyXsy2vUaICybUw+hJn
uGZK4uvYdSXHLzDTdFhuvAb0CGtI+qevgGaSaDGyy4UMJm5i6iZS5mfCJDoX0BQF
KbUtSLCHqRxRClsgt/dDep8qrVBBQO82MLsIPx6p3XlEa4ieV+SBisuT7QIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFPJrGP7K4kUSdbsS1MnZWOW67T+/MB8GA1UdIwQY
MBaAFNENWzC0bHuXstvEWJzqNiKtdWFWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFExYk1MUnNlNWV5MjhSWW5PbzJJcTExWVZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS83MjU2ZWMtYzM0Ni00YjI5LWI3ZjUt
M2U0MGQwMTc0MGIyLzEvOG1zWV9zcmlSUkoxdXhMVXlkbFk1YnJ0UDc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS83MjU2ZWMtYzM0Ni00YjI5LWI3ZjUtM2U0MGQwMTc0MGIy
LzEvMFExYk1MUnNlNWV5MjhSWW5PbzJJcTExWVZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzAvBAIAATApAwQDURHIAwQE
UVpAAwQHUoWAAwMAV2wDBANtS+gDBALCu9QDBATZQLAwFAQCAAIwDgMFACABCmgD
BQAqABagMA0GCSqGSIb3DQEBCwUAA4IBAQCMO43kkIvMNC1ssn+RIFDXKX4levMt
f4jrOBIn0TINnH5CMipA8DJCewi4OBXPvTJYAiSGHF1E3Al9F0ccCPbJUC02TZxK
tN+HvthRRBiuS06fHopDBRgBHa9T7PugWGBT5HD530ow7wctS2Z2hnZNocAENdmj
yA2mzxcVYngRXxcQBiZZLA263GjmWLbQ4MJs+ykUqqwec7yL9dC/bLLE7VPrvoXl
pSnoQpp2UTemM24b69nrwv2FSv1JmvtzcFkloqGYVqKC3grIy+JmwZ5mLMrGT4dL
EjPi6oiAEgrvWoWp3IQSYpkpfzBwIdD9RJH1uTeg+ANjbosk45NQM8vI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:32 2024 by rpki-client on console-fra.rpki-client.org