Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bd42ea-ebb6-4445-bd20-775da6aa3123/1/8qqLj1BjwF0PbwlnI2-eghkgtxw.roa
File: 8qqLj1BjwF0PbwlnI2-eghkgtxw.roa (raw, json)
Hash identifier: 6tXqGJVV2Zy2RfOvYJO32gbAVN3g9FIeO8i1Hk2ejwk=
Subject key identifier: F2:AA:8B:8F:50:63:C0:5D:0F:6F:09:67:23:6F:9E:82:19:20:B7:1C
Certificate issuer: /CN=8eacc7f3b218c492d88dbebc9cdcb9a2d2d30ed1
Certificate serial: 018571553457133FED4664DB49ABFA5870B8
Authority key identifier: 8E:AC:C7:F3:B2:18:C4:92:D8:8D:BE:BC:9C:DC:B9:A2:D2:D3:0E:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jqzH87IYxJLYjb68nNy5otLTDtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bd42ea-ebb6-4445-bd20-775da6aa3123/1/8qqLj1BjwF0PbwlnI2-eghkgtxw.roa
Signing time: Mon 02 Jan 2023 07:14:47 +0000
ROA not before: Mon 02 Jan 2023 07:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201860
IP address blocks: 185.60.237.0/24 maxlen: 24
185.60.238.0/24 maxlen: 24
185.60.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:34:57:13:3f:ed:46:64:db:49:ab:fa:58:70:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eacc7f3b218c492d88dbebc9cdcb9a2d2d30ed1
Validity
Not Before: Jan 2 07:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2aa8b8f5063c05d0f6f0967236f9e821920b71c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:47:bc:ef:54:f2:a7:9e:16:38:6e:10:1f:80:
f6:fe:99:04:00:50:dd:63:cf:5f:eb:a6:78:e9:8b:
54:41:78:55:35:d8:f2:bd:13:6d:d3:7e:e1:c8:85:
77:45:54:08:36:87:84:d7:cc:d3:07:c3:63:05:25:
0c:f5:49:bc:fb:4b:bb:78:d1:2b:e3:cc:ad:38:c1:
89:1e:27:a9:bf:b0:f2:19:e7:a2:6b:ba:c2:45:83:
20:24:2a:24:d5:2f:a2:c5:ec:4f:c1:5e:9f:cb:8c:
7c:9b:d6:47:40:ef:1a:7b:d7:41:2a:43:53:32:83:
f9:b6:63:49:50:bb:45:5c:73:d2:93:99:6e:cc:5a:
f4:e3:ff:ab:93:f9:31:e5:09:d7:c3:67:1a:8c:01:
75:c1:6c:02:05:20:13:3f:01:94:c1:9e:4c:0c:3e:
77:02:62:e5:af:af:8f:82:14:ae:a7:f9:f6:6b:0f:
82:30:fc:0b:eb:af:20:92:02:0d:d4:2c:87:fa:f2:
0f:65:c5:38:43:8f:1a:71:be:c8:3a:1b:b3:b5:3a:
5b:5d:91:76:67:f8:62:3c:8d:1f:fb:5c:f7:f8:70:
2c:67:e5:25:2b:61:2a:65:b7:fc:e7:42:df:7c:e8:
9f:1e:c8:24:f3:51:c3:a1:fe:25:c4:8a:af:f5:be:
6b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:AA:8B:8F:50:63:C0:5D:0F:6F:09:67:23:6F:9E:82:19:20:B7:1C
X509v3 Authority Key Identifier:
keyid:8E:AC:C7:F3:B2:18:C4:92:D8:8D:BE:BC:9C:DC:B9:A2:D2:D3:0E:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jqzH87IYxJLYjb68nNy5otLTDtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bd42ea-ebb6-4445-bd20-775da6aa3123/1/8qqLj1BjwF0PbwlnI2-eghkgtxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bd42ea-ebb6-4445-bd20-775da6aa3123/1/jqzH87IYxJLYjb68nNy5otLTDtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.237.0-185.60.239.255
Signature Algorithm: sha256WithRSAEncryption
76:82:ac:65:c8:f1:ea:7f:a0:9e:9c:69:1d:6a:59:90:74:38:
14:e8:64:29:7b:0d:36:6c:69:7d:17:8b:83:44:4e:c7:59:eb:
a5:8b:63:d0:5c:6d:32:05:78:4b:8b:bd:1b:da:d7:68:67:73:
4a:26:6b:57:67:51:e2:80:69:04:ee:b7:20:46:1d:ac:67:81:
25:39:a5:15:03:e5:3a:a1:b1:ae:41:45:ad:92:c7:65:e5:42:
cf:7e:3d:89:e0:ef:ad:18:6b:8f:62:ba:78:f7:82:bd:80:44:
89:0b:cc:b2:49:74:61:8b:a8:5b:15:b6:0e:3e:3e:9b:71:27:
b2:00:ea:33:e3:8b:a6:f0:31:87:20:60:7d:97:79:f3:79:08:
d5:16:92:b4:41:a3:24:95:24:d9:89:1f:3b:fb:69:41:5b:48:
5e:fd:0d:f2:e1:41:f8:2e:8b:d6:be:70:2f:08:7b:c7:1e:d2:
27:34:47:a8:08:f2:10:5d:e8:f1:29:89:1a:1d:fa:4e:b7:a9:
9c:20:39:8e:7e:1e:f2:7a:29:1f:8e:87:dc:51:5d:df:03:e0:
5b:74:05:b9:36:a4:5f:04:85:b2:62:5f:27:b5:22:55:54:a1:
4e:1d:6c:a4:42:56:6a:3d:47:2c:d6:c6:6b:32:b4:8a:0e:ad:
df:98:ff:46
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxVTRXEz/tRmTbSav6WHC4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYWNjN2YzYjIxOGM0OTJkODhkYmViYzljZGNiOWEyZDJk
MzBlZDEwHhcNMjMwMTAyMDcxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmFhOGI4ZjUwNjNjMDVkMGY2ZjA5NjcyMzZmOWU4MjE5MjBiNzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUe871Typ54WOG4QH4D2/pkEAFDd
Y89f66Z46YtUQXhVNdjyvRNt037hyIV3RVQINoeE18zTB8NjBSUM9Um8+0u7eNEr
48ytOMGJHiepv7DyGeeia7rCRYMgJCok1S+ixexPwV6fy4x8m9ZHQO8ae9dBKkNT
MoP5tmNJULtFXHPSk5luzFr04/+rk/kx5QnXw2cajAF1wWwCBSATPwGUwZ5MDD53
AmLlr6+PghSup/n2aw+CMPwL668gkgIN1CyH+vIPZcU4Q48acb7IOhuztTpbXZF2
Z/hiPI0f+1z3+HAsZ+UlK2EqZbf850LffOifHsgk81HDof4lxIqv9b5rkQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPKqi49QY8BdD28JZyNvnoIZILccMB8GA1UdIwQY
MBaAFI6sx/OyGMSS2I2+vJzcuaLS0w7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanF6SDg3SVl4SkxZamI2OG5OeTVvdExURHRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iZDQyZWEtZWJiNi00NDQ1LWJkMjAt
Nzc1ZGE2YWEzMTIzLzEvOHFxTGoxQmp3RjBQYndsbkkyLWVnaGtndHh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iZDQyZWEtZWJiNi00NDQ1LWJkMjAtNzc1ZGE2YWEzMTIz
LzEvanF6SDg3SVl4SkxZamI2OG5OeTVvdExURHRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5PO0D
BAS5POAwDQYJKoZIhvcNAQELBQADggEBAHaCrGXI8ep/oJ6caR1qWZB0OBToZCl7
DTZsaX0Xi4NETsdZ66WLY9BcbTIFeEuLvRva12hnc0oma1dnUeKAaQTutyBGHaxn
gSU5pRUD5Tqhsa5BRa2Sx2XlQs9+PYng760Ya49iunj3gr2ARIkLzLJJdGGLqFsV
tg4+PptxJ7IA6jPji6bwMYcgYH2XefN5CNUWkrRBoySVJNmJHzv7aUFbSF79DfLh
Qfgui9a+cC8Ie8ce0ic0R6gI8hBd6PEpiRod+k63qZwgOY5+HvJ6KR+Oh9xRXd8D
4Ft0Bbk2pF8EhbJiXye1IlVUoU4dbKRCVmo9RyzWxmsytIoOrd+Y/0Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:36 2024 by rpki-client on console-fra.rpki-client.org