Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/u8Qd8hw2kxQmcNoXUseYRAXdUME.roa
File: u8Qd8hw2kxQmcNoXUseYRAXdUME.roa (raw, json)
Hash identifier: IKhrnwszV9WC/idxfMKHrjP1ra4DpNNS1zeKjXR0BpM=
Subject key identifier: BB:C4:1D:F2:1C:36:93:14:26:70:DA:17:52:C7:98:44:05:DD:50:C1
Certificate issuer: /CN=f8857ecf441e5ea1d7181fec7e97e6dbc1220fc2
Certificate serial: 018570796E827E3149BC5B61BDB6C5C740E6
Authority key identifier: F8:85:7E:CF:44:1E:5E:A1:D7:18:1F:EC:7E:97:E6:DB:C1:22:0F:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/u8Qd8hw2kxQmcNoXUseYRAXdUME.roa
Signing time: Mon 02 Jan 2023 03:14:44 +0000
ROA not before: Mon 02 Jan 2023 03:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56876
IP address blocks: 193.192.58.0/23 maxlen: 24
94.250.192.0/19 maxlen: 24
185.137.120.0/22 maxlen: 24
176.57.128.0/18 maxlen: 24
2a00:e440::/32 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:6e:82:7e:31:49:bc:5b:61:bd:b6:c5:c7:40:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8857ecf441e5ea1d7181fec7e97e6dbc1220fc2
Validity
Not Before: Jan 2 03:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbc41df21c3693142670da1752c7984405dd50c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:58:b3:a0:9c:13:93:9b:0e:57:5d:22:61:a1:
13:b7:af:ce:d1:f7:72:7e:10:e7:a7:2d:21:8e:59:
e1:3a:1a:78:fc:4c:84:60:1d:9c:91:65:f7:20:34:
4f:9c:88:6f:95:db:b6:d1:ae:33:71:d3:67:0c:0a:
ad:27:b6:b9:78:96:f0:be:41:5b:c5:90:f3:49:ec:
f6:08:d4:94:a6:6e:39:6f:44:2d:e0:00:34:0f:41:
66:48:c6:21:36:2a:89:cf:74:54:23:ac:9e:1e:a2:
96:0b:84:3f:3a:00:fc:32:27:56:09:a7:00:51:86:
1f:f8:1f:73:35:99:39:c5:9f:cb:e9:cc:05:b2:a2:
52:a9:33:8e:79:b0:e3:d6:38:91:cc:c2:9e:4f:63:
84:d7:0c:a0:5c:ef:f7:6e:db:53:2c:f3:ec:bf:16:
fa:99:9c:c8:58:ff:1a:3c:3c:36:79:ed:03:d4:89:
20:1b:4e:ea:87:5e:6d:7d:bb:70:72:ba:cf:02:95:
24:62:85:69:35:db:57:20:1e:50:12:1b:4c:e5:48:
2c:e2:8e:62:5d:e4:bb:d3:44:f3:ec:2b:25:54:c8:
72:4d:f9:53:2f:cc:fe:b0:7e:14:2c:e9:1a:50:c0:
e0:e2:10:29:5a:f2:36:ed:65:c6:25:c1:a4:3d:9c:
ce:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:C4:1D:F2:1C:36:93:14:26:70:DA:17:52:C7:98:44:05:DD:50:C1
X509v3 Authority Key Identifier:
keyid:F8:85:7E:CF:44:1E:5E:A1:D7:18:1F:EC:7E:97:E6:DB:C1:22:0F:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/u8Qd8hw2kxQmcNoXUseYRAXdUME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/1-IV-z0QeXqHXGB_sfpfm28EiD8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.250.192.0/19
176.57.128.0/18
185.137.120.0/22
193.192.58.0/23
IPv6:
2a00:e440::/32
Signature Algorithm: sha256WithRSAEncryption
ac:75:10:73:5b:9d:e9:1b:d6:c4:80:d0:21:c5:53:24:31:11:
59:58:a0:e2:35:f3:62:fe:0a:17:ff:aa:db:14:d2:65:bc:19:
1b:e0:2a:50:30:06:ad:cd:b0:94:2f:6e:01:26:3b:c0:8d:b9:
05:07:9a:53:89:98:63:8e:8d:35:b3:42:97:71:ba:00:b7:7e:
6a:6b:93:8f:40:a8:03:4d:99:3b:2d:29:06:d5:94:04:1a:1c:
bd:e0:0e:f8:5e:84:54:4d:b1:f4:ac:a0:35:62:78:b7:c5:48:
f3:83:59:1f:70:b7:53:19:22:b0:a0:b0:6c:cc:36:e6:6b:f4:
f2:30:ae:0b:a0:20:e5:0e:20:2a:9f:a2:e9:be:fc:87:20:67:
b2:78:31:b3:05:fb:3a:4d:42:01:55:e2:b1:11:d6:b2:81:de:
0b:0b:81:4e:c5:7c:0e:3c:08:7d:db:34:f5:4c:05:0f:6e:bb:
72:66:5e:39:d9:d9:7f:25:1a:3d:06:d4:32:e8:0b:70:4e:86:
49:cb:1a:93:47:49:d8:dc:bd:cb:d4:ad:71:c4:6f:d1:36:da:
28:80:5d:1d:64:8b:dc:be:1d:02:09:68:20:1b:06:ee:3f:18:
d7:ce:42:6d:1a:51:a8:8a:05:4d:87:04:03:eb:c1:64:e0:72:
f2:31:e9:8f
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVweW6CfjFJvFthvbbFx0DmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ODU3ZWNmNDQxZTVlYTFkNzE4MWZlYzdlOTdlNmRiYzEy
MjBmYzIwHhcNMjMwMTAyMDMxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmM0MWRmMjFjMzY5MzE0MjY3MGRhMTc1MmM3OTg0NDA1ZGQ1MGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVizoJwTk5sOV10iYaETt6/O0fdy
fhDnpy0hjlnhOhp4/EyEYB2ckWX3IDRPnIhvldu20a4zcdNnDAqtJ7a5eJbwvkFb
xZDzSez2CNSUpm45b0Qt4AA0D0FmSMYhNiqJz3RUI6yeHqKWC4Q/OgD8MidWCacA
UYYf+B9zNZk5xZ/L6cwFsqJSqTOOebDj1jiRzMKeT2OE1wygXO/3bttTLPPsvxb6
mZzIWP8aPDw2ee0D1IkgG07qh15tfbtwcrrPApUkYoVpNdtXIB5QEhtM5Ugs4o5i
XeS700Tz7CslVMhyTflTL8z+sH4ULOkaUMDg4hApWvI27WXGJcGkPZzOSQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFLvEHfIcNpMUJnDaF1LHmEQF3VDBMB8GA1UdIwQY
MBaAFPiFfs9EHl6h1xgf7H6X5tvBIg/CMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1JVi16MFFlWHFIWEdCX3NmcGZtMjhFaUQ4SS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEvYzg0OTc2LWQ1ZWEtNGU3Zi04ZWQz
LWE4OWY4MTc3NjQwNi8xL3U4UWQ4aHcya3hRbWNOb1hVc2VZUkFYZFVNRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmEvYzg0OTc2LWQ1ZWEtNGU3Zi04ZWQzLWE4OWY4MTc3NjQw
Ni8xLzEtSVYtejBRZVhxSFhHQl9zZnBmbTI4RWlEOEkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQAYIKwYBBQUHAQcBAf8EMTAvMB4EAgABMBgDBAVe+sAD
BAawOYADBAK5iXgDBAHBwDowDQQCAAIwBwMFACoA5EAwDQYJKoZIhvcNAQELBQAD
ggEBAKx1EHNbnekb1sSA0CHFUyQxEVlYoOI182L+Chf/qtsU0mW8GRvgKlAwBq3N
sJQvbgEmO8CNuQUHmlOJmGOOjTWzQpdxugC3fmprk49AqANNmTstKQbVlAQaHL3g
DvhehFRNsfSsoDVieLfFSPODWR9wt1MZIrCgsGzMNuZr9PIwrgugIOUOICqfoum+
/IcgZ7J4MbMF+zpNQgFV4rER1rKB3gsLgU7FfA48CH3bNPVMBQ9uu3JmXjnZ2X8l
Gj0G1DLoC3BOhknLGpNHSdjcvcvUrXHEb9E22iiAXR1ki9y+HQIJaCAbBu4/GNfO
Qm0aUaiKBU2HBAPrwWTgcvIx6Y8=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:35 2024 by rpki-client on console-ams.rpki-client.org