Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/96jEzaTSjNgR6zigIvbU8eX_p9k.roa
File: 96jEzaTSjNgR6zigIvbU8eX_p9k.roa (raw, json)
Hash identifier: 8/tegsyut/m7/X2S61YlQqwcJnjIreafhLRjh59C6Pk=
Subject key identifier: F7:A8:C4:CD:A4:D2:8C:D8:11:EB:38:A0:22:F6:D4:F1:E5:FF:A7:D9
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018C44F89173E2823AFDEFFD5EACA46C49C0
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/96jEzaTSjNgR6zigIvbU8eX_p9k.roa
Signing time: Thu 07 Dec 2023 15:49:50 +0000
ROA not before: Thu 07 Dec 2023 15:49:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 185.255.99.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
92.118.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Dec 2023 09:09:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:44:f8:91:73:e2:82:3a:fd:ef:fd:5e:ac:a4:6c:49:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Dec 7 15:49:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7a8c4cda4d28cd811eb38a022f6d4f1e5ffa7d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1e:54:71:af:d9:a0:45:8a:48:99:e1:23:7a:
b5:8e:c4:8b:41:d5:29:96:a7:81:a3:54:94:35:83:
0f:3f:94:33:b3:91:88:ed:45:fd:45:97:91:19:a4:
38:c9:d2:19:08:8f:8c:7b:9f:73:b5:5b:e8:59:5b:
f1:cf:59:ba:15:b4:53:bb:3d:0b:bd:d3:24:66:d3:
f0:aa:4b:aa:53:b0:b2:8b:ec:04:05:32:60:6d:ee:
3c:79:b4:d7:03:5d:1d:51:dd:ef:d4:70:c1:ac:99:
cc:31:ca:e1:0d:e8:35:07:d4:e6:18:21:10:da:e1:
89:a7:cf:02:e0:7c:58:ec:78:f7:90:2c:ae:90:23:
02:39:df:0d:45:95:4e:52:cf:6f:27:63:04:9f:2a:
78:a0:62:ac:4a:95:d6:ca:a0:3d:92:5f:32:88:a4:
3b:04:59:18:61:81:e1:d1:72:48:b6:b3:82:23:53:
23:66:e8:b4:4a:12:a6:40:ae:d2:8a:fb:da:d0:c1:
69:77:db:db:b5:4a:b4:db:aa:3b:94:19:58:6c:2f:
c4:55:b1:4a:7a:e0:8c:06:db:32:74:37:9c:4b:00:
94:06:09:06:87:5e:d4:82:fb:4a:bd:3d:f9:7c:17:
f4:fa:a2:3c:bd:f7:e1:e4:2f:21:99:80:c3:53:18:
56:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:A8:C4:CD:A4:D2:8C:D8:11:EB:38:A0:22:F6:D4:F1:E5:FF:A7:D9
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/96jEzaTSjNgR6zigIvbU8eX_p9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.108.0/24
185.255.99.0/24
194.180.238.0/24
195.138.120.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:51:c1:13:f7:e5:9d:bb:94:ab:3c:26:74:0b:51:3d:ff:92:
29:be:ba:86:2f:bb:f6:b0:d1:fe:21:09:75:36:00:59:08:d4:
c5:1e:7d:fa:e8:07:9d:da:cc:92:40:6f:02:78:fd:75:13:38:
47:14:f9:9a:36:53:7a:8e:e5:c4:96:0c:9a:96:7f:0f:07:df:
94:76:e7:6d:89:3a:15:92:47:70:07:47:25:40:32:4f:74:9a:
22:9d:54:f6:29:d8:74:a5:3b:c8:54:65:ec:75:54:62:7e:09:
9b:47:14:ec:b0:97:7f:13:87:b4:a5:ec:36:7a:ea:fe:af:9e:
7b:87:f0:f0:8c:83:78:7f:01:62:db:55:2a:2b:37:05:2c:2f:
f0:37:f8:3e:36:64:22:c2:1b:b6:88:1b:7b:50:f2:7e:e0:18:
41:c0:a3:d7:37:49:db:d8:82:5e:b9:97:31:68:a4:e4:a2:ad:
14:f9:66:29:ea:a0:e2:08:38:e2:0c:a3:4e:95:59:e6:39:8f:
10:fc:e7:1b:96:36:e6:20:fe:7b:78:9e:8b:54:1e:29:ff:39:
92:ec:75:0f:11:dd:98:75:59:43:6f:2c:6e:70:3d:ce:ea:ad:
6f:ad:e4:c7:54:b4:67:b1:b9:88:55:d8:f8:7a:03:74:cc:b2:
e3:9d:34:e0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYxE+JFz4oI6/e/9XqykbEnAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMjA3MTU0OTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2E4YzRjZGE0ZDI4Y2Q4MTFlYjM4YTAyMmY2ZDRmMWU1ZmZhN2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApx5Uca/ZoEWKSJnhI3q1jsSLQdUp
lqeBo1SUNYMPP5Qzs5GI7UX9RZeRGaQ4ydIZCI+Me59ztVvoWVvxz1m6FbRTuz0L
vdMkZtPwqkuqU7Cyi+wEBTJgbe48ebTXA10dUd3v1HDBrJnMMcrhDeg1B9TmGCEQ
2uGJp88C4HxY7Hj3kCyukCMCOd8NRZVOUs9vJ2MEnyp4oGKsSpXWyqA9kl8yiKQ7
BFkYYYHh0XJItrOCI1MjZui0ShKmQK7Sivva0MFpd9vbtUq026o7lBlYbC/EVbFK
euCMBtsydDecSwCUBgkGh17UgvtKvT35fBf0+qI8vffh5C8hmYDDUxhWIQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPeoxM2k0ozYEes4oCL21PHl/6fZMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvOTZqRXphVFNqTmdSNnppZ0l2YlU4ZVhfcDlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXHZsAwQA
uf9jAwQAwrTuAwQAw4p4MA0GCSqGSIb3DQEBCwUAA4IBAQAaUcET9+Wdu5SrPCZ0
C1E9/5IpvrqGL7v2sNH+IQl1NgBZCNTFHn366Aed2sySQG8CeP11EzhHFPmaNlN6
juXElgyaln8PB9+UdudtiToVkkdwB0clQDJPdJoinVT2Kdh0pTvIVGXsdVRifgmb
RxTssJd/E4e0pew2eur+r557h/DwjIN4fwFi21UqKzcFLC/wN/g+NmQiwhu2iBt7
UPJ+4BhBwKPXN0nb2IJeuZcxaKTkoq0U+WYp6qDiCDjiDKNOlVnmOY8Q/Ocbljbm
IP57eJ6LVB4p/zmS7HUPEd2YdVlDbyxucD3O6q1vreTHVLRnsbmIVdj4egN0zLLj
nTTg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org