Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/C_BPhYT6ReJzvl8yaL2ivhrRc3c.roa
File: C_BPhYT6ReJzvl8yaL2ivhrRc3c.roa (raw, json)
Hash identifier: btD/Zkww+528CkLX8TQmAt4O7oSBDUZhnkPiAiUpMmA=
Subject key identifier: 0B:F0:4F:85:84:FA:45:E2:73:BE:5F:32:68:BD:A2:BE:1A:D1:73:77
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018C44F8920926A03A7F3B180D7C4663BFF8
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/C_BPhYT6ReJzvl8yaL2ivhrRc3c.roa
Signing time: Thu 07 Dec 2023 15:49:50 +0000
ROA not before: Thu 07 Dec 2023 15:49:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 185.255.99.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
92.118.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Dec 2023 09:44:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:44:f8:92:09:26:a0:3a:7f:3b:18:0d:7c:46:63:bf:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Dec 7 15:49:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0bf04f8584fa45e273be5f3268bda2be1ad17377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d2:20:67:8a:88:d1:0d:4b:52:e5:e1:58:7d:
d4:db:ef:40:fb:cc:43:6a:86:f8:89:cf:d7:bb:55:
53:bd:4f:19:ec:3f:ae:39:32:ab:c6:db:fd:3c:10:
e9:41:fb:60:a3:9f:46:2e:e5:e2:42:d6:62:bf:2e:
a0:38:c0:bd:6a:12:79:71:1f:35:1f:4e:69:d8:64:
14:f5:57:44:58:da:d6:dc:60:87:7c:50:c3:9c:27:
08:7f:46:14:c6:39:7f:05:4e:ab:55:a3:3f:66:d4:
73:4f:45:74:5e:1a:b3:2f:03:e3:4e:e0:b2:f0:84:
03:9d:05:8c:45:0c:25:bd:16:de:66:e4:e0:b9:70:
4b:e8:d6:1d:77:83:43:82:1c:62:3c:8e:71:7c:59:
66:15:5f:4d:32:e2:63:cf:ef:0b:01:e0:f0:86:cb:
17:e2:ad:7d:60:68:a4:26:65:03:1b:98:78:a4:d8:
65:08:fa:31:d9:31:0d:aa:bb:c1:06:f2:d7:03:dc:
f8:cd:93:df:ce:a2:db:0b:ca:dc:00:ee:44:e3:9f:
f3:de:ad:3c:d1:cc:8c:bb:ff:5f:67:bc:d9:b7:8c:
aa:03:7f:2f:8e:2e:39:65:1f:3f:83:e5:ea:67:82:
fa:e1:11:c5:8b:4b:aa:62:45:c9:ec:ab:2b:f7:b7:
48:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:F0:4F:85:84:FA:45:E2:73:BE:5F:32:68:BD:A2:BE:1A:D1:73:77
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/C_BPhYT6ReJzvl8yaL2ivhrRc3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.108.0/24
185.255.99.0/24
194.180.238.0/24
Signature Algorithm: sha256WithRSAEncryption
51:f2:62:5e:2f:79:cf:59:ed:26:9e:8b:d5:95:cd:8c:fa:d1:
af:cf:2a:c4:1c:f4:38:3a:3b:b9:e7:71:c9:98:bb:46:0f:8a:
5c:fc:aa:22:38:dc:a9:85:01:86:31:e7:cd:12:09:5b:70:ce:
37:33:b4:be:3b:e6:f4:23:66:18:9f:a5:ea:32:72:24:3d:6d:
d2:d6:b3:4f:39:86:73:09:ad:db:6e:14:ec:a6:cf:3d:7b:6f:
18:31:4d:48:1a:6f:fa:2b:93:49:01:08:b7:23:f1:4a:38:13:
12:54:c1:5e:b7:04:b7:fc:12:b8:6a:bc:07:d6:b8:89:2c:4e:
f4:4e:35:f5:4f:3e:bf:56:86:88:8b:af:db:60:f3:d8:a7:39:
bc:8e:99:08:d4:f2:25:46:f3:79:a9:a8:99:d6:b6:7f:5b:df:
87:6f:fa:9e:bc:58:d8:b2:ed:08:c8:85:cb:18:42:13:6d:5f:
53:4a:5b:ba:dc:74:5e:85:af:c3:17:0d:f1:37:e9:d5:04:9f:
4e:1e:3c:04:38:94:86:af:96:39:86:ff:5d:c8:5d:ac:e6:3a:
8d:a6:ad:89:2d:d8:53:bb:03:94:9b:4e:d8:7e:d4:b1:c8:cf:
1f:d2:2d:fb:df:c3:98:d0:c5:5c:ae:c2:7f:6a:f8:da:cc:76:
1f:bf:b8:6f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxE+JIJJqA6fzsYDXxGY7/4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMjA3MTU0OTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmYwNGY4NTg0ZmE0NWUyNzNiZTVmMzI2OGJkYTJiZTFhZDE3Mzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9IgZ4qI0Q1LUuXhWH3U2+9A+8xD
aob4ic/Xu1VTvU8Z7D+uOTKrxtv9PBDpQftgo59GLuXiQtZivy6gOMC9ahJ5cR81
H05p2GQU9VdEWNrW3GCHfFDDnCcIf0YUxjl/BU6rVaM/ZtRzT0V0XhqzLwPjTuCy
8IQDnQWMRQwlvRbeZuTguXBL6NYdd4NDghxiPI5xfFlmFV9NMuJjz+8LAeDwhssX
4q19YGikJmUDG5h4pNhlCPox2TENqrvBBvLXA9z4zZPfzqLbC8rcAO5E45/z3q08
0cyMu/9fZ7zZt4yqA38vji45ZR8/g+XqZ4L64RHFi0uqYkXJ7Ksr97dIbwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAvwT4WE+kXic75fMmi9or4a0XN3MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvQ19CUGhZVDZSZUp6dmw4eWFMMml2aHJSYzNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXHZsAwQA
uf9jAwQAwrTuMA0GCSqGSIb3DQEBCwUAA4IBAQBR8mJeL3nPWe0mnovVlc2M+tGv
zyrEHPQ4Oju553HJmLtGD4pc/KoiONyphQGGMefNEglbcM43M7S+O+b0I2YYn6Xq
MnIkPW3S1rNPOYZzCa3bbhTsps89e28YMU1IGm/6K5NJAQi3I/FKOBMSVMFetwS3
/BK4arwH1riJLE70TjX1Tz6/VoaIi6/bYPPYpzm8jpkI1PIlRvN5qaiZ1rZ/W9+H
b/qevFjYsu0IyIXLGEITbV9TSlu63HReha/DFw3xN+nVBJ9OHjwEOJSGr5Y5hv9d
yF2s5jqNpq2JLdhTuwOUm07YftSxyM8f0i3738OY0MVcrsJ/avjazHYfv7hv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org