Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/tO8htDp7ejUKiYQfcIe6Rowe7o8.roa
File: tO8htDp7ejUKiYQfcIe6Rowe7o8.roa (raw, json)
Hash identifier: fdWfkiBb96jYpPk4+6PiGjAzW+As4ZBww53dAvQmhyQ=
Subject key identifier: B4:EF:21:B4:3A:7B:7A:35:0A:89:84:1F:70:87:BA:46:8C:1E:EE:8F
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018C7C2FA4AFDE16B0B2CFC09F7C2C278917
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/tO8htDp7ejUKiYQfcIe6Rowe7o8.roa
Signing time: Mon 18 Dec 2023 09:09:06 +0000
ROA not before: Mon 18 Dec 2023 09:09:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 185.255.99.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
92.118.108.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:2f:a4:af:de:16:b0:b2:cf:c0:9f:7c:2c:27:89:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Dec 18 09:09:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4ef21b43a7b7a350a89841f7087ba468c1eee8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9e:df:4c:e8:c5:0b:ec:bf:f9:d7:6d:57:aa:
fd:d2:3d:66:00:67:9c:cf:9a:be:03:cd:e9:95:5d:
a7:15:c0:07:1e:cb:cc:93:b1:82:00:2b:f5:47:77:
1c:37:0e:04:e7:8f:85:df:b8:e1:36:61:ec:53:3c:
92:66:84:50:26:97:13:09:29:8e:1e:2b:e8:a2:0f:
bf:12:e5:b5:04:95:30:b4:4b:6e:ae:cd:fc:35:99:
46:58:1b:74:81:e8:5c:60:24:d0:3e:9a:03:e5:a9:
52:0f:bb:e9:8d:22:e9:61:cb:9a:f7:1e:0b:e7:0f:
b9:6a:b9:3c:74:bf:1f:26:b9:cb:33:41:6d:fc:8e:
4f:52:92:f9:90:11:01:0d:67:13:4b:bf:30:a9:99:
f5:63:77:5d:23:96:57:5d:81:99:b1:c4:df:4f:56:
48:d4:54:a3:70:6e:2a:a6:0f:f5:3a:63:e4:e8:c6:
58:01:15:14:0e:7e:6c:92:de:fe:b0:57:7b:1f:58:
c7:aa:1f:12:bd:2c:6c:c2:b8:bb:b0:c3:b9:c1:33:
df:ca:34:c0:fe:ef:76:20:79:54:bb:e8:66:a2:90:
a0:4c:2d:ff:2b:a8:b0:0a:67:58:a5:d2:80:bc:c6:
71:ad:47:9d:b7:10:6e:80:f2:18:72:70:95:ad:5d:
ea:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:EF:21:B4:3A:7B:7A:35:0A:89:84:1F:70:87:BA:46:8C:1E:EE:8F
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/tO8htDp7ejUKiYQfcIe6Rowe7o8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.108.0/24
185.255.99.0/24
194.180.238.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:f8:e8:64:b7:c3:65:bb:bb:3e:2c:cd:2d:3f:2d:e7:8b:51:
58:15:e7:00:8c:60:6c:24:ce:af:fb:5f:f4:ee:99:c0:dd:63:
03:13:bc:a0:d4:38:2d:27:c8:5a:24:fd:dc:1d:00:ef:c3:d0:
5c:f6:c7:a2:90:80:ab:d8:c2:3f:e7:73:a6:45:96:2b:01:59:
08:5f:b3:59:00:84:0e:65:47:43:da:15:d7:d4:42:e6:07:2c:
cf:95:41:1f:2b:e6:0c:84:26:d0:72:ed:94:3e:b6:6a:b3:ce:
9a:b1:74:d0:82:6e:dc:cf:a7:7c:c0:45:c4:2d:35:a9:82:d1:
40:a6:db:66:f6:6a:9d:10:3e:d6:e3:da:68:de:b1:dc:02:02:
9d:69:f7:b8:2d:05:0c:22:18:b9:a5:94:45:ac:ca:7e:22:49:
c4:d1:82:41:a6:62:91:96:ad:b8:f4:3e:d2:55:63:c8:e0:3a:
80:73:b6:9e:88:c7:72:fe:4a:da:cf:d9:9b:24:8b:d7:90:68:
3a:22:a9:d5:3e:20:5c:f9:40:31:7f:7c:93:53:5c:db:42:02:
ba:34:08:34:ae:1b:0b:7e:23:db:db:54:0f:49:75:95:2a:d6:
73:42:ae:be:0f:c2:c6:e1:b7:14:2c:89:df:c8:21:08:da:9b:
fc:69:71:05
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYx8L6Sv3hawss/An3wsJ4kXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMjE4MDkwOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGVmMjFiNDNhN2I3YTM1MGE4OTg0MWY3MDg3YmE0NjhjMWVlZThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJ7fTOjFC+y/+ddtV6r90j1mAGec
z5q+A83plV2nFcAHHsvMk7GCACv1R3ccNw4E54+F37jhNmHsUzySZoRQJpcTCSmO
Hivoog+/EuW1BJUwtEturs38NZlGWBt0gehcYCTQPpoD5alSD7vpjSLpYcua9x4L
5w+5ark8dL8fJrnLM0Ft/I5PUpL5kBEBDWcTS78wqZn1Y3ddI5ZXXYGZscTfT1ZI
1FSjcG4qpg/1OmPk6MZYARUUDn5skt7+sFd7H1jHqh8SvSxswri7sMO5wTPfyjTA
/u92IHlUu+hmopCgTC3/K6iwCmdYpdKAvMZxrUedtxBugPIYcnCVrV3qFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLTvIbQ6e3o1ComEH3CHukaMHu6PMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvdE84aHREcDdlalVLaVlRZmNJZTZSb3dlN284LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXHZsAwQA
uf9jAwQAwrTuMA0GCSqGSIb3DQEBCwUAA4IBAQCK+Ohkt8Nlu7s+LM0tPy3ni1FY
FecAjGBsJM6v+1/07pnA3WMDE7yg1DgtJ8haJP3cHQDvw9Bc9seikICr2MI/53Om
RZYrAVkIX7NZAIQOZUdD2hXX1ELmByzPlUEfK+YMhCbQcu2UPrZqs86asXTQgm7c
z6d8wEXELTWpgtFApttm9mqdED7W49po3rHcAgKdafe4LQUMIhi5pZRFrMp+IknE
0YJBpmKRlq249D7SVWPI4DqAc7aeiMdy/kraz9mbJIvXkGg6IqnVPiBc+UAxf3yT
U1zbQgK6NAg0rhsLfiPb21QPSXWVKtZzQq6+D8LG4bcULInfyCEI2pv8aXEF
-----END CERTIFICATE-----
Generated at Mon Dec 18 10:33:20 2023 by rpki-client on console-ams.rpki-client.org