Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/P8_Kr8_uhlD29DBXq3MDnH1YufE.roa
File: P8_Kr8_uhlD29DBXq3MDnH1YufE.roa (raw, json)
Hash identifier: O93Q0V3OunEGu508fKRUQj/FyZ5LR3QGfEGsZlNGjy0=
Subject key identifier: 3F:CF:CA:AF:CF:EE:86:50:F6:F4:30:57:AB:73:03:9C:7D:58:B9:F1
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 018CC26D1FF3AB3D1D183810315C28C2F8A1
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/P8_Kr8_uhlD29DBXq3MDnH1YufE.roa
Signing time: Mon 01 Jan 2024 00:29:40 +0000
ROA not before: Mon 01 Jan 2024 00:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57877
IP address blocks: 185.76.216.0/22 maxlen: 22
195.135.12.0/23 maxlen: 23
195.135.48.0/24 maxlen: 24
195.135.48.0/20 maxlen: 20
37.139.120.0/21 maxlen: 21
2a05:5cc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 28 Mar 2024 13:22:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:1f:f3:ab:3d:1d:18:38:10:31:5c:28:c2:f8:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Jan 1 00:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fcfcaafcfee8650f6f43057ab73039c7d58b9f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e4:35:af:69:73:7b:5b:81:5f:81:26:85:25:
74:19:18:5c:b9:bd:48:2f:81:a6:12:b8:1e:30:82:
2d:06:c7:89:c1:a7:76:47:30:e9:00:36:77:3a:be:
c9:d6:60:14:f9:1a:b1:24:d7:92:44:e7:88:21:29:
69:2f:27:97:b5:32:d5:cc:f7:2d:85:41:55:ba:14:
01:41:76:9c:ee:1c:1f:f7:bf:d0:ca:8f:f6:5f:ad:
2d:c4:f3:9e:80:83:a2:e6:85:71:d9:3e:f7:25:79:
00:60:06:3f:4b:a4:6b:bc:5c:04:1c:6e:f4:f7:bc:
b8:16:f9:c8:71:c9:0c:06:51:bd:5c:63:50:74:a5:
c9:42:b1:2f:ec:1a:7b:26:9b:86:e4:cf:90:37:0c:
fc:bd:dc:87:44:f3:0b:e1:32:83:60:56:2b:19:b5:
6f:73:49:57:79:5a:b2:76:57:52:55:c1:d3:97:b7:
92:01:38:0c:9e:60:64:b4:75:71:f6:af:35:ff:48:
75:a4:17:60:c4:b8:1e:d3:98:66:c2:cf:eb:fa:34:
32:29:16:05:66:02:78:63:d5:ab:42:03:3b:7c:7c:
4a:07:18:d1:97:e4:32:93:63:28:b0:74:3b:ab:dc:
04:01:cb:f3:be:82:b2:ec:87:21:cd:ed:0e:73:2d:
e5:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:CF:CA:AF:CF:EE:86:50:F6:F4:30:57:AB:73:03:9C:7D:58:B9:F1
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/P8_Kr8_uhlD29DBXq3MDnH1YufE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.120.0/21
185.76.216.0/22
195.135.12.0/23
195.135.48.0/20
IPv6:
2a05:5cc0::/29
Signature Algorithm: sha256WithRSAEncryption
1d:1c:86:a2:64:45:26:72:3e:ee:34:af:11:f5:4f:fb:8c:7c:
f1:9c:49:89:b9:79:c0:28:f7:df:66:61:6d:f0:73:c4:b4:55:
8c:c6:20:a5:48:bf:12:d0:aa:65:ce:39:1d:fa:b3:3c:75:9a:
f9:2a:ad:37:b0:54:b8:ad:5a:50:7a:1d:56:9d:bb:5b:1b:64:
bf:2a:30:3d:6c:a3:57:48:ba:e6:71:ad:59:cd:b1:b2:9c:f2:
47:a3:2b:a0:c2:1d:44:72:a4:09:4f:3a:7e:6d:c5:39:6e:2d:
3e:f3:ae:7b:e7:9d:6c:17:52:1f:2a:d8:f7:b3:ad:d1:36:ad:
5b:3b:5b:03:ec:a0:a2:a5:d7:af:81:72:70:e2:eb:98:1a:6d:
11:e6:89:fb:f3:de:ab:32:98:f9:58:46:a4:ee:33:8f:30:a7:
50:64:a9:7b:2b:d7:1f:ac:67:c1:11:38:89:4c:b0:eb:a0:dc:
c5:cc:cb:8b:f1:91:9b:60:85:97:36:b6:b1:d7:74:fe:4f:88:
83:45:43:b6:eb:4b:52:57:e7:b8:1f:fd:d5:63:fb:36:b5:57:
24:5b:7f:bb:34:ac:e1:fa:f7:f3:9a:bf:ce:2c:d7:0d:2a:c5:
ca:94:a8:35:1b:70:19:cc:83:a4:22:d5:17:48:bc:7a:e1:0a:
09:73:c0:88
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzCbR/zqz0dGDgQMVwowvihMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjQwMTAxMDAyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmNmY2FhZmNmZWU4NjUwZjZmNDMwNTdhYjczMDM5YzdkNThiOWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOQ1r2lze1uBX4EmhSV0GRhcub1I
L4GmErgeMIItBseJwad2RzDpADZ3Or7J1mAU+RqxJNeSROeIISlpLyeXtTLVzPct
hUFVuhQBQXac7hwf97/Qyo/2X60txPOegIOi5oVx2T73JXkAYAY/S6RrvFwEHG70
97y4FvnIcckMBlG9XGNQdKXJQrEv7Bp7JpuG5M+QNwz8vdyHRPML4TKDYFYrGbVv
c0lXeVqydldSVcHTl7eSATgMnmBktHVx9q81/0h1pBdgxLge05hmws/r+jQyKRYF
ZgJ4Y9WrQgM7fHxKBxjRl+Qyk2MosHQ7q9wEAcvzvoKy7Ichze0Ocy3lQwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFD/Pyq/P7oZQ9vQwV6tzA5x9WLnxMB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvUDhfS3I4X3VobEQyOURCWHEzTURuSDFZdWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDJYt4AwQC
uUzYAwQBw4cMAwQEw4cwMA0EAgACMAcDBQMqBVzAMA0GCSqGSIb3DQEBCwUAA4IB
AQAdHIaiZEUmcj7uNK8R9U/7jHzxnEmJuXnAKPffZmFt8HPEtFWMxiClSL8S0Kpl
zjkd+rM8dZr5Kq03sFS4rVpQeh1WnbtbG2S/KjA9bKNXSLrmca1ZzbGynPJHoyug
wh1EcqQJTzp+bcU5bi0+8657551sF1IfKtj3s63RNq1bO1sD7KCipdevgXJw4uuY
Gm0R5on7896rMpj5WEak7jOPMKdQZKl7K9cfrGfBETiJTLDroNzFzMuL8ZGbYIWX
Nrax13T+T4iDRUO260tSV+e4H/3VY/s2tVckW3+7NKzh+vfzmr/OLNcNKsXKlKg1
G3AZzIOkItUXSLx64QoJc8CI
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:37:21 2025 by rpki-client