Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/8513cd-aac7-466d-a031-84ccf3420286/1/8-L329dEKACPI_QsgWt1nSI7rdc.roa
File: 8-L329dEKACPI_QsgWt1nSI7rdc.roa (raw, json)
Hash identifier: 0VEfjy0OR2VtHvpvJJeNMQlyRWFz1+3p14q+RAeEd6g=
Subject key identifier: F3:E2:F7:DB:D7:44:28:00:8F:23:F4:2C:81:6B:75:9D:22:3B:AD:D7
Certificate issuer: /CN=421b4cd40bae47d48f51c9cccc607cce57ce00f7
Certificate serial: 01856C9CE4E79636CD33B084FFCB893DEE88
Authority key identifier: 42:1B:4C:D4:0B:AE:47:D4:8F:51:C9:CC:CC:60:7C:CE:57:CE:00:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QhtM1AuuR9SPUcnMzGB8zlfOAPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/8513cd-aac7-466d-a031-84ccf3420286/1/8-L329dEKACPI_QsgWt1nSI7rdc.roa
Signing time: Sun 01 Jan 2023 09:14:59 +0000
ROA not before: Sun 01 Jan 2023 09:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8368
IP address blocks: 185.39.152.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:e4:e7:96:36:cd:33:b0:84:ff:cb:89:3d:ee:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=421b4cd40bae47d48f51c9cccc607cce57ce00f7
Validity
Not Before: Jan 1 09:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3e2f7dbd74428008f23f42c816b759d223badd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e2:9c:db:24:a0:90:4f:99:81:ca:83:17:f8:
47:c8:36:ba:c5:f3:20:ec:66:4b:2f:ec:fc:b6:77:
e7:87:f2:ce:69:d2:fc:36:b6:2b:be:6d:a2:7b:07:
70:86:58:1b:21:3e:21:91:66:c1:dd:d0:f6:90:75:
15:00:10:6d:73:f6:e3:58:0b:c3:06:a8:2a:30:d8:
3b:12:ce:3b:b0:33:a0:c3:ac:e3:06:fd:b8:d6:7d:
a5:75:88:c3:e4:ca:df:c4:e3:f3:7c:f8:5c:f7:e4:
27:70:b0:02:f4:44:53:e7:b1:08:0d:25:ca:4c:78:
fb:4a:66:03:ae:ef:47:b8:a0:44:f8:b4:9b:c1:e4:
6a:6d:00:5c:c7:86:17:fe:41:f9:da:fa:b0:3c:0b:
ed:80:76:3a:84:67:ee:b1:d8:62:44:0d:74:fe:81:
b2:45:a4:9c:30:ae:8a:06:52:dc:cc:30:60:b5:b9:
5b:bd:d5:df:ee:0b:b1:dd:f8:ea:51:c7:ba:7d:88:
a3:ca:2f:2e:ed:60:d7:83:37:04:ce:82:bf:63:04:
c3:c8:d6:7f:4e:2e:97:70:29:7b:19:76:4d:74:df:
c6:8c:ae:4e:80:9b:f3:65:23:37:8a:86:1b:3c:02:
b5:e8:b1:8a:d8:cf:50:47:f6:af:97:91:39:54:05:
f3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:E2:F7:DB:D7:44:28:00:8F:23:F4:2C:81:6B:75:9D:22:3B:AD:D7
X509v3 Authority Key Identifier:
keyid:42:1B:4C:D4:0B:AE:47:D4:8F:51:C9:CC:CC:60:7C:CE:57:CE:00:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhtM1AuuR9SPUcnMzGB8zlfOAPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/8513cd-aac7-466d-a031-84ccf3420286/1/8-L329dEKACPI_QsgWt1nSI7rdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/8513cd-aac7-466d-a031-84ccf3420286/1/QhtM1AuuR9SPUcnMzGB8zlfOAPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.152.0/22
Signature Algorithm: sha256WithRSAEncryption
31:3e:be:3c:87:bf:d5:fb:46:89:fa:d6:0d:4e:6d:89:5e:cd:
3c:b3:e9:d0:7d:f1:49:87:77:f4:7e:3b:73:96:b3:fc:e8:30:
0f:6a:f1:c4:f7:69:f6:fc:f1:95:92:93:e0:50:a2:69:f3:22:
76:dd:dc:14:81:56:93:16:7c:a6:20:72:35:90:7a:96:59:88:
60:ef:b5:62:1c:14:93:23:64:13:06:23:13:1a:7e:11:07:80:
f0:b4:09:6f:05:a5:4b:7c:b7:58:fa:83:5b:08:5b:6c:0f:11:
bb:e0:2f:1a:82:9e:45:16:bf:72:66:b8:2d:79:03:3a:58:9b:
33:b5:94:bd:b9:dd:9c:68:63:a9:65:d2:05:2f:ee:a2:e5:22:
a5:84:30:ed:49:37:98:42:26:ef:15:8c:db:ba:27:8b:8a:e1:
57:a8:be:82:a0:2d:32:47:fe:c6:fc:72:ab:6f:c4:56:0e:2d:
a0:4f:16:69:f9:94:80:45:78:95:28:ce:da:c6:cf:e9:34:bc:
9d:a5:de:d8:76:c4:04:a6:1a:94:f7:61:61:00:db:5a:11:cb:
a1:49:2f:63:64:fb:ea:66:14:37:83:1b:e7:af:1c:18:b1:a1:
17:8a:af:d5:10:cc:17:dc:62:a2:33:f0:67:c1:56:c2:44:30:
79:f6:19:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsnOTnljbNM7CE/8uJPe6IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMWI0Y2Q0MGJhZTQ3ZDQ4ZjUxYzljY2NjNjA3Y2NlNTdj
ZTAwZjcwHhcNMjMwMTAxMDkxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2UyZjdkYmQ3NDQyODAwOGYyM2Y0MmM4MTZiNzU5ZDIyM2JhZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeKc2ySgkE+ZgcqDF/hHyDa6xfMg
7GZLL+z8tnfnh/LOadL8NrYrvm2iewdwhlgbIT4hkWbB3dD2kHUVABBtc/bjWAvD
BqgqMNg7Es47sDOgw6zjBv241n2ldYjD5MrfxOPzfPhc9+QncLAC9ERT57EIDSXK
THj7SmYDru9HuKBE+LSbweRqbQBcx4YX/kH52vqwPAvtgHY6hGfusdhiRA10/oGy
RaScMK6KBlLczDBgtblbvdXf7gux3fjqUce6fYijyi8u7WDXgzcEzoK/YwTDyNZ/
Ti6XcCl7GXZNdN/GjK5OgJvzZSM3ioYbPAK16LGK2M9QR/avl5E5VAXzMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPPi99vXRCgAjyP0LIFrdZ0iO63XMB8GA1UdIwQY
MBaAFEIbTNQLrkfUj1HJzMxgfM5XzgD3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWh0TTFBdXVSOVNQVWNuTXpHQjh6bGZPQVBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84NTEzY2QtYWFjNy00NjZkLWEwMzEt
ODRjY2YzNDIwMjg2LzEvOC1MMzI5ZEVLQUNQSV9Rc2dXdDFuU0k3cmRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84NTEzY2QtYWFjNy00NjZkLWEwMzEtODRjY2YzNDIwMjg2
LzEvUWh0TTFBdXVSOVNQVWNuTXpHQjh6bGZPQVBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSeYMA0G
CSqGSIb3DQEBCwUAA4IBAQAxPr48h7/V+0aJ+tYNTm2JXs08s+nQffFJh3f0fjtz
lrP86DAPavHE92n2/PGVkpPgUKJp8yJ23dwUgVaTFnymIHI1kHqWWYhg77ViHBST
I2QTBiMTGn4RB4DwtAlvBaVLfLdY+oNbCFtsDxG74C8agp5FFr9yZrgteQM6WJsz
tZS9ud2caGOpZdIFL+6i5SKlhDDtSTeYQibvFYzbuieLiuFXqL6CoC0yR/7G/HKr
b8RWDi2gTxZp+ZSARXiVKM7axs/pNLydpd7YdsQEphqU92FhANtaEcuhSS9jZPvq
ZhQ3gxvnrxwYsaEXiq/VEMwX3GKiM/BnwVbCRDB59hnd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:08 2024 by rpki-client on console-ams.rpki-client.org