Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/e8H-8USRBbYsPAqgGzuOFZUcaVs.roa
File: e8H-8USRBbYsPAqgGzuOFZUcaVs.roa (raw, json)
Hash identifier: Fr58gYadlARrsBGKF13aZdDdAJ7sd4mM+565r6uNdz8=
Subject key identifier: 7B:C1:FE:F1:44:91:05:B6:2C:3C:0A:A0:1B:3B:8E:15:95:1C:69:5B
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018C24189B1A5FF4CB04F832712C87D2B222
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/e8H-8USRBbYsPAqgGzuOFZUcaVs.roa
Signing time: Fri 01 Dec 2023 06:37:21 +0000
ROA not before: Fri 01 Dec 2023 06:37:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39855
IP address blocks: 193.110.161.0/24 maxlen: 24
194.55.128.0/24 maxlen: 24
91.229.5.0/24 maxlen: 24
195.60.170.0/24 maxlen: 24
217.8.116.0/24 maxlen: 24
45.85.247.0/24 maxlen: 24
193.201.202.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:24:18:9b:1a:5f:f4:cb:04:f8:32:71:2c:87:d2:b2:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Dec 1 06:37:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7bc1fef1449105b62c3c0aa01b3b8e15951c695b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5a:07:19:3f:3d:a3:82:8b:ed:79:3f:e0:a4:
ae:65:ee:16:3b:1e:0d:fd:ec:f7:2d:09:1d:31:6f:
4c:a8:5b:62:2e:64:a7:2e:50:bb:1e:4d:b8:ca:4d:
a5:72:74:e8:da:62:b6:79:b8:7b:9d:fb:f3:eb:7a:
21:df:46:a3:14:f9:8c:47:97:b3:08:7e:35:de:c0:
0c:87:79:2c:b8:70:11:9f:10:55:14:ad:39:ca:8b:
c4:62:ec:aa:40:1a:52:ab:54:fa:41:4a:e9:d5:bd:
c8:56:7b:40:21:8b:66:94:95:2f:ab:5c:bc:18:ad:
1f:69:5a:5c:ae:41:03:67:ba:fc:c0:77:e9:d7:74:
1a:7a:4b:42:13:19:0b:b9:31:3f:13:09:b3:8a:89:
aa:07:2c:50:86:80:ea:ec:ff:a1:d8:09:07:74:a8:
15:3d:51:b1:b2:1e:51:13:43:41:47:a0:1e:72:2f:
2c:31:ac:56:ac:18:e0:21:7e:86:76:5d:4d:04:5a:
15:11:3e:51:1b:10:10:a8:e8:29:2c:f9:72:09:27:
5a:d4:33:29:6d:13:67:fd:58:4e:8a:ac:96:e8:b9:
09:97:ff:63:4d:24:a9:0c:f5:21:5a:90:e4:a6:60:
6c:4e:e4:04:67:fb:ed:8a:49:60:73:ac:70:c1:95:
ee:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:C1:FE:F1:44:91:05:B6:2C:3C:0A:A0:1B:3B:8E:15:95:1C:69:5B
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/e8H-8USRBbYsPAqgGzuOFZUcaVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.247.0/24
91.229.5.0/24
193.110.161.0/24
193.201.202.0/24
194.55.128.0/24
195.60.170.0/24
217.8.116.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:e1:fa:a8:ef:37:f6:bb:b3:2b:05:36:ed:b5:de:9b:32:c5:
c0:26:0d:02:6f:48:13:b2:01:da:1f:5f:9c:89:b8:d0:08:40:
6f:f9:d3:7a:85:6f:d1:5a:35:3e:ff:82:df:42:c4:51:f0:e1:
09:cf:ba:bf:cd:dd:d5:75:01:cc:4f:15:70:86:9f:79:b8:fb:
04:2a:81:17:6a:5c:68:df:5f:96:5b:b6:60:fa:47:ba:9c:d2:
16:38:12:2b:8f:c8:81:7e:8f:17:2b:0a:69:20:db:65:c3:92:
7f:64:ee:fd:b9:e3:d1:b6:4b:0a:5b:86:c6:91:15:5d:ab:33:
85:32:59:5b:18:79:f5:e7:f2:9e:80:9b:96:18:bd:1a:66:8d:
a9:ae:c0:35:68:13:87:89:a0:b9:9a:ba:db:2e:f2:5e:d5:e0:
7f:ce:92:ae:a3:a6:c2:e3:f6:cd:bd:95:60:7a:f3:f5:f0:b3:
d2:f9:77:d6:22:f0:e1:ce:37:e8:55:e5:53:6f:f0:ee:6f:c6:
7a:e2:d3:be:40:29:be:db:96:77:7f:ed:87:28:6c:cc:cf:a4:
9b:2b:71:4d:38:15:c5:a8:cf:e5:bb:f0:76:7c:6e:74:91:ae:
f3:9f:be:bf:af:74:41:78:65:1c:83:22:41:25:00:9b:cd:d1:
44:c6:a7:b8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYwkGJsaX/TLBPgycSyH0rIiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMxMjAxMDYzNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmMxZmVmMTQ0OTEwNWI2MmMzYzBhYTAxYjNiOGUxNTk1MWM2OTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVoHGT89o4KL7Xk/4KSuZe4WOx4N
/ez3LQkdMW9MqFtiLmSnLlC7Hk24yk2lcnTo2mK2ebh7nfvz63oh30ajFPmMR5ez
CH413sAMh3ksuHARnxBVFK05yovEYuyqQBpSq1T6QUrp1b3IVntAIYtmlJUvq1y8
GK0faVpcrkEDZ7r8wHfp13QaektCExkLuTE/EwmziomqByxQhoDq7P+h2AkHdKgV
PVGxsh5RE0NBR6Aeci8sMaxWrBjgIX6Gdl1NBFoVET5RGxAQqOgpLPlyCSda1DMp
bRNn/VhOiqyW6LkJl/9jTSSpDPUhWpDkpmBsTuQEZ/vtiklgc6xwwZXuPwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHvB/vFEkQW2LDwKoBs7jhWVHGlbMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvZThILThVU1JCYllzUEFxZ0d6dU9GWlVjYVZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALVX3AwQA
W+UFAwQAwW6hAwQAwcnKAwQAwjeAAwQAwzyqAwQA2Qh0MA0GCSqGSIb3DQEBCwUA
A4IBAQCd4fqo7zf2u7MrBTbttd6bMsXAJg0Cb0gTsgHaH1+cibjQCEBv+dN6hW/R
WjU+/4LfQsRR8OEJz7q/zd3VdQHMTxVwhp95uPsEKoEXalxo31+WW7Zg+ke6nNIW
OBIrj8iBfo8XKwppINtlw5J/ZO79uePRtksKW4bGkRVdqzOFMllbGHn15/KegJuW
GL0aZo2prsA1aBOHiaC5mrrbLvJe1eB/zpKuo6bC4/bNvZVgevP18LPS+XfWIvDh
zjfoVeVTb/Dub8Z64tO+QCm+25Z3f+2HKGzMz6SbK3FNOBXFqM/lu/B2fG50ka7z
n76/r3RBeGUcgyJBJQCbzdFExqe4
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:18 2024 by rpki-client on console-ams.rpki-client.org