Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/8e8227-cd20-4db8-a40e-6a3dfb47f8c4/1/8NrQxzz2OP9QFXtk1xSwpWBV6O8.roa
File: 8NrQxzz2OP9QFXtk1xSwpWBV6O8.roa (raw, json)
Hash identifier: 74d64ZgofXdr/iC/9SrRc9HIdle/Ndlxm+jiN+PkcuM=
Subject key identifier: F0:DA:D0:C7:3C:F6:38:FF:50:15:7B:64:D7:14:B0:A5:60:55:E8:EF
Certificate issuer: /CN=13c9fd37c7431ce6aa3c93a6952c67f0f0c9846e
Certificate serial: 018B3DB447263566BBBB2B861B164288CDFA
Authority key identifier: 13:C9:FD:37:C7:43:1C:E6:AA:3C:93:A6:95:2C:67:F0:F0:C9:84:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E8n9N8dDHOaqPJOmlSxn8PDJhG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/8e8227-cd20-4db8-a40e-6a3dfb47f8c4/1/8NrQxzz2OP9QFXtk1xSwpWBV6O8.roa
Signing time: Tue 17 Oct 2023 12:55:06 +0000
ROA not before: Tue 17 Oct 2023 12:55:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12835
IP address blocks: 185.38.252.0/22 maxlen: 22
46.226.200.0/21 maxlen: 21
77.72.192.0/21 maxlen: 21
109.205.104.0/21 maxlen: 21
194.105.48.0/21 maxlen: 24
37.128.136.0/21 maxlen: 24
2a00:10c8::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3d:b4:47:26:35:66:bb:bb:2b:86:1b:16:42:88:cd:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13c9fd37c7431ce6aa3c93a6952c67f0f0c9846e
Validity
Not Before: Oct 17 12:55:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0dad0c73cf638ff50157b64d714b0a56055e8ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:99:ed:9f:75:c1:1f:d5:4a:63:bc:b3:ae:e6:
a9:e4:24:b6:e0:ef:74:53:46:23:b8:57:7a:fd:d8:
43:73:d9:53:35:10:c0:6d:6b:bf:a4:f0:3b:57:6e:
69:b7:2c:b6:5b:f2:2f:a2:b2:7d:02:e8:e6:cf:ec:
8f:a7:a6:db:b2:d0:08:ea:a4:8c:3a:17:c1:34:e5:
db:dd:66:f0:cf:75:55:3c:f9:01:06:7a:44:a0:b0:
2c:35:a1:1a:5e:3b:72:f4:d4:64:87:d9:ec:fa:41:
77:4f:b4:15:f7:aa:d4:3a:f0:38:ec:d8:2a:fe:da:
29:56:4f:51:24:1b:d1:4b:16:d2:49:36:b9:14:60:
5e:f1:95:51:da:e4:8d:69:d8:78:f0:0d:62:83:8c:
88:56:cf:a0:b6:81:e4:da:80:01:de:34:e7:54:62:
31:33:e4:f0:23:46:37:98:f4:55:11:c0:98:37:40:
e8:3e:6d:79:4c:71:55:7d:1b:fc:ea:1e:30:15:00:
5f:1a:90:44:d2:b9:8b:90:5d:51:c4:3e:3a:b5:a6:
3c:28:99:77:f6:13:bb:bf:27:04:20:6c:d6:10:e0:
69:33:2c:d4:dc:2f:9a:bf:c3:70:f3:c6:8a:95:f9:
18:fd:8c:da:d4:d2:e1:d3:c2:2d:90:8d:38:fc:f7:
44:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:DA:D0:C7:3C:F6:38:FF:50:15:7B:64:D7:14:B0:A5:60:55:E8:EF
X509v3 Authority Key Identifier:
keyid:13:C9:FD:37:C7:43:1C:E6:AA:3C:93:A6:95:2C:67:F0:F0:C9:84:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E8n9N8dDHOaqPJOmlSxn8PDJhG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8e8227-cd20-4db8-a40e-6a3dfb47f8c4/1/8NrQxzz2OP9QFXtk1xSwpWBV6O8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8e8227-cd20-4db8-a40e-6a3dfb47f8c4/1/E8n9N8dDHOaqPJOmlSxn8PDJhG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.136.0/21
46.226.200.0/21
77.72.192.0/21
109.205.104.0/21
185.38.252.0/22
194.105.48.0/21
IPv6:
2a00:10c8::/32
Signature Algorithm: sha256WithRSAEncryption
3c:7b:97:ee:8c:9f:c7:e2:da:75:41:06:77:b3:85:e5:a4:b3:
4c:e5:2f:15:d9:e8:14:88:89:a5:64:fc:9a:7c:b2:4b:0b:cb:
ca:6c:23:f2:c3:95:7e:d9:cc:c5:83:06:1b:51:95:7e:8c:bf:
b0:a4:a2:ac:9f:9a:46:b3:40:33:86:e6:1e:24:f5:c1:77:0c:
32:5c:29:ea:80:56:bc:06:af:1e:53:90:81:b6:5f:7d:65:38:
ec:b8:e4:eb:2b:8e:97:09:65:9b:4d:15:ad:0e:56:2d:72:be:
48:c6:a4:1f:64:70:8e:59:1a:4e:ff:bf:0f:0f:d9:e9:cb:91:
74:fb:8d:ab:96:a8:ff:c0:0f:97:73:02:25:f8:5b:0f:cc:e5:
ac:27:7d:6c:c9:a3:12:b4:4d:82:53:f1:a3:03:ba:94:34:79:
0e:c3:f3:55:db:ec:80:14:54:70:fb:8b:6b:44:d3:9f:6c:9f:
9d:b2:48:11:c5:0f:4b:01:8b:91:43:77:5f:92:48:0e:83:46:
ab:73:f0:17:5d:b3:4a:85:9d:a1:f3:ce:50:5d:26:cf:4c:9a:
bf:19:6e:6c:49:e7:29:3b:8a:a9:5b:02:26:4c:3e:75:ce:8d:
ef:26:bf:b0:ee:90:57:66:38:55:c4:ea:f0:ce:4d:ca:6d:75:
b7:59:8c:bc
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYs9tEcmNWa7uyuGGxZCiM36MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYzlmZDM3Yzc0MzFjZTZhYTNjOTNhNjk1MmM2N2YwZjBj
OTg0NmUwHhcNMjMxMDE3MTI1NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGRhZDBjNzNjZjYzOGZmNTAxNTdiNjRkNzE0YjBhNTYwNTVlOGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJntn3XBH9VKY7yzruap5CS24O90
U0YjuFd6/dhDc9lTNRDAbWu/pPA7V25ptyy2W/IvorJ9Aujmz+yPp6bbstAI6qSM
OhfBNOXb3Wbwz3VVPPkBBnpEoLAsNaEaXjty9NRkh9ns+kF3T7QV96rUOvA47Ngq
/topVk9RJBvRSxbSSTa5FGBe8ZVR2uSNadh48A1ig4yIVs+gtoHk2oAB3jTnVGIx
M+TwI0Y3mPRVEcCYN0DoPm15THFVfRv86h4wFQBfGpBE0rmLkF1RxD46taY8KJl3
9hO7vycEIGzWEOBpMyzU3C+av8Nw88aKlfkY/Yza1NLh08ItkI04/PdE9wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPDa0Mc89jj/UBV7ZNcUsKVgVejvMB8GA1UdIwQY
MBaAFBPJ/TfHQxzmqjyTppUsZ/DwyYRuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRThuOU44ZERIT2FxUEpPbWxTeG44UERKaEc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC84ZTgyMjctY2QyMC00ZGI4LWE0MGUt
NmEzZGZiNDdmOGM0LzEvOE5yUXh6ejJPUDlRRlh0azF4U3dwV0JWNk84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC84ZTgyMjctY2QyMC00ZGI4LWE0MGUtNmEzZGZiNDdmOGM0
LzEvRThuOU44ZERIT2FxUEpPbWxTeG44UERKaEc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDJYCIAwQD
LuLIAwQDTUjAAwQDbc1oAwQCuSb8AwQDwmkwMA0EAgACMAcDBQAqABDIMA0GCSqG
SIb3DQEBCwUAA4IBAQA8e5fujJ/H4tp1QQZ3s4XlpLNM5S8V2egUiImlZPyafLJL
C8vKbCPyw5V+2czFgwYbUZV+jL+wpKKsn5pGs0AzhuYeJPXBdwwyXCnqgFa8Bq8e
U5CBtl99ZTjsuOTrK46XCWWbTRWtDlYtcr5IxqQfZHCOWRpO/78PD9npy5F0+42r
lqj/wA+XcwIl+FsPzOWsJ31syaMStE2CU/GjA7qUNHkOw/NV2+yAFFRw+4trRNOf
bJ+dskgRxQ9LAYuRQ3dfkkgOg0arc/AXXbNKhZ2h885QXSbPTJq/GW5sSecpO4qp
WwImTD51zo3vJr+w7pBXZjhVxOrwzk3KbXW3WYy8
-----END CERTIFICATE-----
Generated at Tue Oct 17 14:00:00 2023 by rpki-client on console-fra.rpki-client.org