Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/5fe0df-b008-4e94-99c6-b22695c703a9/1/t8LWXLkOGL35bmyp57lV1P8DeMY.roa
File: t8LWXLkOGL35bmyp57lV1P8DeMY.roa (raw, json)
Hash identifier: YfLG8r3VTM6i1LJBcEE0mzXYzv8XcLMNgNjb2DFuZyI=
Subject key identifier: B7:C2:D6:5C:B9:0E:18:BD:F9:6E:6C:A9:E7:B9:55:D4:FF:03:78:C6
Certificate issuer: /CN=42267f5a6cf49bc43f2304de00f7705ec5b79fca
Certificate serial: 018CC94BEAE8C7CB27160218FDE726E72440
Authority key identifier: 42:26:7F:5A:6C:F4:9B:C4:3F:23:04:DE:00:F7:70:5E:C5:B7:9F:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QiZ_Wmz0m8Q_IwTeAPdwXsW3n8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/5fe0df-b008-4e94-99c6-b22695c703a9/1/t8LWXLkOGL35bmyp57lV1P8DeMY.roa
Signing time: Tue 02 Jan 2024 08:30:44 +0000
ROA not before: Tue 02 Jan 2024 08:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 193.8.58.0/23 maxlen: 23
193.8.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Feb 2024 12:21:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4b:ea:e8:c7:cb:27:16:02:18:fd:e7:26:e7:24:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42267f5a6cf49bc43f2304de00f7705ec5b79fca
Validity
Not Before: Jan 2 08:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7c2d65cb90e18bdf96e6ca9e7b955d4ff0378c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:85:0b:a9:10:a3:ca:4b:74:45:08:6c:be:b5:
eb:2c:0d:44:b2:03:5e:58:29:fd:ce:48:53:25:25:
08:05:d7:8f:cb:21:f4:bc:d5:b7:dc:e0:b7:e5:93:
fc:df:fd:d7:cc:62:a9:8b:9e:4b:60:03:c3:dc:c5:
7c:19:17:f3:1e:39:27:94:b8:ea:e0:30:a3:2c:1d:
b9:bb:56:20:04:89:1c:7f:00:37:25:15:62:f0:d3:
4d:86:8d:77:88:31:8f:d5:b9:bd:e4:ef:15:1c:87:
d4:a3:f8:a3:9a:57:48:d0:17:77:a3:3a:48:6a:63:
2b:23:70:68:54:52:76:a0:0c:50:44:94:ac:70:83:
9e:24:34:d8:6f:f4:14:f7:e0:68:33:f7:de:30:e3:
4d:64:42:8c:5f:5a:f3:9a:ad:a2:46:48:e0:67:b9:
34:7b:41:0e:86:c0:b1:56:f8:68:b0:3b:3b:d3:fa:
73:92:f9:ca:c5:48:dc:a9:58:9a:5a:f9:e9:fb:aa:
3a:71:07:06:80:ef:d0:af:f9:c4:40:30:dc:4a:8e:
ce:c8:22:d9:d3:b3:ee:e5:e2:db:1d:24:bf:2d:84:
16:1a:e5:a9:43:5e:53:9d:ce:eb:8c:cd:90:a2:f0:
26:5b:43:cd:63:8b:ee:53:ab:13:42:2e:96:88:be:
d1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:C2:D6:5C:B9:0E:18:BD:F9:6E:6C:A9:E7:B9:55:D4:FF:03:78:C6
X509v3 Authority Key Identifier:
keyid:42:26:7F:5A:6C:F4:9B:C4:3F:23:04:DE:00:F7:70:5E:C5:B7:9F:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QiZ_Wmz0m8Q_IwTeAPdwXsW3n8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5fe0df-b008-4e94-99c6-b22695c703a9/1/t8LWXLkOGL35bmyp57lV1P8DeMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5fe0df-b008-4e94-99c6-b22695c703a9/1/QiZ_Wmz0m8Q_IwTeAPdwXsW3n8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.58.0-193.8.60.255
Signature Algorithm: sha256WithRSAEncryption
7e:db:47:46:3c:67:8a:ad:ba:94:57:53:05:ee:3f:71:a8:61:
05:34:59:eb:32:22:68:c1:62:90:38:58:a6:32:09:eb:4a:0c:
31:b0:85:72:c0:0c:53:4b:8b:7d:eb:33:92:24:95:ed:d6:22:
26:c9:95:f5:1f:5e:fc:5e:5f:f1:96:a7:c0:4a:d2:4a:73:73:
8c:d3:64:30:7f:21:a7:dd:21:b7:28:26:41:14:3c:ab:f7:f0:
31:d1:dc:20:98:15:e7:30:0a:86:13:c6:36:a7:01:5a:83:70:
c6:d8:ac:34:21:53:e9:7d:22:29:a3:5a:06:fa:58:0a:49:98:
bd:98:d0:54:2a:e3:84:0f:37:35:c2:9b:f5:0a:69:cf:e3:ef:
9d:c1:d8:7d:fd:a6:ec:2a:f6:d3:2c:b6:8a:6f:e3:77:ce:2d:
6b:98:b7:11:a5:5f:a2:ac:5d:01:b5:7f:b5:ad:d9:d2:99:a0:
ae:68:6c:7f:a5:24:1c:0c:54:ba:d5:3f:0c:0c:65:e6:54:9a:
a5:ef:72:71:89:8e:d3:94:0f:c9:0c:d9:80:04:e2:f7:28:01:
a9:21:63:5c:41:d1:62:43:e9:12:c5:17:1f:f2:d9:55:82:52:
ae:3c:38:b8:14:ea:a2:83:de:13:bf:f0:e8:46:a1:d2:99:c4:
17:fc:85:77
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzJS+rox8snFgIY/ecm5yRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMjY3ZjVhNmNmNDliYzQzZjIzMDRkZTAwZjc3MDVlYzVi
NzlmY2EwHhcNMjQwMTAyMDgzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2MyZDY1Y2I5MGUxOGJkZjk2ZTZjYTllN2I5NTVkNGZmMDM3OGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4ULqRCjykt0RQhsvrXrLA1EsgNe
WCn9zkhTJSUIBdePyyH0vNW33OC35ZP83/3XzGKpi55LYAPD3MV8GRfzHjknlLjq
4DCjLB25u1YgBIkcfwA3JRVi8NNNho13iDGP1bm95O8VHIfUo/ijmldI0Bd3ozpI
amMrI3BoVFJ2oAxQRJSscIOeJDTYb/QU9+BoM/feMONNZEKMX1rzmq2iRkjgZ7k0
e0EOhsCxVvhosDs70/pzkvnKxUjcqViaWvnp+6o6cQcGgO/Qr/nEQDDcSo7OyCLZ
07Pu5eLbHSS/LYQWGuWpQ15Tnc7rjM2QovAmW0PNY4vuU6sTQi6WiL7RGQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLfC1ly5Dhi9+W5sqee5VdT/A3jGMB8GA1UdIwQY
MBaAFEImf1ps9JvEPyME3gD3cF7Ft5/KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWlaX1dtejBtOFFfSXdUZUFQZHdYc1czbjhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC81ZmUwZGYtYjAwOC00ZTk0LTk5YzYt
YjIyNjk1YzcwM2E5LzEvdDhMV1hMa09HTDM1Ym15cDU3bFYxUDhEZU1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC81ZmUwZGYtYjAwOC00ZTk0LTk5YzYtYjIyNjk1YzcwM2E5
LzEvUWlaX1dtejBtOFFfSXdUZUFQZHdYc1czbjhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHBCDoD
BADBCDwwDQYJKoZIhvcNAQELBQADggEBAH7bR0Y8Z4qtupRXUwXuP3GoYQU0Wesy
ImjBYpA4WKYyCetKDDGwhXLADFNLi33rM5Ikle3WIibJlfUfXvxeX/GWp8BK0kpz
c4zTZDB/IafdIbcoJkEUPKv38DHR3CCYFecwCoYTxjanAVqDcMbYrDQhU+l9Iimj
Wgb6WApJmL2Y0FQq44QPNzXCm/UKac/j753B2H39puwq9tMstopv43fOLWuYtxGl
X6KsXQG1f7Wt2dKZoK5obH+lJBwMVLrVPwwMZeZUmqXvcnGJjtOUD8kM2YAE4vco
AakhY1xB0WJD6RLFFx/y2VWCUq48OLgU6qKD3hO/8OhGodKZxBf8hXc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:58 2024 by rpki-client on console-fra.rpki-client.org