Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ad0d6d-f949-46db-981f-b38d7f709d70/1/8Zw8_uADgzqpVC4A3fP4CgkcxZU.roa
File: 8Zw8_uADgzqpVC4A3fP4CgkcxZU.roa (raw, json)
Hash identifier: gRZWql34gaTAR+REBSHY22XgdtryG15Uqnax3dGggq4=
Subject key identifier: F1:9C:3C:FE:E0:03:83:3A:A9:54:2E:00:DD:F3:F8:0A:09:1C:C5:95
Certificate issuer: /CN=b0beed6ede9eb285bd2a6abb985adcdbe8f2779a
Certificate serial: 01856F949C0DD3AC9A137C385DE8A3C21A89
Authority key identifier: B0:BE:ED:6E:DE:9E:B2:85:BD:2A:6A:BB:98:5A:DC:DB:E8:F2:77:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sL7tbt6esoW9Kmq7mFrc2-jyd5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ad0d6d-f949-46db-981f-b38d7f709d70/1/8Zw8_uADgzqpVC4A3fP4CgkcxZU.roa
Signing time: Sun 01 Jan 2023 23:04:48 +0000
ROA not before: Sun 01 Jan 2023 23:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25540
IP address blocks: 131.117.201.0/24 maxlen: 24
131.117.202.0/24 maxlen: 24
131.117.203.0/24 maxlen: 24
131.117.204.0/24 maxlen: 24
131.117.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:31:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:9c:0d:d3:ac:9a:13:7c:38:5d:e8:a3:c2:1a:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0beed6ede9eb285bd2a6abb985adcdbe8f2779a
Validity
Not Before: Jan 1 23:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f19c3cfee003833aa9542e00ddf3f80a091cc595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1a:26:84:0e:ff:f5:78:9b:c3:09:0d:ce:7b:
43:f0:96:e4:2d:21:d2:e4:0d:cf:08:8f:ec:ab:c4:
74:70:52:8c:f1:8f:3e:46:db:e2:54:99:eb:ce:43:
95:31:8b:68:2b:fa:f1:bb:5f:c3:df:d0:87:e3:b2:
f8:85:f1:7b:15:40:e5:9a:aa:38:c8:b2:6a:a1:55:
b0:a6:3c:77:33:8d:da:43:e1:df:23:2a:2e:ac:0f:
33:b5:40:32:2f:97:8e:80:03:f5:e0:42:5a:7c:b4:
f7:db:cb:fc:3a:7f:94:66:a3:08:dc:13:b9:29:8c:
c3:39:9c:84:20:29:3e:67:62:59:86:cb:20:3c:1b:
28:e7:e8:4a:ed:84:25:94:51:cf:ce:04:2d:4b:1d:
92:95:5e:de:9f:16:6a:a7:80:4e:9d:b9:f0:14:40:
04:d0:82:07:e8:71:3e:28:26:95:bc:4f:be:4c:18:
c1:4b:31:27:ff:1e:94:f4:61:fd:c9:7e:f1:2e:6c:
16:94:0c:3f:1a:9d:6f:1f:43:36:ad:1d:ce:32:ac:
db:46:b8:02:f1:bd:8e:53:61:79:c9:f6:69:44:5b:
c8:00:2b:b1:b4:d1:e2:aa:0d:db:6f:83:94:45:96:
01:6a:ec:25:e8:1f:b7:5c:3e:3b:e7:57:ba:af:51:
06:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:9C:3C:FE:E0:03:83:3A:A9:54:2E:00:DD:F3:F8:0A:09:1C:C5:95
X509v3 Authority Key Identifier:
keyid:B0:BE:ED:6E:DE:9E:B2:85:BD:2A:6A:BB:98:5A:DC:DB:E8:F2:77:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sL7tbt6esoW9Kmq7mFrc2-jyd5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ad0d6d-f949-46db-981f-b38d7f709d70/1/8Zw8_uADgzqpVC4A3fP4CgkcxZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ad0d6d-f949-46db-981f-b38d7f709d70/1/sL7tbt6esoW9Kmq7mFrc2-jyd5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.117.200.0-131.117.204.255
Signature Algorithm: sha256WithRSAEncryption
75:16:ab:57:e7:1b:38:7b:c2:e1:e2:7f:a3:df:f8:5d:02:25:
f9:7f:b8:f2:40:93:c7:fc:f1:8e:62:fd:fe:25:4e:ae:17:a8:
02:5a:0f:c4:67:bb:ed:43:fc:c5:63:6e:9e:9f:f1:02:cf:ac:
01:1b:ca:f7:64:0e:1f:f8:65:4c:b9:cc:50:eb:a0:8f:a6:1d:
c3:a4:4c:54:7b:05:6c:7c:8e:34:32:fc:31:65:2a:20:cf:90:
36:b8:ea:ed:f1:79:9c:49:56:0e:6b:57:12:7e:97:60:02:ef:
22:16:58:da:07:13:d7:a8:73:f7:89:e7:e0:d3:05:03:74:25:
ed:85:c4:c5:90:8c:00:1e:9e:2f:b5:40:54:20:60:16:ce:24:
80:b4:1d:e7:40:e7:e9:59:a7:e3:8d:31:fc:a5:21:6f:42:e9:
13:76:e2:c0:4a:36:70:0d:c5:a1:1f:40:ef:b3:ae:7d:8d:f1:
7b:2b:86:d8:13:b5:7f:b9:43:69:8a:cc:f1:1f:41:16:b2:af:
b1:04:80:85:6d:ed:c3:66:3e:05:3a:e3:b9:92:09:b2:26:c7:
eb:1a:d3:dd:a9:55:ab:ca:32:c9:30:f8:c0:13:85:86:fa:8e:
c6:24:3b:c3:a1:e2:47:fa:53:e5:e1:b9:b6:a9:44:9f:8b:a7:
9b:c8:0d:a4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVvlJwN06yaE3w4XeijwhqJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYmVlZDZlZGU5ZWIyODViZDJhNmFiYjk4NWFkY2RiZThm
Mjc3OWEwHhcNMjMwMTAxMjMwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTljM2NmZWUwMDM4MzNhYTk1NDJlMDBkZGYzZjgwYTA5MWNjNTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRomhA7/9XibwwkNzntD8JbkLSHS
5A3PCI/sq8R0cFKM8Y8+RtviVJnrzkOVMYtoK/rxu1/D39CH47L4hfF7FUDlmqo4
yLJqoVWwpjx3M43aQ+HfIyourA8ztUAyL5eOgAP14EJafLT328v8On+UZqMI3BO5
KYzDOZyEICk+Z2JZhssgPBso5+hK7YQllFHPzgQtSx2SlV7enxZqp4BOnbnwFEAE
0IIH6HE+KCaVvE++TBjBSzEn/x6U9GH9yX7xLmwWlAw/Gp1vH0M2rR3OMqzbRrgC
8b2OU2F5yfZpRFvIACuxtNHiqg3bb4OURZYBauwl6B+3XD4751e6r1EGywIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPGcPP7gA4M6qVQuAN3z+AoJHMWVMB8GA1UdIwQY
MBaAFLC+7W7enrKFvSpqu5ha3Nvo8neaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0w3dGJ0NmVzb1c5S21xN21GcmMyLWp5ZDVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hZDBkNmQtZjk0OS00NmRiLTk4MWYt
YjM4ZDdmNzA5ZDcwLzEvOFp3OF91QURnenFwVkM0QTNmUDRDZ2tjeFpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hZDBkNmQtZjk0OS00NmRiLTk4MWYtYjM4ZDdmNzA5ZDcw
LzEvc0w3dGJ0NmVzb1c5S21xN21GcmMyLWp5ZDVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAODdcgD
BACDdcwwDQYJKoZIhvcNAQELBQADggEBAHUWq1fnGzh7wuHif6Pf+F0CJfl/uPJA
k8f88Y5i/f4lTq4XqAJaD8Rnu+1D/MVjbp6f8QLPrAEbyvdkDh/4ZUy5zFDroI+m
HcOkTFR7BWx8jjQy/DFlKiDPkDa46u3xeZxJVg5rVxJ+l2AC7yIWWNoHE9eoc/eJ
5+DTBQN0Je2FxMWQjAAeni+1QFQgYBbOJIC0HedA5+lZp+ONMfylIW9C6RN24sBK
NnANxaEfQO+zrn2N8XsrhtgTtX+5Q2mKzPEfQRayr7EEgIVt7cNmPgU647mSCbIm
x+sa092pVavKMskw+MAThYb6jsYkO8Oh4kf6U+XhubapRJ+Lp5vIDaQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:01 2024 by rpki-client on console-ams.rpki-client.org