Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/eb8i-4uUy3Rnpd2gHhFCypXdKjk.roa
File: eb8i-4uUy3Rnpd2gHhFCypXdKjk.roa (raw, json)
Hash identifier: +taWhNgy4xMyfCzuG0ANF8WTrvknNuBA4KDlnvOk30k=
Subject key identifier: 79:BF:22:FB:8B:94:CB:74:67:A5:DD:A0:1E:11:42:CA:95:DD:2A:39
Certificate issuer: /CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Certificate serial: 018CC794CDC859385F31FE65E98966AB33A2
Authority key identifier: A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/eb8i-4uUy3Rnpd2gHhFCypXdKjk.roa
Signing time: Tue 02 Jan 2024 00:31:07 +0000
ROA not before: Tue 02 Jan 2024 00:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29255
IP address blocks: 185.29.92.0/22 maxlen: 22
185.27.220.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 11 Nov 2024 19:45:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:cd:c8:59:38:5f:31:fe:65:e9:89:66:ab:33:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Validity
Not Before: Jan 2 00:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79bf22fb8b94cb7467a5dda01e1142ca95dd2a39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:04:57:5c:31:cc:01:14:db:a6:d1:23:5f:57:
10:59:e9:94:9a:f6:62:d8:15:08:2d:7a:39:1a:5c:
a6:86:45:69:1c:e4:e2:d2:13:c4:b2:27:4c:fd:db:
8f:9e:e3:ef:97:c5:cb:dc:e8:ab:e4:93:e5:54:bb:
51:fd:18:2c:04:3f:09:9c:e5:3d:7b:a2:81:e1:b7:
37:a6:2e:a5:95:32:dc:cf:72:19:fb:27:02:81:a9:
78:7e:05:c7:c6:72:b7:90:f7:63:14:79:24:c8:2e:
ae:ed:c0:dd:e8:2d:ec:1a:fe:87:34:cc:45:f1:46:
a8:34:73:05:90:cf:57:bc:0b:79:df:cb:ed:a6:fd:
b7:13:c2:8f:95:f2:6c:50:65:a7:2a:ae:55:9b:43:
a0:43:32:dd:96:82:aa:0e:1b:2a:93:f3:00:15:d2:
20:4b:ab:b4:55:66:dc:34:ce:c5:e6:8c:dd:f4:ba:
c0:89:07:e2:6a:a7:a3:8f:b9:60:99:03:a6:2d:21:
62:42:65:43:69:f4:4a:c1:c0:a7:da:7a:e6:60:ce:
1e:14:33:10:14:80:44:87:eb:11:f1:84:ad:7e:58:
54:8a:ff:f6:1f:7d:72:57:66:4d:44:dc:1c:84:15:
86:e9:e6:a9:59:69:1f:88:79:97:d2:b1:8c:28:c8:
33:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:BF:22:FB:8B:94:CB:74:67:A5:DD:A0:1E:11:42:CA:95:DD:2A:39
X509v3 Authority Key Identifier:
keyid:A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/eb8i-4uUy3Rnpd2gHhFCypXdKjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.220.0/22
185.29.92.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:c9:bf:6b:cb:87:43:75:a4:f8:8f:90:40:22:60:7f:15:f4:
18:ac:42:a5:09:d7:1f:9b:b2:dd:41:a7:31:97:5a:20:e8:fb:
be:34:9f:d0:1f:a6:46:c1:36:f4:fa:dd:44:97:29:18:c7:c7:
6e:22:a3:bc:5a:fc:4a:d1:b6:b2:41:01:ac:3f:a3:c0:01:26:
f3:1e:c8:8a:97:8c:fa:91:e3:5f:52:34:76:c7:20:9c:6e:b0:
47:60:b9:04:a6:6b:74:be:a3:4e:55:74:16:1d:36:8b:32:cf:
c6:8e:dd:66:14:fa:1e:bf:88:40:09:f1:1a:5e:da:ed:6d:ac:
13:bc:11:9c:3b:bb:9a:69:8c:ea:d1:cb:48:f8:ca:b6:32:00:
24:64:a0:19:01:af:0b:89:82:f0:ce:4a:77:79:35:4f:29:9d:
ca:24:08:ca:12:ed:63:03:a3:5b:0b:42:cc:ac:f9:7d:b4:9a:
e5:6f:8d:26:7e:60:d6:c4:59:11:8e:98:75:19:48:b6:e5:4b:
65:53:e4:93:2e:d2:ee:ca:b0:97:ee:3d:35:1e:89:a6:83:2b:
09:c0:1a:bf:42:b1:54:d5:4f:97:47:54:f1:f9:8c:be:ce:74:
9c:88:1d:c7:7e:fc:ac:09:f8:c2:63:87:33:fc:e4:45:83:80:
1e:e4:3c:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlM3IWThfMf5l6YlmqzOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2M2JjYzZkMjVmNzQ3NmZiYjNlYzMzZjZkYmMzZTllZWFk
OTIyMTIwHhcNMjQwMTAyMDAzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWJmMjJmYjhiOTRjYjc0NjdhNWRkYTAxZTExNDJjYTk1ZGQyYTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwRXXDHMARTbptEjX1cQWemUmvZi
2BUILXo5GlymhkVpHOTi0hPEsidM/duPnuPvl8XL3Oir5JPlVLtR/RgsBD8JnOU9
e6KB4bc3pi6llTLcz3IZ+ycCgal4fgXHxnK3kPdjFHkkyC6u7cDd6C3sGv6HNMxF
8UaoNHMFkM9XvAt538vtpv23E8KPlfJsUGWnKq5Vm0OgQzLdloKqDhsqk/MAFdIg
S6u0VWbcNM7F5ozd9LrAiQfiaqejj7lgmQOmLSFiQmVDafRKwcCn2nrmYM4eFDMQ
FIBEh+sR8YStflhUiv/2H31yV2ZNRNwchBWG6eapWWkfiHmX0rGMKMgzYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHm/IvuLlMt0Z6XdoB4RQsqV3So5MB8GA1UdIwQY
MBaAFKY7zG0l90dvuz7DP228Pp7q2SISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQt
NDkyNGZhMDAwYjdjLzEvZWI4aS00dVV5M1JucGQyZ0hoRkN5cFhkS2prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQtNDkyNGZhMDAwYjdj
LzEvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuRvcAwQC
uR1cMA0GCSqGSIb3DQEBCwUAA4IBAQAKyb9ry4dDdaT4j5BAImB/FfQYrEKlCdcf
m7LdQacxl1og6Pu+NJ/QH6ZGwTb0+t1ElykYx8duIqO8WvxK0bayQQGsP6PAASbz
HsiKl4z6keNfUjR2xyCcbrBHYLkEpmt0vqNOVXQWHTaLMs/Gjt1mFPoev4hACfEa
XtrtbawTvBGcO7uaaYzq0ctI+Mq2MgAkZKAZAa8LiYLwzkp3eTVPKZ3KJAjKEu1j
A6NbC0LMrPl9tJrlb40mfmDWxFkRjph1GUi25UtlU+STLtLuyrCX7j01HommgysJ
wBq/QrFU1U+XR1Tx+Yy+znSciB3HfvysCfjCY4cz/ORFg4Ae5DwZ
-----END CERTIFICATE-----
Generated at Mon Nov 11 21:27:32 2024 by rpki-client on console-ams.rpki-client.org