Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/8R40ILnqR7hGZLKQP4nRs8ET9x8.roa
File: 8R40ILnqR7hGZLKQP4nRs8ET9x8.roa (raw, json)
Hash identifier: 5aDeg/rpu5SmBC/Gdre/7nlbtzKGVllh8xb6z9yGlxE=
Subject key identifier: F1:1E:34:20:B9:EA:47:B8:46:64:B2:90:3F:89:D1:B3:C1:13:F7:1F
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 0185720363A0088B9DAB4D54B3F96DF60978
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/8R40ILnqR7hGZLKQP4nRs8ET9x8.roa
Signing time: Mon 02 Jan 2023 10:25:02 +0000
ROA not before: Mon 02 Jan 2023 10:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57844
IP address blocks: 193.57.136.0/24 maxlen: 24
193.46.56.0/24 maxlen: 24
45.89.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Sep 2023 11:04:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:63:a0:08:8b:9d:ab:4d:54:b3:f9:6d:f6:09:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jan 2 10:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f11e3420b9ea47b84664b2903f89d1b3c113f71f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d7:41:4d:7d:c3:2d:39:c1:ce:1f:ae:96:24:
51:13:c8:b7:83:2f:37:ce:98:2f:4e:00:d7:bc:30:
55:14:aa:73:05:95:42:4f:cf:9f:ff:5b:b8:65:eb:
c1:52:95:3e:89:86:c1:1b:42:26:60:16:be:da:2a:
e1:df:db:86:7d:d6:eb:8a:ce:92:c2:15:91:3d:cf:
6a:9c:9f:c0:00:dd:e7:9f:bf:da:2b:5f:1c:23:e2:
df:ba:0f:61:6d:bd:65:78:f5:f9:e7:67:24:87:26:
b1:79:75:a8:36:da:3e:9b:6a:1a:76:ea:54:ce:06:
11:03:2b:0a:a4:43:0d:f6:83:6f:a5:ba:69:87:d0:
0a:7f:a0:13:ae:03:f9:eb:1a:48:e7:5e:22:0c:80:
0d:e1:60:34:9d:09:9b:d5:50:2a:e9:7e:3a:fd:c6:
1b:d6:d1:e4:23:7d:a7:40:95:e6:fa:7e:63:11:e7:
15:d2:4e:9e:c4:33:55:bc:42:06:38:f1:7b:01:6a:
69:80:ca:96:3f:a1:69:84:c6:d3:07:6b:12:83:b7:
83:c6:de:e6:96:d2:10:cf:2e:33:64:9d:67:c2:10:
cd:bd:df:a4:02:7d:de:69:69:90:07:1d:61:8d:81:
d7:c3:13:dd:08:d2:4e:c1:de:5b:ff:01:1a:7d:fd:
9c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:1E:34:20:B9:EA:47:B8:46:64:B2:90:3F:89:D1:B3:C1:13:F7:1F
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/8R40ILnqR7hGZLKQP4nRs8ET9x8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.52.0/24
193.46.56.0/24
193.57.136.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:52:5d:86:10:4b:e7:45:3d:b9:59:8d:a9:db:18:27:57:94:
c8:67:99:7e:d9:bc:94:15:9f:6c:aa:3c:9f:a9:61:4e:af:97:
53:4e:0f:f2:01:77:e1:ef:f5:5e:41:08:68:e4:38:7d:6a:0d:
ef:9b:ca:de:73:92:e8:80:47:10:a3:5f:58:66:fb:48:26:02:
c7:b7:b2:ce:ba:b4:a5:32:54:07:07:9f:3f:52:b8:f0:81:f3:
22:d8:5c:cf:3a:45:33:b9:55:6d:9d:35:e2:09:64:c0:2d:d2:
c1:43:0d:04:f6:b9:3f:b3:c8:09:1b:35:1c:45:c1:6d:79:54:
cb:f6:e4:2c:9a:85:a0:51:c0:c1:1c:f4:73:58:e7:a4:fc:15:
41:23:ff:36:09:f6:dc:0e:9f:14:a4:fb:b8:7f:a4:1e:53:f1:
03:ee:cc:b4:5b:59:16:94:5e:be:5e:e9:5b:ae:48:67:4a:fc:
b2:6c:b0:21:c2:3b:5f:3c:37:f7:af:b6:35:34:ed:62:0e:9d:
8b:a6:94:f2:d5:db:5e:75:11:5d:36:60:05:84:12:3a:a3:88:
e3:20:af:58:8a:51:fb:60:08:1a:35:ce:b4:c7:31:24:49:14:
5e:5e:68:5b:aa:17:06:52:e6:ba:6b:0c:f4:5d:16:4e:c0:5e:
b4:0f:5f:b7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyA2OgCIudq01Us/lt9gl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjMwMTAyMTAyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTFlMzQyMGI5ZWE0N2I4NDY2NGIyOTAzZjg5ZDFiM2MxMTNmNzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmddBTX3DLTnBzh+uliRRE8i3gy83
zpgvTgDXvDBVFKpzBZVCT8+f/1u4ZevBUpU+iYbBG0ImYBa+2irh39uGfdbris6S
whWRPc9qnJ/AAN3nn7/aK18cI+Lfug9hbb1lePX552ckhyaxeXWoNto+m2oadupU
zgYRAysKpEMN9oNvpbpph9AKf6ATrgP56xpI514iDIAN4WA0nQmb1VAq6X46/cYb
1tHkI32nQJXm+n5jEecV0k6exDNVvEIGOPF7AWppgMqWP6FphMbTB2sSg7eDxt7m
ltIQzy4zZJ1nwhDNvd+kAn3eaWmQBx1hjYHXwxPdCNJOwd5b/wEaff2c/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPEeNCC56ke4RmSykD+J0bPBE/cfMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvOFI0MElMbnFSN2hHWkxLUVA0blJzOEVUOXg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVk0AwQA
wS44AwQAwTmIMA0GCSqGSIb3DQEBCwUAA4IBAQAOUl2GEEvnRT25WY2p2xgnV5TI
Z5l+2byUFZ9sqjyfqWFOr5dTTg/yAXfh7/VeQQho5Dh9ag3vm8rec5LogEcQo19Y
ZvtIJgLHt7LOurSlMlQHB58/UrjwgfMi2FzPOkUzuVVtnTXiCWTALdLBQw0E9rk/
s8gJGzUcRcFteVTL9uQsmoWgUcDBHPRzWOek/BVBI/82CfbcDp8UpPu4f6QeU/ED
7sy0W1kWlF6+XulbrkhnSvyybLAhwjtfPDf3r7Y1NO1iDp2LppTy1dtedRFdNmAF
hBI6o4jjIK9YilH7YAgaNc60xzEkSRReXmhbqhcGUua6awz0XRZOwF60D1+3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:23 2024 by rpki-client on console-fra.rpki-client.org