Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/l8j07R03T5UOwvAHhxqaxys4lR4.roa
File: l8j07R03T5UOwvAHhxqaxys4lR4.roa (raw, json)
Hash identifier: RJRCK5gzEw0SAhroLOfGATonNdzPMBlOfnWNtMFc60c=
Subject key identifier: 97:C8:F4:ED:1D:37:4F:95:0E:C2:F0:07:87:1A:9A:C7:2B:38:95:1E
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 018BDC1EB44C39D41B16708EBBE16692271E
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/l8j07R03T5UOwvAHhxqaxys4lR4.roa
Signing time: Fri 17 Nov 2023 07:11:21 +0000
ROA not before: Fri 17 Nov 2023 07:11:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15960
IP address blocks: 217.64.160.0/20 maxlen: 24
185.215.100.0/22 maxlen: 24
93.94.80.0/21 maxlen: 24
2a00:15e0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dc:1e:b4:4c:39:d4:1b:16:70:8e:bb:e1:66:92:27:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Nov 17 07:11:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97c8f4ed1d374f950ec2f007871a9ac72b38951e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:cf:77:81:87:20:36:f0:47:b9:57:f8:4b:a4:
80:c9:cf:59:1c:f6:cb:aa:af:7e:4d:0e:ee:36:4f:
7b:28:72:af:d3:71:d9:fb:0f:a9:8a:a0:f3:32:43:
07:c9:48:de:39:48:ae:db:c9:8e:7f:7a:50:9e:ca:
2d:6c:ff:f7:89:91:90:42:29:a8:3b:53:69:15:13:
99:4c:36:48:3f:c1:b0:52:43:b1:1a:e0:2a:54:42:
24:d2:0e:13:d5:25:8e:ee:cd:fa:7d:a7:df:c3:4a:
a4:40:ca:49:6c:02:72:65:fb:b6:cc:9f:53:4f:13:
a0:c6:d2:42:24:1f:dd:c8:d2:59:02:9b:8d:9b:db:
c9:20:1c:ab:e1:0b:61:12:6b:4d:94:e0:a3:53:71:
b3:c2:c5:74:2a:ad:c9:c1:e2:18:40:cb:76:af:bc:
41:9d:b3:10:33:e3:56:52:fe:e5:86:61:dd:2f:23:
ca:e9:79:9f:b1:82:8a:12:0f:ce:cc:df:3e:24:76:
84:cf:31:0c:84:54:e8:66:ba:45:bb:12:64:3d:98:
d2:d6:ab:6d:11:ea:d7:cb:62:69:8d:4c:9d:27:70:
a1:33:aa:cd:8b:96:59:e9:6f:20:8a:eb:c3:f6:d0:
9d:8e:4d:94:1d:d2:ab:80:0c:d0:5f:87:89:ad:c4:
b6:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C8:F4:ED:1D:37:4F:95:0E:C2:F0:07:87:1A:9A:C7:2B:38:95:1E
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/l8j07R03T5UOwvAHhxqaxys4lR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.80.0/21
185.215.100.0/22
217.64.160.0/20
IPv6:
2a00:15e0::/29
Signature Algorithm: sha256WithRSAEncryption
38:cf:c1:a7:3d:f5:6b:f5:00:af:98:09:eb:be:de:43:58:08:
db:08:d4:7a:8f:57:4d:94:2b:70:ad:78:fd:9a:c5:6b:60:e1:
0f:d9:c7:3e:96:c2:58:6e:67:a9:5c:cc:97:7a:c6:c7:8d:3b:
7d:fa:c2:ac:3b:bf:c4:59:5e:5c:32:6d:34:8f:6e:68:2d:c0:
73:8c:ed:34:ce:ca:48:d4:d3:3e:5a:3e:61:a8:e9:6b:ed:9d:
41:11:07:6b:c3:e7:3f:32:7d:4f:76:c9:4e:ba:67:fe:57:93:
3b:e2:20:5f:e4:b5:3f:1f:b7:bd:1d:af:a1:cc:66:f6:78:e7:
be:db:18:a2:60:9b:50:8c:9c:9d:2b:b9:d7:3b:78:01:fc:b0:
3f:c3:0a:e3:58:6e:4e:12:a0:6c:57:6c:79:d7:e3:7f:60:4f:
05:44:02:58:0c:da:d4:8d:e6:94:ef:80:5d:3b:c5:4c:50:19:
08:63:1e:03:3a:d6:4c:c0:2a:27:f7:4d:ef:2e:de:57:5e:87:
77:e7:23:36:ed:76:c2:1e:b2:a1:31:fe:10:90:55:ec:5c:c8:
01:d1:3f:ec:01:42:45:49:af:62:8e:16:5f:1d:ba:6c:32:23:
1e:05:d0:12:95:1d:45:7e:f3:f5:6f:b7:fb:e3:6e:48:70:b6:
4e:c8:b1:b9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYvcHrRMOdQbFnCOu+FmkiceMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjMxMTE3MDcxMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2M4ZjRlZDFkMzc0Zjk1MGVjMmYwMDc4NzFhOWFjNzJiMzg5NTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAms93gYcgNvBHuVf4S6SAyc9ZHPbL
qq9+TQ7uNk97KHKv03HZ+w+piqDzMkMHyUjeOUiu28mOf3pQnsotbP/3iZGQQimo
O1NpFROZTDZIP8GwUkOxGuAqVEIk0g4T1SWO7s36faffw0qkQMpJbAJyZfu2zJ9T
TxOgxtJCJB/dyNJZApuNm9vJIByr4QthEmtNlOCjU3GzwsV0Kq3JweIYQMt2r7xB
nbMQM+NWUv7lhmHdLyPK6XmfsYKKEg/OzN8+JHaEzzEMhFToZrpFuxJkPZjS1qtt
EerXy2JpjUydJ3ChM6rNi5ZZ6W8giuvD9tCdjk2UHdKrgAzQX4eJrcS2XwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJfI9O0dN0+VDsLwB4camscrOJUeMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvbDhqMDdSMDNUNVVPd3ZBSGh4cWF4eXM0bFI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDXV5QAwQC
uddkAwQE2UCgMA0EAgACMAcDBQMqABXgMA0GCSqGSIb3DQEBCwUAA4IBAQA4z8Gn
PfVr9QCvmAnrvt5DWAjbCNR6j1dNlCtwrXj9msVrYOEP2cc+lsJYbmepXMyXesbH
jTt9+sKsO7/EWV5cMm00j25oLcBzjO00zspI1NM+Wj5hqOlr7Z1BEQdrw+c/Mn1P
dslOumf+V5M74iBf5LU/H7e9Ha+hzGb2eOe+2xiiYJtQjJydK7nXO3gB/LA/wwrj
WG5OEqBsV2x51+N/YE8FRAJYDNrUjeaU74BdO8VMUBkIYx4DOtZMwCon903vLt5X
Xod35yM27XbCHrKhMf4QkFXsXMgB0T/sAUJFSa9ijhZfHbpsMiMeBdASlR1FfvP1
b7f7425IcLZOyLG5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:26 2024 by rpki-client on console-fra.rpki-client.org