Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/8X8Z4Z4nADeCEwx6piA-002Tqk8.roa
File: 8X8Z4Z4nADeCEwx6piA-002Tqk8.roa (raw, json)
Hash identifier: 7yErjwTmgdUnIX8RFQBd3pU/RlZqmywYtdXy3VHP7CQ=
Subject key identifier: F1:7F:19:E1:9E:27:00:37:82:13:0C:7A:A6:20:3E:D3:4D:93:AA:4F
Certificate issuer: /CN=cd0c032892f695af4c13fb0aca8043d17b1b97bf
Certificate serial: 0189272DF5077ACDB5B60B3EAB279AC098D7
Authority key identifier: CD:0C:03:28:92:F6:95:AF:4C:13:FB:0A:CA:80:43:D1:7B:1B:97:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zQwDKJL2la9ME_sKyoBD0Xsbl78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/8X8Z4Z4nADeCEwx6piA-002Tqk8.roa
Signing time: Wed 05 Jul 2023 17:51:10 +0000
ROA not before: Wed 05 Jul 2023 17:51:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206371
IP address blocks: 185.137.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 Sep 2023 16:38:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:27:2d:f5:07:7a:cd:b5:b6:0b:3e:ab:27:9a:c0:98:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd0c032892f695af4c13fb0aca8043d17b1b97bf
Validity
Not Before: Jul 5 17:51:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f17f19e19e27003782130c7aa6203ed34d93aa4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:70:f2:7a:e7:71:d9:42:a7:5a:55:6b:a9:a6:
5a:ed:f2:b7:cf:36:ac:d2:d0:5f:7f:dc:21:f0:bc:
11:ea:84:fc:fe:bd:33:e9:db:bc:88:1c:64:1d:a1:
7c:2c:5b:e2:c2:e6:57:5f:92:73:9a:96:9e:60:90:
1f:bb:e3:d1:19:53:01:2e:17:51:ee:4c:34:6e:db:
c7:af:62:c4:d7:f7:da:69:45:64:64:4c:8a:26:84:
05:43:b6:1f:94:78:b1:f1:0e:6a:4d:80:59:96:c4:
78:2d:c5:07:b3:05:fc:bb:7a:dd:bd:ea:a1:d8:a4:
f9:f5:e4:a0:57:e0:ba:b5:98:21:89:43:ec:48:12:
ad:10:87:0f:0d:d4:e7:f6:c9:6f:84:6b:dd:91:78:
dc:55:6d:e6:13:d8:27:dd:31:f9:67:06:b1:fb:28:
b1:dd:f6:a8:06:46:bc:be:00:95:27:98:9d:26:55:
03:e8:0d:af:fd:d9:37:81:3d:0e:1e:0c:c5:7f:3d:
0d:dc:9b:dd:f1:e9:4a:81:32:53:67:b9:d0:e7:f9:
82:a0:4a:56:22:d6:21:0c:5e:af:35:a2:cd:30:c8:
01:62:f3:d8:d9:18:cc:c5:cf:57:f9:0d:b1:dc:47:
82:49:10:09:ea:58:1e:4b:9c:6d:53:f6:65:44:b8:
f1:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:7F:19:E1:9E:27:00:37:82:13:0C:7A:A6:20:3E:D3:4D:93:AA:4F
X509v3 Authority Key Identifier:
keyid:CD:0C:03:28:92:F6:95:AF:4C:13:FB:0A:CA:80:43:D1:7B:1B:97:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zQwDKJL2la9ME_sKyoBD0Xsbl78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/8X8Z4Z4nADeCEwx6piA-002Tqk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.98.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:e6:40:c7:5e:8a:bb:a4:a7:c9:92:d3:1a:14:8e:be:d5:22:
c3:5d:c4:82:41:81:cb:d6:10:df:1e:61:3a:9e:5b:a3:9e:bd:
94:e8:ee:fd:23:3f:36:41:bd:9d:fc:1d:05:97:9a:59:96:4a:
67:42:95:8e:44:8a:db:ed:6b:4a:fd:e8:8a:65:fa:95:cb:41:
21:59:2a:5a:e5:d7:5e:0c:d6:61:b2:2d:4a:c3:ae:c2:21:a6:
55:22:ef:67:c7:d6:80:12:5c:32:2f:60:f1:72:82:39:b2:5c:
29:8c:b5:1a:b4:e6:19:79:7c:12:76:da:24:f7:ed:72:84:53:
24:ef:12:29:d6:35:6d:2a:f1:48:d0:e8:08:7c:f6:0f:0e:67:
12:2e:2c:1f:fe:8f:67:0f:3c:f7:39:62:e0:7b:5a:80:53:1a:
b0:85:0a:21:be:67:85:77:77:a5:e3:d5:f7:12:74:ad:be:5c:
c5:7d:f2:3e:ff:e5:5c:b5:7e:2c:4b:02:8f:38:b9:41:ef:a5:
c7:e9:2f:80:22:6f:f5:ae:2a:0a:c1:14:fa:32:cc:44:98:be:
49:c1:b2:d5:a8:57:bd:ad:6b:0a:6c:d4:24:4e:48:76:04:b0:
2c:1c:95:fb:1d:33:75:23:8c:e6:d2:5b:d9:29:c9:d1:6d:17:
e9:0e:0a:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYknLfUHes21tgs+qyeawJjXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMGMwMzI4OTJmNjk1YWY0YzEzZmIwYWNhODA0M2QxN2Ix
Yjk3YmYwHhcNMjMwNzA1MTc1MTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTdmMTllMTllMjcwMDM3ODIxMzBjN2FhNjIwM2VkMzRkOTNhYTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnDyeudx2UKnWlVrqaZa7fK3zzas
0tBff9wh8LwR6oT8/r0z6du8iBxkHaF8LFviwuZXX5JzmpaeYJAfu+PRGVMBLhdR
7kw0btvHr2LE1/faaUVkZEyKJoQFQ7YflHix8Q5qTYBZlsR4LcUHswX8u3rdveqh
2KT59eSgV+C6tZghiUPsSBKtEIcPDdTn9slvhGvdkXjcVW3mE9gn3TH5Zwax+yix
3faoBka8vgCVJ5idJlUD6A2v/dk3gT0OHgzFfz0N3Jvd8elKgTJTZ7nQ5/mCoEpW
ItYhDF6vNaLNMMgBYvPY2RjMxc9X+Q2x3EeCSRAJ6lgeS5xtU/ZlRLjxRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPF/GeGeJwA3ghMMeqYgPtNNk6pPMB8GA1UdIwQY
MBaAFM0MAyiS9pWvTBP7CsqAQ9F7G5e/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelF3REtKTDJsYTlNRV9zS3lvQkQwWHNibDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zODRhMzItM2UxYy00ZDg2LWJkYjgt
MzUyNzZiNzk3NWFlLzEvOFg4WjRaNG5BRGVDRXd4NnBpQS0wMDJUcWs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zODRhMzItM2UxYy00ZDg2LWJkYjgtMzUyNzZiNzk3NWFl
LzEvelF3REtKTDJsYTlNRV9zS3lvQkQwWHNibDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYliMA0G
CSqGSIb3DQEBCwUAA4IBAQAs5kDHXoq7pKfJktMaFI6+1SLDXcSCQYHL1hDfHmE6
nlujnr2U6O79Iz82Qb2d/B0Fl5pZlkpnQpWORIrb7WtK/eiKZfqVy0EhWSpa5dde
DNZhsi1Kw67CIaZVIu9nx9aAElwyL2DxcoI5slwpjLUatOYZeXwSdtok9+1yhFMk
7xIp1jVtKvFI0OgIfPYPDmcSLiwf/o9nDzz3OWLge1qAUxqwhQohvmeFd3el49X3
EnStvlzFffI+/+VctX4sSwKPOLlB76XH6S+AIm/1rioKwRT6MsxEmL5JwbLVqFe9
rWsKbNQkTkh2BLAsHJX7HTN1I4zm0lvZKcnRbRfpDgoM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:13 2024 by rpki-client on console-fra.rpki-client.org