Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/8lSMGofoyDDdCzlHR6TowiPbUj0.roa
File: 8lSMGofoyDDdCzlHR6TowiPbUj0.roa (raw, json)
Hash identifier: 2ML2xVOXDOKg1et8noBWGRunBi+JZupK/tN1Mo2p7yU=
Subject key identifier: F2:54:8C:1A:87:E8:C8:30:DD:0B:39:47:47:A4:E8:C2:23:DB:52:3D
Certificate issuer: /CN=08a5c3aba421b78a7d5d09b75b4ce3be5273caac
Certificate serial: 018AFA0C3332FFB6F2447012A84F05B7CE6C
Authority key identifier: 08:A5:C3:AB:A4:21:B7:8A:7D:5D:09:B7:5B:4C:E3:BE:52:73:CA:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/8lSMGofoyDDdCzlHR6TowiPbUj0.roa
Signing time: Wed 04 Oct 2023 09:36:57 +0000
ROA not before: Wed 04 Oct 2023 09:36:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28760
IP address blocks: 185.236.144.0/22 maxlen: 22
185.71.252.0/22 maxlen: 22
5.104.216.0/21 maxlen: 21
213.174.224.0/19 maxlen: 19
77.242.64.0/20 maxlen: 20
2a03:fa00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fa:0c:33:32:ff:b6:f2:44:70:12:a8:4f:05:b7:ce:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a5c3aba421b78a7d5d09b75b4ce3be5273caac
Validity
Not Before: Oct 4 09:36:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2548c1a87e8c830dd0b394747a4e8c223db523d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:2d:02:0b:08:82:1e:40:b4:2b:55:77:69:7a:
1e:1d:61:89:ee:c7:dc:a4:72:67:17:84:7a:35:b4:
4c:d0:8e:c5:5c:fb:d8:3c:a1:a9:64:f7:4c:86:8c:
5f:55:c2:97:9a:14:91:d9:26:d4:a7:bc:bd:d3:21:
78:75:27:37:a9:e1:9f:2e:f3:19:e7:f3:2e:46:92:
6b:4a:73:03:53:47:2c:7e:f1:ba:b2:4a:b4:d0:87:
09:0f:06:d0:07:da:5d:b4:56:6d:54:37:da:f8:5c:
d2:9a:ed:d4:f1:c5:63:44:21:0d:62:e7:ff:7e:cc:
72:cf:08:17:ed:c4:79:50:b5:da:e1:a0:f9:c8:eb:
0d:62:45:f0:6d:c2:10:8c:d1:95:2a:d4:f0:0d:28:
0b:e0:55:50:b4:99:9c:60:33:ac:38:91:38:a0:1c:
4b:11:5d:f6:3c:15:2c:6e:54:96:18:6d:2d:bc:ea:
64:a5:f5:4a:bd:f7:12:7f:f3:03:57:90:28:4a:56:
f0:08:f4:fa:6f:58:61:7c:8c:e3:ac:25:e7:45:18:
ae:d0:86:18:19:b7:bb:c1:4f:4e:cf:cc:d7:99:2a:
f2:78:d1:85:1c:a9:24:ae:38:7d:0a:e1:f8:f9:65:
80:5a:e6:f0:03:a7:84:fd:a8:ed:4f:02:38:b8:de:
66:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:54:8C:1A:87:E8:C8:30:DD:0B:39:47:47:A4:E8:C2:23:DB:52:3D
X509v3 Authority Key Identifier:
keyid:08:A5:C3:AB:A4:21:B7:8A:7D:5D:09:B7:5B:4C:E3:BE:52:73:CA:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/8lSMGofoyDDdCzlHR6TowiPbUj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.216.0/21
77.242.64.0/20
185.71.252.0/22
185.236.144.0/22
213.174.224.0/19
IPv6:
2a03:fa00::/29
Signature Algorithm: sha256WithRSAEncryption
82:cd:fd:fb:3a:24:b7:40:15:73:4b:77:d1:ef:2b:13:1f:06:
fd:b8:18:38:90:2f:6b:75:d2:a0:d5:9a:25:58:95:8d:19:d3:
2e:6d:4e:aa:35:43:57:9d:27:4f:9b:e2:d6:2e:14:74:a6:6e:
29:22:aa:18:e9:86:7d:45:49:df:ce:85:25:ce:48:01:70:b5:
6f:3c:58:6e:5c:77:10:9b:69:42:00:93:7f:e2:6e:8a:34:c9:
9d:16:ac:7d:ba:19:57:59:d3:29:71:77:57:7b:de:9c:5e:7c:
90:11:a2:c3:04:24:10:b6:72:39:9d:28:2f:d4:19:43:4d:e4:
06:4f:87:98:5d:8e:ca:63:af:00:12:f3:e9:9d:5d:ac:57:88:
ff:ab:f0:02:91:4d:7a:ac:74:58:c5:a5:06:66:0c:89:56:af:
c0:1a:a4:24:6e:cc:ce:92:13:11:be:0f:d1:fe:56:c7:61:83:
44:67:dc:ce:fc:92:15:3d:34:db:05:45:49:06:62:87:98:a9:
3a:d4:48:f0:cc:0f:aa:bd:06:2c:f5:6b:5c:01:f0:e4:94:b4:
44:b4:32:36:b9:46:fe:b5:eb:5e:20:83:d1:d4:f5:7e:5e:77:
80:7c:ed:0a:a2:96:98:29:58:01:e8:df:7f:4c:75:25:f5:4d:
de:f5:a3:25
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYr6DDMy/7byRHASqE8Ft85sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTVjM2FiYTQyMWI3OGE3ZDVkMDliNzViNGNlM2JlNTI3
M2NhYWMwHhcNMjMxMDA0MDkzNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjU0OGMxYTg3ZThjODMwZGQwYjM5NDc0N2E0ZThjMjIzZGI1MjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkC0CCwiCHkC0K1V3aXoeHWGJ7sfc
pHJnF4R6NbRM0I7FXPvYPKGpZPdMhoxfVcKXmhSR2SbUp7y90yF4dSc3qeGfLvMZ
5/MuRpJrSnMDU0csfvG6skq00IcJDwbQB9pdtFZtVDfa+FzSmu3U8cVjRCENYuf/
fsxyzwgX7cR5ULXa4aD5yOsNYkXwbcIQjNGVKtTwDSgL4FVQtJmcYDOsOJE4oBxL
EV32PBUsblSWGG0tvOpkpfVKvfcSf/MDV5AoSlbwCPT6b1hhfIzjrCXnRRiu0IYY
Gbe7wU9Oz8zXmSryeNGFHKkkrjh9CuH4+WWAWubwA6eE/ajtTwI4uN5mZwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFPJUjBqH6Mgw3Qs5R0ek6MIj21I9MB8GA1UdIwQY
MBaAFAilw6ukIbeKfV0Jt1tM475Sc8qsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tYRHE2UWh0NHA5WFFtM1cwemp2bEp6eXF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My83YmQ4Y2YtMmE2MS00Yjc0LTg2MGQt
MzY0ZmFlN2M3MmM0LzEvOGxTTUdvZm95RERkQ3psSFI2VG93aVBiVWowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My83YmQ4Y2YtMmE2MS00Yjc0LTg2MGQtMzY0ZmFlN2M3MmM0
LzEvQ0tYRHE2UWh0NHA5WFFtM1cwemp2bEp6eXF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBWjYAwQE
TfJAAwQCuUf8AwQCueyQAwQF1a7gMA0EAgACMAcDBQMqA/oAMA0GCSqGSIb3DQEB
CwUAA4IBAQCCzf37OiS3QBVzS3fR7ysTHwb9uBg4kC9rddKg1ZolWJWNGdMubU6q
NUNXnSdPm+LWLhR0pm4pIqoY6YZ9RUnfzoUlzkgBcLVvPFhuXHcQm2lCAJN/4m6K
NMmdFqx9uhlXWdMpcXdXe96cXnyQEaLDBCQQtnI5nSgv1BlDTeQGT4eYXY7KY68A
EvPpnV2sV4j/q/ACkU16rHRYxaUGZgyJVq/AGqQkbszOkhMRvg/R/lbHYYNEZ9zO
/JIVPTTbBUVJBmKHmKk61EjwzA+qvQYs9WtcAfDklLREtDI2uUb+teteIIPR1PV+
XneAfO0KopaYKVgB6N9/THUl9U3e9aMl
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:50 2024 by rpki-client on console-ams.rpki-client.org