Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/381125-0248-4ebc-a74d-b8dad6e5c3bf/1/8hU5kT1OVRiPlNRqqjDLUkFd3oQ.roa
File: 8hU5kT1OVRiPlNRqqjDLUkFd3oQ.roa (raw, json)
Hash identifier: j+FPW8lOFioyQA8uDBoFWDB3aCi8hdne8FjsS3urBEI=
Subject key identifier: F2:15:39:91:3D:4E:55:18:8F:94:D4:6A:AA:30:CB:52:41:5D:DE:84
Certificate issuer: /CN=374c2617a372e466e98d42532dd0bd8e5cdd993d
Certificate serial: 018570B096B03C7FDC4606ED7416DD7A5898
Authority key identifier: 37:4C:26:17:A3:72:E4:66:E9:8D:42:53:2D:D0:BD:8E:5C:DD:99:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N0wmF6Ny5GbpjUJTLdC9jlzdmT0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/381125-0248-4ebc-a74d-b8dad6e5c3bf/1/8hU5kT1OVRiPlNRqqjDLUkFd3oQ.roa
Signing time: Mon 02 Jan 2023 04:14:59 +0000
ROA not before: Mon 02 Jan 2023 04:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201510
IP address blocks: 185.73.92.0/24 maxlen: 24
185.73.94.0/24 maxlen: 24
185.73.93.0/24 maxlen: 24
2a03:41e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:96:b0:3c:7f:dc:46:06:ed:74:16:dd:7a:58:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=374c2617a372e466e98d42532dd0bd8e5cdd993d
Validity
Not Before: Jan 2 04:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f21539913d4e55188f94d46aaa30cb52415dde84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b5:d1:b3:01:a3:63:43:e1:f0:47:b9:0e:8b:
91:1f:18:c3:e3:f8:3c:c1:6d:fc:ce:cb:69:2d:fa:
83:10:5d:a4:81:b4:15:17:98:d7:20:c0:1b:0b:67:
8b:a6:f7:bc:50:24:9d:8b:f2:d8:04:0e:7b:80:3d:
c2:52:22:2f:04:eb:6d:50:58:29:90:89:4c:99:0f:
76:65:f4:a5:a5:32:4a:2e:32:e0:0a:b5:41:c1:56:
22:a3:4c:3d:55:a0:d2:51:55:26:5e:57:ca:01:5c:
c7:9d:f7:45:35:df:bd:66:9d:15:b9:1c:b3:2a:02:
b3:28:1f:de:f2:ab:89:25:0e:4a:34:47:1a:c9:f5:
a7:34:03:8f:6e:3e:e4:1f:2c:b3:43:e2:98:e6:69:
e4:40:2c:5f:cf:d6:7a:4e:7f:1b:49:82:60:c8:99:
c3:15:2a:61:c8:07:6d:41:6a:14:5e:ba:c4:1a:9f:
63:9f:6e:16:58:a8:f0:62:f4:05:c8:01:42:6c:fb:
1d:47:eb:0d:e4:28:6c:1a:61:68:d1:07:30:e2:b4:
05:2f:50:b4:a7:36:79:92:dd:6f:04:1a:a2:62:71:
34:06:b6:34:ed:a5:9b:df:e2:98:82:de:f9:11:cc:
d6:76:97:07:f8:0d:ee:70:d7:e5:8a:ba:f6:9c:41:
36:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:15:39:91:3D:4E:55:18:8F:94:D4:6A:AA:30:CB:52:41:5D:DE:84
X509v3 Authority Key Identifier:
keyid:37:4C:26:17:A3:72:E4:66:E9:8D:42:53:2D:D0:BD:8E:5C:DD:99:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N0wmF6Ny5GbpjUJTLdC9jlzdmT0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/381125-0248-4ebc-a74d-b8dad6e5c3bf/1/8hU5kT1OVRiPlNRqqjDLUkFd3oQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/381125-0248-4ebc-a74d-b8dad6e5c3bf/1/N0wmF6Ny5GbpjUJTLdC9jlzdmT0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.92.0-185.73.94.255
IPv6:
2a03:41e0::/32
Signature Algorithm: sha256WithRSAEncryption
07:37:c1:da:c6:12:21:78:d6:3c:a0:a8:08:04:49:bf:95:55:
c9:08:1b:f8:be:e6:fe:bb:25:33:16:5d:ab:1e:73:db:78:8d:
29:71:14:80:3a:41:b1:7a:f8:9b:6f:67:e0:8a:48:76:14:d0:
96:45:e3:7c:74:fd:98:d3:9a:89:c5:b1:55:9d:30:09:12:da:
cb:55:c7:d3:43:1e:44:4b:06:e6:a0:d7:fa:8c:59:cb:fe:9f:
45:ca:b5:02:55:0f:59:64:9d:bb:22:4b:34:01:a7:b3:ba:c5:
de:02:22:93:ef:ce:43:25:e6:32:b5:bc:c7:ef:98:a7:80:b3:
ee:99:0c:37:40:ce:df:db:7f:b6:55:78:dc:5c:45:95:e4:c5:
13:dc:74:18:b4:fc:71:52:36:d0:ec:e1:1e:e3:95:eb:c5:f8:
25:89:48:c3:d1:af:05:cc:fb:4a:8f:f3:f2:72:fd:47:3a:5e:
b9:e7:9d:f3:1b:a8:6f:00:66:b5:8f:cb:dc:13:88:5b:db:dd:
8e:cb:e4:39:51:b8:55:34:16:ce:fc:09:88:6d:6b:dc:69:0f:
68:cd:a9:d7:e6:6a:db:e7:62:a5:94:9a:8b:dd:84:3f:e9:fd:
88:65:93:60:70:67:b6:61:3f:68:39:21:e4:5d:73:19:d5:2d:
6a:6f:bd:da
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVwsJawPH/cRgbtdBbdeliYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGMyNjE3YTM3MmU0NjZlOThkNDI1MzJkZDBiZDhlNWNk
ZDk5M2QwHhcNMjMwMTAyMDQxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjE1Mzk5MTNkNGU1NTE4OGY5NGQ0NmFhYTMwY2I1MjQxNWRkZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbXRswGjY0Ph8Ee5DouRHxjD4/g8
wW38zstpLfqDEF2kgbQVF5jXIMAbC2eLpve8UCSdi/LYBA57gD3CUiIvBOttUFgp
kIlMmQ92ZfSlpTJKLjLgCrVBwVYio0w9VaDSUVUmXlfKAVzHnfdFNd+9Zp0VuRyz
KgKzKB/e8quJJQ5KNEcayfWnNAOPbj7kHyyzQ+KY5mnkQCxfz9Z6Tn8bSYJgyJnD
FSphyAdtQWoUXrrEGp9jn24WWKjwYvQFyAFCbPsdR+sN5ChsGmFo0Qcw4rQFL1C0
pzZ5kt1vBBqiYnE0BrY07aWb3+KYgt75EczWdpcH+A3ucNflirr2nEE2ZwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPIVOZE9TlUYj5TUaqowy1JBXd6EMB8GA1UdIwQY
MBaAFDdMJhejcuRm6Y1CUy3QvY5c3Zk9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjB3bUY2Tnk1R2JwalVKVExkQzlqbHpkbVQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8zODExMjUtMDI0OC00ZWJjLWE3NGQt
YjhkYWQ2ZTVjM2JmLzEvOGhVNWtUMU9WUmlQbE5ScXFqRExVa0ZkM29RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8zODExMjUtMDI0OC00ZWJjLWE3NGQtYjhkYWQ2ZTVjM2Jm
LzEvTjB3bUY2Tnk1R2JwalVKVExkQzlqbHpkbVQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAK5SVwD
BAC5SV4wDQQCAAIwBwMFACoDQeAwDQYJKoZIhvcNAQELBQADggEBAAc3wdrGEiF4
1jygqAgESb+VVckIG/i+5v67JTMWXasec9t4jSlxFIA6QbF6+JtvZ+CKSHYU0JZF
43x0/ZjTmonFsVWdMAkS2stVx9NDHkRLBuag1/qMWcv+n0XKtQJVD1lknbsiSzQB
p7O6xd4CIpPvzkMl5jK1vMfvmKeAs+6ZDDdAzt/bf7ZVeNxcRZXkxRPcdBi0/HFS
NtDs4R7jlevF+CWJSMPRrwXM+0qP8/Jy/Uc6XrnnnfMbqG8AZrWPy9wTiFvb3Y7L
5DlRuFU0Fs78CYhta9xpD2jNqdfmatvnYqWUmovdhD/p/Yhlk2BwZ7ZhP2g5IeRd
cxnVLWpvvdo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:09 2024 by rpki-client on console-fra.rpki-client.org