Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/8e19Nq8IpkQOf2b-yTmEai1_f9g.roa
File: 8e19Nq8IpkQOf2b-yTmEai1_f9g.roa (raw, json)
Hash identifier: CFaN6SbrYX532DeOBjzX8tFbHAicmZxEovslLEEn7/w=
Subject key identifier: F1:ED:7D:36:AF:08:A6:44:0E:7F:66:FE:C9:39:84:6A:2D:7F:7F:D8
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A2F3E67EAB4BB04F7FFE20C3644B6
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/8e19Nq8IpkQOf2b-yTmEai1_f9g.roa
Signing time: Tue 02 Jan 2024 12:33:31 +0000
ROA not before: Tue 02 Jan 2024 12:33:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62083
IP address blocks: 92.38.6.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:2f:3e:67:ea:b4:bb:04:f7:ff:e2:0c:36:44:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1ed7d36af08a6440e7f66fec939846a2d7f7fd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:05:27:63:c7:9f:2e:b2:30:df:01:aa:b5:3f:
93:12:9b:cd:5d:04:2f:a1:a9:61:57:94:a7:e8:44:
c5:99:6d:6e:20:c3:ba:21:7d:d1:98:35:62:fa:f9:
97:2d:92:19:ca:64:1a:11:24:fe:da:5c:73:00:3b:
96:2f:ee:05:f6:7b:6b:28:74:b3:4a:9c:1a:8d:5a:
cb:5f:e2:34:72:83:2b:1b:7e:29:37:f7:70:a9:b8:
9c:7b:09:52:bb:0f:9e:c6:43:ca:8a:02:40:8a:c0:
be:2b:ea:43:6a:99:0b:cd:1f:d0:1d:4f:e3:76:ac:
4f:ba:20:b2:77:18:0d:a9:7d:d3:da:79:48:39:1f:
ac:51:d4:0c:78:7d:aa:a6:b3:ff:8d:a0:12:13:7b:
ab:3e:c3:35:70:d3:8a:76:7f:5c:69:fe:66:ce:68:
2b:9b:a2:71:78:87:80:a2:1f:9a:75:06:ba:56:f0:
a9:c9:bb:1a:b5:72:ae:e0:a0:77:8d:f8:3e:ce:e9:
1a:60:2a:80:ef:b0:8a:f8:b5:0a:3a:1b:2a:98:b7:
93:89:fc:f3:0e:81:cd:13:29:35:a1:bb:aa:d4:f2:
b3:84:81:6a:87:23:c8:74:dc:16:34:36:6f:00:44:
69:99:1a:cd:10:bb:09:86:50:01:2e:e8:01:f6:29:
ee:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:ED:7D:36:AF:08:A6:44:0E:7F:66:FE:C9:39:84:6A:2D:7F:7F:D8
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/8e19Nq8IpkQOf2b-yTmEai1_f9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.38.6.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:21:d8:04:55:52:92:1b:d5:0d:4c:5b:f1:0a:eb:66:04:d2:
5f:7d:9a:48:7a:bf:7e:1d:8f:93:8b:3d:26:b5:0e:ff:18:b8:
19:8c:e1:2b:ca:f7:84:be:1c:5d:fd:2e:3e:79:42:00:c1:42:
7d:e1:24:0e:4f:3f:de:41:cc:b2:95:5f:a4:f7:7c:41:18:43:
6f:53:5e:76:94:20:17:13:e1:71:9c:a4:71:13:6d:b7:3b:2d:
50:cb:73:96:78:48:33:fc:e3:de:b4:3f:72:21:10:57:df:5f:
27:c5:02:4e:e1:fc:df:7a:05:d4:0b:f0:7d:6f:25:59:b7:60:
ed:4b:c0:92:16:4f:9d:52:a3:63:c2:79:3a:71:79:77:91:e9:
42:45:8d:9f:bb:95:19:a9:3f:c7:04:aa:ab:3c:cf:62:86:85:
ae:10:a6:e8:86:48:23:8c:bd:02:22:c6:08:a9:27:df:94:b7:
f0:07:25:e7:c9:be:c2:7e:be:b7:a4:38:4f:7c:0a:84:97:92:
b9:54:bf:1b:19:2e:eb:1f:d3:db:7a:fe:e8:1d:ae:28:40:5f:
e6:07:8f:a1:f9:17:73:77:5a:41:3f:b8:ef:18:6f:21:f8:b6:
26:67:85:98:a4:fe:f2:bd:c6:6b:0f:c5:fb:37:30:d8:0a:92:
c5:fc:1d:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKi8+Z+q0uwT3/+IMNkS2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWVkN2QzNmFmMDhhNjQ0MGU3ZjY2ZmVjOTM5ODQ2YTJkN2Y3ZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgUnY8efLrIw3wGqtT+TEpvNXQQv
oalhV5Sn6ETFmW1uIMO6IX3RmDVi+vmXLZIZymQaEST+2lxzADuWL+4F9ntrKHSz
SpwajVrLX+I0coMrG34pN/dwqbicewlSuw+exkPKigJAisC+K+pDapkLzR/QHU/j
dqxPuiCydxgNqX3T2nlIOR+sUdQMeH2qprP/jaASE3urPsM1cNOKdn9caf5mzmgr
m6JxeIeAoh+adQa6VvCpybsatXKu4KB3jfg+zukaYCqA77CK+LUKOhsqmLeTifzz
DoHNEyk1obuq1PKzhIFqhyPIdNwWNDZvAERpmRrNELsJhlABLugB9inudwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPHtfTavCKZEDn9m/sk5hGotf3/YMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvOGUxOU5xOElwa1FPZjJiLXlUbUVhaTFfZjlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXCYGMA0G
CSqGSIb3DQEBCwUAA4IBAQCPIdgEVVKSG9UNTFvxCutmBNJffZpIer9+HY+Tiz0m
tQ7/GLgZjOEryveEvhxd/S4+eUIAwUJ94SQOTz/eQcyylV+k93xBGENvU152lCAX
E+FxnKRxE223Oy1Qy3OWeEgz/OPetD9yIRBX318nxQJO4fzfegXUC/B9byVZt2Dt
S8CSFk+dUqNjwnk6cXl3kelCRY2fu5UZqT/HBKqrPM9ihoWuEKbohkgjjL0CIsYI
qSfflLfwByXnyb7Cfr63pDhPfAqEl5K5VL8bGS7rH9Pbev7oHa4oQF/mB4+h+Rdz
d1pBP7jvGG8h+LYmZ4WYpP7yvcZrD8X7NzDYCpLF/B3z
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:58:41 2025 by rpki-client