Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/n8hDYHh0LAu7IEUgp4dKN8uH2-Q.roa
File: n8hDYHh0LAu7IEUgp4dKN8uH2-Q.roa (raw, json)
Hash identifier: 1qlsIpsd9yfpgJVMNz61Xc3EfP6phf1uYOx+CTS6WyY=
Subject key identifier: 9F:C8:43:60:78:74:2C:0B:BB:20:45:20:A7:87:4A:37:CB:87:DB:E4
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 018570152F6A94EA5EAF8AE1E403F19D80A6
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/n8hDYHh0LAu7IEUgp4dKN8uH2-Q.roa
Signing time: Mon 02 Jan 2023 01:25:14 +0000
ROA not before: Mon 02 Jan 2023 01:25:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58321
IP address blocks: 185.123.160.0/24 maxlen: 24
194.60.251.0/24 maxlen: 24
94.152.254.0/24 maxlen: 24
94.152.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Apr 2023 07:10:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:2f:6a:94:ea:5e:af:8a:e1:e4:03:f1:9d:80:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Jan 2 01:25:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9fc8436078742c0bbb204520a7874a37cb87dbe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:25:7d:ed:a3:33:1a:6b:98:3b:5e:cb:e4:e2:
b9:73:21:9e:5d:1c:56:b7:0c:43:3b:3f:8a:18:95:
ac:9b:1d:b1:72:84:fe:f1:ba:11:36:ea:93:f0:57:
92:55:f8:fc:4f:e7:b3:87:ff:24:22:7d:d8:2d:8d:
c1:f7:43:6d:a8:5e:92:de:05:32:04:22:01:70:9a:
22:81:ca:cb:71:ee:78:6b:e4:2a:18:ed:27:21:16:
a6:c2:95:13:67:89:af:3b:91:fb:13:8b:27:34:af:
07:0d:05:32:12:e2:7a:2b:1d:8a:d4:4e:0b:c3:03:
ca:41:67:0a:5e:59:4d:8f:36:ed:0c:45:b6:59:cb:
07:c9:eb:49:be:df:64:e0:82:06:40:bf:7f:86:5d:
c8:bb:23:67:9a:60:6f:31:63:ed:ac:9d:db:9f:02:
20:0f:08:7f:a0:3b:00:34:f0:3d:4a:d1:70:20:36:
14:67:81:1d:54:e5:af:11:07:ab:98:90:7a:e9:08:
71:ed:d3:d8:81:76:30:a6:a0:09:15:cf:7a:d9:e0:
6a:79:59:a7:7d:65:95:85:fb:79:ff:c3:ac:67:e3:
85:60:22:29:70:f4:99:c9:26:4e:b2:85:20:3b:28:
1c:1e:43:4c:20:b2:82:62:c0:88:3f:b0:f7:a1:3e:
c3:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:C8:43:60:78:74:2C:0B:BB:20:45:20:A7:87:4A:37:CB:87:DB:E4
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/n8hDYHh0LAu7IEUgp4dKN8uH2-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.152.254.0/23
185.123.160.0/24
194.60.251.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:49:ee:ba:d0:9a:05:56:99:55:40:86:45:12:bc:a2:d4:25:
67:b0:d0:fb:c8:b8:2b:af:ce:22:bc:a5:1f:be:37:41:2c:52:
e1:5a:e4:93:17:80:57:e5:12:5f:4b:ed:ec:9d:f4:ac:c8:3f:
21:18:1c:17:3d:16:5f:6c:cb:72:68:68:85:d0:c5:bc:cc:13:
a4:2c:f1:d2:81:cb:85:98:1e:14:06:d9:c5:26:a0:59:6c:6e:
00:50:23:e1:51:c5:5a:67:21:0f:2f:dd:b2:68:34:ca:8e:b7:
5b:52:5d:b0:0a:15:38:71:f4:28:65:ea:bf:44:1a:91:e9:95:
2e:8b:35:81:8d:c1:cc:cf:1d:60:37:42:6b:10:ef:a6:03:03:
ae:8d:0a:3a:31:e3:b7:27:3f:56:75:08:fa:4a:5c:07:dd:c1:
33:e4:ca:04:71:45:39:cf:d4:58:e8:2e:c9:53:dd:ba:83:fa:
96:14:dc:b1:1f:ee:8d:ee:d9:bb:18:9a:7e:37:2f:33:3b:2a:
75:33:29:18:ee:66:b1:44:0c:d2:89:ab:68:d8:2e:f1:a9:36:
8b:6c:a8:1c:0d:56:67:07:96:0d:95:33:30:eb:36:52:d5:04:
34:13:31:92:eb:28:bb:76:df:47:5b:8d:61:96:3f:e8:35:84:
0f:72:22:78
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwFS9qlOper4rh5APxnYCmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTVhYTkxOGNiZmViM2UxMjk5N2YzMzg5MGZlYjI1ODkw
N2IzNDMwHhcNMjMwMTAyMDEyNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmM4NDM2MDc4NzQyYzBiYmIyMDQ1MjBhNzg3NGEzN2NiODdkYmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiV97aMzGmuYO17L5OK5cyGeXRxW
twxDOz+KGJWsmx2xcoT+8boRNuqT8FeSVfj8T+ezh/8kIn3YLY3B90NtqF6S3gUy
BCIBcJoigcrLce54a+QqGO0nIRamwpUTZ4mvO5H7E4snNK8HDQUyEuJ6Kx2K1E4L
wwPKQWcKXllNjzbtDEW2WcsHyetJvt9k4IIGQL9/hl3IuyNnmmBvMWPtrJ3bnwIg
Dwh/oDsANPA9StFwIDYUZ4EdVOWvEQermJB66Qhx7dPYgXYwpqAJFc962eBqeVmn
fWWVhft5/8OsZ+OFYCIpcPSZySZOsoUgOygcHkNMILKCYsCIP7D3oT7DfwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ/IQ2B4dCwLuyBFIKeHSjfLh9vkMB8GA1UdIwQY
MBaAFCalqpGMv+s+Epl/M4kP6yWJB7NDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTIt
Mjk3ZTI4MmQ2NmE4LzEvbjhoRFlIaDBMQXU3SUVVZ3A0ZEtOOHVIMi1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTItMjk3ZTI4MmQ2NmE4
LzEvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBXpj+AwQA
uXugAwQAwjz7MA0GCSqGSIb3DQEBCwUAA4IBAQCKSe660JoFVplVQIZFEryi1CVn
sND7yLgrr84ivKUfvjdBLFLhWuSTF4BX5RJfS+3snfSsyD8hGBwXPRZfbMtyaGiF
0MW8zBOkLPHSgcuFmB4UBtnFJqBZbG4AUCPhUcVaZyEPL92yaDTKjrdbUl2wChU4
cfQoZeq/RBqR6ZUuizWBjcHMzx1gN0JrEO+mAwOujQo6MeO3Jz9WdQj6SlwH3cEz
5MoEcUU5z9RY6C7JU926g/qWFNyxH+6N7tm7GJp+Ny8zOyp1MykY7maxRAzSiato
2C7xqTaLbKgcDVZnB5YNlTMw6zZS1QQ0EzGS6yi7dt9HW41hlj/oNYQPciJ4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:10 2024 by rpki-client on console-ams.rpki-client.org