Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/ns8leO0zU8AOEmqD4SQB8En02Dw.roa
File: ns8leO0zU8AOEmqD4SQB8En02Dw.roa (raw, json)
Hash identifier: 4mp+E1/D2w+/R3dwS5ciJGr4/Bp38QNluf2qH8+xEa0=
Subject key identifier: 9E:CF:25:78:ED:33:53:C0:0E:12:6A:83:E1:24:01:F0:49:F4:D8:3C
Certificate issuer: /CN=d513872512f1f2d037b401c2603ca8994e721e55
Certificate serial: 018B4DAB5544DA67C9F427781237ABE6F87B
Authority key identifier: D5:13:87:25:12:F1:F2:D0:37:B4:01:C2:60:3C:A8:99:4E:72:1E:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ROHJRLx8tA3tAHCYDyomU5yHlU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/ns8leO0zU8AOEmqD4SQB8En02Dw.roa
Signing time: Fri 20 Oct 2023 15:19:15 +0000
ROA not before: Fri 20 Oct 2023 15:19:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202613
IP address blocks: 185.8.196.0/22 maxlen: 24
83.136.104.0/23 maxlen: 24
83.136.110.0/23 maxlen: 24
2a02:29e1::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4d:ab:55:44:da:67:c9:f4:27:78:12:37:ab:e6:f8:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d513872512f1f2d037b401c2603ca8994e721e55
Validity
Not Before: Oct 20 15:19:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ecf2578ed3353c00e126a83e12401f049f4d83c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9f:8b:2e:bb:ac:a7:45:70:c5:00:75:fe:72:
1a:70:29:f4:15:f7:d6:55:c6:09:25:7f:e2:48:e2:
07:1e:65:b9:4a:36:9e:68:7a:74:29:bb:eb:75:8a:
58:3a:5c:e7:67:30:9c:fd:1e:82:02:d8:75:7c:5d:
bc:49:e4:58:4f:13:49:29:36:8e:c9:5a:bc:eb:c3:
44:7c:7e:c0:e0:89:6b:0c:41:a3:2e:69:8c:5c:d1:
c3:ee:3e:fe:39:74:17:38:ac:16:23:c4:c6:33:40:
76:25:68:ef:75:81:ea:67:18:d8:50:4a:a5:cf:f1:
7d:d5:c3:7f:b1:16:e8:79:e2:b5:0a:09:48:d5:0e:
6a:bd:2c:c4:35:fd:1d:d7:aa:30:d7:a3:17:ed:79:
64:45:dc:37:4d:4a:e4:aa:75:1f:32:38:21:80:d4:
b3:50:a5:88:7b:88:f2:2f:ee:d6:d7:27:69:92:0f:
b5:ab:ee:18:d8:1d:6b:8e:7f:58:76:b0:74:d8:72:
25:1c:28:48:ba:b0:ed:29:3a:84:b4:32:ef:f6:aa:
d6:7a:d3:2c:17:c0:a9:02:46:55:b8:66:ed:5d:1a:
73:c0:8a:44:0b:ce:a1:59:00:50:25:c9:a0:0b:d7:
14:ca:f1:21:63:bf:a9:c6:fa:d7:83:ca:b5:e5:ad:
b7:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:CF:25:78:ED:33:53:C0:0E:12:6A:83:E1:24:01:F0:49:F4:D8:3C
X509v3 Authority Key Identifier:
keyid:D5:13:87:25:12:F1:F2:D0:37:B4:01:C2:60:3C:A8:99:4E:72:1E:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ROHJRLx8tA3tAHCYDyomU5yHlU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/ns8leO0zU8AOEmqD4SQB8En02Dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/1ROHJRLx8tA3tAHCYDyomU5yHlU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.104.0/23
83.136.110.0/23
185.8.196.0/22
IPv6:
2a02:29e1::/32
Signature Algorithm: sha256WithRSAEncryption
04:5d:a9:7c:bc:3b:06:d8:8f:4d:b6:2a:df:6e:c7:ba:64:62:
0b:70:79:3e:57:b8:3d:96:5f:fa:f0:97:af:f9:8c:14:f0:44:
0d:ee:3d:29:7c:0e:24:7e:a1:54:85:4f:f8:92:32:fc:c6:e6:
b8:e0:5a:72:4f:e7:2f:fc:df:97:9a:1a:00:79:13:da:85:2c:
2e:96:d2:1d:aa:29:c0:7b:46:f8:fd:43:d4:2d:d3:6f:ea:df:
7b:1a:30:76:74:21:16:4c:26:99:e1:3b:fa:5e:ac:fb:0a:5c:
d5:5b:50:e6:90:0e:d8:05:1f:5c:0b:87:d1:b3:00:05:bb:25:
88:25:e7:af:21:2a:b4:5f:de:07:f1:ee:26:da:30:ed:42:16:
1d:6a:7d:a8:53:16:8b:96:84:53:2e:6d:a3:d8:c9:eb:5f:64:
0d:fa:a7:b3:e3:bb:88:c2:52:9b:df:26:77:94:0a:49:60:0e:
80:1b:70:c4:f8:1d:50:5d:d4:8e:7a:f8:e5:06:14:69:df:06:
e9:db:54:9f:98:d5:e9:30:e8:e5:7c:89:f0:bf:55:07:63:2a:
e2:14:2f:d7:e3:6b:d6:24:1f:03:20:8c:99:ba:06:94:0f:8f:
f4:65:fd:c4:8f:8d:3d:61:40:fa:05:cd:a6:59:16:49:5e:9c:
c4:93:14:3d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYtNq1VE2mfJ9Cd4Ejer5vh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MTM4NzI1MTJmMWYyZDAzN2I0MDFjMjYwM2NhODk5NGU3
MjFlNTUwHhcNMjMxMDIwMTUxOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWNmMjU3OGVkMzM1M2MwMGUxMjZhODNlMTI0MDFmMDQ5ZjRkODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZ+LLrusp0VwxQB1/nIacCn0FffW
VcYJJX/iSOIHHmW5SjaeaHp0KbvrdYpYOlznZzCc/R6CAth1fF28SeRYTxNJKTaO
yVq868NEfH7A4IlrDEGjLmmMXNHD7j7+OXQXOKwWI8TGM0B2JWjvdYHqZxjYUEql
z/F91cN/sRboeeK1CglI1Q5qvSzENf0d16ow16MX7XlkRdw3TUrkqnUfMjghgNSz
UKWIe4jyL+7W1ydpkg+1q+4Y2B1rjn9YdrB02HIlHChIurDtKTqEtDLv9qrWetMs
F8CpAkZVuGbtXRpzwIpEC86hWQBQJcmgC9cUyvEhY7+pxvrXg8q15a23yQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJ7PJXjtM1PADhJqg+EkAfBJ9Ng8MB8GA1UdIwQY
MBaAFNUThyUS8fLQN7QBwmA8qJlOch5VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVJPSEpSTHg4dEEzdEFIQ1lEeW9tVTV5SGxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9hN2RkZjYtMjM5NC00OGQzLWJmYTEt
NmQ2NTVjZDk0NDY4LzEvbnM4bGVPMHpVOEFPRW1xRDRTUUI4RW4wMkR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9hN2RkZjYtMjM5NC00OGQzLWJmYTEtNmQ2NTVjZDk0NDY4
LzEvMVJPSEpSTHg4dEEzdEFIQ1lEeW9tVTV5SGxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBU4hoAwQB
U4huAwQCuQjEMA0EAgACMAcDBQAqAinhMA0GCSqGSIb3DQEBCwUAA4IBAQAEXal8
vDsG2I9Ntirfbse6ZGILcHk+V7g9ll/68Jev+YwU8EQN7j0pfA4kfqFUhU/4kjL8
xua44FpyT+cv/N+XmhoAeRPahSwultIdqinAe0b4/UPULdNv6t97GjB2dCEWTCaZ
4Tv6Xqz7ClzVW1DmkA7YBR9cC4fRswAFuyWIJeevISq0X94H8e4m2jDtQhYdan2o
UxaLloRTLm2j2MnrX2QN+qez47uIwlKb3yZ3lApJYA6AG3DE+B1QXdSOevjlBhRp
3wbp21SfmNXpMOjlfInwv1UHYyriFC/X42vWJB8DIIyZugaUD4/0Zf3Ej409YUD6
Bc2mWRZJXpzEkxQ9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:26 2024 by rpki-client on console-ams.rpki-client.org