Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/8xvLaux2sP3bp0E3VErRA64W7-8.roa
File: 8xvLaux2sP3bp0E3VErRA64W7-8.roa (raw, json)
Hash identifier: KrbYdHcxprE4l1rT013RP9fZW1mW40TD1jzCnBuowaY=
Subject key identifier: F3:1B:CB:6A:EC:76:B0:FD:DB:A7:41:37:54:4A:D1:03:AE:16:EF:EF
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019001AAE22AB1ABF29CA2765AE815DF6BE0
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/8xvLaux2sP3bp0E3VErRA64W7-8.roa
Signing time: Mon 10 Jun 2024 10:21:34 +0000
ROA not before: Mon 10 Jun 2024 10:21:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25198
IP address blocks: 85.204.22.0/24 maxlen: 24
94.177.51.0/24 maxlen: 24
94.177.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 29 Jun 2024 18:20:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:01:aa:e2:2a:b1:ab:f2:9c:a2:76:5a:e8:15:df:6b:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 10 10:21:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f31bcb6aec76b0fddba74137544ad103ae16efef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:94:c7:52:8e:9b:37:f3:01:11:49:57:72:7e:
8f:38:3a:78:8a:51:0e:fe:ba:75:45:ad:38:2b:a8:
78:84:f7:12:fc:e3:3a:33:c2:ee:db:4f:a1:9a:8e:
23:42:94:1c:64:e7:2b:70:38:2f:5e:3e:24:fb:eb:
dd:e3:f0:5a:e0:3a:1f:cc:d1:c1:d9:47:e8:ce:e0:
ee:84:d6:36:95:a3:ff:a3:17:98:8e:56:2b:24:58:
43:23:07:20:cf:01:46:fb:97:5b:6e:93:a6:a7:9d:
bb:b3:34:c4:89:09:e8:df:f2:02:4e:fd:01:eb:b1:
df:7a:5b:02:09:66:94:58:40:45:51:12:3d:72:e8:
e4:f8:5a:ee:36:80:84:09:7b:0a:c3:f5:52:2b:91:
a6:bd:ac:95:49:8f:6a:e4:08:f4:4a:9c:33:e9:13:
5f:57:a5:4f:17:ec:3a:a8:2c:95:73:60:d0:24:1c:
4b:a3:cf:0d:b5:e8:cf:ff:ac:4b:cd:f6:e9:6d:78:
2e:0d:96:d6:30:1e:e9:be:a3:83:f5:54:46:8f:b0:
4e:ad:48:f0:09:46:18:cb:ff:d3:fe:63:9f:eb:41:
3e:15:c7:c2:2b:82:74:87:61:5b:71:ea:4f:60:a4:
d4:20:6d:64:40:90:bf:10:9d:9b:0c:86:e0:74:9e:
d7:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:1B:CB:6A:EC:76:B0:FD:DB:A7:41:37:54:4A:D1:03:AE:16:EF:EF
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/8xvLaux2sP3bp0E3VErRA64W7-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.22.0/24
94.177.51.0/24
94.177.106.0/24
Signature Algorithm: sha256WithRSAEncryption
61:d3:0b:a4:53:12:01:4d:86:76:25:2c:c8:ab:3e:58:da:4c:
97:4f:e9:4a:23:ba:a4:bf:a5:21:c3:65:e9:48:69:45:68:7c:
6d:b7:5c:4e:42:06:23:e0:44:60:94:f9:5c:48:14:ad:d6:32:
ab:00:af:a3:46:47:3b:2c:cb:29:e5:e4:c7:99:96:28:53:85:
3d:c1:85:01:16:c5:db:b6:c4:88:b6:cf:cc:74:53:03:93:fa:
be:9e:a5:e1:eb:b7:9e:89:0e:df:a2:d9:b2:de:8d:04:2b:7a:
8a:d1:09:f4:10:78:fd:63:c9:c9:06:f6:08:83:9c:9a:23:50:
65:b8:22:1c:01:c4:59:a9:88:55:b6:ab:4f:80:50:ac:78:3c:
1a:37:a6:dd:8c:7d:20:e7:d9:54:db:7f:16:5f:41:5b:0b:1b:
04:c4:aa:21:54:f9:e4:33:25:d2:ba:74:01:50:eb:50:e5:24:
a8:e7:8b:dd:7f:06:40:76:30:27:1b:c6:20:06:66:97:5f:c0:
bc:84:cd:a5:f7:c1:49:54:41:3a:3b:04:79:93:ab:b5:34:19:
97:68:5e:bd:09:e4:ac:64:a1:d3:3d:87:8d:82:34:ca:85:00:
23:89:42:7c:62:10:f5:be:7a:cd:d3:f7:1f:31:40:56:24:b9:
9c:fe:2a:17
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZABquIqsavynKJ2WugV32vgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwNjEwMTAyMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzFiY2I2YWVjNzZiMGZkZGJhNzQxMzc1NDRhZDEwM2FlMTZlZmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JTHUo6bN/MBEUlXcn6PODp4ilEO
/rp1Ra04K6h4hPcS/OM6M8Lu20+hmo4jQpQcZOcrcDgvXj4k++vd4/Ba4DofzNHB
2UfozuDuhNY2laP/oxeYjlYrJFhDIwcgzwFG+5dbbpOmp527szTEiQno3/ICTv0B
67HfelsCCWaUWEBFURI9cujk+FruNoCECXsKw/VSK5GmvayVSY9q5Aj0Spwz6RNf
V6VPF+w6qCyVc2DQJBxLo88NtejP/6xLzfbpbXguDZbWMB7pvqOD9VRGj7BOrUjw
CUYYy//T/mOf60E+FcfCK4J0h2FbcepPYKTUIG1kQJC/EJ2bDIbgdJ7X5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPMby2rsdrD926dBN1RK0QOuFu/vMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvOHh2TGF1eDJzUDNicDBFM1ZFclJBNjRXNy04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVcwWAwQA
XrEzAwQAXrFqMA0GCSqGSIb3DQEBCwUAA4IBAQBh0wukUxIBTYZ2JSzIqz5Y2kyX
T+lKI7qkv6Uhw2XpSGlFaHxtt1xOQgYj4ERglPlcSBSt1jKrAK+jRkc7LMsp5eTH
mZYoU4U9wYUBFsXbtsSIts/MdFMDk/q+nqXh67eeiQ7fotmy3o0EK3qK0Qn0EHj9
Y8nJBvYIg5yaI1BluCIcAcRZqYhVtqtPgFCseDwaN6bdjH0g59lU238WX0FbCxsE
xKohVPnkMyXSunQBUOtQ5SSo54vdfwZAdjAnG8YgBmaXX8C8hM2l98FJVEE6OwR5
k6u1NBmXaF69CeSsZKHTPYeNgjTKhQAjiUJ8YhD1vnrN0/cfMUBWJLmc/ioX
-----END CERTIFICATE-----
Generated at Sat Jun 29 19:44:07 2024 by rpki-client on console-fra.rpki-client.org