Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/8rFATBea2UOuLu-Tx4uMK7vJ5aA.roa
File: 8rFATBea2UOuLu-Tx4uMK7vJ5aA.roa (raw, json)
Hash identifier: jW1qIBhfottucVBZmOhpCJ7izVAmffK0dyM5d1CCyT8=
Subject key identifier: F2:B1:40:4C:17:9A:D9:43:AE:2E:EF:93:C7:8B:8C:2B:BB:C9:E5:A0
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 01856F9DC7949F3118736B31EA1CFC5BF84B
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/8rFATBea2UOuLu-Tx4uMK7vJ5aA.roa
Signing time: Sun 01 Jan 2023 23:14:49 +0000
ROA not before: Sun 01 Jan 2023 23:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60146
IP address blocks: 213.14.250.0/24 maxlen: 24
85.153.145.0/24 maxlen: 24
213.74.242.0/24 maxlen: 24
213.14.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:c7:94:9f:31:18:73:6b:31:ea:1c:fc:5b:f8:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 23:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2b1404c179ad943ae2eef93c78b8c2bbbc9e5a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5b:ed:de:92:f1:3e:c7:72:33:9f:34:4b:92:
b2:db:e2:b3:0d:f0:b8:50:26:ff:13:7c:76:b1:e9:
e1:9a:30:d7:3d:55:ce:bc:3f:a8:65:5f:14:c6:31:
76:a1:11:6d:5c:40:f2:7b:3d:81:98:1c:1e:c0:fd:
1a:df:2a:32:85:52:6b:d5:9f:cd:0d:fd:5e:bf:db:
54:d7:67:0f:ea:1f:a1:e3:88:89:5e:ee:9e:79:eb:
de:af:9a:99:38:64:4c:43:d3:36:da:af:e2:57:1d:
d2:7a:0a:40:06:f6:87:8f:0e:b1:30:1c:48:cf:7a:
a8:42:7e:67:23:6f:48:e8:bd:b8:97:82:c4:a1:53:
77:7d:b9:9d:98:57:bd:97:66:19:c7:3b:ac:20:a9:
61:8d:65:8d:f6:bd:13:5e:0d:25:99:16:8b:86:02:
09:73:dc:17:b7:48:18:eb:88:2a:28:e1:54:c6:62:
82:bb:e9:ed:01:6c:fc:f1:34:c9:c5:58:bc:d9:4d:
99:ea:c4:f6:68:a0:5f:bf:95:fc:17:9f:73:b1:e9:
67:7d:f6:af:61:f5:5c:1e:f5:41:db:1c:b8:45:da:
bd:c1:61:2b:80:b0:cf:eb:02:88:88:01:64:ec:76:
1c:91:d7:62:de:5b:a2:3f:6e:ae:ad:ef:8f:16:81:
1d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:B1:40:4C:17:9A:D9:43:AE:2E:EF:93:C7:8B:8C:2B:BB:C9:E5:A0
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/8rFATBea2UOuLu-Tx4uMK7vJ5aA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.145.0/24
213.14.223.0/24
213.14.250.0/24
213.74.242.0/24
Signature Algorithm: sha256WithRSAEncryption
85:45:47:b8:65:5e:ad:3f:79:d1:5e:ce:72:f3:03:4c:12:cf:
c6:9c:c9:37:1f:5d:57:b5:63:c7:4b:4e:11:75:b1:40:33:2e:
bc:4b:08:3e:98:89:c8:76:de:1b:5e:39:38:67:2c:de:9d:e8:
e6:8c:2c:34:17:ce:67:5f:c4:22:99:48:a2:ca:04:3d:e7:fb:
ad:1b:fa:ac:83:8a:6c:ba:f0:3f:1b:1b:58:e1:17:3f:25:47:
ed:45:61:d2:20:28:64:57:2b:68:18:3e:5b:90:2c:67:b7:25:
89:7e:12:7e:c6:e7:5f:c0:ae:3c:1a:e7:af:31:50:92:a9:06:
27:3e:6d:4d:3d:fa:3b:08:ee:90:f2:c6:08:f2:77:d1:bd:7d:
f7:a5:00:4a:fa:51:af:70:bb:5d:df:b7:f9:14:42:ff:dc:56:
3d:ac:98:a7:a7:26:eb:ce:95:98:e4:d5:69:f9:ff:bc:1c:6c:
ee:1e:ec:ab:6f:c1:0f:59:8b:e5:64:96:55:71:db:b8:2b:f6:
75:63:94:4e:81:db:61:f5:be:62:42:c5:7a:62:65:73:1a:ba:
cf:82:74:55:48:f1:9d:dd:4f:6c:37:50:f5:2c:49:a0:97:21:
25:6a:db:0e:2a:ed:ba:c7:f2:5b:4e:80:24:50:ac:88:40:14:
b8:a0:1e:2d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvnceUnzEYc2sx6hz8W/hLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjMwMTAxMjMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmIxNDA0YzE3OWFkOTQzYWUyZWVmOTNjNzhiOGMyYmJiYzllNWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilvt3pLxPsdyM580S5Ky2+KzDfC4
UCb/E3x2senhmjDXPVXOvD+oZV8UxjF2oRFtXEDyez2BmBwewP0a3yoyhVJr1Z/N
Df1ev9tU12cP6h+h44iJXu6eeever5qZOGRMQ9M22q/iVx3SegpABvaHjw6xMBxI
z3qoQn5nI29I6L24l4LEoVN3fbmdmFe9l2YZxzusIKlhjWWN9r0TXg0lmRaLhgIJ
c9wXt0gY64gqKOFUxmKCu+ntAWz88TTJxVi82U2Z6sT2aKBfv5X8F59zselnffav
YfVcHvVB2xy4Rdq9wWErgLDP6wKIiAFk7HYckddi3luiP26ure+PFoEdRwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPKxQEwXmtlDri7vk8eLjCu7yeWgMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvOHJGQVRCZWEyVU91THUtVHg0dU1LN3ZKNWFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVZmRAwQA
1Q7fAwQA1Q76AwQA1UryMA0GCSqGSIb3DQEBCwUAA4IBAQCFRUe4ZV6tP3nRXs5y
8wNMEs/GnMk3H11XtWPHS04RdbFAMy68Swg+mInIdt4bXjk4ZyzenejmjCw0F85n
X8QimUiiygQ95/utG/qsg4psuvA/GxtY4Rc/JUftRWHSIChkVytoGD5bkCxntyWJ
fhJ+xudfwK48GuevMVCSqQYnPm1NPfo7CO6Q8sYI8nfRvX33pQBK+lGvcLtd37f5
FEL/3FY9rJinpybrzpWY5NVp+f+8HGzuHuyrb8EPWYvlZJZVcdu4K/Z1Y5ROgdth
9b5iQsV6YmVzGrrPgnRVSPGd3U9sN1D1LEmglyElatsOKu26x/JbToAkUKyIQBS4
oB4t
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:16 2024 by rpki-client on console-fra.rpki-client.org