Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/fbc141-99fc-4f83-b585-0fe6f55db3f6/1/8NCQkqvCIAog3tFdu3PU-6WbwNg.roa
File: 8NCQkqvCIAog3tFdu3PU-6WbwNg.roa (raw, json)
Hash identifier: p+jpbAX1CoXnbwijXOQLiz2ibEl0Xt/CNQK88b3lkGY=
Subject key identifier: F0:D0:90:92:AB:C2:20:0A:20:DE:D1:5D:BB:73:D4:FB:A5:9B:C0:D8
Certificate issuer: /CN=029e98336f6a6cc9dbcf1ecb4895580f094e3e2b
Certificate serial: 018A9331A92284F079A0ED03BF1DD4A618E7
Authority key identifier: 02:9E:98:33:6F:6A:6C:C9:DB:CF:1E:CB:48:95:58:0F:09:4E:3E:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ap6YM29qbMnbzx7LSJVYDwlOPis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/fbc141-99fc-4f83-b585-0fe6f55db3f6/1/8NCQkqvCIAog3tFdu3PU-6WbwNg.roa
Signing time: Thu 14 Sep 2023 10:16:59 +0000
ROA not before: Thu 14 Sep 2023 10:16:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8697
IP address blocks: 212.34.0.0/19 maxlen: 24
185.98.224.0/22 maxlen: 24
213.139.32.0/19 maxlen: 24
2a00:18d8::/29 maxlen: 64
2a00:18d8::/32 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:93:31:a9:22:84:f0:79:a0:ed:03:bf:1d:d4:a6:18:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=029e98336f6a6cc9dbcf1ecb4895580f094e3e2b
Validity
Not Before: Sep 14 10:16:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0d09092abc2200a20ded15dbb73d4fba59bc0d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0e:a1:00:57:46:88:ed:22:a6:d6:29:cf:0d:
14:7e:3b:14:28:32:a7:55:7b:92:b1:72:ad:fc:65:
46:4e:94:ef:c3:4c:6e:3f:24:d0:b0:6f:b9:4d:a4:
a6:30:cc:d3:e3:e6:6f:83:8c:1b:b9:2b:7f:3e:b6:
f8:bf:cf:dd:27:d9:e5:bd:71:5d:49:16:fb:3c:ed:
40:23:e1:c7:42:4f:7d:28:1d:db:4c:2b:48:53:c8:
38:52:c6:e1:26:7b:25:69:31:da:a1:36:8d:13:8a:
da:5b:86:e0:7c:bd:56:17:18:0b:9f:b0:50:9d:db:
2a:44:1f:05:ac:d4:7e:ea:e2:59:c6:dc:89:61:7f:
f8:f7:af:7c:2f:9c:be:6d:d3:ee:5a:0b:22:be:52:
0f:c7:0f:7b:bb:9b:21:35:a8:f1:2a:98:d3:6d:8d:
c1:e5:83:41:c7:55:01:5a:69:5f:bb:8b:3e:99:d8:
aa:79:bc:f7:49:69:57:79:a2:2b:77:c4:5a:c8:ad:
be:93:60:e4:6e:7d:1c:37:72:d6:fd:1c:a5:df:53:
d6:d3:a0:76:d6:08:d8:ea:cb:aa:c5:bd:36:3b:f3:
3c:c8:ae:07:e1:2d:ce:69:0f:4d:1c:a7:85:5e:02:
67:7e:48:75:32:fc:70:c9:55:f5:73:31:3a:be:81:
7c:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:D0:90:92:AB:C2:20:0A:20:DE:D1:5D:BB:73:D4:FB:A5:9B:C0:D8
X509v3 Authority Key Identifier:
keyid:02:9E:98:33:6F:6A:6C:C9:DB:CF:1E:CB:48:95:58:0F:09:4E:3E:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ap6YM29qbMnbzx7LSJVYDwlOPis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/fbc141-99fc-4f83-b585-0fe6f55db3f6/1/8NCQkqvCIAog3tFdu3PU-6WbwNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/fbc141-99fc-4f83-b585-0fe6f55db3f6/1/Ap6YM29qbMnbzx7LSJVYDwlOPis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.224.0/22
212.34.0.0/19
213.139.32.0/19
IPv6:
2a00:18d8::/29
Signature Algorithm: sha256WithRSAEncryption
6e:40:1a:f4:0c:c0:37:89:5b:12:00:36:75:62:62:26:a3:fb:
1f:1d:1f:98:9b:ab:a4:09:c8:b1:87:39:ef:e4:a9:82:7e:c4:
bc:9d:c5:9f:b7:e7:37:58:60:17:c0:69:28:42:a7:94:39:94:
af:d0:db:cc:4b:34:8a:cc:59:6c:ae:bd:a8:18:08:41:48:b3:
91:08:d8:c6:ef:ca:dd:3b:1d:a4:f7:c4:ae:8f:14:de:50:2b:
ca:12:02:9b:4c:2c:e6:05:16:39:b4:df:a1:dc:b2:04:c1:86:
37:35:4d:09:f1:99:49:ba:dd:ff:32:da:21:0b:c8:78:24:ad:
d9:aa:ee:ec:d3:85:9b:2b:6a:49:7b:9e:52:a0:58:32:4c:c4:
2f:8f:6a:08:af:01:6e:c9:79:c6:3b:25:c6:6b:b5:65:b5:5b:
eb:2a:74:cf:6c:b6:22:2e:24:60:8c:49:ae:05:f2:6f:8d:ab:
fb:d3:d9:62:b9:5d:ae:15:92:12:3b:aa:ef:ec:1b:59:c4:98:
ca:01:4e:f7:14:0b:1c:ab:e5:84:e5:02:af:95:db:e1:09:75:
bb:2c:90:97:61:66:a2:aa:a2:27:34:aa:da:f5:8e:45:05:0f:
b8:d7:b8:b4:ce:5a:1f:38:ca:ec:ae:cb:43:ce:ce:b2:78:c4:
cf:d7:4c:50
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYqTMakihPB5oO0Dvx3UphjnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyOWU5ODMzNmY2YTZjYzlkYmNmMWVjYjQ4OTU1ODBmMDk0
ZTNlMmIwHhcNMjMwOTE0MTAxNjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGQwOTA5MmFiYzIyMDBhMjBkZWQxNWRiYjczZDRmYmE1OWJjMGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2A6hAFdGiO0iptYpzw0UfjsUKDKn
VXuSsXKt/GVGTpTvw0xuPyTQsG+5TaSmMMzT4+Zvg4wbuSt/Prb4v8/dJ9nlvXFd
SRb7PO1AI+HHQk99KB3bTCtIU8g4UsbhJnslaTHaoTaNE4raW4bgfL1WFxgLn7BQ
ndsqRB8FrNR+6uJZxtyJYX/49698L5y+bdPuWgsivlIPxw97u5shNajxKpjTbY3B
5YNBx1UBWmlfu4s+mdiqebz3SWlXeaIrd8RayK2+k2Dkbn0cN3LW/Ryl31PW06B2
1gjY6suqxb02O/M8yK4H4S3OaQ9NHKeFXgJnfkh1MvxwyVX1czE6voF8MQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPDQkJKrwiAKIN7RXbtz1Pulm8DYMB8GA1UdIwQY
MBaAFAKemDNvamzJ288ey0iVWA8JTj4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXA2WU0yOXFiTW5ieng3TFNKVllEd2xPUGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9mYmMxNDEtOTlmYy00ZjgzLWI1ODUt
MGZlNmY1NWRiM2Y2LzEvOE5DUWtxdkNJQW9nM3RGZHUzUFUtNldid05nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9mYmMxNDEtOTlmYy00ZjgzLWI1ODUtMGZlNmY1NWRiM2Y2
LzEvQXA2WU0yOXFiTW5ieng3TFNKVllEd2xPUGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuWLgAwQF
1CIAAwQF1YsgMA0EAgACMAcDBQMqABjYMA0GCSqGSIb3DQEBCwUAA4IBAQBuQBr0
DMA3iVsSADZ1YmImo/sfHR+Ym6ukCcixhznv5KmCfsS8ncWft+c3WGAXwGkoQqeU
OZSv0NvMSzSKzFlsrr2oGAhBSLORCNjG78rdOx2k98SujxTeUCvKEgKbTCzmBRY5
tN+h3LIEwYY3NU0J8ZlJut3/MtohC8h4JK3Zqu7s04WbK2pJe55SoFgyTMQvj2oI
rwFuyXnGOyXGa7VltVvrKnTPbLYiLiRgjEmuBfJvjav709liuV2uFZISO6rv7BtZ
xJjKAU73FAscq+WE5QKvldvhCXW7LJCXYWaiqqInNKra9Y5FBQ+417i0zlofOMrs
rstDzs6yeMTP10xQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:49 2024 by rpki-client on console-fra.rpki-client.org