Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/I8eU3BaWN3o_T_YqMS9j1kA0YKI.roa
File: I8eU3BaWN3o_T_YqMS9j1kA0YKI.roa (raw, json)
Hash identifier: HIbdDop7r8OWwasdvnNFJDpNyDw8tICTe3jbmhYk+l8=
Subject key identifier: 23:C7:94:DC:16:96:37:7A:3F:4F:F6:2A:31:2F:63:D6:40:34:60:A2
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01856CB84174276EFC1529498F04992505AD
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/I8eU3BaWN3o_T_YqMS9j1kA0YKI.roa
Signing time: Sun 01 Jan 2023 09:44:52 +0000
ROA not before: Sun 01 Jan 2023 09:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21272
IP address blocks: 217.167.147.0/24 maxlen: 24
194.2.35.0/24 maxlen: 24
81.252.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:41:74:27:6e:fc:15:29:49:8f:04:99:25:05:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 09:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23c794dc1696377a3f4ff62a312f63d6403460a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:97:f6:aa:ea:6c:05:79:38:09:f5:60:e7:f0:
19:bc:35:14:07:06:aa:7e:cf:c4:3d:5a:48:20:4d:
83:9c:1a:f5:2f:3c:6f:ce:1f:21:da:2c:87:8c:50:
81:d6:c4:6b:e3:83:68:f3:0b:6f:45:91:5a:73:70:
dd:df:00:42:cc:ee:c0:69:a6:04:02:37:3e:97:9b:
f5:c4:07:78:66:2d:bc:ff:61:43:61:dd:ae:21:e7:
3e:a4:e5:e2:8f:13:cb:db:ce:47:93:b1:41:79:b1:
8e:ce:0d:c1:ec:bb:ea:9f:a5:fc:3a:36:23:f1:bc:
5a:42:e5:1e:20:59:0a:07:10:5d:2c:7b:b6:77:0e:
1b:57:b4:08:ff:0e:33:ef:2d:44:d1:5f:e8:f1:59:
9a:10:d7:58:e7:7a:51:60:e0:ab:f6:52:da:75:09:
78:bf:26:e1:b2:7d:7a:ff:1c:5e:30:d2:0a:b7:b2:
e0:8f:8d:df:21:b3:7f:d2:19:0a:05:66:cd:47:b6:
fc:f6:50:60:96:44:ad:dc:36:9f:ef:96:e2:41:2b:
8d:0c:16:b8:eb:dd:e9:69:a5:f6:b4:4d:2b:14:97:
f5:ac:79:4f:08:e7:38:30:69:a7:ec:8c:0e:f4:e6:
cb:24:4e:b5:82:b9:e3:73:e9:88:ff:0c:b8:77:2e:
1f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:C7:94:DC:16:96:37:7A:3F:4F:F6:2A:31:2F:63:D6:40:34:60:A2
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/I8eU3BaWN3o_T_YqMS9j1kA0YKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.252.173.0/24
194.2.35.0/24
217.167.147.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:c4:82:da:99:8b:a3:63:e1:60:24:e1:c2:c7:15:1e:a2:98:
76:24:f5:45:6c:e4:07:41:c8:71:33:2a:09:3d:d3:c2:d3:33:
5e:7d:6d:b1:71:33:b9:9b:bd:a8:04:7f:42:60:bf:db:52:ad:
c4:51:17:6b:52:4c:4b:24:3a:82:69:18:f1:f6:47:c4:c3:25:
28:3b:f0:d0:40:88:92:6f:33:6b:22:29:a6:6e:a3:cc:32:ef:
17:87:e7:47:9a:0c:fb:d2:52:7b:56:8b:52:de:d3:f1:86:29:
67:d7:b1:96:14:9b:43:0a:ad:07:71:73:79:5a:9d:f5:fc:86:
23:df:af:42:a8:f1:6d:26:3e:61:03:0f:f1:f9:9e:3c:57:a7:
40:d0:82:97:3f:26:24:fb:5b:45:2b:e7:a1:26:9e:7a:af:1c:
ee:28:10:aa:f7:63:4d:cd:b7:ae:fb:8d:e1:e9:9b:68:15:f5:
26:05:b4:90:7e:2d:9e:bd:07:35:89:4c:3c:ef:95:20:a1:fb:
c7:e0:f6:fa:05:1a:c8:b3:03:44:0a:16:0b:cd:19:06:c3:ee:
1c:b3:2f:26:8c:b7:40:0e:6b:2e:31:ab:2a:bb:4f:e3:40:9a:
6f:d5:09:6e:94:b2:11:a2:1e:15:ba:fd:70:c9:96:9e:49:55:
4e:e6:73:01
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsuEF0J278FSlJjwSZJQWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2M3OTRkYzE2OTYzNzdhM2Y0ZmY2MmEzMTJmNjNkNjQwMzQ2MGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZf2qupsBXk4CfVg5/AZvDUUBwaq
fs/EPVpIIE2DnBr1Lzxvzh8h2iyHjFCB1sRr44No8wtvRZFac3Dd3wBCzO7AaaYE
Ajc+l5v1xAd4Zi28/2FDYd2uIec+pOXijxPL285Hk7FBebGOzg3B7Lvqn6X8OjYj
8bxaQuUeIFkKBxBdLHu2dw4bV7QI/w4z7y1E0V/o8VmaENdY53pRYOCr9lLadQl4
vybhsn16/xxeMNIKt7Lgj43fIbN/0hkKBWbNR7b89lBglkSt3Daf75biQSuNDBa4
693paaX2tE0rFJf1rHlPCOc4MGmn7IwO9ObLJE61grnjc+mI/wy4dy4frwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCPHlNwWljd6P0/2KjEvY9ZANGCiMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvSThlVTNCYVdOM29fVF9ZcU1TOWoxa0EwWUtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUfytAwQA
wgIjAwQA2aeTMA0GCSqGSIb3DQEBCwUAA4IBAQCoxILamYujY+FgJOHCxxUeoph2
JPVFbOQHQchxMyoJPdPC0zNefW2xcTO5m72oBH9CYL/bUq3EURdrUkxLJDqCaRjx
9kfEwyUoO/DQQIiSbzNrIimmbqPMMu8Xh+dHmgz70lJ7VotS3tPxhiln17GWFJtD
Cq0HcXN5Wp31/IYj369CqPFtJj5hAw/x+Z48V6dA0IKXPyYk+1tFK+ehJp56rxzu
KBCq92NNzbeu+43h6ZtoFfUmBbSQfi2evQc1iUw875UgofvH4Pb6BRrIswNEChYL
zRkGw+4csy8mjLdADmsuMasqu0/jQJpv1QlulLIRoh4Vuv1wyZaeSVVO5nMB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org