Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/8kfXoV-b4ZwUnHMnJ7Wz4PHapg4.roa
File: 8kfXoV-b4ZwUnHMnJ7Wz4PHapg4.roa (raw, json)
Hash identifier: Ndye7p1mVYXr5wIhqB5qzT2QVZmR1bkCfZGFckLDosY=
Subject key identifier: F2:47:D7:A1:5F:9B:E1:9C:14:9C:73:27:27:B5:B3:E0:F1:DA:A6:0E
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018CC2DB55E11D6C18E88B6A23697A575FFB
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/8kfXoV-b4ZwUnHMnJ7Wz4PHapg4.roa
Signing time: Mon 01 Jan 2024 02:30:03 +0000
ROA not before: Mon 01 Jan 2024 02:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20940
IP address blocks: 193.108.88.0/21 maxlen: 21
193.108.89.0/24 maxlen: 24
193.108.90.0/24 maxlen: 24
193.108.94.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 28 Feb 2024 11:19:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:55:e1:1d:6c:18:e8:8b:6a:23:69:7a:57:5f:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 1 02:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f247d7a15f9be19c149c732727b5b3e0f1daa60e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d7:d0:ba:96:c2:32:fb:c6:f1:41:c0:db:4e:
df:75:29:f8:70:85:6e:d0:1e:dd:7f:4e:75:d3:db:
47:84:5a:04:a1:b0:1a:f9:f7:37:e2:bb:b3:41:85:
22:67:95:30:ee:e4:62:83:74:39:78:a0:43:45:5a:
3e:c2:65:f2:2b:6c:c3:29:f3:dd:3b:58:39:48:39:
2b:be:e1:3a:ee:ec:19:8e:f3:62:a7:8f:8b:49:58:
c7:58:38:90:e1:e2:57:bf:42:a8:7a:b5:8d:55:e1:
1d:85:0f:49:cc:ca:c6:e7:fe:20:a8:49:71:2d:22:
6f:a7:3c:40:e2:e9:c6:0a:32:fa:c2:c3:fb:1e:ff:
3d:b1:40:c3:77:b2:a4:a3:4d:ec:87:a2:90:d6:56:
bb:0d:9a:0e:18:bc:c6:99:ff:27:1c:72:57:f8:e9:
ae:e3:fa:21:3b:99:09:9e:cc:fe:64:ca:48:fe:71:
70:13:8f:88:4d:18:88:68:86:e5:70:57:92:73:7b:
65:bb:f1:9b:0f:ea:b0:a1:ab:c2:47:e1:99:30:d0:
12:ab:de:cc:10:98:8c:23:7b:7d:99:10:11:32:ca:
85:1c:d3:25:be:2d:5b:da:b0:bf:d0:af:ef:1f:fa:
61:14:4a:1d:1f:f9:a1:c9:31:73:f7:b9:99:bf:78:
f4:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:47:D7:A1:5F:9B:E1:9C:14:9C:73:27:27:B5:B3:E0:F1:DA:A6:0E
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/8kfXoV-b4ZwUnHMnJ7Wz4PHapg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.88.0/21
Signature Algorithm: sha256WithRSAEncryption
61:75:a7:2c:1e:b4:01:a6:e2:5f:79:c6:7a:62:8a:d1:59:4a:
08:c4:0a:68:3b:bb:d0:22:7a:ee:ec:b7:fa:65:7e:82:dd:fb:
bc:a8:a8:25:96:16:ae:32:ce:4e:b7:60:fc:2a:f9:a8:fd:cf:
44:66:bc:ce:a7:6e:2d:2f:35:75:2d:c1:1f:fd:21:15:21:31:
33:6d:23:d1:6e:7d:89:e7:c3:11:29:78:1d:bf:dc:ea:18:03:
9f:be:1d:c4:b5:5e:4b:bd:6d:4f:1f:08:34:51:f2:83:c8:e6:
f2:db:0c:27:47:05:89:47:1a:d6:5c:2d:ca:ca:f1:64:27:aa:
5d:4d:42:1f:9f:29:5f:b1:0c:f6:16:a3:7d:c6:92:ac:22:e6:
d7:98:54:2a:7c:d7:f3:80:a6:5d:5f:ec:16:92:e0:95:5e:2a:
02:db:2c:04:ce:bf:0d:61:05:fe:1f:eb:b0:86:db:61:35:1a:
ba:a3:8d:51:2a:c0:58:b3:d3:c9:19:c3:73:fa:04:5d:d6:8d:
b8:1e:80:fe:a6:ca:59:66:1d:6e:21:c8:87:32:7d:90:7b:22:
92:f4:ab:88:1a:6d:3d:36:34:77:74:f8:d4:a7:90:01:00:fe:
82:4d:92:71:f6:f5:ed:4e:26:6b:c4:5c:09:71:54:0e:aa:c5:
db:da:33:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC21XhHWwY6ItqI2l6V1/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMTAxMDIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjQ3ZDdhMTVmOWJlMTljMTQ5YzczMjcyN2I1YjNlMGYxZGFhNjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNfQupbCMvvG8UHA207fdSn4cIVu
0B7df05109tHhFoEobAa+fc34ruzQYUiZ5Uw7uRig3Q5eKBDRVo+wmXyK2zDKfPd
O1g5SDkrvuE67uwZjvNip4+LSVjHWDiQ4eJXv0KoerWNVeEdhQ9JzMrG5/4gqElx
LSJvpzxA4unGCjL6wsP7Hv89sUDDd7Kko03sh6KQ1la7DZoOGLzGmf8nHHJX+Omu
4/ohO5kJnsz+ZMpI/nFwE4+ITRiIaIblcFeSc3tlu/GbD+qwoavCR+GZMNASq97M
EJiMI3t9mRARMsqFHNMlvi1b2rC/0K/vH/phFEodH/mhyTFz97mZv3j0/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPJH16Ffm+GcFJxzJye1s+Dx2qYOMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvOGtmWG9WLWI0WndVbkhNbko3V3o0UEhhcGc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwWxYMA0G
CSqGSIb3DQEBCwUAA4IBAQBhdacsHrQBpuJfecZ6YorRWUoIxApoO7vQInru7Lf6
ZX6C3fu8qKgllhauMs5Ot2D8Kvmo/c9EZrzOp24tLzV1LcEf/SEVITEzbSPRbn2J
58MRKXgdv9zqGAOfvh3EtV5LvW1PHwg0UfKDyOby2wwnRwWJRxrWXC3KyvFkJ6pd
TUIfnylfsQz2FqN9xpKsIubXmFQqfNfzgKZdX+wWkuCVXioC2ywEzr8NYQX+H+uw
htthNRq6o41RKsBYs9PJGcNz+gRd1o24HoD+pspZZh1uIciHMn2QeyKS9KuIGm09
NjR3dPjUp5ABAP6CTZJx9vXtTiZrxFwJcVQOqsXb2jPY
-----END CERTIFICATE-----
Generated at Wed Feb 28 14:19:37 2024 by rpki-client on console-ams.rpki-client.org