Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/8RnrNHS9oGgwu8h0hg2JwUObZP0.roa
File: 8RnrNHS9oGgwu8h0hg2JwUObZP0.roa (raw, json)
Hash identifier: K8jlTLYIFwed7hQIDYh31yBzZR3LV5imq130LXMIVco=
Subject key identifier: F1:19:EB:34:74:BD:A0:68:30:BB:C8:74:86:0D:89:C1:43:9B:64:FD
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018CCA2A6FD229DF99F90B4D9AEB5634E55E
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/8RnrNHS9oGgwu8h0hg2JwUObZP0.roa
Signing time: Tue 02 Jan 2024 12:33:47 +0000
ROA not before: Tue 02 Jan 2024 12:33:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60808
IP address blocks: 188.253.96.0/19 maxlen: 24
5.34.216.0/21 maxlen: 21
185.215.246.0/24 maxlen: 24
188.253.12.0/22 maxlen: 22
146.19.135.0/24 maxlen: 24
2a05:ec80::/29 maxlen: 48
Validation: Failed, certificate revoked on Sun 07 Jan 2024 12:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:6f:d2:29:df:99:f9:0b:4d:9a:eb:56:34:e5:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:33:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f119eb3474bda06830bbc874860d89c1439b64fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e9:e5:89:f6:5a:65:db:46:fe:f8:f4:cc:99:
ca:b6:cb:ef:63:8a:9b:f4:d3:dc:08:ee:b2:87:ed:
52:f9:ed:c4:e3:33:49:9e:16:c8:e4:08:fc:a8:d3:
cd:58:6a:ca:db:f8:6d:da:4a:c5:3d:71:18:ee:c3:
20:bd:4f:83:4e:42:b9:51:69:4d:4c:10:f1:46:a2:
49:d6:8c:55:a5:a1:cd:19:55:11:c6:f4:a3:07:c9:
09:3d:75:ea:9f:9f:e0:41:61:65:40:e5:4f:f6:6e:
ca:c6:ba:da:7f:cf:b3:ca:66:9b:b6:0a:31:c4:9d:
f4:5d:db:aa:68:e2:a5:44:fc:34:30:97:8f:69:0c:
58:a3:ad:49:4e:b8:51:4b:01:ae:c3:75:e1:59:c2:
21:58:8b:d9:12:ff:7a:35:d2:45:6f:ea:f7:e6:e1:
e7:d9:e0:63:d5:61:52:a9:e2:3b:a7:28:36:42:76:
a5:d1:9b:5c:8d:ea:51:25:f5:10:ba:d8:14:91:86:
e6:b0:8b:57:a8:79:e1:5d:b3:9d:0e:5f:2d:2a:1f:
55:d1:5e:0c:d5:12:bc:8b:37:eb:ee:65:31:3e:02:
4a:a7:d9:d9:5f:9c:3b:26:9e:f8:f0:47:b2:00:ce:
21:64:fb:99:e8:6e:4a:11:10:b0:3e:0b:20:68:9e:
31:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:19:EB:34:74:BD:A0:68:30:BB:C8:74:86:0D:89:C1:43:9B:64:FD
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/8RnrNHS9oGgwu8h0hg2JwUObZP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.216.0/21
146.19.135.0/24
185.215.246.0/24
188.253.12.0/22
188.253.96.0/19
IPv6:
2a05:ec80::/29
Signature Algorithm: sha256WithRSAEncryption
74:09:8a:91:3c:48:1e:7c:ba:ae:77:4b:ac:71:a0:05:0a:4b:
b2:87:3c:bc:0c:9b:31:b0:ee:4f:26:3d:8f:d7:e0:cb:3a:c1:
c5:4a:c8:14:60:d8:dd:e5:7c:db:f4:bc:a7:4b:d6:e5:04:35:
f5:52:4a:fb:b7:96:a0:0c:91:43:93:bd:0b:bc:5c:69:bf:1e:
f0:91:99:f9:91:42:83:f0:30:21:87:94:7d:5f:dd:d8:1e:c6:
a0:ce:2b:6b:20:71:8c:4a:52:6c:70:5a:ec:82:04:f9:be:4f:
4b:f5:82:35:1e:d5:98:ff:16:a7:cc:0e:8a:d2:ba:26:ed:d0:
97:97:0e:49:6a:53:c8:c8:f4:9e:ac:80:ba:9d:73:70:2e:02:
eb:90:68:c4:71:30:79:62:89:9e:b8:a3:21:2d:47:5f:04:36:
89:ee:88:bc:07:3e:d4:32:93:5a:f7:4c:aa:0d:77:45:50:3d:
ca:48:6d:87:6f:3d:7f:5a:34:d3:5a:1e:68:9e:8a:c6:b5:1b:
c0:c0:af:96:35:b0:60:e9:f3:f0:f8:8c:25:7d:09:68:03:0a:
2f:b4:37:3d:99:c2:8e:c9:08:6d:e7:12:89:f7:7b:aa:19:89:
87:bd:79:15:88:a0:6b:ef:2a:3a:a9:b8:63:b8:72:67:6b:bd:
77:f7:2e:7e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzKKm/SKd+Z+QtNmutWNOVeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMTAyMTIzMzQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTE5ZWIzNDc0YmRhMDY4MzBiYmM4NzQ4NjBkODljMTQzOWI2NGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOnlifZaZdtG/vj0zJnKtsvvY4qb
9NPcCO6yh+1S+e3E4zNJnhbI5Aj8qNPNWGrK2/ht2krFPXEY7sMgvU+DTkK5UWlN
TBDxRqJJ1oxVpaHNGVURxvSjB8kJPXXqn5/gQWFlQOVP9m7Kxrraf8+zymabtgox
xJ30XduqaOKlRPw0MJePaQxYo61JTrhRSwGuw3XhWcIhWIvZEv96NdJFb+r35uHn
2eBj1WFSqeI7pyg2Qnal0ZtcjepRJfUQutgUkYbmsItXqHnhXbOdDl8tKh9V0V4M
1RK8izfr7mUxPgJKp9nZX5w7Jp748EeyAM4hZPuZ6G5KERCwPgsgaJ4xlQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFPEZ6zR0vaBoMLvIdIYNicFDm2T9MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvOFJuck5IUzlvR2d3dThoMGhnMkp3VU9iWlAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBSLYAwQA
khOHAwQAudf2AwQCvP0MAwQFvP1gMA0EAgACMAcDBQMqBeyAMA0GCSqGSIb3DQEB
CwUAA4IBAQB0CYqRPEgefLqud0uscaAFCkuyhzy8DJsxsO5PJj2P1+DLOsHFSsgU
YNjd5Xzb9LynS9blBDX1Ukr7t5agDJFDk70LvFxpvx7wkZn5kUKD8DAhh5R9X93Y
HsagzitrIHGMSlJscFrsggT5vk9L9YI1HtWY/xanzA6K0rom7dCXlw5JalPIyPSe
rIC6nXNwLgLrkGjEcTB5YomeuKMhLUdfBDaJ7oi8Bz7UMpNa90yqDXdFUD3KSG2H
bz1/WjTTWh5onorGtRvAwK+WNbBg6fPw+IwlfQloAwovtDc9mcKOyQht5xKJ93uq
GYmHvXkViKBr7yo6qbhjuHJna7139y5+
-----END CERTIFICATE-----
Generated at Sun Jan 7 13:01:03 2024 by rpki-client on console-fra.rpki-client.org