Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/s8-QIbS285b3guCQiBKTZHQSawY.roa
File: s8-QIbS285b3guCQiBKTZHQSawY.roa (raw, json)
Hash identifier: 4bM/UdFRKFKYVAmpGI4OweATZen21WEUfRjxJEJY2N4=
Subject key identifier: B3:CF:90:21:B4:B6:F3:96:F7:82:E0:90:88:12:93:64:74:12:6B:06
Certificate issuer: /CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Certificate serial: 018C8DCF3D8D12F20C0FBCF2EAAA414DD845
Authority key identifier: 8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/s8-QIbS285b3guCQiBKTZHQSawY.roa
Signing time: Thu 21 Dec 2023 19:16:58 +0000
ROA not before: Thu 21 Dec 2023 19:16:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201838
IP address blocks: 45.95.236.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8d:cf:3d:8d:12:f2:0c:0f:bc:f2:ea:aa:41:4d:d8:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Validity
Not Before: Dec 21 19:16:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3cf9021b4b6f396f782e0908812936474126b06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e8:dd:21:91:23:ed:94:6f:84:30:90:f2:38:
ac:6d:fc:78:57:8b:01:f6:79:a0:36:60:83:4a:8c:
37:09:a8:91:73:2a:f1:e2:0f:96:6c:e2:b8:98:08:
e6:ef:38:47:0c:37:14:fe:9e:80:a0:79:09:90:ab:
06:16:46:51:9e:6f:24:78:bb:85:23:c1:86:8f:67:
90:ed:14:46:d6:78:6f:bb:db:94:cd:80:6f:2c:8e:
dd:9d:37:2b:54:84:75:6e:d1:08:8a:68:68:ba:04:
3e:de:12:d4:fd:a3:ce:42:76:57:ad:d8:bb:9b:9b:
57:da:e0:2a:1d:a1:cc:29:3f:1f:d7:4e:61:30:c9:
e4:e3:c9:29:4d:f6:64:a9:1e:61:9b:8a:4c:96:8d:
fc:99:7c:18:0a:dd:a8:90:c0:93:4b:5d:b3:7d:d8:
81:82:fc:77:aa:28:44:4e:30:e3:69:e0:d9:a8:8a:
e9:aa:70:cd:e5:38:49:53:51:ee:21:0d:87:26:a3:
03:30:05:a7:8d:13:c3:80:4e:98:d7:3e:45:b4:82:
1d:1e:17:45:37:fe:44:bf:c7:4a:c0:96:a5:94:6a:
41:68:bf:e2:ed:ba:8e:08:75:f6:6c:19:8f:0f:dc:
09:08:d3:60:51:e3:04:71:14:6c:ca:91:a3:5b:ef:
92:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:CF:90:21:B4:B6:F3:96:F7:82:E0:90:88:12:93:64:74:12:6B:06
X509v3 Authority Key Identifier:
keyid:8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/s8-QIbS285b3guCQiBKTZHQSawY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/j8aWRkV6i_jvlWm5tCfp8sRi5W4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.236.0/22
Signature Algorithm: sha256WithRSAEncryption
91:07:0d:63:33:30:b9:c1:54:95:0c:fa:5d:e6:8e:b7:35:f2:
01:00:c9:7b:6e:c7:93:34:08:b5:33:2c:46:e1:5b:80:72:8d:
fc:80:96:66:03:d3:1e:40:5f:5d:64:85:13:a9:8d:f2:75:b6:
e6:d1:17:04:32:32:8b:10:a5:4b:95:fa:6f:c4:df:bd:55:cd:
69:29:4f:43:d7:1d:2d:cb:e3:27:61:b8:3e:37:22:ed:41:5a:
69:ab:78:0c:12:ea:f3:4c:b5:7a:f1:79:94:b7:ed:0c:7f:90:
63:01:0b:ba:49:8d:29:ef:95:ec:90:3f:8b:0d:92:92:ec:76:
73:ae:aa:f1:de:76:33:e8:ca:47:ba:43:5f:c6:27:18:c5:79:
5e:24:59:5b:cc:d5:cf:0b:2d:fe:22:f9:46:7a:37:40:db:e7:
d3:18:4d:0a:a1:89:6c:3c:34:22:68:07:61:7f:5f:09:b2:06:
81:29:62:1c:f4:14:e1:ca:32:7d:62:2c:13:a8:25:00:27:f7:
c8:4e:5a:ae:99:c8:37:d2:e7:6d:5b:3b:08:9c:ba:09:d7:aa:
88:17:2b:a7:62:28:b4:9b:2a:f2:02:87:8f:c0:6c:23:30:db:
97:3a:fd:32:a4:ca:f6:ca:5e:84:16:b8:a2:5f:00:8b:d1:9f:
d7:7c:4d:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyNzz2NEvIMD7zy6qpBTdhFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYzY5NjQ2NDU3YThiZjhlZjk1NjliOWI0MjdlOWYyYzQ2
MmU1NmUwHhcNMjMxMjIxMTkxNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2NmOTAyMWI0YjZmMzk2Zjc4MmUwOTA4ODEyOTM2NDc0MTI2YjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnejdIZEj7ZRvhDCQ8jisbfx4V4sB
9nmgNmCDSow3CaiRcyrx4g+WbOK4mAjm7zhHDDcU/p6AoHkJkKsGFkZRnm8keLuF
I8GGj2eQ7RRG1nhvu9uUzYBvLI7dnTcrVIR1btEIimhougQ+3hLU/aPOQnZXrdi7
m5tX2uAqHaHMKT8f105hMMnk48kpTfZkqR5hm4pMlo38mXwYCt2okMCTS12zfdiB
gvx3qihETjDjaeDZqIrpqnDN5ThJU1HuIQ2HJqMDMAWnjRPDgE6Y1z5FtIIdHhdF
N/5Ev8dKwJallGpBaL/i7bqOCHX2bBmPD9wJCNNgUeMEcRRsypGjW++S2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLPPkCG0tvOW94LgkIgSk2R0EmsGMB8GA1UdIwQY
MBaAFI/GlkZFeov475VpubQn6fLEYuVuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTkt
YjBiMzVhMzRlMzg4LzEvczgtUUliUzI4NWIzZ3VDUWlCS1RaSFFTYXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTktYjBiMzVhMzRlMzg4
LzEvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLV/sMA0G
CSqGSIb3DQEBCwUAA4IBAQCRBw1jMzC5wVSVDPpd5o63NfIBAMl7bseTNAi1MyxG
4VuAco38gJZmA9MeQF9dZIUTqY3ydbbm0RcEMjKLEKVLlfpvxN+9Vc1pKU9D1x0t
y+MnYbg+NyLtQVppq3gMEurzTLV68XmUt+0Mf5BjAQu6SY0p75XskD+LDZKS7HZz
rqrx3nYz6MpHukNfxicYxXleJFlbzNXPCy3+IvlGejdA2+fTGE0KoYlsPDQiaAdh
f18JsgaBKWIc9BThyjJ9YiwTqCUAJ/fITlqumcg30udtWzsInLoJ16qIFyunYii0
myryAoePwGwjMNuXOv0ypMr2yl6EFriiXwCL0Z/XfE3C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:29 2024 by rpki-client on console-fra.rpki-client.org