Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/b8LqGYff_0RJvIjOn96oT4hbQKc.roa
File: b8LqGYff_0RJvIjOn96oT4hbQKc.roa (raw, json)
Hash identifier: gNSbKTKHkPX2KBapGSRQvISLlVqvpJvNWAHMZ5uc7zE=
Subject key identifier: 6F:C2:EA:19:87:DF:FF:44:49:BC:88:CE:9F:DE:A8:4F:88:5B:40:A7
Certificate issuer: /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial: 01874D76F564F3E5BFBC594DC62C401D41BC
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/b8LqGYff_0RJvIjOn96oT4hbQKc.roa
Signing time: Tue 04 Apr 2023 18:10:54 +0000
ROA not before: Tue 04 Apr 2023 18:10:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.81.28.0/22 maxlen: 24
148.222.240.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Apr 2023 17:46:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4d:76:f5:64:f3:e5:bf:bc:59:4d:c6:2c:40:1d:41:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18101772248996b87d90840c2d27d62549458173
Validity
Not Before: Apr 4 18:10:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fc2ea1987dfff4449bc88ce9fdea84f885b40a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:07:9f:08:44:e8:ba:5c:c7:bc:34:91:b2:cf:
53:ed:53:dd:6a:54:b8:2a:2f:b5:04:7b:f9:a7:dd:
d9:27:f9:f7:67:6f:6d:71:0d:2e:b1:5e:43:3b:ea:
74:cc:c2:89:40:20:45:bd:41:56:8e:dc:f5:ac:07:
4e:71:b8:7c:9f:75:6f:29:9c:ca:a8:37:ab:6e:a3:
c7:c7:27:fa:ff:78:c7:5d:5c:82:45:dc:92:99:5b:
79:37:4e:e3:36:72:c5:47:17:44:3f:5b:af:ff:7e:
c5:b4:1c:e5:60:89:41:b6:7a:b9:e0:31:a7:7c:7d:
b8:0d:01:56:4c:19:c0:ae:79:db:26:6d:89:30:0b:
7b:c2:36:aa:82:e7:e7:ba:79:94:2b:e2:22:88:e3:
d9:0d:89:cb:df:ad:21:73:2b:f3:77:bc:7c:d4:34:
05:bb:f7:49:15:8b:9c:c6:2b:cf:51:b4:c4:cb:b8:
84:eb:a9:74:08:b7:f6:d3:66:74:09:40:e6:a4:99:
9b:db:d7:85:3d:b0:2e:cf:c9:f1:70:71:50:b9:7f:
60:8e:fc:38:5f:df:de:b3:3b:8d:70:ef:a5:1c:73:
f8:6d:d5:0d:0c:ca:53:36:ae:e2:4d:e9:29:ff:d2:
83:9a:12:06:8b:43:11:74:4b:00:91:38:f3:b7:3e:
94:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:C2:EA:19:87:DF:FF:44:49:BC:88:CE:9F:DE:A8:4F:88:5B:40:A7
X509v3 Authority Key Identifier:
keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/b8LqGYff_0RJvIjOn96oT4hbQKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.222.240.0/22
185.81.28.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:09:3f:ee:df:24:f6:a6:65:a9:05:f1:c3:5e:8c:48:f8:33:
32:2e:24:6f:6a:bd:9f:b5:16:b3:e5:15:eb:ee:e0:1d:2a:13:
22:c7:c9:bc:c6:92:da:d0:1e:34:a2:1b:b4:98:05:53:5d:5a:
8b:77:09:6c:da:53:56:f5:e5:6c:87:84:59:39:27:c0:f4:80:
28:d1:4a:09:39:0b:9a:62:7d:6f:2b:9b:67:6e:33:1a:55:38:
c6:f2:b6:e4:7e:bc:81:4e:7e:ec:ea:7e:d4:ec:74:d9:97:0a:
3c:73:d8:48:e4:98:2e:0d:91:ed:af:74:97:40:85:8c:8e:4a:
c3:5d:d4:d3:dc:67:ba:52:90:97:10:a4:64:69:a0:ba:37:12:
e7:de:15:f9:61:d9:b4:fa:da:28:e6:26:35:1a:32:ff:a3:ef:
87:2e:bf:25:f5:dc:3f:3c:e9:06:a2:5d:1e:fe:53:83:cf:96:
0b:bf:1c:68:57:25:71:07:15:49:c4:20:6d:65:33:e1:d6:05:
a0:90:f9:e7:3e:4a:54:43:54:38:3b:6a:ea:49:76:9d:c7:11:
c9:8f:71:4f:b2:53:82:b9:9d:2d:ee:7e:1d:5d:25:c1:84:d8:
d5:9b:19:0c:19:7b:7e:cb:fa:20:b8:f5:79:39:1b:7d:38:6d:
c9:ff:72:26
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdNdvVk8+W/vFlNxixAHUG8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjMwNDA0MTgxMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmMyZWExOTg3ZGZmZjQ0NDliYzg4Y2U5ZmRlYTg0Zjg4NWI0MGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAefCEToulzHvDSRss9T7VPdalS4
Ki+1BHv5p93ZJ/n3Z29tcQ0usV5DO+p0zMKJQCBFvUFWjtz1rAdOcbh8n3VvKZzK
qDerbqPHxyf6/3jHXVyCRdySmVt5N07jNnLFRxdEP1uv/37FtBzlYIlBtnq54DGn
fH24DQFWTBnArnnbJm2JMAt7wjaqgufnunmUK+IiiOPZDYnL360hcyvzd7x81DQF
u/dJFYucxivPUbTEy7iE66l0CLf202Z0CUDmpJmb29eFPbAuz8nxcHFQuX9gjvw4
X9/eszuNcO+lHHP4bdUNDMpTNq7iTekp/9KDmhIGi0MRdEsAkTjztz6U/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG/C6hmH3/9ESbyIzp/eqE+IW0CnMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvYjhMcUdZZmZfMFJKdklqT245Nm9UNGhiUUtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQClN7wAwQC
uVEcMA0GCSqGSIb3DQEBCwUAA4IBAQCnCT/u3yT2pmWpBfHDXoxI+DMyLiRvar2f
tRaz5RXr7uAdKhMix8m8xpLa0B40ohu0mAVTXVqLdwls2lNW9eVsh4RZOSfA9IAo
0UoJOQuaYn1vK5tnbjMaVTjG8rbkfryBTn7s6n7U7HTZlwo8c9hI5JguDZHtr3SX
QIWMjkrDXdTT3Ge6UpCXEKRkaaC6NxLn3hX5Ydm0+too5iY1GjL/o++HLr8l9dw/
POkGol0e/lODz5YLvxxoVyVxBxVJxCBtZTPh1gWgkPnnPkpUQ1Q4O2rqSXadxxHJ
j3FPslOCuZ0t7n4dXSXBhNjVmxkMGXt+y/oguPV5ORt9OG3J/3Im
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:38 2024 by rpki-client on console-ams.rpki-client.org