Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/8El3bqaqo1bDlyqo15IbC5NtNlw.roa
File: 8El3bqaqo1bDlyqo15IbC5NtNlw.roa (raw, json)
Hash identifier: 5d33PLWEP/7dcNrJHR89vSDfbskLdDUzgATN1pkAB6Q=
Subject key identifier: F0:49:77:6E:A6:AA:A3:56:C3:97:2A:A8:D7:92:1B:0B:93:6D:36:5C
Certificate issuer: /CN=2f117ada3cb9515a6d8a6dcc15f2b0b1a7d9be1d
Certificate serial: 018CC3B733EFC48680A5AF6AB21E81C542A6
Authority key identifier: 2F:11:7A:DA:3C:B9:51:5A:6D:8A:6D:CC:15:F2:B0:B1:A7:D9:BE:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LxF62jy5UVptim3MFfKwsafZvh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/8El3bqaqo1bDlyqo15IbC5NtNlw.roa
Signing time: Mon 01 Jan 2024 06:30:12 +0000
ROA not before: Mon 01 Jan 2024 06:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32787
IP address blocks: 141.93.16.0/24 maxlen: 24
141.93.16.0/22 maxlen: 24
141.93.17.0/24 maxlen: 24
141.93.12.0/24 maxlen: 24
141.93.18.0/24 maxlen: 24
141.93.19.0/24 maxlen: 24
141.93.25.0/24 maxlen: 24
141.93.28.0/24 maxlen: 24
141.93.32.0/24 maxlen: 24
141.93.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 13:24:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:33:ef:c4:86:80:a5:af:6a:b2:1e:81:c5:42:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f117ada3cb9515a6d8a6dcc15f2b0b1a7d9be1d
Validity
Not Before: Jan 1 06:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f049776ea6aaa356c3972aa8d7921b0b936d365c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:06:44:10:95:53:6a:5e:25:6c:3e:55:7d:40:
9e:42:99:27:4d:a2:a9:04:4e:0c:2a:fe:c7:49:85:
ee:23:b6:61:8a:a0:39:dc:a6:6c:d1:ed:16:20:17:
b0:0e:b4:62:94:bb:69:5b:ee:da:3b:1a:30:d9:7b:
eb:52:2a:b6:3a:46:c5:0a:62:28:ed:1e:58:26:41:
f7:62:fb:4d:81:02:90:d4:2e:77:23:a8:67:97:1b:
85:93:7b:cd:5b:97:a4:01:42:1c:35:35:67:ba:2b:
ba:ac:8b:b6:b5:25:d9:e7:bc:cf:a9:b2:bb:e0:2d:
94:c4:d6:e5:06:5f:85:28:6d:00:db:d0:ad:35:c7:
da:4b:d7:f5:3a:c3:2f:d3:a9:1c:d9:af:5b:76:f6:
19:98:b1:cd:35:29:27:1e:96:b5:c7:57:2e:72:6a:
a4:b2:f6:c4:d9:39:10:a8:f1:cd:77:27:c2:a9:c0:
f1:2f:71:a9:c9:bb:8a:a4:f5:77:aa:4f:d8:58:ea:
86:0a:94:1b:65:3c:ad:9b:04:bd:4f:c6:26:84:10:
bf:36:4a:27:7e:6a:d5:cb:6b:62:8d:02:13:de:f0:
34:96:3e:86:37:76:e3:4d:5a:ef:d4:a6:b6:06:dc:
0a:01:c0:55:d0:fa:62:8d:a7:9b:c2:f3:c0:8d:35:
6d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:49:77:6E:A6:AA:A3:56:C3:97:2A:A8:D7:92:1B:0B:93:6D:36:5C
X509v3 Authority Key Identifier:
keyid:2F:11:7A:DA:3C:B9:51:5A:6D:8A:6D:CC:15:F2:B0:B1:A7:D9:BE:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LxF62jy5UVptim3MFfKwsafZvh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/8El3bqaqo1bDlyqo15IbC5NtNlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/LxF62jy5UVptim3MFfKwsafZvh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.93.12.0/24
141.93.16.0/22
141.93.25.0/24
141.93.28.0/24
141.93.32.0/24
141.93.35.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:a1:74:3a:f8:73:60:8d:cb:21:16:36:75:7c:8e:a7:11:eb:
ec:05:77:db:7b:19:ae:e2:fe:0d:79:8c:47:50:68:10:df:19:
8c:6f:08:e3:22:fb:15:54:d4:bd:c7:1e:9f:f6:be:52:32:b1:
44:0b:ab:97:11:f3:3a:0a:d1:03:27:8e:56:01:01:0a:95:b3:
71:8a:47:88:9d:23:46:37:43:4f:21:09:e6:06:2d:30:16:a2:
a0:82:7c:39:8d:b6:29:08:7d:a1:7f:99:15:eb:f9:1a:a8:e2:
16:42:da:52:e8:ec:c3:ab:ae:98:d5:73:88:de:41:c6:45:e6:
e6:e7:10:dc:d7:a4:aa:00:6c:ee:da:de:af:3f:2d:14:d4:d8:
4c:5c:b9:33:c6:16:29:67:da:ca:95:cf:e1:6b:01:49:97:6f:
ae:9f:2d:ca:36:0b:a6:ea:0d:02:cc:58:e5:71:b3:f2:f7:28:
49:42:d2:f8:55:80:f4:82:f3:02:ca:44:42:e4:56:15:94:4c:
a2:2e:0e:f1:19:7b:fe:45:9e:df:38:c7:2a:01:35:3c:57:eb:
47:5f:39:ac:a3:ef:8c:2e:e1:6d:b0:9d:6c:43:30:db:eb:94:
40:52:c9:c4:3f:15:7c:a3:6b:2d:99:4d:0e:53:f1:f8:1b:35:
95:d1:0c:ea
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzDtzPvxIaApa9qsh6BxUKmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMTE3YWRhM2NiOTUxNWE2ZDhhNmRjYzE1ZjJiMGIxYTdk
OWJlMWQwHhcNMjQwMTAxMDYzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDQ5Nzc2ZWE2YWFhMzU2YzM5NzJhYThkNzkyMWIwYjkzNmQzNjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAZEEJVTal4lbD5VfUCeQpknTaKp
BE4MKv7HSYXuI7ZhiqA53KZs0e0WIBewDrRilLtpW+7aOxow2XvrUiq2OkbFCmIo
7R5YJkH3YvtNgQKQ1C53I6hnlxuFk3vNW5ekAUIcNTVnuiu6rIu2tSXZ57zPqbK7
4C2UxNblBl+FKG0A29CtNcfaS9f1OsMv06kc2a9bdvYZmLHNNSknHpa1x1cucmqk
svbE2TkQqPHNdyfCqcDxL3GpybuKpPV3qk/YWOqGCpQbZTytmwS9T8YmhBC/Nkon
fmrVy2tijQIT3vA0lj6GN3bjTVrv1Ka2BtwKAcBV0PpijaebwvPAjTVtdwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPBJd26mqqNWw5cqqNeSGwuTbTZcMB8GA1UdIwQY
MBaAFC8Reto8uVFabYptzBXysLGn2b4dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHhGNjJqeTVVVnB0aW0zTUZmS3dzYWZadmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9lZmY0NGQtMjRmZC00Mzg0LTk1MDct
N2EwMzRkMTcwYjg1LzEvOEVsM2JxYXFvMWJEbHlxbzE1SWJDNU50Tmx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9lZmY0NGQtMjRmZC00Mzg0LTk1MDctN2EwMzRkMTcwYjg1
LzEvTHhGNjJqeTVVVnB0aW0zTUZmS3dzYWZadmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAjV0MAwQC
jV0QAwQAjV0ZAwQAjV0cAwQAjV0gAwQAjV0jMA0GCSqGSIb3DQEBCwUAA4IBAQA+
oXQ6+HNgjcshFjZ1fI6nEevsBXfbexmu4v4NeYxHUGgQ3xmMbwjjIvsVVNS9xx6f
9r5SMrFEC6uXEfM6CtEDJ45WAQEKlbNxikeInSNGN0NPIQnmBi0wFqKggnw5jbYp
CH2hf5kV6/kaqOIWQtpS6OzDq66Y1XOI3kHGRebm5xDc16SqAGzu2t6vPy0U1NhM
XLkzxhYpZ9rKlc/hawFJl2+uny3KNgum6g0CzFjlcbPy9yhJQtL4VYD0gvMCykRC
5FYVlEyiLg7xGXv+RZ7fOMcqATU8V+tHXzmso++MLuFtsJ1sQzDb65RAUsnEPxV8
o2stmU0OU/H4GzWV0Qzq
-----END CERTIFICATE-----
Generated at Thu Jan 11 18:15:42 2024 by rpki-client on console-ams.rpki-client.org