Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/3e4f6b-2235-432e-a69a-07dac7b92d44/1/8NIOX_d2IzofpvGAsuDkHrb3a88.roa
File: 8NIOX_d2IzofpvGAsuDkHrb3a88.roa (raw, json)
Hash identifier: LtoAf7dL7B7ONu9AJJBOABUbZYbrUuOUpRkWs73d1rk=
Subject key identifier: F0:D2:0E:5F:F7:76:23:3A:1F:A6:F1:80:B2:E0:E4:1E:B6:F7:6B:CF
Certificate issuer: /CN=c987d09fd3fc2b704c66110bb0252ee0c6b1ba4a
Certificate serial: 01856B8A1166599350C521AF9FBA86FC99BC
Authority key identifier: C9:87:D0:9F:D3:FC:2B:70:4C:66:11:0B:B0:25:2E:E0:C6:B1:BA:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yYfQn9P8K3BMZhELsCUu4Maxuko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/3e4f6b-2235-432e-a69a-07dac7b92d44/1/8NIOX_d2IzofpvGAsuDkHrb3a88.roa
Signing time: Sun 01 Jan 2023 04:14:48 +0000
ROA not before: Sun 01 Jan 2023 04:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34915
IP address blocks: 194.5.210.0/23 maxlen: 23
194.5.208.0/23 maxlen: 23
2a0c:ca82::/32 maxlen: 32
2a0c:ca80::/32 maxlen: 32
2a0c:ca81::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:11:66:59:93:50:c5:21:af:9f:ba:86:fc:99:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c987d09fd3fc2b704c66110bb0252ee0c6b1ba4a
Validity
Not Before: Jan 1 04:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0d20e5ff776233a1fa6f180b2e0e41eb6f76bcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:62:84:bc:f6:d2:24:9c:a1:e2:e9:6f:5b:8e:
90:37:98:d7:b0:b4:01:05:18:ce:f5:2f:52:38:74:
e5:97:6e:c6:59:c3:42:9d:85:70:22:e7:2a:72:a7:
41:26:ec:64:9c:b5:96:fa:0f:5a:08:a8:6a:c1:42:
e5:0b:27:91:21:22:44:af:00:cf:a0:f0:73:8a:a7:
2c:04:be:1c:58:2d:2d:66:e9:68:71:a5:86:a0:ec:
e6:72:d2:d9:34:62:09:f0:e5:b8:01:e8:96:37:4c:
c4:d3:70:a8:74:68:7e:2a:1f:e0:29:28:a3:68:4c:
f4:dc:5d:4a:13:be:f7:94:7b:56:0d:68:16:a1:38:
c8:b3:86:a6:5e:b2:31:8d:70:36:1b:50:57:ad:1c:
bb:ce:68:42:64:07:06:cf:fe:a6:be:59:7e:b8:37:
37:db:3d:48:03:13:8d:3d:dc:2c:fe:f4:77:e0:f0:
19:55:1e:d0:de:dd:81:10:45:d4:63:a2:4d:5d:48:
62:ec:0d:2a:f2:c3:f9:05:2e:23:5c:2d:32:f5:66:
a5:55:73:20:68:c9:e8:3b:03:34:61:bf:2d:ca:16:
e3:7a:69:cf:fe:24:7e:97:8d:af:17:cb:20:d9:89:
eb:45:6e:8a:7e:d4:e1:5e:7e:81:77:7e:a9:6e:7b:
c7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:D2:0E:5F:F7:76:23:3A:1F:A6:F1:80:B2:E0:E4:1E:B6:F7:6B:CF
X509v3 Authority Key Identifier:
keyid:C9:87:D0:9F:D3:FC:2B:70:4C:66:11:0B:B0:25:2E:E0:C6:B1:BA:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yYfQn9P8K3BMZhELsCUu4Maxuko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3e4f6b-2235-432e-a69a-07dac7b92d44/1/8NIOX_d2IzofpvGAsuDkHrb3a88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3e4f6b-2235-432e-a69a-07dac7b92d44/1/yYfQn9P8K3BMZhELsCUu4Maxuko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.208.0/22
IPv6:
2a0c:ca80::-2a0c:ca82:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
81:35:95:27:65:b0:57:04:5b:d8:17:01:83:b1:71:91:af:8b:
f0:67:06:14:02:f9:1e:41:93:c4:ac:83:ed:60:71:66:6d:b0:
cc:8a:66:ad:c8:d2:a8:77:3e:cf:ef:ed:c0:79:b7:b6:a5:c4:
89:1c:db:28:3f:60:55:25:ba:41:70:65:1d:b7:4b:59:cb:b0:
bf:b7:94:2c:e4:f8:cd:55:27:38:d6:17:2c:a0:34:c4:48:92:
bb:59:e4:80:dc:67:8f:96:e5:c1:bf:3c:9a:a1:59:1a:1c:2b:
36:16:50:72:eb:70:ff:04:eb:c2:df:38:ad:b0:c3:5b:22:0d:
c2:72:7b:73:9c:1d:df:02:02:f1:a9:ff:18:d1:60:56:d0:5d:
17:a0:d4:4e:6e:d0:92:a8:fc:b7:5d:49:54:f1:05:e7:6a:76:
83:8e:7a:ce:db:a7:4c:af:ff:3c:1b:6d:b0:09:88:67:e1:ed:
88:3c:2c:84:71:1e:f5:5e:93:2f:f7:bf:e8:42:28:31:13:e7:
e0:a1:17:2b:8c:27:ce:ea:54:43:b0:5f:5c:1e:91:f2:4c:a2:
d9:bb:c6:ba:17:42:78:ad:e0:9a:58:30:c3:c8:79:a4:22:d3:
b2:c9:81:f4:c5:ea:b5:0b:27:3d:da:dd:f8:6c:28:04:3c:98:
32:6c:23:97
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVrihFmWZNQxSGvn7qG/Jm8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ODdkMDlmZDNmYzJiNzA0YzY2MTEwYmIwMjUyZWUwYzZi
MWJhNGEwHhcNMjMwMTAxMDQxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGQyMGU1ZmY3NzYyMzNhMWZhNmYxODBiMmUwZTQxZWI2Zjc2YmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmKEvPbSJJyh4ulvW46QN5jXsLQB
BRjO9S9SOHTll27GWcNCnYVwIucqcqdBJuxknLWW+g9aCKhqwULlCyeRISJErwDP
oPBziqcsBL4cWC0tZulocaWGoOzmctLZNGIJ8OW4AeiWN0zE03CodGh+Kh/gKSij
aEz03F1KE773lHtWDWgWoTjIs4amXrIxjXA2G1BXrRy7zmhCZAcGz/6mvll+uDc3
2z1IAxONPdws/vR34PAZVR7Q3t2BEEXUY6JNXUhi7A0q8sP5BS4jXC0y9WalVXMg
aMnoOwM0Yb8tyhbjemnP/iR+l42vF8sg2YnrRW6KftThXn6Bd36pbnvHIQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPDSDl/3diM6H6bxgLLg5B6292vPMB8GA1UdIwQY
MBaAFMmH0J/T/CtwTGYRC7AlLuDGsbpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVlmUW45UDhLM0JNWmhFTHNDVXU0TWF4dWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8zZTRmNmItMjIzNS00MzJlLWE2OWEt
MDdkYWM3YjkyZDQ0LzEvOE5JT1hfZDJJem9mcHZHQXN1RGtIcmIzYTg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8zZTRmNmItMjIzNS00MzJlLWE2OWEtMDdkYWM3YjkyZDQ0
LzEveVlmUW45UDhLM0JNWmhFTHNDVXU0TWF4dWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCwgXQMBYE
AgACMBAwDgMFByoMyoADBQAqDMqCMA0GCSqGSIb3DQEBCwUAA4IBAQCBNZUnZbBX
BFvYFwGDsXGRr4vwZwYUAvkeQZPErIPtYHFmbbDMimatyNKodz7P7+3Aebe2pcSJ
HNsoP2BVJbpBcGUdt0tZy7C/t5Qs5PjNVSc41hcsoDTESJK7WeSA3GePluXBvzya
oVkaHCs2FlBy63D/BOvC3zitsMNbIg3CcntznB3fAgLxqf8Y0WBW0F0XoNRObtCS
qPy3XUlU8QXnanaDjnrO26dMr/88G22wCYhn4e2IPCyEcR71XpMv97/oQigxE+fg
oRcrjCfO6lRDsF9cHpHyTKLZu8a6F0J4reCaWDDDyHmkItOyyYH0xeq1Cyc92t34
bCgEPJgybCOX
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:24 2024 by rpki-client on console-fra.rpki-client.org