Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/ba0085-3060-4c96-90da-a45b1a4ace56/1/8Tm_x2kuS2a01AZxiLrNYS7uc5E.roa
File: 8Tm_x2kuS2a01AZxiLrNYS7uc5E.roa (raw, json)
Hash identifier: 493H/ct5EyYPw8zQwTO+b531DAUnaRH8W0g774JMDXY=
Subject key identifier: F1:39:BF:C7:69:2E:4B:66:B4:D4:06:71:88:BA:CD:61:2E:EE:73:91
Certificate issuer: /CN=3664e4462a2902a52f826dae38565731efc5bdd3
Certificate serial: 0185710C1458F63E6E61027B72F55757D5D8
Authority key identifier: 36:64:E4:46:2A:29:02:A5:2F:82:6D:AE:38:56:57:31:EF:C5:BD:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NmTkRiopAqUvgm2uOFZXMe_FvdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/ba0085-3060-4c96-90da-a45b1a4ace56/1/8Tm_x2kuS2a01AZxiLrNYS7uc5E.roa
Signing time: Mon 02 Jan 2023 05:54:55 +0000
ROA not before: Mon 02 Jan 2023 05:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199265
IP address blocks: 193.17.14.0/24 maxlen: 25
185.69.196.0/22 maxlen: 23
128.0.37.0/24 maxlen: 25
2001:67c:155c::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:14:58:f6:3e:6e:61:02:7b:72:f5:57:57:d5:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3664e4462a2902a52f826dae38565731efc5bdd3
Validity
Not Before: Jan 2 05:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f139bfc7692e4b66b4d4067188bacd612eee7391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:5e:6f:ea:ba:70:1c:78:5c:e0:03:46:68:69:
62:a7:eb:79:8d:26:0e:05:ed:c9:3b:cd:24:84:19:
44:63:44:39:57:05:b1:ad:ac:38:36:a7:7a:2e:43:
3c:58:59:6e:6a:e5:c2:d8:38:b9:de:0c:bd:c8:29:
7f:59:cf:88:42:53:ab:69:9f:8d:70:03:f2:86:cf:
c2:44:ed:89:90:e8:12:b1:7e:66:ed:f3:90:26:56:
85:6b:7b:b4:e2:2b:b4:b2:18:ff:01:da:06:ff:b8:
6c:d5:0c:b7:b0:2d:e3:7e:c7:22:7c:9a:40:40:1f:
5d:51:e2:59:7b:6f:69:f7:30:55:ed:81:22:83:c4:
e9:e2:cc:55:d3:ad:74:ac:d0:39:be:6a:a6:c5:1a:
de:54:75:55:a5:ab:21:be:12:e1:dd:05:ab:2a:b1:
4a:49:88:5e:c2:cb:cb:2a:5c:4e:ee:22:81:fb:7d:
75:03:e7:22:2c:16:32:ba:3e:de:8a:d7:44:f4:a3:
3c:37:4c:e5:57:1e:e1:1e:e6:3a:f0:a7:d7:d3:37:
dc:7d:70:66:e7:e6:ff:b7:fc:53:ab:60:06:f3:ca:
61:45:db:2f:a3:43:23:86:75:b8:97:24:7c:90:41:
7c:42:01:81:c4:4b:73:5d:bd:7a:38:40:14:71:04:
11:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:39:BF:C7:69:2E:4B:66:B4:D4:06:71:88:BA:CD:61:2E:EE:73:91
X509v3 Authority Key Identifier:
keyid:36:64:E4:46:2A:29:02:A5:2F:82:6D:AE:38:56:57:31:EF:C5:BD:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NmTkRiopAqUvgm2uOFZXMe_FvdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/ba0085-3060-4c96-90da-a45b1a4ace56/1/8Tm_x2kuS2a01AZxiLrNYS7uc5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/ba0085-3060-4c96-90da-a45b1a4ace56/1/NmTkRiopAqUvgm2uOFZXMe_FvdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.0.37.0/24
185.69.196.0/22
193.17.14.0/24
IPv6:
2001:67c:155c::/48
Signature Algorithm: sha256WithRSAEncryption
26:ba:62:8f:38:69:a0:da:90:9b:8c:85:c2:c1:07:ac:e2:16:
66:12:41:9d:5d:6b:c6:1d:8f:e0:31:3e:be:43:8e:d4:ed:25:
5f:49:90:07:a5:c8:13:82:8d:b1:9a:7c:17:63:d2:da:0d:aa:
43:6d:47:87:f4:49:c6:57:15:0e:f7:23:87:d8:37:9c:e5:d2:
c6:e6:75:84:f9:d7:7d:23:ca:28:2f:ca:25:e5:3f:4a:6c:21:
b2:5a:ac:ed:64:a7:a6:04:84:fa:97:eb:5e:7a:9a:45:f8:39:
91:38:d4:63:d9:a9:09:8f:cb:66:a6:9f:ee:2f:ff:48:1c:fd:
fd:1a:e5:f9:e9:ac:b6:bf:e7:9e:2d:c3:24:32:23:87:aa:c5:
91:45:51:1d:a4:a2:6e:f7:0b:53:47:88:18:0a:0b:92:12:04:
c0:71:75:bc:4a:b6:d1:33:a5:e9:d5:00:91:6e:03:e3:43:b7:
a4:b8:9f:33:e8:28:32:34:b2:bd:d4:f8:33:14:e5:a3:65:8f:
a4:d3:ec:54:16:f2:e3:ba:b9:f9:d5:dd:5a:a5:7c:51:f4:98:
b8:2d:67:5b:b0:1b:8e:07:29:7b:62:e9:71:c1:0b:9e:eb:03:
ee:47:08:37:83:9a:fd:d8:ba:90:5c:5a:42:fb:05:63:0d:43:
b2:8f:13:1a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVxDBRY9j5uYQJ7cvVXV9XYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NjRlNDQ2MmEyOTAyYTUyZjgyNmRhZTM4NTY1NzMxZWZj
NWJkZDMwHhcNMjMwMTAyMDU1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTM5YmZjNzY5MmU0YjY2YjRkNDA2NzE4OGJhY2Q2MTJlZWU3MzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAll5v6rpwHHhc4ANGaGlip+t5jSYO
Be3JO80khBlEY0Q5VwWxraw4Nqd6LkM8WFluauXC2Di53gy9yCl/Wc+IQlOraZ+N
cAPyhs/CRO2JkOgSsX5m7fOQJlaFa3u04iu0shj/AdoG/7hs1Qy3sC3jfscifJpA
QB9dUeJZe29p9zBV7YEig8Tp4sxV0610rNA5vmqmxRreVHVVpashvhLh3QWrKrFK
SYhewsvLKlxO7iKB+311A+ciLBYyuj7eitdE9KM8N0zlVx7hHuY68KfX0zfcfXBm
5+b/t/xTq2AG88phRdsvo0MjhnW4lyR8kEF8QgGBxEtzXb16OEAUcQQRKwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFPE5v8dpLktmtNQGcYi6zWEu7nORMB8GA1UdIwQY
MBaAFDZk5EYqKQKlL4JtrjhWVzHvxb3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm1Ua1Jpb3BBcVV2Z20ydU9GWlhNZV9GdmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9iYTAwODUtMzA2MC00Yzk2LTkwZGEt
YTQ1YjFhNGFjZTU2LzEvOFRtX3gya3VTMmEwMUFaeGlMck5ZUzd1YzVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9iYTAwODUtMzA2MC00Yzk2LTkwZGEtYTQ1YjFhNGFjZTU2
LzEvTm1Ua1Jpb3BBcVV2Z20ydU9GWlhNZV9GdmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAgAAlAwQC
uUXEAwQAwREOMA8EAgACMAkDBwAgAQZ8FVwwDQYJKoZIhvcNAQELBQADggEBACa6
Yo84aaDakJuMhcLBB6ziFmYSQZ1da8Ydj+AxPr5DjtTtJV9JkAelyBOCjbGafBdj
0toNqkNtR4f0ScZXFQ73I4fYN5zl0sbmdYT5130jyigvyiXlP0psIbJarO1kp6YE
hPqX6156mkX4OZE41GPZqQmPy2amn+4v/0gc/f0a5fnprLa/554twyQyI4eqxZFF
UR2kom73C1NHiBgKC5ISBMBxdbxKttEzpenVAJFuA+NDt6S4nzPoKDI0sr3U+DMU
5aNlj6TT7FQW8uO6ufnV3VqlfFH0mLgtZ1uwG44HKXti6XHBC57rA+5HCDeDmv3Y
upBcWkL7BWMNQ7KPExo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:49 2024 by rpki-client on console-fra.rpki-client.org