Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/1-LTgEIZelA8Fe6kHI1MToGTNbDE.roa
File: 1-LTgEIZelA8Fe6kHI1MToGTNbDE.roa (raw, json)
Hash identifier: 8jnGnYKCBJATih0jF+XGGPCtcU+vdImIOeETMiQuWYs=
Subject key identifier: F8:B4:E0:10:86:5E:94:0F:05:7B:A9:07:23:53:13:A0:64:CD:6C:31
Certificate issuer: /CN=8812a0a809dc3cd1fbd8951a8f80f69925e11908
Certificate serial: 018C7EBB152C36CCF78A475768CF76CB65ED
Authority key identifier: 88:12:A0:A8:09:DC:3C:D1:FB:D8:95:1A:8F:80:F6:99:25:E1:19:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBKgqAncPNH72JUaj4D2mSXhGQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/1-LTgEIZelA8Fe6kHI1MToGTNbDE.roa
Signing time: Mon 18 Dec 2023 21:00:38 +0000
ROA not before: Mon 18 Dec 2023 21:00:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51013
IP address blocks: 185.140.108.0/24 maxlen: 24
193.32.233.0/24 maxlen: 24
193.32.232.0/22 maxlen: 24
193.32.232.0/24 maxlen: 24
193.32.235.0/24 maxlen: 24
193.32.234.0/24 maxlen: 24
92.118.24.0/22 maxlen: 22
185.111.89.0/24 maxlen: 24
185.111.91.0/24 maxlen: 24
185.111.88.0/24 maxlen: 24
185.111.88.0/22 maxlen: 24
185.111.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7e:bb:15:2c:36:cc:f7:8a:47:57:68:cf:76:cb:65:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8812a0a809dc3cd1fbd8951a8f80f69925e11908
Validity
Not Before: Dec 18 21:00:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8b4e010865e940f057ba907235313a064cd6c31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2c:c9:87:c8:43:c3:74:6e:6d:7f:4f:c8:4a:
92:d2:0b:04:eb:f3:e6:2c:ad:b5:0c:90:3b:e8:c4:
43:e3:0b:41:72:71:c9:e1:b3:20:0a:0a:2b:0d:3f:
35:04:83:0d:7d:38:d8:b4:e3:41:c2:ba:43:06:ab:
ed:0e:84:84:5e:55:68:ee:df:c9:ba:2e:c2:de:6a:
2f:a8:01:81:87:04:6d:7e:07:f5:92:a9:73:33:33:
41:1f:f0:ca:2c:05:82:43:5e:ee:29:90:b6:a6:cf:
65:5a:13:16:cb:8c:7f:40:b7:36:8c:2c:a9:7e:be:
5e:6b:b6:1e:61:33:2b:f4:b4:af:7d:22:b2:48:db:
37:dc:64:dc:32:99:c6:c0:c7:8d:46:89:54:d2:65:
3b:fd:f2:0d:82:98:9a:de:89:0d:6b:b0:69:6c:19:
d0:d6:fd:1d:35:7d:b2:0e:3e:0a:05:5a:7c:32:f2:
81:6c:11:04:f5:77:96:d8:cb:b5:f5:db:54:ed:24:
fa:18:6e:62:f8:f3:a1:d7:83:2a:f2:58:95:30:22:
18:7f:3f:20:01:5c:7f:f5:a9:50:ae:02:ea:19:ed:
73:fb:5d:19:2c:be:c8:36:bf:8c:b8:e0:a0:79:68:
14:f3:64:9e:85:33:3a:70:84:db:06:cc:69:2b:2f:
4f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:B4:E0:10:86:5E:94:0F:05:7B:A9:07:23:53:13:A0:64:CD:6C:31
X509v3 Authority Key Identifier:
keyid:88:12:A0:A8:09:DC:3C:D1:FB:D8:95:1A:8F:80:F6:99:25:E1:19:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBKgqAncPNH72JUaj4D2mSXhGQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/1-LTgEIZelA8Fe6kHI1MToGTNbDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/iBKgqAncPNH72JUaj4D2mSXhGQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.24.0/22
185.111.88.0/22
185.140.108.0/24
193.32.232.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:a5:3e:92:d6:ca:1d:e9:cb:32:31:42:1b:50:a7:ad:59:64:
8b:d8:89:7a:ba:40:c7:3f:ae:78:65:06:a4:ed:58:24:e6:c1:
05:cc:a5:9e:d6:b9:23:22:fc:89:47:42:7f:a7:e4:a2:91:f2:
57:59:56:ce:48:fe:c2:9f:ea:73:76:d2:17:68:1b:c8:23:10:
95:e4:ad:83:c3:2a:1f:53:71:df:47:75:7a:25:84:ad:1d:5f:
f3:ed:b9:65:a6:da:a2:fb:b3:22:fb:11:8f:fe:aa:dc:27:9f:
a5:be:55:de:18:fd:96:03:ea:61:12:e2:24:a3:56:4e:c0:45:
34:18:87:4f:c6:e8:ff:12:0c:25:c9:9c:76:ea:c2:1a:1d:b7:
48:fc:68:56:50:ab:19:97:69:18:6b:bd:49:d9:33:77:8a:6e:
95:b3:ba:d5:4c:7e:32:2e:5c:1e:be:b8:a9:cf:b9:9f:12:02:
89:99:53:0a:a1:7a:f8:02:51:fd:52:d5:5e:02:46:7b:d4:e5:
74:e6:69:f3:7c:5f:94:b8:67:ca:74:f0:4a:d2:a2:a9:bf:6f:
9c:13:f3:b5:cb:c6:a7:a7:03:f9:c3:97:b2:a4:af:ec:b5:d7:
6a:f1:65:3f:57:d2:6f:68:ab:9d:f5:9b:70:77:fe:3c:a9:b2:
e6:12:cd:7f
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYx+uxUsNsz3ikdXaM92y2XtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTJhMGE4MDlkYzNjZDFmYmQ4OTUxYThmODBmNjk5MjVl
MTE5MDgwHhcNMjMxMjE4MjEwMDM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGI0ZTAxMDg2NWU5NDBmMDU3YmE5MDcyMzUzMTNhMDY0Y2Q2YzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSzJh8hDw3RubX9PyEqS0gsE6/Pm
LK21DJA76MRD4wtBcnHJ4bMgCgorDT81BIMNfTjYtONBwrpDBqvtDoSEXlVo7t/J
ui7C3movqAGBhwRtfgf1kqlzMzNBH/DKLAWCQ17uKZC2ps9lWhMWy4x/QLc2jCyp
fr5ea7YeYTMr9LSvfSKySNs33GTcMpnGwMeNRolU0mU7/fINgpia3okNa7BpbBnQ
1v0dNX2yDj4KBVp8MvKBbBEE9XeW2Mu19dtU7ST6GG5i+POh14Mq8liVMCIYfz8g
AVx/9alQrgLqGe1z+10ZLL7INr+MuOCgeWgU82SehTM6cITbBsxpKy9P4wIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPi04BCGXpQPBXupByNTE6BkzWwxMB8GA1UdIwQY
MBaAFIgSoKgJ3DzR+9iVGo+A9pkl4RkIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJLZ3FBbmNQTkg3MkpVYWo0RDJtU1hoR1FnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jOGFhMDktYmRmYi00M2NhLTg1MjIt
ZmE3NWNiZTliZWFkLzEvMS1MVGdFSVplbEE4RmU2a0hJMU1Ub0dUTmJERS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGEvYzhhYTA5LWJkZmItNDNjYS04NTIyLWZhNzVjYmU5YmVh
ZC8xL2lCS2dxQW5jUE5INzJKVWFqNEQybVNYaEdRZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAlx2GAME
ArlvWAMEALmMbAMEAsEg6DANBgkqhkiG9w0BAQsFAAOCAQEAoKU+ktbKHenLMjFC
G1CnrVlki9iJerpAxz+ueGUGpO1YJObBBcylnta5IyL8iUdCf6fkopHyV1lWzkj+
wp/qc3bSF2gbyCMQleStg8MqH1Nx30d1eiWErR1f8+25ZabaovuzIvsRj/6q3Cef
pb5V3hj9lgPqYRLiJKNWTsBFNBiHT8bo/xIMJcmcdurCGh23SPxoVlCrGZdpGGu9
Sdkzd4pulbO61Ux+Mi5cHr64qc+5nxICiZlTCqF6+AJR/VLVXgJGe9TldOZp83xf
lLhnynTwStKiqb9vnBPztcvGp6cD+cOXsqSv7LXXavFlP1fSb2irnfWbcHf+PKmy
5hLNfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:37 2024 by rpki-client on console-ams.rpki-client.org