Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/o4KxEDPvuAnkahDi1smKbhq26aY.roa
File: o4KxEDPvuAnkahDi1smKbhq26aY.roa (raw, json)
Hash identifier: VCBuOkiw0710QQNQuZWz/q1ak2l7casqcVUFT5xe+qQ=
Subject key identifier: A3:82:B1:10:33:EF:B8:09:E4:6A:10:E2:D6:C9:8A:6E:1A:B6:E9:A6
Certificate issuer: /CN=cfeace714c29568ef197007b141d12758cc415d5
Certificate serial: 018A17DF2303E6DF17B63568732BE804FAF9
Authority key identifier: CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/o4KxEDPvuAnkahDi1smKbhq26aY.roa
Signing time: Mon 21 Aug 2023 11:33:34 +0000
ROA not before: Mon 21 Aug 2023 11:33:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1257
IP address blocks: 185.56.212.0/22 maxlen: 24
2a01:4400::/32 maxlen: 48
2a02:5120::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 23 Aug 2023 06:36:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:17:df:23:03:e6:df:17:b6:35:68:73:2b:e8:04:fa:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfeace714c29568ef197007b141d12758cc415d5
Validity
Not Before: Aug 21 11:33:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a382b11033efb809e46a10e2d6c98a6e1ab6e9a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:6a:19:80:0c:de:70:4a:b8:51:19:42:07:d6:
ff:64:51:01:c7:00:fc:33:2c:c5:3d:45:6f:d4:de:
6c:3c:4e:b7:ac:20:c5:57:4b:44:0a:89:c1:14:51:
08:f5:5b:bf:ba:67:8b:26:13:d0:3e:7e:5d:b0:74:
52:bb:b7:b4:6b:e5:9c:b9:85:21:fc:cc:52:e1:b8:
03:1f:b5:ef:a4:4e:58:3c:62:d9:8c:7d:7c:34:be:
b8:89:de:95:f8:2f:e2:67:1f:1f:57:9b:3c:7f:74:
9f:6f:b0:55:d0:f6:c8:0c:84:d6:9e:8d:d4:c5:11:
e8:ce:dc:d9:f0:25:23:76:1a:14:b6:dd:85:e8:33:
01:28:e3:d6:b4:16:42:ca:ac:19:bc:d3:46:6f:bc:
7a:6e:5d:93:f5:bb:3a:1b:d2:9b:d0:e6:61:f9:dd:
d5:74:c4:9b:56:3e:8e:84:ee:0d:3c:bb:c2:81:bc:
e4:36:c1:55:32:e4:31:5c:1d:3f:7b:58:61:35:3a:
84:4f:58:98:1b:36:ec:06:e7:1c:0b:21:5b:17:82:
4f:a7:8e:b8:40:1c:d9:45:21:db:d6:fb:e4:82:d3:
36:78:ca:77:7f:18:22:ad:5c:95:60:f1:ca:82:7e:
a6:11:be:29:dd:9a:57:39:4c:ac:5b:52:09:f2:c1:
07:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:82:B1:10:33:EF:B8:09:E4:6A:10:E2:D6:C9:8A:6E:1A:B6:E9:A6
X509v3 Authority Key Identifier:
keyid:CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/o4KxEDPvuAnkahDi1smKbhq26aY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.212.0/22
IPv6:
2a01:4400::/32
2a02:5120::/32
Signature Algorithm: sha256WithRSAEncryption
8b:db:6c:8c:7c:60:a4:88:4c:9c:7b:e7:d7:41:a4:94:2e:41:
f5:f9:d0:f9:46:74:21:19:89:d1:93:45:2f:f5:e4:87:04:35:
8d:4b:24:32:3b:09:05:8f:73:47:6e:6f:b7:61:ea:d5:f0:7a:
f3:99:0c:73:c5:97:a0:b3:0b:31:59:60:36:de:76:40:d0:e6:
85:55:dc:16:1f:b1:48:f2:c4:b3:bc:ad:ac:64:2f:11:83:72:
7f:64:de:ce:44:ec:6d:6a:22:d9:5f:60:31:f1:87:21:0d:85:
e0:ab:d8:6f:f2:99:f2:ad:d8:9c:07:a2:08:70:71:a3:4c:29:
71:79:e4:89:b4:fc:75:a0:bf:2b:46:e8:19:c3:90:eb:56:11:
f0:85:37:c1:af:b7:95:14:f7:34:d0:51:97:73:2a:e4:0e:ee:
d0:50:fd:29:b0:f4:ed:5f:44:4b:9b:9c:a1:ff:80:a4:b7:ed:
2f:32:64:90:99:7f:ed:e1:db:4c:1f:77:21:59:e7:36:8d:90:
0d:50:7f:a4:38:d3:d3:17:d4:17:36:56:7b:6f:44:9c:c0:b2:
55:44:96:b7:db:f3:e1:d5:64:7e:d5:80:8e:17:17:0b:93:cc:
9a:76:35:39:b3:0b:1d:1f:44:7c:b7:76:6c:66:aa:0c:a8:b7:
7a:8e:f4:d7
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYoX3yMD5t8XtjVocyvoBPr5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWFjZTcxNGMyOTU2OGVmMTk3MDA3YjE0MWQxMjc1OGNj
NDE1ZDUwHhcNMjMwODIxMTEzMzM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzgyYjExMDMzZWZiODA5ZTQ2YTEwZTJkNmM5OGE2ZTFhYjZlOWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGoZgAzecEq4URlCB9b/ZFEBxwD8
MyzFPUVv1N5sPE63rCDFV0tEConBFFEI9Vu/umeLJhPQPn5dsHRSu7e0a+WcuYUh
/MxS4bgDH7XvpE5YPGLZjH18NL64id6V+C/iZx8fV5s8f3Sfb7BV0PbIDITWno3U
xRHoztzZ8CUjdhoUtt2F6DMBKOPWtBZCyqwZvNNGb7x6bl2T9bs6G9Kb0OZh+d3V
dMSbVj6OhO4NPLvCgbzkNsFVMuQxXB0/e1hhNTqET1iYGzbsBuccCyFbF4JPp464
QBzZRSHb1vvkgtM2eMp3fxgirVyVYPHKgn6mEb4p3ZpXOUysW1IJ8sEHCQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKOCsRAz77gJ5GoQ4tbJim4atummMB8GA1UdIwQY
MBaAFM/qznFMKVaO8ZcAexQdEnWMxBXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMt
OGZkMzk0YjUzNTdjLzEvbzRLeEVEUHZ1QW5rYWhEaTFzbUtiaHEyNmFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMtOGZkMzk0YjUzNTdj
LzEvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCuTjUMBQE
AgACMA4DBQAqAUQAAwUAKgJRIDANBgkqhkiG9w0BAQsFAAOCAQEAi9tsjHxgpIhM
nHvn10GklC5B9fnQ+UZ0IRmJ0ZNFL/XkhwQ1jUskMjsJBY9zR25vt2Hq1fB685kM
c8WXoLMLMVlgNt52QNDmhVXcFh+xSPLEs7ytrGQvEYNyf2TezkTsbWoi2V9gMfGH
IQ2F4KvYb/KZ8q3YnAeiCHBxo0wpcXnkibT8daC/K0boGcOQ61YR8IU3wa+3lRT3
NNBRl3Mq5A7u0FD9KbD07V9ES5ucof+ApLftLzJkkJl/7eHbTB93IVnnNo2QDVB/
pDjT0xfUFzZWe29EnMCyVUSWt9vz4dVkftWAjhcXC5PMmnY1ObMLHR9EfLd2bGaq
DKi3eo701w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:34 2024 by rpki-client on console-fra.rpki-client.org