Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6bda82-a2e1-45c9-a181-313de4892b8d/1/8j8xotB9yzuOOZ_rPPK414EuPig.roa
File: 8j8xotB9yzuOOZ_rPPK414EuPig.roa (raw, json)
Hash identifier: vOvoQmmWSgh4zIdqw8BAbQUVJtahsgZUOMzTXcQLtBY=
Subject key identifier: F2:3F:31:A2:D0:7D:CB:3B:8E:39:9F:EB:3C:F2:B8:D7:81:2E:3E:28
Certificate issuer: /CN=a8b3eb443c06a3dcc088e2caa05ce09cf8d4e7a6
Certificate serial: 0189B7E5801BFDDD137653B7BA005873CB9F
Authority key identifier: A8:B3:EB:44:3C:06:A3:DC:C0:88:E2:CA:A0:5C:E0:9C:F8:D4:E7:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qLPrRDwGo9zAiOLKoFzgnPjU56Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6bda82-a2e1-45c9-a181-313de4892b8d/1/8j8xotB9yzuOOZ_rPPK414EuPig.roa
Signing time: Wed 02 Aug 2023 20:16:58 +0000
ROA not before: Wed 02 Aug 2023 20:16:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211494
IP address blocks: 185.93.7.0/24 maxlen: 24
185.235.143.0/24 maxlen: 24
2a0d:a180::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b7:e5:80:1b:fd:dd:13:76:53:b7:ba:00:58:73:cb:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8b3eb443c06a3dcc088e2caa05ce09cf8d4e7a6
Validity
Not Before: Aug 2 20:16:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f23f31a2d07dcb3b8e399feb3cf2b8d7812e3e28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:eb:88:73:e5:8c:b1:cb:1e:b8:f9:d8:de:4f:
4e:d7:67:22:53:77:2d:2d:57:02:a4:8f:2e:ec:27:
42:81:7e:fc:88:01:67:0d:1e:cf:8a:11:b7:f2:b6:
a4:a1:30:f5:20:7f:bb:73:d1:b7:82:5e:69:c7:30:
88:b7:a0:75:86:43:20:8c:d7:c7:c1:02:61:0a:c8:
3f:4a:07:51:1b:df:d0:66:f4:01:7f:25:a6:19:c6:
ad:03:06:36:ac:10:b6:8d:b4:4f:2a:81:be:c7:dd:
c7:45:44:a2:b9:69:e1:6f:c7:2b:ee:a0:6c:e1:fa:
16:4c:88:d1:97:df:44:4f:6d:c1:38:db:7c:85:f8:
32:c8:43:3c:53:59:51:02:f1:a1:da:49:c9:6b:94:
f8:c4:2f:3b:77:7b:c3:ab:3b:a6:6f:6d:d0:45:a2:
e8:6d:0d:ca:1c:03:df:b4:36:03:87:53:07:bc:c9:
5f:f3:e9:a5:d8:39:db:84:33:29:57:51:99:a7:de:
8b:cb:1b:1f:03:71:7d:37:18:76:0a:ec:2e:d6:7a:
b4:fa:14:fa:a2:7c:95:bd:f6:3a:9c:1f:39:4d:fb:
7e:75:62:e1:1f:1e:67:75:31:20:04:17:70:39:b5:
85:87:ce:17:36:95:c7:2a:f7:43:4c:73:75:73:89:
35:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:3F:31:A2:D0:7D:CB:3B:8E:39:9F:EB:3C:F2:B8:D7:81:2E:3E:28
X509v3 Authority Key Identifier:
keyid:A8:B3:EB:44:3C:06:A3:DC:C0:88:E2:CA:A0:5C:E0:9C:F8:D4:E7:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qLPrRDwGo9zAiOLKoFzgnPjU56Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6bda82-a2e1-45c9-a181-313de4892b8d/1/8j8xotB9yzuOOZ_rPPK414EuPig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6bda82-a2e1-45c9-a181-313de4892b8d/1/qLPrRDwGo9zAiOLKoFzgnPjU56Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.7.0/24
185.235.143.0/24
IPv6:
2a0d:a180::/32
Signature Algorithm: sha256WithRSAEncryption
73:e0:a3:d2:5e:6a:c5:ec:37:76:cd:8f:7e:ac:2f:ef:02:a4:
e9:e6:8a:a7:f3:8e:1a:8e:aa:97:17:d1:3b:db:08:40:c8:9b:
ff:56:59:c1:86:c1:8e:2a:9f:cf:d7:e8:71:5f:5f:a6:d2:e4:
1c:f1:57:92:b9:9e:bd:1e:0a:3c:9c:20:db:8c:f3:00:f6:b8:
31:c1:4d:c5:ac:6c:12:40:34:20:19:7f:54:fc:62:3b:2d:57:
f3:d2:de:65:54:4a:21:ad:27:99:c3:39:76:98:4b:52:74:75:
9e:22:10:ec:dc:f5:b8:a3:5f:01:ef:6e:6a:1e:24:91:6c:7a:
a8:12:d8:2f:45:86:0e:c6:d5:4c:80:1e:fc:ce:37:b3:35:5c:
0b:e3:09:27:8c:88:ac:45:01:6e:79:ae:0c:09:69:5b:ec:2e:
4f:1b:1d:3b:51:d8:c2:e9:8e:d7:10:a5:68:ee:87:9c:e7:97:
01:bd:99:67:47:ac:0e:13:ae:50:fc:19:bd:78:a8:24:56:e8:
10:b9:1f:3b:f8:25:d8:07:fb:5f:2f:78:1f:9d:35:42:5d:49:
d4:85:75:7c:3a:48:ff:2d:24:7e:9c:87:84:37:e9:1e:ce:11:
2c:2e:ab:c5:a8:5e:d9:60:60:83:7e:87:8c:07:c0:42:14:c0:
f0:68:3f:58
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYm35YAb/d0TdlO3ugBYc8ufMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YjNlYjQ0M2MwNmEzZGNjMDg4ZTJjYWEwNWNlMDljZjhk
NGU3YTYwHhcNMjMwODAyMjAxNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjNmMzFhMmQwN2RjYjNiOGUzOTlmZWIzY2YyYjhkNzgxMmUzZTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+uIc+WMscseuPnY3k9O12ciU3ct
LVcCpI8u7CdCgX78iAFnDR7PihG38rakoTD1IH+7c9G3gl5pxzCIt6B1hkMgjNfH
wQJhCsg/SgdRG9/QZvQBfyWmGcatAwY2rBC2jbRPKoG+x93HRUSiuWnhb8cr7qBs
4foWTIjRl99ET23BONt8hfgyyEM8U1lRAvGh2knJa5T4xC87d3vDqzumb23QRaLo
bQ3KHAPftDYDh1MHvMlf8+ml2DnbhDMpV1GZp96LyxsfA3F9Nxh2Cuwu1nq0+hT6
onyVvfY6nB85Tft+dWLhHx5ndTEgBBdwObWFh84XNpXHKvdDTHN1c4k1nQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPI/MaLQfcs7jjmf6zzyuNeBLj4oMB8GA1UdIwQY
MBaAFKiz60Q8BqPcwIjiyqBc4Jz41OemMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUxQclJEd0dvOXpBaU9MS29GemduUGpVNTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82YmRhODItYTJlMS00NWM5LWExODEt
MzEzZGU0ODkyYjhkLzEvOGo4eG90Qjl5enVPT1pfclBQSzQxNEV1UGlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82YmRhODItYTJlMS00NWM5LWExODEtMzEzZGU0ODkyYjhk
LzEvcUxQclJEd0dvOXpBaU9MS29GemduUGpVNTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuV0HAwQA
ueuPMA0EAgACMAcDBQAqDaGAMA0GCSqGSIb3DQEBCwUAA4IBAQBz4KPSXmrF7Dd2
zY9+rC/vAqTp5oqn844ajqqXF9E72whAyJv/VlnBhsGOKp/P1+hxX1+m0uQc8VeS
uZ69Hgo8nCDbjPMA9rgxwU3FrGwSQDQgGX9U/GI7LVfz0t5lVEohrSeZwzl2mEtS
dHWeIhDs3PW4o18B725qHiSRbHqoEtgvRYYOxtVMgB78zjezNVwL4wknjIisRQFu
ea4MCWlb7C5PGx07UdjC6Y7XEKVo7oec55cBvZlnR6wOE65Q/Bm9eKgkVugQuR87
+CXYB/tfL3gfnTVCXUnUhXV8Okj/LSR+nIeEN+kezhEsLqvFqF7ZYGCDfoeMB8BC
FMDwaD9Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:19 2024 by rpki-client on console-ams.rpki-client.org