Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/1be5e1-56b4-4c66-beab-6f163966af8b/1/8BTYVk-aLGuZZC0TSICWTVf0M7M.roa
File: 8BTYVk-aLGuZZC0TSICWTVf0M7M.roa (raw, json)
Hash identifier: ev6Wf89xbKBRvGdFYecCrAzbNk34Qoe3Q67uhJP0Npk=
Subject key identifier: F0:14:D8:56:4F:9A:2C:6B:99:64:2D:13:48:80:96:4D:57:F4:33:B3
Certificate issuer: /CN=74198f7022b9560501db448af60301fa285e9236
Certificate serial: 018CC500BDC3D1390A2239685B17EC1FFD23
Authority key identifier: 74:19:8F:70:22:B9:56:05:01:DB:44:8A:F6:03:01:FA:28:5E:92:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dBmPcCK5VgUB20SK9gMB-ihekjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/1be5e1-56b4-4c66-beab-6f163966af8b/1/8BTYVk-aLGuZZC0TSICWTVf0M7M.roa
Signing time: Mon 01 Jan 2024 12:30:09 +0000
ROA not before: Mon 01 Jan 2024 12:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3342
IP address blocks: 185.98.96.0/22 maxlen: 22
185.170.132.0/22 maxlen: 22
185.157.132.0/22 maxlen: 22
92.241.192.0/20 maxlen: 20
178.72.16.0/21 maxlen: 21
212.237.250.0/23 maxlen: 23
92.241.216.0/21 maxlen: 21
2a06:b00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 23 Apr 2024 05:24:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:bd:c3:d1:39:0a:22:39:68:5b:17:ec:1f:fd:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74198f7022b9560501db448af60301fa285e9236
Validity
Not Before: Jan 1 12:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f014d8564f9a2c6b99642d134880964d57f433b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ac:94:39:76:c8:67:65:ed:30:f9:c2:d4:b4:
d8:61:d1:3f:fe:13:88:23:4d:4f:79:5f:c0:9c:eb:
61:12:7e:6a:7b:50:29:97:80:44:5a:c7:74:2f:3f:
53:ef:8d:92:bd:0c:7a:8f:ab:ef:65:9e:4d:a4:0b:
26:1f:21:8b:49:46:aa:97:87:15:2c:99:53:0f:60:
4f:c0:fb:e0:ad:21:a1:fd:9b:d3:04:bd:b1:c0:db:
40:19:ee:4d:76:65:3a:b7:a9:f7:66:a0:59:03:0b:
0f:ad:ce:d7:a6:ba:3a:ff:6d:8d:8b:0b:aa:53:61:
a8:8e:8c:e1:77:c3:81:4d:a6:1a:11:f0:43:5b:37:
75:e5:79:5f:c6:d6:a5:13:6a:bf:d6:ff:26:1d:14:
38:39:ae:33:be:a4:93:d8:bc:95:c5:7e:a9:18:8d:
b1:42:90:5c:9e:97:32:e5:36:98:42:3c:fd:19:25:
c4:c5:32:3e:56:b8:28:d3:33:fa:af:56:34:90:65:
01:94:81:67:d7:33:b4:bb:39:e4:25:00:ff:73:e4:
6a:d4:f6:ee:52:1d:ac:5a:85:40:fa:cc:38:45:96:
66:7c:9e:4e:6a:34:e2:1f:22:2f:31:c9:29:e9:ac:
e8:ad:5b:8c:99:84:71:44:ac:f4:28:97:d6:8b:3c:
5e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:14:D8:56:4F:9A:2C:6B:99:64:2D:13:48:80:96:4D:57:F4:33:B3
X509v3 Authority Key Identifier:
keyid:74:19:8F:70:22:B9:56:05:01:DB:44:8A:F6:03:01:FA:28:5E:92:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBmPcCK5VgUB20SK9gMB-ihekjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/1be5e1-56b4-4c66-beab-6f163966af8b/1/8BTYVk-aLGuZZC0TSICWTVf0M7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/1be5e1-56b4-4c66-beab-6f163966af8b/1/dBmPcCK5VgUB20SK9gMB-ihekjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.241.192.0/20
92.241.216.0/21
178.72.16.0/21
185.98.96.0/22
185.157.132.0/22
185.170.132.0/22
212.237.250.0/23
IPv6:
2a06:b00::/29
Signature Algorithm: sha256WithRSAEncryption
40:77:ba:81:16:71:ab:88:df:38:2e:25:5a:ce:c0:57:98:56:
40:be:d0:e3:0b:16:60:92:0e:b3:11:72:be:b3:f3:dd:f1:bb:
8a:6b:e2:d9:68:f7:31:d9:c5:62:27:7e:41:e6:82:49:e5:a1:
9c:57:6a:89:23:78:15:6f:1f:d3:30:cc:e6:dd:76:59:18:38:
4d:21:2b:fe:5e:d0:4a:f5:c1:15:3f:31:c6:4a:ab:60:14:e3:
a9:dd:21:cc:31:fa:95:31:1b:47:4e:86:d8:d2:bf:cf:9d:25:
20:d5:06:0f:b4:67:22:8d:6b:b4:7a:87:b5:9b:c1:d6:b6:23:
d3:aa:9d:ef:bd:6f:fb:c1:f9:11:78:10:9a:4b:19:bc:25:1b:
f8:8e:3e:77:0f:5e:65:3d:96:31:7d:8f:8a:2b:8b:af:b0:10:
ea:38:d5:c7:35:40:c9:48:c4:f0:3f:b2:38:9a:85:c1:32:1c:
50:b5:7e:d3:8b:4e:61:b5:63:9f:a1:90:e3:11:a8:9e:17:d4:
7d:c0:3b:d3:39:99:74:18:5e:49:06:59:e3:f4:27:73:df:1d:
7f:e5:b7:7d:27:72:bc:df:e5:fd:35:f6:85:4a:56:de:e2:70:
44:fa:cf:ee:06:89:38:03:77:85:31:3f:78:43:74:0a:fa:d2:
80:9b:73:18
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzFAL3D0TkKIjloWxfsH/0jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MTk4ZjcwMjJiOTU2MDUwMWRiNDQ4YWY2MDMwMWZhMjg1
ZTkyMzYwHhcNMjQwMTAxMTIzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDE0ZDg1NjRmOWEyYzZiOTk2NDJkMTM0ODgwOTY0ZDU3ZjQzM2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKyUOXbIZ2XtMPnC1LTYYdE//hOI
I01PeV/AnOthEn5qe1Apl4BEWsd0Lz9T742SvQx6j6vvZZ5NpAsmHyGLSUaql4cV
LJlTD2BPwPvgrSGh/ZvTBL2xwNtAGe5NdmU6t6n3ZqBZAwsPrc7Xpro6/22Niwuq
U2Gojozhd8OBTaYaEfBDWzd15XlfxtalE2q/1v8mHRQ4Oa4zvqST2LyVxX6pGI2x
QpBcnpcy5TaYQjz9GSXExTI+Vrgo0zP6r1Y0kGUBlIFn1zO0uznkJQD/c+Rq1Pbu
Uh2sWoVA+sw4RZZmfJ5OajTiHyIvMckp6azorVuMmYRxRKz0KJfWizxeBwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFPAU2FZPmixrmWQtE0iAlk1X9DOzMB8GA1UdIwQY
MBaAFHQZj3AiuVYFAdtEivYDAfooXpI2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEJtUGNDSzVWZ1VCMjBTSzlnTUItaWhla2pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8xYmU1ZTEtNTZiNC00YzY2LWJlYWIt
NmYxNjM5NjZhZjhiLzEvOEJUWVZrLWFMR3VaWkMwVFNJQ1dUVmYwTTdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8xYmU1ZTEtNTZiNC00YzY2LWJlYWItNmYxNjM5NjZhZjhi
LzEvZEJtUGNDSzVWZ1VCMjBTSzlnTUItaWhla2pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQEXPHAAwQD
XPHYAwQDskgQAwQCuWJgAwQCuZ2EAwQCuaqEAwQB1O36MA0EAgACMAcDBQMqBgsA
MA0GCSqGSIb3DQEBCwUAA4IBAQBAd7qBFnGriN84LiVazsBXmFZAvtDjCxZgkg6z
EXK+s/Pd8buKa+LZaPcx2cViJ35B5oJJ5aGcV2qJI3gVbx/TMMzm3XZZGDhNISv+
XtBK9cEVPzHGSqtgFOOp3SHMMfqVMRtHTobY0r/PnSUg1QYPtGcijWu0eoe1m8HW
tiPTqp3vvW/7wfkReBCaSxm8JRv4jj53D15lPZYxfY+KK4uvsBDqONXHNUDJSMTw
P7I4moXBMhxQtX7Ti05htWOfoZDjEaieF9R9wDvTOZl0GF5JBlnj9Cdz3x1/5bd9
J3K83+X9NfaFSlbe4nBE+s/uBok4A3eFMT94Q3QK+tKAm3MY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:14 2024 by rpki-client on console-ams.rpki-client.org