Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/8d20bb-d72d-47aa-be48-38269cef5e01/1/04wAM5OVkspG5YObwuqX85hrvBE.roa
File: 04wAM5OVkspG5YObwuqX85hrvBE.roa (raw, json)
Hash identifier: PaXRg3YCUroCf28vYHErSU/4gL9fwo6hfRI3RCIg99Q=
Subject key identifier: D3:8C:00:33:93:95:92:CA:46:E5:83:9B:C2:EA:97:F3:98:6B:BC:11
Certificate issuer: /CN=8a029b1eb51cd4f4bc4dd985a0ec653a75eca40c
Certificate serial: 01856D54080EE2D1BE3F6F6AE6858BBAF48F
Authority key identifier: 8A:02:9B:1E:B5:1C:D4:F4:BC:4D:D9:85:A0:EC:65:3A:75:EC:A4:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/igKbHrUc1PS8TdmFoOxlOnXspAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/8d20bb-d72d-47aa-be48-38269cef5e01/1/04wAM5OVkspG5YObwuqX85hrvBE.roa
Signing time: Sun 01 Jan 2023 12:35:01 +0000
ROA not before: Sun 01 Jan 2023 12:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15600
IP address blocks: 84.241.64.0/18 maxlen: 18
185.92.64.0/22 maxlen: 22
2a01:b540::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:54:08:0e:e2:d1:be:3f:6f:6a:e6:85:8b:ba:f4:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a029b1eb51cd4f4bc4dd985a0ec653a75eca40c
Validity
Not Before: Jan 1 12:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d38c0033939592ca46e5839bc2ea97f3986bbc11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2e:ff:66:58:6c:7b:b1:dd:91:88:ae:3e:6e:
1c:b2:97:68:bb:87:c6:16:e9:b1:99:46:9f:db:b9:
12:c8:eb:65:11:b2:6f:25:c5:e8:0c:d0:40:37:7b:
87:71:74:df:4a:bb:bb:4c:69:cc:19:35:a6:69:8b:
fd:d7:b9:33:b3:96:18:be:e1:78:4c:18:49:e7:21:
a4:f2:78:aa:82:98:08:1f:a0:44:64:46:d3:ba:30:
36:e6:1a:1d:c5:83:fe:90:45:d6:b2:bd:91:bb:7b:
96:63:a3:ae:40:eb:8b:e7:c0:5a:88:ec:ac:11:48:
4b:fc:b8:4b:43:15:8d:fd:f5:95:a0:1b:a4:28:73:
40:d5:c2:00:32:a5:20:81:08:55:0e:af:57:64:e4:
e6:d8:53:7c:94:1f:fc:de:33:06:fa:7a:32:f6:e2:
dd:e1:5d:77:70:06:ff:53:e8:bc:ac:f6:aa:50:51:
83:e1:60:e6:20:74:94:63:32:eb:81:42:94:00:1d:
73:98:23:e5:80:2d:87:3f:1b:fa:d5:16:49:81:21:
df:48:18:7c:7d:86:1c:a1:e9:dc:c7:93:d8:27:dc:
8d:71:70:98:1c:1f:24:d5:73:13:f7:fb:37:71:01:
66:be:3d:3d:5c:76:94:57:bf:4f:9e:b6:c2:a8:f4:
8c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:8C:00:33:93:95:92:CA:46:E5:83:9B:C2:EA:97:F3:98:6B:BC:11
X509v3 Authority Key Identifier:
keyid:8A:02:9B:1E:B5:1C:D4:F4:BC:4D:D9:85:A0:EC:65:3A:75:EC:A4:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/igKbHrUc1PS8TdmFoOxlOnXspAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/8d20bb-d72d-47aa-be48-38269cef5e01/1/04wAM5OVkspG5YObwuqX85hrvBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/8d20bb-d72d-47aa-be48-38269cef5e01/1/igKbHrUc1PS8TdmFoOxlOnXspAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.241.64.0/18
185.92.64.0/22
IPv6:
2a01:b540::/29
Signature Algorithm: sha256WithRSAEncryption
b0:0b:e3:34:59:04:da:c8:c6:a0:db:3f:a3:0c:d4:8d:d5:af:
4b:a3:84:3e:f8:80:fd:79:0d:bf:e7:79:42:fe:91:eb:52:92:
d8:fa:a8:7c:6d:8f:0b:19:b7:fc:bd:84:e0:1e:82:ee:68:e8:
ab:b6:7f:b4:79:e4:0b:11:36:ed:79:f2:1c:20:5a:9a:7f:6f:
e1:6a:29:62:dc:da:3f:e4:bd:b8:4c:9a:9d:26:a8:4f:cf:18:
e8:3c:02:f4:7e:78:a1:5c:b1:55:a2:b8:82:5a:1e:41:5f:b1:
6a:36:ff:a0:16:88:8b:31:0d:94:4f:86:88:ef:3f:f6:3c:ea:
63:70:46:91:64:c9:f3:86:78:02:1a:6f:50:1d:96:51:25:a0:
c1:a2:38:06:a0:d1:e3:a5:41:28:61:2a:fb:fa:5d:5b:94:3d:
38:b4:96:80:3d:3b:c7:4f:c2:43:10:bc:87:b4:01:19:51:a3:
d9:85:9e:87:89:62:97:2a:42:b0:70:9f:a8:07:96:fd:d4:0d:
f0:c5:33:2d:c9:41:08:51:d8:16:0d:aa:49:57:56:7f:09:4e:
d9:2a:9c:75:97:ec:d0:17:e6:22:11:52:67:21:71:af:45:39:
17:69:75:c9:20:e6:83:f5:24:8d:bf:ae:7e:44:0d:eb:2a:ec:
55:72:89:13
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtVAgO4tG+P29q5oWLuvSPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMDI5YjFlYjUxY2Q0ZjRiYzRkZDk4NWEwZWM2NTNhNzVl
Y2E0MGMwHhcNMjMwMTAxMTIzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzhjMDAzMzkzOTU5MmNhNDZlNTgzOWJjMmVhOTdmMzk4NmJiYzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwy7/Zlhse7HdkYiuPm4cspdou4fG
FumxmUaf27kSyOtlEbJvJcXoDNBAN3uHcXTfSru7TGnMGTWmaYv917kzs5YYvuF4
TBhJ5yGk8niqgpgIH6BEZEbTujA25hodxYP+kEXWsr2Ru3uWY6OuQOuL58BaiOys
EUhL/LhLQxWN/fWVoBukKHNA1cIAMqUggQhVDq9XZOTm2FN8lB/83jMG+noy9uLd
4V13cAb/U+i8rPaqUFGD4WDmIHSUYzLrgUKUAB1zmCPlgC2HPxv61RZJgSHfSBh8
fYYcoencx5PYJ9yNcXCYHB8k1XMT9/s3cQFmvj09XHaUV79PnrbCqPSMlwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNOMADOTlZLKRuWDm8Lql/OYa7wRMB8GA1UdIwQY
MBaAFIoCmx61HNT0vE3ZhaDsZTp17KQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWdLYkhyVWMxUFM4VGRtRm9PeGxPblhzcEF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My84ZDIwYmItZDcyZC00N2FhLWJlNDgt
MzgyNjljZWY1ZTAxLzEvMDR3QU01T1Zrc3BHNVlPYnd1cVg4NWhydkJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My84ZDIwYmItZDcyZC00N2FhLWJlNDgtMzgyNjljZWY1ZTAx
LzEvaWdLYkhyVWMxUFM4VGRtRm9PeGxPblhzcEF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGVPFAAwQC
uVxAMA0EAgACMAcDBQMqAbVAMA0GCSqGSIb3DQEBCwUAA4IBAQCwC+M0WQTayMag
2z+jDNSN1a9Lo4Q++ID9eQ2/53lC/pHrUpLY+qh8bY8LGbf8vYTgHoLuaOirtn+0
eeQLETbtefIcIFqaf2/haili3No/5L24TJqdJqhPzxjoPAL0fnihXLFVoriCWh5B
X7FqNv+gFoiLMQ2UT4aI7z/2POpjcEaRZMnzhngCGm9QHZZRJaDBojgGoNHjpUEo
YSr7+l1blD04tJaAPTvHT8JDELyHtAEZUaPZhZ6HiWKXKkKwcJ+oB5b91A3wxTMt
yUEIUdgWDapJV1Z/CU7ZKpx1l+zQF+YiEVJnIXGvRTkXaXXJIOaD9SSNv65+RA3r
KuxVcokT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:18 2024 by rpki-client on console-ams.rpki-client.org