Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/e6656b-80c8-435e-bc1d-d6e715523f39/1/8h9gA78zbKYNn8IMzLlJ_sGCTIw.roa
File: 8h9gA78zbKYNn8IMzLlJ_sGCTIw.roa (raw, json)
Hash identifier: pi0Ip7t9fXMZaO/lmNF4w+wruddow7XoQGRVHegpg3Q=
Subject key identifier: F2:1F:60:03:BF:33:6C:A6:0D:9F:C2:0C:CC:B9:49:FE:C1:82:4C:8C
Certificate issuer: /CN=fad7e14a262560191c66576998e9c69b89c3c136
Certificate serial: 018B2425E394A58287DBD42B05BA85BA1989
Authority key identifier: FA:D7:E1:4A:26:25:60:19:1C:66:57:69:98:E9:C6:9B:89:C3:C1:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-tfhSiYlYBkcZldpmOnGm4nDwTY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/e6656b-80c8-435e-bc1d-d6e715523f39/1/8h9gA78zbKYNn8IMzLlJ_sGCTIw.roa
Signing time: Thu 12 Oct 2023 13:49:04 +0000
ROA not before: Thu 12 Oct 2023 13:49:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200735
IP address blocks: 145.255.48.0/24 maxlen: 24
145.255.51.0/24 maxlen: 24
145.255.50.0/24 maxlen: 24
145.255.49.0/24 maxlen: 24
145.255.55.0/24 maxlen: 24
145.255.54.0/24 maxlen: 24
145.255.53.0/24 maxlen: 24
145.255.52.0/24 maxlen: 24
185.55.72.0/24 maxlen: 24
185.55.75.0/24 maxlen: 24
185.55.74.0/24 maxlen: 24
185.55.73.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:24:25:e3:94:a5:82:87:db:d4:2b:05:ba:85:ba:19:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fad7e14a262560191c66576998e9c69b89c3c136
Validity
Not Before: Oct 12 13:49:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f21f6003bf336ca60d9fc20cccb949fec1824c8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:08:cd:ea:46:38:e5:72:92:c4:be:7f:87:26:
34:06:e8:88:f0:ca:c1:90:89:30:ea:8c:bb:85:cb:
0c:7c:f5:c8:e0:ca:8d:44:42:97:5b:fb:dc:68:82:
6d:96:2c:03:0f:73:ef:a6:0e:a3:97:02:8c:29:40:
5c:ce:a5:19:18:1c:da:ac:10:ae:2b:ac:30:a6:e0:
28:be:c4:9f:09:2f:49:e1:85:d1:72:08:b2:b6:7e:
ff:4a:21:e2:80:80:9b:45:7c:dd:24:66:e3:bb:39:
61:77:c7:74:e8:62:5b:8f:7f:65:00:7f:df:14:ce:
ec:1e:d4:9a:38:48:68:9f:d0:ca:02:16:78:60:e5:
11:94:95:56:60:06:81:ed:ab:9e:f3:77:fa:51:39:
72:69:b0:09:7b:a0:d5:52:ed:e8:d1:fc:cc:1e:37:
65:f6:18:f0:f1:dc:29:1d:52:87:4d:1c:f5:a6:2f:
54:03:9f:92:63:5b:24:e7:0a:e6:30:d8:22:bf:0a:
76:c4:de:ef:0c:d1:75:c2:2f:8d:cd:60:ba:c5:75:
91:7a:74:a2:7a:c1:bb:fe:9d:72:30:2d:3c:06:54:
89:b5:82:14:d7:46:11:3e:eb:ad:f6:ad:68:a8:f0:
1a:db:14:d5:b7:e7:61:8f:44:f1:d3:77:37:26:17:
94:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:1F:60:03:BF:33:6C:A6:0D:9F:C2:0C:CC:B9:49:FE:C1:82:4C:8C
X509v3 Authority Key Identifier:
keyid:FA:D7:E1:4A:26:25:60:19:1C:66:57:69:98:E9:C6:9B:89:C3:C1:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tfhSiYlYBkcZldpmOnGm4nDwTY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e6656b-80c8-435e-bc1d-d6e715523f39/1/8h9gA78zbKYNn8IMzLlJ_sGCTIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e6656b-80c8-435e-bc1d-d6e715523f39/1/1-tfhSiYlYBkcZldpmOnGm4nDwTY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.255.48.0/21
185.55.72.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:3a:fa:4b:db:fc:fb:b5:82:05:51:02:29:60:11:6c:75:fc:
b7:c7:7a:5d:82:cb:0f:4a:34:f0:34:28:ff:0a:54:6f:fb:aa:
c0:fa:19:d7:16:b3:32:61:24:4a:21:71:5d:f9:6e:2e:7d:80:
2c:cd:05:0e:b0:9c:81:82:2d:40:60:bd:1b:1e:6a:6d:0b:54:
09:b7:43:d0:bb:8b:0e:1c:f3:48:0e:05:14:e4:ef:61:db:68:
9f:44:1b:80:c0:b9:bc:65:c2:78:d6:0b:4f:e4:a2:c1:10:b6:
83:04:f0:7a:62:97:f4:96:6c:db:32:b2:a7:a9:4c:85:3e:f5:
57:d4:be:4d:33:1c:10:82:24:84:f2:99:5d:d3:5c:fe:84:b8:
dc:16:9b:ba:fc:63:7a:a7:d6:4a:00:77:ab:a5:76:73:6c:f0:
b2:45:05:7a:af:a0:b5:80:a3:aa:14:e7:13:9e:89:4a:26:a3:
f7:15:a9:dc:aa:f7:68:c9:b8:9c:11:a2:c5:66:6c:7c:d9:72:
7e:56:e8:85:fd:88:bf:a2:3b:08:41:9c:b0:97:e1:13:55:09:
7e:85:42:3b:ca:3d:cd:10:75:7b:6d:72:85:28:43:ca:89:96:
9e:d6:7e:3a:5a:5b:5c:b2:7b:be:27:1b:d0:b0:e6:17:b5:66:
9d:23:85:50
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYskJeOUpYKH29QrBbqFuhmJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZDdlMTRhMjYyNTYwMTkxYzY2NTc2OTk4ZTljNjliODlj
M2MxMzYwHhcNMjMxMDEyMTM0OTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjFmNjAwM2JmMzM2Y2E2MGQ5ZmMyMGNjY2I5NDlmZWMxODI0YzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgjN6kY45XKSxL5/hyY0BuiI8MrB
kIkw6oy7hcsMfPXI4MqNREKXW/vcaIJtliwDD3Pvpg6jlwKMKUBczqUZGBzarBCu
K6wwpuAovsSfCS9J4YXRcgiytn7/SiHigICbRXzdJGbjuzlhd8d06GJbj39lAH/f
FM7sHtSaOEhon9DKAhZ4YOURlJVWYAaB7aue83f6UTlyabAJe6DVUu3o0fzMHjdl
9hjw8dwpHVKHTRz1pi9UA5+SY1sk5wrmMNgivwp2xN7vDNF1wi+NzWC6xXWRenSi
esG7/p1yMC08BlSJtYIU10YRPuut9q1oqPAa2xTVt+dhj0Tx03c3JheUlwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPIfYAO/M2ymDZ/CDMy5Sf7BgkyMMB8GA1UdIwQY
MBaAFPrX4UomJWAZHGZXaZjpxpuJw8E2MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS10ZmhTaVlsWUJrY1psZHBtT25HbTRuRHdUWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEvZTY2NTZiLTgwYzgtNDM1ZS1iYzFk
LWQ2ZTcxNTUyM2YzOS8xLzhoOWdBNzh6YktZTm44SU16TGxKX3NHQ1RJdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWEvZTY2NTZiLTgwYzgtNDM1ZS1iYzFkLWQ2ZTcxNTUyM2Yz
OS8xLzEtdGZoU2lZbFlCa2NabGRwbU9uR200bkR3VFkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAOR/zAD
BAK5N0gwDQYJKoZIhvcNAQELBQADggEBABw6+kvb/Pu1ggVRAilgEWx1/LfHel2C
yw9KNPA0KP8KVG/7qsD6GdcWszJhJEohcV35bi59gCzNBQ6wnIGCLUBgvRseam0L
VAm3Q9C7iw4c80gOBRTk72HbaJ9EG4DAubxlwnjWC0/kosEQtoME8Hpil/SWbNsy
sqepTIU+9VfUvk0zHBCCJITymV3TXP6EuNwWm7r8Y3qn1koAd6uldnNs8LJFBXqv
oLWAo6oU5xOeiUomo/cVqdyq92jJuJwRosVmbHzZcn5W6IX9iL+iOwhBnLCX4RNV
CX6FQjvKPc0QdXttcoUoQ8qJlp7WfjpaW1yye74nG9Cw5he1Zp0jhVA=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:10 2024 by rpki-client on console-ams.rpki-client.org