Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/8SZhvE5I-UoJGYYlPA6aOWU7NSg.roa
File: 8SZhvE5I-UoJGYYlPA6aOWU7NSg.roa (raw, json)
Hash identifier: yJ9uyw6XViB1Bc18nBbXkFHWXVCmdatfecdCeZV4hJ0=
Subject key identifier: F1:26:61:BC:4E:48:F9:4A:09:19:86:25:3C:0E:9A:39:65:3B:35:28
Certificate issuer: /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial: 018F3371D20215DA3F1618B4DCD14F661D93
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/8SZhvE5I-UoJGYYlPA6aOWU7NSg.roa
Signing time: Wed 01 May 2024 09:17:28 +0000
ROA not before: Wed 01 May 2024 09:17:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 194.246.36.0/24 maxlen: 24
194.246.37.0/24 maxlen: 24
194.247.44.0/24 maxlen: 24
194.247.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 May 2024 09:28:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:33:71:d2:02:15:da:3f:16:18:b4:dc:d1:4f:66:1d:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Validity
Not Before: May 1 09:17:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f12661bc4e48f94a091986253c0e9a39653b3528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e1:7c:8b:2f:a7:e4:ad:33:e0:04:b8:69:80:
8f:b4:aa:33:1b:6d:6d:57:d0:87:97:e6:88:4c:a6:
74:b2:1d:ea:e7:33:f5:f8:3b:7a:a7:7d:56:ec:cf:
dc:a8:8e:10:4a:1c:95:c7:26:2a:5f:0a:2a:e2:b2:
b6:0a:09:5e:f3:31:16:c6:ed:85:f6:f9:60:fa:cd:
62:81:d1:ff:5f:64:56:e5:a7:ff:03:e8:92:1d:76:
74:c3:f8:33:69:2c:9d:56:49:93:48:b6:a5:70:ae:
a8:dd:28:83:c6:d5:04:a6:d3:d0:bb:a3:70:10:23:
e9:08:70:bd:84:5b:bc:cc:e7:13:75:26:f7:a6:2b:
09:fa:68:13:78:62:fa:fe:fb:d9:28:3c:e5:91:38:
63:d7:25:44:55:4d:47:19:26:d7:3c:a1:76:e0:1b:
0e:ef:33:b0:fc:06:e5:51:9b:7f:b8:b2:97:06:a3:
d3:9a:7d:61:6d:33:ca:fc:d7:6b:bc:b5:a0:50:55:
05:69:72:a9:17:4e:0c:b6:32:94:89:21:7d:cb:e0:
8e:43:68:eb:0d:b6:6c:7b:a9:5c:22:bd:8e:16:58:
db:38:f3:58:9f:32:55:4c:67:db:02:bf:de:26:b9:
40:32:08:0f:1a:bb:32:a2:86:01:25:ff:f9:54:97:
c8:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:26:61:BC:4E:48:F9:4A:09:19:86:25:3C:0E:9A:39:65:3B:35:28
X509v3 Authority Key Identifier:
keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/8SZhvE5I-UoJGYYlPA6aOWU7NSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.246.36.0/23
194.247.44.0/23
Signature Algorithm: sha256WithRSAEncryption
79:3c:bb:ef:78:79:b8:0c:fe:18:a7:02:30:00:1b:dd:3c:dd:
eb:33:12:9a:b0:24:f6:43:b4:2f:76:20:8b:19:1e:a0:72:00:
8d:7b:12:93:bf:2d:19:0e:f0:f3:11:2c:8c:87:e0:05:ed:61:
b3:da:47:67:3f:b3:0d:4c:3e:95:69:47:e9:ac:aa:1a:f2:fe:
ea:e4:e6:7b:b9:13:c0:be:49:3f:77:fd:95:70:4c:cf:8d:58:
ca:a7:32:a5:84:4c:8a:40:c5:1b:4f:ee:22:39:e5:27:0a:80:
a5:ca:75:2a:ab:9f:1d:55:0f:27:91:99:56:fc:85:cc:80:92:
f3:71:df:a0:94:17:da:cf:b4:31:bf:86:11:38:ea:ab:28:bd:
6e:56:8e:c7:f1:60:11:19:6f:83:5d:aa:81:f0:63:32:4f:4c:
3f:f6:47:e3:be:50:73:ec:42:e8:d7:6e:86:f1:60:c5:cb:ff:
9c:dc:40:1e:92:4b:de:27:92:52:c9:79:79:cd:5e:c1:cb:2f:
8d:3f:29:74:aa:60:b9:e9:56:bd:9a:60:35:ef:88:fd:c3:04:
fb:1b:1a:d3:7e:cd:9d:7d:d6:5e:1f:70:a7:63:1a:c7:2f:ce:
4b:22:50:e1:07:12:8a:d7:b7:46:bb:ea:1d:1b:87:58:f4:23:
c0:cd:97:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8zcdICFdo/Fhi03NFPZh2TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjQwNTAxMDkxNzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTI2NjFiYzRlNDhmOTRhMDkxOTg2MjUzYzBlOWEzOTY1M2IzNTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+F8iy+n5K0z4AS4aYCPtKozG21t
V9CHl+aITKZ0sh3q5zP1+Dt6p31W7M/cqI4QShyVxyYqXwoq4rK2Cgle8zEWxu2F
9vlg+s1igdH/X2RW5af/A+iSHXZ0w/gzaSydVkmTSLalcK6o3SiDxtUEptPQu6Nw
ECPpCHC9hFu8zOcTdSb3pisJ+mgTeGL6/vvZKDzlkThj1yVEVU1HGSbXPKF24BsO
7zOw/AblUZt/uLKXBqPTmn1hbTPK/NdrvLWgUFUFaXKpF04MtjKUiSF9y+COQ2jr
DbZse6lcIr2OFljbOPNYnzJVTGfbAr/eJrlAMggPGrsyooYBJf/5VJfI1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPEmYbxOSPlKCRmGJTwOmjllOzUoMB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvOFNaaHZFNUktVW9KR1lZbFBBNmFPV1U3TlNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwvYkAwQB
wvcsMA0GCSqGSIb3DQEBCwUAA4IBAQB5PLvveHm4DP4YpwIwABvdPN3rMxKasCT2
Q7QvdiCLGR6gcgCNexKTvy0ZDvDzESyMh+AF7WGz2kdnP7MNTD6VaUfprKoa8v7q
5OZ7uRPAvkk/d/2VcEzPjVjKpzKlhEyKQMUbT+4iOeUnCoClynUqq58dVQ8nkZlW
/IXMgJLzcd+glBfaz7Qxv4YROOqrKL1uVo7H8WARGW+DXaqB8GMyT0w/9kfjvlBz
7ELo126G8WDFy/+c3EAekkveJ5JSyXl5zV7Byy+NPyl0qmC56Va9mmA174j9wwT7
GxrTfs2dfdZeH3CnYxrHL85LIlDhBxKK17dGu+odG4dY9CPAzZcR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:08 2024 by rpki-client on console-ams.rpki-client.org