Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/S8rF0oPQUVFo_5nWAy3Lk1WJLIA.roa
File: S8rF0oPQUVFo_5nWAy3Lk1WJLIA.roa (raw, json)
Hash identifier: 7M0V7nYIXOAkzprt1G3WcCi3eues5zzkPpkObHwt5D4=
Subject key identifier: 4B:CA:C5:D2:83:D0:51:51:68:FF:99:D6:03:2D:CB:93:55:89:2C:80
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01861699E5E3D7AF85E3766831CFB30CD110
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/S8rF0oPQUVFo_5nWAy3Lk1WJLIA.roa
Signing time: Fri 03 Feb 2023 09:27:09 +0000
ROA not before: Fri 03 Feb 2023 09:27:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200088
IP address blocks: 185.166.196.0/24 maxlen: 24
185.166.197.0/24 maxlen: 24
194.31.173.0/24 maxlen: 24
37.220.81.0/24 maxlen: 24
194.31.174.0/24 maxlen: 24
37.220.83.0/24 maxlen: 24
37.220.82.0/24 maxlen: 24
81.200.157.0/24 maxlen: 24
81.200.154.0/24 maxlen: 24
81.200.156.0/24 maxlen: 24
81.200.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Feb 2023 07:45:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:16:99:e5:e3:d7:af:85:e3:76:68:31:cf:b3:0c:d1:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Feb 3 09:27:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bcac5d283d0515168ff99d6032dcb9355892c80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:72:76:cd:c5:74:8f:e4:88:c5:3c:65:1d:3b:
96:22:c1:3c:bc:5c:b8:fb:62:f7:71:f7:81:1d:41:
e5:30:96:e3:bb:31:ac:47:91:04:9d:dc:05:17:4c:
d6:00:7c:56:43:97:88:ea:7f:5f:56:39:ab:8d:74:
88:86:4c:11:05:5d:be:8e:b8:b9:75:2a:93:d5:57:
c9:34:44:23:d6:5d:92:9e:35:ca:5a:3c:17:ac:d9:
94:e7:42:8d:1e:30:22:57:74:93:c3:09:10:3c:65:
a5:62:48:6a:bc:e5:3a:51:41:5e:42:70:25:5e:94:
b3:dd:a9:27:6a:2b:74:1a:64:b0:6f:42:24:0e:5f:
a4:4e:a1:46:26:7c:c9:bf:b7:66:ed:f1:00:7e:17:
dd:3c:57:0e:15:90:6d:14:3f:7b:c1:5a:e7:ad:e6:
29:17:63:b7:30:0a:2d:bb:01:19:1f:99:1e:c2:d2:
3c:b7:f2:ab:6d:e9:4f:fe:47:50:26:2b:ef:ac:0d:
5a:70:0f:95:db:50:b6:24:09:f8:98:49:7c:50:c0:
4a:d0:a5:a7:60:7b:e1:72:74:0c:05:b3:7b:67:cc:
aa:57:ce:6d:6d:0a:2d:14:64:c4:40:14:99:3f:57:
f5:35:7a:64:d5:9b:5f:48:01:31:bc:c3:8d:6d:ee:
94:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:CA:C5:D2:83:D0:51:51:68:FF:99:D6:03:2D:CB:93:55:89:2C:80
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/S8rF0oPQUVFo_5nWAy3Lk1WJLIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.81.0-37.220.83.255
81.200.154.0-81.200.157.255
185.166.196.0/23
194.31.173.0-194.31.174.255
Signature Algorithm: sha256WithRSAEncryption
96:e0:4d:79:ce:d6:8e:16:0e:4f:3b:13:25:df:71:67:07:37:
58:f6:53:21:06:fd:8d:8c:7d:5d:fd:9e:da:fc:39:c7:56:60:
42:8e:8f:da:28:42:22:38:79:51:8c:ed:63:51:8d:76:98:dd:
cd:2b:87:96:6a:20:49:64:f2:a0:09:b6:be:d7:95:86:ca:de:
af:42:78:e9:d0:3c:f1:4c:4d:7c:4b:37:42:a4:28:b2:ba:bd:
f5:2a:ce:85:45:13:c3:8c:bd:76:59:f0:d3:a0:92:6e:94:94:
2f:e4:ac:5e:59:4c:ea:f1:93:1b:35:56:d6:19:1a:9d:81:00:
49:f4:d4:6c:5f:41:80:54:1e:8c:13:fe:aa:f3:ec:c9:c0:5b:
77:44:43:1c:07:7d:db:4f:e6:bc:50:f7:21:b0:93:88:19:03:
93:70:22:c0:d9:41:e6:4c:4e:95:87:d7:e8:06:78:ab:5f:57:
36:f8:bb:b3:e3:c3:4e:cd:80:e9:77:18:41:8c:e0:f9:7c:cd:
8e:49:3f:18:e2:38:d9:9c:00:a6:d8:e8:d7:ee:0c:25:14:57:
e4:74:e1:7f:68:9d:a5:7f:21:da:45:25:21:18:eb:94:50:80:
fc:46:b2:13:0f:b4:b3:4f:d1:af:03:ae:98:54:ac:75:50:3e:
93:bb:a5:91
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYYWmeXj16+F43ZoMc+zDNEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMjAzMDkyNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmNhYzVkMjgzZDA1MTUxNjhmZjk5ZDYwMzJkY2I5MzU1ODkyYzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXJ2zcV0j+SIxTxlHTuWIsE8vFy4
+2L3cfeBHUHlMJbjuzGsR5EEndwFF0zWAHxWQ5eI6n9fVjmrjXSIhkwRBV2+jri5
dSqT1VfJNEQj1l2SnjXKWjwXrNmU50KNHjAiV3STwwkQPGWlYkhqvOU6UUFeQnAl
XpSz3aknait0GmSwb0IkDl+kTqFGJnzJv7dm7fEAfhfdPFcOFZBtFD97wVrnreYp
F2O3MAotuwEZH5kewtI8t/KrbelP/kdQJivvrA1acA+V21C2JAn4mEl8UMBK0KWn
YHvhcnQMBbN7Z8yqV85tbQotFGTEQBSZP1f1NXpk1ZtfSAExvMONbe6UEwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEvKxdKD0FFRaP+Z1gMty5NViSyAMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvUzhyRjBvUFFVVkZvXzVuV0F5M0xrMVdKTElBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwMAwDBAAl3FED
BAIl3FAwDAMEAVHImgMEAVHInAMEAbmmxDAMAwQAwh+tAwQAwh+uMA0GCSqGSIb3
DQEBCwUAA4IBAQCW4E15ztaOFg5POxMl33FnBzdY9lMhBv2NjH1d/Z7a/DnHVmBC
jo/aKEIiOHlRjO1jUY12mN3NK4eWaiBJZPKgCba+15WGyt6vQnjp0DzxTE18SzdC
pCiyur31Ks6FRRPDjL12WfDToJJulJQv5KxeWUzq8ZMbNVbWGRqdgQBJ9NRsX0GA
VB6ME/6q8+zJwFt3REMcB33bT+a8UPchsJOIGQOTcCLA2UHmTE6Vh9foBnirX1c2
+Luz48NOzYDpdxhBjOD5fM2OST8Y4jjZnACm2OjX7gwlFFfkdOF/aJ2lfyHaRSUh
GOuUUID8RrITD7SzT9GvA66YVKx1UD6Tu6WR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:15 2024 by rpki-client on console-ams.rpki-client.org