Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/973431-5ae4-4521-9454-c8eb08ce9089/1/8FYlR3VG76EJb5Ryn8jYN_kEoz8.roa
File: 8FYlR3VG76EJb5Ryn8jYN_kEoz8.roa (raw, json)
Hash identifier: Z5aUAyZsXuJNsxuLiami8VieOutTI+NT3kR5RK92ouk=
Subject key identifier: F0:56:25:47:75:46:EF:A1:09:6F:94:72:9F:C8:D8:37:F9:04:A3:3F
Certificate issuer: /CN=be37c70f1c67eca1775a709c9235d6a2f55516b8
Certificate serial: 018C027B908577CDEC0087FE9A28F4C72C51
Authority key identifier: BE:37:C7:0F:1C:67:EC:A1:77:5A:70:9C:92:35:D6:A2:F5:55:16:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vjfHDxxn7KF3WnCckjXWovVVFrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/973431-5ae4-4521-9454-c8eb08ce9089/1/8FYlR3VG76EJb5Ryn8jYN_kEoz8.roa
Signing time: Fri 24 Nov 2023 17:58:21 +0000
ROA not before: Fri 24 Nov 2023 17:58:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15685
IP address blocks: 185.95.117.0/24 maxlen: 24
185.95.118.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:02:7b:90:85:77:cd:ec:00:87:fe:9a:28:f4:c7:2c:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be37c70f1c67eca1775a709c9235d6a2f55516b8
Validity
Not Before: Nov 24 17:58:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f05625477546efa1096f94729fc8d837f904a33f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8c:f7:67:d6:81:d7:2c:b0:ea:30:5b:99:00:
21:fe:47:06:a7:f6:2e:4d:e7:2f:51:9c:57:34:c6:
04:85:e0:d0:84:a7:69:6b:45:2e:bf:2d:16:88:c1:
8d:00:07:4e:4d:37:8a:b3:51:90:ac:0d:71:8d:ff:
9a:46:0e:5d:23:28:52:8a:9b:f7:a4:c2:f1:ef:e8:
f6:7b:f7:a3:5b:e0:28:aa:c4:a1:db:90:ae:37:ba:
ac:58:b9:f2:48:a9:01:0f:63:1b:89:aa:d0:72:1e:
21:d7:2a:a2:1a:c6:0d:c2:4e:82:05:da:1c:74:ea:
47:7c:4a:5b:46:dc:d4:dc:21:74:20:5e:f8:fb:ce:
b2:9c:1d:c0:de:bd:d8:3d:98:29:5d:c2:4c:b4:41:
e0:00:ed:a6:7c:bb:10:f0:e3:09:51:42:a5:4c:8f:
10:66:4c:71:7d:4a:07:12:d0:c8:93:cc:9d:3f:95:
a2:cb:aa:05:24:3c:70:79:c2:1e:9a:5f:3b:4f:21:
d5:47:ca:5b:da:21:5b:4a:7d:c1:e4:bd:29:ab:5e:
d1:8a:59:27:ee:bf:4a:2d:73:74:dd:b0:01:9b:da:
cf:89:70:2b:5e:40:0b:a7:ef:66:9d:f8:e6:0f:13:
19:20:3a:35:9e:7f:47:27:fd:32:ae:c7:d8:99:a0:
76:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:56:25:47:75:46:EF:A1:09:6F:94:72:9F:C8:D8:37:F9:04:A3:3F
X509v3 Authority Key Identifier:
keyid:BE:37:C7:0F:1C:67:EC:A1:77:5A:70:9C:92:35:D6:A2:F5:55:16:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vjfHDxxn7KF3WnCckjXWovVVFrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/973431-5ae4-4521-9454-c8eb08ce9089/1/8FYlR3VG76EJb5Ryn8jYN_kEoz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/973431-5ae4-4521-9454-c8eb08ce9089/1/vjfHDxxn7KF3WnCckjXWovVVFrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.117.0-185.95.119.255
Signature Algorithm: sha256WithRSAEncryption
1a:e1:74:e9:dc:0b:77:52:d1:db:88:2e:99:fe:4f:8b:18:cc:
2e:27:61:f1:97:6e:52:12:2d:f3:d4:a5:c2:4a:d3:1f:ce:29:
db:96:70:45:14:bc:4a:f9:88:28:3e:b5:80:a7:8d:c0:2b:60:
30:96:58:7b:16:bd:fa:a8:73:24:a6:c9:57:33:ed:0d:fa:ea:
5c:61:be:48:4c:e6:43:f4:a6:b2:95:bb:7f:ff:28:8e:eb:6a:
a9:d5:35:a0:a2:1c:7f:d6:18:b1:03:e4:09:da:fb:dc:d5:5e:
7c:99:71:12:81:9a:65:84:41:fc:69:2b:7f:8a:70:5e:8a:03:
f9:a8:47:2e:72:cf:dc:8a:b1:48:ee:8b:b4:01:6c:11:ec:e2:
7e:71:61:d8:f7:32:ab:57:4a:ae:59:8f:92:af:43:0d:7c:37:
e9:7f:ee:d3:51:4a:0c:39:5e:fe:0a:ec:51:46:18:84:a8:20:
51:6c:3c:ad:1f:70:07:95:41:d1:fd:c2:a5:e5:38:1b:cc:ac:
52:80:90:51:30:88:45:45:89:96:9d:ae:e5:9d:1f:80:4d:06:
51:3d:03:d8:bd:d0:b0:3b:c7:f8:24:64:27:de:0c:20:20:b7:
8d:85:ae:c6:83:cd:b6:87:b1:6f:ee:f1:82:15:cc:03:2c:54:
75:4f:c2:b6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYwCe5CFd83sAIf+mij0xyxRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMzdjNzBmMWM2N2VjYTE3NzVhNzA5YzkyMzVkNmEyZjU1
NTE2YjgwHhcNMjMxMTI0MTc1ODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDU2MjU0Nzc1NDZlZmExMDk2Zjk0NzI5ZmM4ZDgzN2Y5MDRhMzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIz3Z9aB1yyw6jBbmQAh/kcGp/Yu
TecvUZxXNMYEheDQhKdpa0Uuvy0WiMGNAAdOTTeKs1GQrA1xjf+aRg5dIyhSipv3
pMLx7+j2e/ejW+AoqsSh25CuN7qsWLnySKkBD2MbiarQch4h1yqiGsYNwk6CBdoc
dOpHfEpbRtzU3CF0IF74+86ynB3A3r3YPZgpXcJMtEHgAO2mfLsQ8OMJUUKlTI8Q
ZkxxfUoHEtDIk8ydP5Wiy6oFJDxwecIeml87TyHVR8pb2iFbSn3B5L0pq17Rilkn
7r9KLXN03bABm9rPiXArXkALp+9mnfjmDxMZIDo1nn9HJ/0yrsfYmaB2MwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPBWJUd1Ru+hCW+Ucp/I2Df5BKM/MB8GA1UdIwQY
MBaAFL43xw8cZ+yhd1pwnJI11qL1VRa4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmpmSER4eG43S0YzV25DY2tqWFdvdlZWRnJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS85NzM0MzEtNWFlNC00NTIxLTk0NTQt
YzhlYjA4Y2U5MDg5LzEvOEZZbFIzVkc3NkVKYjVSeW44allOX2tFb3o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS85NzM0MzEtNWFlNC00NTIxLTk0NTQtYzhlYjA4Y2U5MDg5
LzEvdmpmSER4eG43S0YzV25DY2tqWFdvdlZWRnJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5X3UD
BAO5X3AwDQYJKoZIhvcNAQELBQADggEBABrhdOncC3dS0duILpn+T4sYzC4nYfGX
blISLfPUpcJK0x/OKduWcEUUvEr5iCg+tYCnjcArYDCWWHsWvfqocySmyVcz7Q36
6lxhvkhM5kP0prKVu3//KI7raqnVNaCiHH/WGLED5Ana+9zVXnyZcRKBmmWEQfxp
K3+KcF6KA/moRy5yz9yKsUjui7QBbBHs4n5xYdj3MqtXSq5Zj5KvQw18N+l/7tNR
Sgw5Xv4K7FFGGISoIFFsPK0fcAeVQdH9wqXlOBvMrFKAkFEwiEVFiZadruWdH4BN
BlE9A9i90LA7x/gkZCfeDCAgt42FrsaDzbaHsW/u8YIVzAMsVHVPwrY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:12 2024 by rpki-client on console-fra.rpki-client.org