Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/8chmtRlUl8JbGk-CR3HZy7HIheg.roa
File: 8chmtRlUl8JbGk-CR3HZy7HIheg.roa (raw, json)
Hash identifier: sRliE2QWyxdL9JqjRLz3/o6XUEzb4fxw8PaqIVf7oI4=
Subject key identifier: F1:C8:66:B5:19:54:97:C2:5B:1A:4F:82:47:71:D9:CB:B1:C8:85:E8
Certificate issuer: /CN=b38bb62a47b1a2aedb70f32f58c979ba0c777f06
Certificate serial: 0185715562244ABB7D8F9747D2FA6A95B8E8
Authority key identifier: B3:8B:B6:2A:47:B1:A2:AE:DB:70:F3:2F:58:C9:79:BA:0C:77:7F:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/8chmtRlUl8JbGk-CR3HZy7HIheg.roa
Signing time: Mon 02 Jan 2023 07:14:59 +0000
ROA not before: Mon 02 Jan 2023 07:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 87.198.212.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:62:24:4a:bb:7d:8f:97:47:d2:fa:6a:95:b8:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b38bb62a47b1a2aedb70f32f58c979ba0c777f06
Validity
Not Before: Jan 2 07:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1c866b5195497c25b1a4f824771d9cbb1c885e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:74:39:a0:85:69:fd:14:69:b7:41:56:8e:21:
9c:64:d2:78:3f:cd:c7:7a:e3:4c:2a:ed:86:a1:5b:
dc:8e:2f:a0:c2:0c:62:58:b3:b2:ec:58:1e:5a:8e:
21:f4:0e:a2:ac:4e:4e:c6:fc:e5:ad:a5:3c:4b:0a:
97:fd:15:bf:90:3c:4b:cf:4f:71:a5:e6:ed:0d:78:
38:43:82:0c:a6:a8:36:ad:03:79:cc:31:8f:8c:e0:
85:f0:87:2c:e0:05:96:0a:6a:2f:ae:a0:34:8f:3f:
3d:0d:4a:8f:6b:5d:ea:41:34:f4:ec:d9:66:d4:54:
66:19:47:ff:62:6d:6a:62:2c:e6:ef:7b:82:6a:cd:
a6:43:5d:28:4d:ae:47:31:0e:9a:5c:0a:ae:2e:63:
eb:50:00:fe:a9:b0:18:d1:db:68:87:b0:63:92:53:
e6:10:19:f7:27:a9:8d:31:55:18:c9:ef:49:d2:59:
cd:5a:5f:ec:25:c7:48:67:2d:dd:56:6b:e4:2a:6e:
b8:0e:07:27:5c:35:70:75:7c:0b:cd:15:e8:d9:33:
32:09:4b:ef:8c:9a:19:ee:0c:8a:91:77:d6:86:dc:
ae:41:c8:82:57:ef:4d:3d:1c:f9:05:40:a2:e9:58:
7e:11:1c:34:3d:a8:e7:af:b4:07:5c:2b:40:b6:75:
7d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:C8:66:B5:19:54:97:C2:5B:1A:4F:82:47:71:D9:CB:B1:C8:85:E8
X509v3 Authority Key Identifier:
keyid:B3:8B:B6:2A:47:B1:A2:AE:DB:70:F3:2F:58:C9:79:BA:0C:77:7F:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/8chmtRlUl8JbGk-CR3HZy7HIheg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/s4u2Kkexoq7bcPMvWMl5ugx3fwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.198.212.0/24
Signature Algorithm: sha256WithRSAEncryption
08:de:6e:b0:00:2a:98:ec:88:4a:03:27:38:dd:70:7a:32:0d:
35:34:1f:11:24:52:eb:2c:c7:27:cd:37:d3:ce:10:c6:8a:4a:
a1:23:d3:da:3d:c3:7e:78:95:66:25:93:f1:1c:2f:f6:e4:68:
6e:0d:3f:ac:0d:7e:e7:6f:61:9d:8a:a1:ee:30:bf:ef:b2:b8:
ab:6f:79:7d:81:39:c5:24:c0:8b:2d:ca:34:16:f7:e3:52:63:
2f:ad:89:1e:ef:36:13:80:5a:0b:1f:c6:4b:ed:f0:ab:4e:c2:
36:9f:a4:7c:31:1c:7a:f3:f9:f8:b3:83:75:35:8f:8b:10:c3:
6f:1f:fd:3e:6b:2e:f1:d8:6b:a0:42:00:87:bf:43:50:0b:98:
d8:6f:f5:73:4f:7e:a2:76:fa:f0:ba:ad:f7:b0:f1:f6:c3:6f:
72:3d:c7:9c:23:65:cc:9c:ab:fe:72:50:ef:c4:34:63:53:19:
b8:2f:5c:2e:a7:09:37:0e:d4:ec:a4:c8:64:e7:14:b0:de:99:
b6:51:ee:12:17:a1:2f:45:fe:e3:82:27:75:06:72:da:37:e4:
e5:94:58:61:9a:f7:fe:9b:a1:9b:1b:78:1c:ee:2c:cc:97:26:
cd:bf:c9:4c:b3:c5:28:d3:ce:c2:82:c6:08:99:8c:00:2f:3e:
32:d2:b6:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxVWIkSrt9j5dH0vpqlbjoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOGJiNjJhNDdiMWEyYWVkYjcwZjMyZjU4Yzk3OWJhMGM3
NzdmMDYwHhcNMjMwMTAyMDcxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWM4NjZiNTE5NTQ5N2MyNWIxYTRmODI0NzcxZDljYmIxYzg4NWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3Q5oIVp/RRpt0FWjiGcZNJ4P83H
euNMKu2GoVvcji+gwgxiWLOy7FgeWo4h9A6irE5OxvzlraU8SwqX/RW/kDxLz09x
pebtDXg4Q4IMpqg2rQN5zDGPjOCF8Ics4AWWCmovrqA0jz89DUqPa13qQTT07Nlm
1FRmGUf/Ym1qYizm73uCas2mQ10oTa5HMQ6aXAquLmPrUAD+qbAY0dtoh7BjklPm
EBn3J6mNMVUYye9J0lnNWl/sJcdIZy3dVmvkKm64DgcnXDVwdXwLzRXo2TMyCUvv
jJoZ7gyKkXfWhtyuQciCV+9NPRz5BUCi6Vh+ERw0Pajnr7QHXCtAtnV9QwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPHIZrUZVJfCWxpPgkdx2cuxyIXoMB8GA1UdIwQY
MBaAFLOLtipHsaKu23DzL1jJeboMd38GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczR1MktrZXhvcTdiY1BNdldNbDV1Z3gzZndZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjY4MmMtMWM1Ny00Y2U1LWJiOTgt
MDYwNWMwODlmYzM4LzEvOGNobXRSbFVsOEpiR2stQ1IzSFp5N0hJaGVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjY4MmMtMWM1Ny00Y2U1LWJiOTgtMDYwNWMwODlmYzM4
LzEvczR1MktrZXhvcTdiY1BNdldNbDV1Z3gzZndZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV8bUMA0G
CSqGSIb3DQEBCwUAA4IBAQAI3m6wACqY7IhKAyc43XB6Mg01NB8RJFLrLMcnzTfT
zhDGikqhI9PaPcN+eJVmJZPxHC/25GhuDT+sDX7nb2GdiqHuML/vsrirb3l9gTnF
JMCLLco0FvfjUmMvrYke7zYTgFoLH8ZL7fCrTsI2n6R8MRx68/n4s4N1NY+LEMNv
H/0+ay7x2GugQgCHv0NQC5jYb/VzT36idvrwuq33sPH2w29yPcecI2XMnKv+clDv
xDRjUxm4L1wupwk3DtTspMhk5xSw3pm2Ue4SF6EvRf7jgid1BnLaN+TllFhhmvf+
m6GbG3gc7izMlybNv8lMs8Uo087CgsYImYwALz4y0rbb
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:56 2024 by rpki-client on console-ams.rpki-client.org