Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/86f350-94df-4830-8e9b-fb0443b8d9be/1/8kK26mkPctNoh31q4-cfCBI2x8c.roa
File: 8kK26mkPctNoh31q4-cfCBI2x8c.roa (raw, json)
Hash identifier: 6dn0isccl9WZBMZdm3abtztGgY5mm+aA4uyD8/bv+bY=
Subject key identifier: F2:42:B6:EA:69:0F:72:D3:68:87:7D:6A:E3:E7:1F:08:12:36:C7:C7
Certificate issuer: /CN=ba7966ecfd8bc2d31833f70afba4f7f8a15b24a3
Certificate serial: 01856F1DAACBA1940A9BC31B9B89E3F5EAB8
Authority key identifier: BA:79:66:EC:FD:8B:C2:D3:18:33:F7:0A:FB:A4:F7:F8:A1:5B:24:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/unlm7P2LwtMYM_cK-6T3-KFbJKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/86f350-94df-4830-8e9b-fb0443b8d9be/1/8kK26mkPctNoh31q4-cfCBI2x8c.roa
Signing time: Sun 01 Jan 2023 20:54:53 +0000
ROA not before: Sun 01 Jan 2023 20:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 185.215.224.0/24 maxlen: 24
185.215.227.0/24 maxlen: 24
2a0b:ae40:3::/48 maxlen: 48
2a0b:ae40:1::/48 maxlen: 48
2a0b:ae40:4::/48 maxlen: 48
2a0b:ae47:4::/48 maxlen: 48
2a0b:ae40:2::/48 maxlen: 48
2a0b:ae47:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:aa:cb:a1:94:0a:9b:c3:1b:9b:89:e3:f5:ea:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba7966ecfd8bc2d31833f70afba4f7f8a15b24a3
Validity
Not Before: Jan 1 20:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f242b6ea690f72d368877d6ae3e71f081236c7c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e0:eb:b5:7b:b8:5e:08:b7:15:90:78:29:d7:
46:e2:61:cd:fc:24:17:32:d1:29:c6:a7:cd:24:32:
79:2b:4f:62:df:60:58:b1:e2:32:7e:b3:40:33:6b:
a7:4c:d9:62:76:05:9a:73:89:55:dc:79:26:64:49:
c6:88:fd:8f:5b:fe:fc:95:e6:4f:e9:e5:1a:ee:4f:
cc:df:34:65:65:c5:5a:cf:54:7a:ce:35:84:29:fe:
85:9b:04:9f:9e:d8:32:29:bf:8a:c4:06:6f:96:e7:
19:85:c1:11:7d:c1:2a:a7:48:b2:95:61:fd:5e:1f:
ee:33:73:ca:3c:ce:ce:53:18:b2:a6:83:a9:a9:3c:
fe:f3:06:28:e1:56:bc:69:95:c4:23:b8:b7:1b:6c:
23:49:41:b1:55:18:00:ad:01:f2:01:3a:2f:29:53:
6b:75:f4:78:85:69:a5:b4:cd:35:9e:9f:33:1c:6d:
d4:6c:67:bd:1a:41:af:e4:f2:3b:7b:8f:9b:ec:b6:
4c:cf:c4:69:10:d1:ff:75:37:a8:cc:29:62:2c:ab:
b2:51:5e:13:35:49:30:c3:f2:af:f4:d4:c3:09:2f:
18:94:6e:6c:f4:a5:a4:4b:46:b6:bd:2a:5c:bf:15:
24:30:aa:e3:c0:23:fa:95:cc:e9:48:87:d2:54:f6:
5b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:42:B6:EA:69:0F:72:D3:68:87:7D:6A:E3:E7:1F:08:12:36:C7:C7
X509v3 Authority Key Identifier:
keyid:BA:79:66:EC:FD:8B:C2:D3:18:33:F7:0A:FB:A4:F7:F8:A1:5B:24:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/unlm7P2LwtMYM_cK-6T3-KFbJKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/86f350-94df-4830-8e9b-fb0443b8d9be/1/8kK26mkPctNoh31q4-cfCBI2x8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/86f350-94df-4830-8e9b-fb0443b8d9be/1/unlm7P2LwtMYM_cK-6T3-KFbJKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.224.0/24
185.215.227.0/24
IPv6:
2a0b:ae40:1::-2a0b:ae40:4:ffff:ffff:ffff:ffff:ffff
2a0b:ae47:3::-2a0b:ae47:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
bd:0e:4f:a3:74:30:a3:46:1c:89:9c:20:d3:eb:b3:98:5b:7a:
5c:16:ab:bf:07:59:b2:cd:bf:4d:8e:11:36:32:23:9d:83:c7:
cf:c0:76:31:63:54:d6:1d:fc:d1:a4:2f:0f:6a:59:e7:c0:cc:
45:47:60:f2:31:c0:a5:33:df:f4:9e:e1:6b:dd:9c:c6:cd:70:
18:8e:8d:de:d8:d0:cc:32:4a:ac:ce:86:31:65:49:df:55:9e:
f1:65:58:92:aa:5a:d5:9f:d1:aa:d6:f4:0d:db:97:09:14:51:
c9:2b:7a:d9:a1:b2:3d:b3:60:c4:9a:fd:4a:b3:d4:e6:17:80:
c8:31:8f:ff:ce:8e:f5:96:75:51:42:26:e3:77:3e:ff:83:74:
5f:62:46:1c:83:2d:86:2e:6d:57:53:90:4a:38:3c:7a:f7:bd:
78:1d:fa:cd:c6:f2:54:90:bd:42:ba:97:93:c5:fa:81:78:dc:
68:5a:e0:37:bd:fb:0e:0a:a0:34:6a:5f:00:ad:6c:29:4c:ef:
b9:a7:9f:93:5f:33:78:9c:1a:f9:19:07:e2:de:8f:05:02:40:
86:56:84:56:a9:82:89:0d:2b:76:fb:34:3f:05:fa:45:78:9b:
96:90:c7:8e:41:ef:a2:d0:e8:1f:35:d9:33:e0:b5:78:4d:30:
73:7d:4f:f7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYVvHarLoZQKm8Mbm4nj9eq4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNzk2NmVjZmQ4YmMyZDMxODMzZjcwYWZiYTRmN2Y4YTE1
YjI0YTMwHhcNMjMwMTAxMjA1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjQyYjZlYTY5MGY3MmQzNjg4NzdkNmFlM2U3MWYwODEyMzZjN2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeDrtXu4Xgi3FZB4KddG4mHN/CQX
MtEpxqfNJDJ5K09i32BYseIyfrNAM2unTNlidgWac4lV3HkmZEnGiP2PW/78leZP
6eUa7k/M3zRlZcVaz1R6zjWEKf6FmwSfntgyKb+KxAZvlucZhcERfcEqp0iylWH9
Xh/uM3PKPM7OUxiypoOpqTz+8wYo4Va8aZXEI7i3G2wjSUGxVRgArQHyATovKVNr
dfR4hWmltM01np8zHG3UbGe9GkGv5PI7e4+b7LZMz8RpENH/dTeozCliLKuyUV4T
NUkww/Kv9NTDCS8YlG5s9KWkS0a2vSpcvxUkMKrjwCP6lczpSIfSVPZbXQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFPJCtuppD3LTaId9auPnHwgSNsfHMB8GA1UdIwQY
MBaAFLp5Zuz9i8LTGDP3Cvuk9/ihWySjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW5sbTdQMkx3dE1ZTV9jSy02VDMtS0ZiSktNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84NmYzNTAtOTRkZi00ODMwLThlOWIt
ZmIwNDQzYjhkOWJlLzEvOGtLMjZta1BjdE5vaDMxcTQtY2ZDQkkyeDhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84NmYzNTAtOTRkZi00ODMwLThlOWItZmIwNDQzYjhkOWJl
LzEvdW5sbTdQMkx3dE1ZTV9jSy02VDMtS0ZiSktNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDASBAIAATAMAwQAudfgAwQA
udfjMC4EAgACMCgwEgMHACoLrkAAAQMHACoLrkAABDASAwcAKguuRwADAwcAKguu
RwAEMA0GCSqGSIb3DQEBCwUAA4IBAQC9Dk+jdDCjRhyJnCDT67OYW3pcFqu/B1my
zb9NjhE2MiOdg8fPwHYxY1TWHfzRpC8PalnnwMxFR2DyMcClM9/0nuFr3ZzGzXAY
jo3e2NDMMkqszoYxZUnfVZ7xZViSqlrVn9Gq1vQN25cJFFHJK3rZobI9s2DEmv1K
s9TmF4DIMY//zo71lnVRQibjdz7/g3RfYkYcgy2GLm1XU5BKODx69714HfrNxvJU
kL1CupeTxfqBeNxoWuA3vfsOCqA0al8ArWwpTO+5p5+TXzN4nBr5GQfi3o8FAkCG
VoRWqYKJDSt2+zQ/BfpFeJuWkMeOQe+i0OgfNdkz4LV4TTBzfU/3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:45 2024 by rpki-client on console-fra.rpki-client.org