Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/8h1_BxUXh5gx3QAYrlL-x0vYdnc.roa
File: 8h1_BxUXh5gx3QAYrlL-x0vYdnc.roa (raw, json)
Hash identifier: AXHkjIg6zhl2tjnU8qhn94rPXWtu4aJbJkBUKzYenNY=
Subject key identifier: F2:1D:7F:07:15:17:87:98:31:DD:00:18:AE:52:FE:C7:4B:D8:76:77
Certificate issuer: /CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Certificate serial: 0185711E45CFC2839CA125CCC7155BF3C9E3
Authority key identifier: 30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/8h1_BxUXh5gx3QAYrlL-x0vYdnc.roa
Signing time: Mon 02 Jan 2023 06:14:47 +0000
ROA not before: Mon 02 Jan 2023 06:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203596
IP address blocks: 185.122.100.0/22 maxlen: 24
91.213.223.0/24 maxlen: 24
185.222.88.0/22 maxlen: 24
2a06:a400::/29 maxlen: 29
2a06:a402::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 17 Jul 2023 13:28:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:45:cf:c2:83:9c:a1:25:cc:c7:15:5b:f3:c9:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Validity
Not Before: Jan 2 06:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f21d7f071517879831dd0018ae52fec74bd87677
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:08:00:99:4c:e4:7c:db:c3:0c:11:f1:a8:b6:
fd:2e:56:53:11:28:9f:e2:92:bc:19:ca:c3:98:c1:
f6:c9:14:b3:4c:eb:b2:2a:ea:8b:10:2f:b4:31:3d:
c0:46:36:23:d2:1f:0a:f0:fd:96:1a:5c:dd:4f:ef:
a6:63:da:3b:6b:1b:9c:59:d4:2e:ac:6c:9a:41:1f:
52:e9:6d:c1:42:36:81:31:64:21:99:ef:48:ce:89:
d1:ff:0c:18:81:c4:c0:ae:aa:9a:2d:78:04:61:cc:
62:04:71:7d:da:dc:b2:e0:b1:3b:71:9b:76:fe:0f:
e0:b5:a9:7c:33:13:0c:9e:78:e0:9e:e8:db:82:62:
7a:cd:b7:f2:ec:c5:8c:0d:e3:04:cb:f2:58:68:93:
f8:df:03:44:c5:92:fe:48:ba:ef:c2:34:b9:45:ae:
86:e7:e3:e6:15:d6:fa:1c:b2:72:69:fb:3a:ab:d9:
3f:e6:23:ed:51:09:3a:24:33:ac:a1:b6:e8:63:dd:
c4:14:29:a3:36:a4:75:17:86:f5:a5:a4:6e:ec:81:
d8:59:9f:1b:d1:79:4d:34:50:2f:a1:db:52:92:12:
e3:a4:24:65:96:e3:31:4a:ce:f7:d1:d8:82:57:93:
07:43:96:fe:f9:63:85:25:7a:df:48:10:6a:51:de:
c4:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:1D:7F:07:15:17:87:98:31:DD:00:18:AE:52:FE:C7:4B:D8:76:77
X509v3 Authority Key Identifier:
keyid:30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/8h1_BxUXh5gx3QAYrlL-x0vYdnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.223.0/24
185.122.100.0/22
185.222.88.0/22
IPv6:
2a06:a400::/29
Signature Algorithm: sha256WithRSAEncryption
76:fc:e2:6f:20:6b:4d:85:8b:d1:90:e2:34:c1:87:17:e9:07:
16:2d:d4:a0:9a:8c:b4:f5:2f:e3:d6:66:fe:35:22:01:5f:84:
d6:30:3c:53:fb:66:4b:3d:b3:9b:f3:95:a6:69:75:ce:6d:84:
fa:eb:1f:ca:87:fe:7b:80:e4:8f:c0:7a:23:e7:ba:87:71:03:
c3:e1:71:51:36:d0:2b:91:1e:e8:ae:7f:a4:83:27:87:e4:a0:
2c:6e:28:18:b6:04:d3:b8:2c:d4:df:c6:b6:31:ff:f0:67:fb:
ca:a3:d0:64:64:d9:7b:2a:34:07:8c:8f:ca:b0:91:39:42:67:
30:64:fb:1a:be:d6:86:83:d6:e4:d6:f7:c9:c8:8e:8a:2d:fe:
dd:f1:43:42:e9:fd:e7:64:5c:24:3b:22:33:b7:b9:e1:2b:79:
91:db:9e:4f:07:ea:16:e2:be:eb:5b:eb:88:e9:60:1d:1c:66:
2d:68:7c:43:0c:be:8d:02:b4:97:63:2b:59:ab:ea:3d:02:f0:
bb:1e:a2:01:cb:4d:f1:7c:10:53:c6:8b:57:81:61:f7:2e:55:
67:34:62:54:87:41:a7:fc:1c:a2:8a:87:96:14:02:92:09:02:
a4:77:fe:5c:9f:3a:c4:c0:de:30:90:ef:1e:c4:07:14:99:4a:
31:76:0f:f9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVxHkXPwoOcoSXMxxVb88njMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZjFiYTYxMTFjOGYxZDNmMzdjMWI3YzFhNWVkNzM3NDAy
MTkyZjIwHhcNMjMwMTAyMDYxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjFkN2YwNzE1MTc4Nzk4MzFkZDAwMThhZTUyZmVjNzRiZDg3Njc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wgAmUzkfNvDDBHxqLb9LlZTESif
4pK8GcrDmMH2yRSzTOuyKuqLEC+0MT3ARjYj0h8K8P2WGlzdT++mY9o7axucWdQu
rGyaQR9S6W3BQjaBMWQhme9IzonR/wwYgcTArqqaLXgEYcxiBHF92tyy4LE7cZt2
/g/gtal8MxMMnnjgnujbgmJ6zbfy7MWMDeMEy/JYaJP43wNExZL+SLrvwjS5Ra6G
5+PmFdb6HLJyafs6q9k/5iPtUQk6JDOsobboY93EFCmjNqR1F4b1paRu7IHYWZ8b
0XlNNFAvodtSkhLjpCRlluMxSs730diCV5MHQ5b++WOFJXrfSBBqUd7EaQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPIdfwcVF4eYMd0AGK5S/sdL2HZ3MB8GA1UdIwQY
MBaAFDDxumERyPHT83wbfBpe1zdAIZLyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQt
YzMzMDE4NjMzZDMzLzEvOGgxX0J4VVhoNWd4M1FBWXJsTC14MHZZZG5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQtYzMzMDE4NjMzZDMz
LzEvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW9XfAwQC
uXpkAwQCud5YMA0EAgACMAcDBQMqBqQAMA0GCSqGSIb3DQEBCwUAA4IBAQB2/OJv
IGtNhYvRkOI0wYcX6QcWLdSgmoy09S/j1mb+NSIBX4TWMDxT+2ZLPbOb85WmaXXO
bYT66x/Kh/57gOSPwHoj57qHcQPD4XFRNtArkR7orn+kgyeH5KAsbigYtgTTuCzU
38a2Mf/wZ/vKo9BkZNl7KjQHjI/KsJE5QmcwZPsavtaGg9bk1vfJyI6KLf7d8UNC
6f3nZFwkOyIzt7nhK3mR255PB+oW4r7rW+uI6WAdHGYtaHxDDL6NArSXYytZq+o9
AvC7HqIBy03xfBBTxotXgWH3LlVnNGJUh0Gn/ByiioeWFAKSCQKkd/5cnzrEwN4w
kO8exAcUmUoxdg/5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:31 2024 by rpki-client on console-ams.rpki-client.org