Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/8-xXLPabn-m1cSYgKE7jtV3IQS0.roa
File: 8-xXLPabn-m1cSYgKE7jtV3IQS0.roa (raw, json)
Hash identifier: p6uAKxVuRPY+xbplGW03YFemXDMylyZHuYSnx3/WsLw=
Subject key identifier: F3:EC:57:2C:F6:9B:9F:E9:B5:71:26:20:28:4E:E3:B5:5D:C8:41:2D
Certificate issuer: /CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Certificate serial: 018CC64B1F1A90C519DDA199CD8FE81561E1
Authority key identifier: AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/8-xXLPabn-m1cSYgKE7jtV3IQS0.roa
Signing time: Mon 01 Jan 2024 18:31:01 +0000
ROA not before: Mon 01 Jan 2024 18:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15570
IP address blocks: 77.242.192.0/21 maxlen: 21
77.242.194.0/23 maxlen: 23
185.175.12.0/22 maxlen: 22
95.172.64.0/24 maxlen: 24
95.172.76.0/22 maxlen: 22
95.172.72.0/23 maxlen: 23
95.172.88.0/22 maxlen: 22
95.172.94.0/23 maxlen: 23
212.118.234.0/24 maxlen: 24
2a02:b50::/34 maxlen: 34
Validation: Failed, certificate revoked on Fri 12 Apr 2024 11:54:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:1f:1a:90:c5:19:dd:a1:99:cd:8f:e8:15:61:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Validity
Not Before: Jan 1 18:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3ec572cf69b9fe9b5712620284ee3b55dc8412d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:74:67:e2:45:47:49:a2:03:df:a4:e5:1b:31:
0b:bd:32:b2:f9:46:0d:5c:65:c8:e4:40:b2:14:52:
ee:6f:d9:e4:bc:26:6b:67:ab:04:a9:f3:0f:06:fb:
aa:9a:b2:2e:1d:0f:f8:3c:73:eb:c8:4b:f5:7e:e5:
d0:42:bb:25:70:3c:f2:e0:10:33:e5:02:1c:e9:4a:
42:b7:ed:15:20:d1:1b:77:8b:09:74:ef:a2:bd:e6:
13:0a:1e:6b:89:1e:79:cd:4b:52:d7:2c:b5:d0:22:
53:65:31:aa:9a:93:8f:f4:dd:67:e0:9b:94:60:72:
9e:36:d3:08:e2:ef:ca:f9:8c:3e:13:34:41:91:d6:
a8:70:75:9d:fc:85:04:c1:f7:54:5a:a6:92:bd:51:
36:f4:93:c0:c2:97:91:5e:79:6d:d5:9c:8b:04:c1:
60:92:f1:cc:4c:c8:5c:23:b5:4e:5e:8d:1c:74:ab:
1f:25:b5:34:75:97:ee:5c:bc:c4:fe:7f:7e:8b:69:
04:6f:ac:5a:83:86:54:56:00:69:06:6a:61:9b:d9:
7e:6d:57:cc:90:87:e4:34:63:92:d0:f3:86:86:c7:
34:11:53:0c:48:79:fb:35:4b:9f:e6:ee:56:b3:91:
d8:58:ce:64:1d:93:33:4a:e6:fb:58:7d:4a:ef:bc:
ce:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:EC:57:2C:F6:9B:9F:E9:B5:71:26:20:28:4E:E3:B5:5D:C8:41:2D
X509v3 Authority Key Identifier:
keyid:AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/8-xXLPabn-m1cSYgKE7jtV3IQS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.192.0/21
95.172.64.0/24
95.172.72.0/23
95.172.76.0/22
95.172.88.0/22
95.172.94.0/23
185.175.12.0/22
212.118.234.0/24
IPv6:
2a02:b50::/34
Signature Algorithm: sha256WithRSAEncryption
2a:b4:15:a0:66:77:a3:ab:5c:36:4e:83:f2:0e:8b:ac:f1:26:
a0:dc:44:77:5d:4c:05:f2:9c:ce:b4:e7:20:c7:01:9a:2a:11:
bd:f7:b5:b1:24:58:9b:0a:38:68:f8:51:a6:52:e4:04:74:dd:
26:84:07:cd:d5:3b:70:ae:33:5f:00:78:8a:c5:c9:9a:63:1c:
67:1f:d4:9d:6a:64:d5:ee:09:40:c2:d7:47:99:6b:db:1c:ea:
96:1c:8a:3d:8a:07:24:8e:fe:3a:11:d8:45:c5:54:71:9e:88:
f1:a3:38:c0:0c:2f:10:3c:25:84:be:2d:74:73:d6:a8:46:4d:
9e:90:df:b3:09:7f:35:3c:9c:18:04:7b:02:ed:fe:3e:a1:91:
d5:5b:48:80:70:15:aa:e2:78:b1:17:39:00:72:4d:81:7f:dd:
eb:9a:8b:96:9a:df:e3:59:e3:1d:a9:c6:48:ce:72:0d:7c:3d:
df:06:a1:22:79:3c:f4:42:5c:1e:8a:d8:92:6d:d2:b2:30:8d:
c3:0a:14:00:eb:47:db:ae:3a:21:10:55:47:30:96:bf:0f:62:
28:c9:9e:11:1d:85:1f:68:08:c3:8a:f2:ac:00:35:f7:a8:f0:
b9:92:7b:6f:b4:0e:08:45:3f:99:e9:28:81:4b:7d:ae:80:9e:
b2:d5:33:10
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYzGSx8akMUZ3aGZzY/oFWHhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZGFlZWE5MTE3YTFkNWNjYzMyMDIyMjk1NWEwOWZhYTA3
OThmZDkwHhcNMjQwMTAxMTgzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2VjNTcyY2Y2OWI5ZmU5YjU3MTI2MjAyODRlZTNiNTVkYzg0MTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHRn4kVHSaID36TlGzELvTKy+UYN
XGXI5ECyFFLub9nkvCZrZ6sEqfMPBvuqmrIuHQ/4PHPryEv1fuXQQrslcDzy4BAz
5QIc6UpCt+0VINEbd4sJdO+iveYTCh5riR55zUtS1yy10CJTZTGqmpOP9N1n4JuU
YHKeNtMI4u/K+Yw+EzRBkdaocHWd/IUEwfdUWqaSvVE29JPAwpeRXnlt1ZyLBMFg
kvHMTMhcI7VOXo0cdKsfJbU0dZfuXLzE/n9+i2kEb6xag4ZUVgBpBmphm9l+bVfM
kIfkNGOS0POGhsc0EVMMSHn7NUuf5u5Ws5HYWM5kHZMzSub7WH1K77zOiwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFPPsVyz2m5/ptXEmIChO47VdyEEtMB8GA1UdIwQY
MBaAFK7a7qkReh1czDICIpVaCfqgeY/ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEt
OTk4NjhjNTEzMjlhLzEvOC14WExQYWJuLW0xY1NZZ0tFN2p0VjNJUVMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEtOTk4NjhjNTEzMjlh
LzEvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDA2BAIAATAwAwQDTfLAAwQA
X6xAAwQBX6xIAwQCX6xMAwQCX6xYAwQBX6xeAwQCua8MAwQA1HbqMA4EAgACMAgD
BgYqAgtQADANBgkqhkiG9w0BAQsFAAOCAQEAKrQVoGZ3o6tcNk6D8g6LrPEmoNxE
d11MBfKczrTnIMcBmioRvfe1sSRYmwo4aPhRplLkBHTdJoQHzdU7cK4zXwB4isXJ
mmMcZx/UnWpk1e4JQMLXR5lr2xzqlhyKPYoHJI7+OhHYRcVUcZ6I8aM4wAwvEDwl
hL4tdHPWqEZNnpDfswl/NTycGAR7Au3+PqGR1VtIgHAVquJ4sRc5AHJNgX/d65qL
lprf41njHanGSM5yDXw93wahInk89EJcHorYkm3SsjCNwwoUAOtH2646IRBVRzCW
vw9iKMmeER2FH2gIw4ryrAA196jwuZJ7b7QOCEU/mekogUt9roCestUzEA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:02 2024 by rpki-client on console-ams.rpki-client.org