Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/8tBZ48y1Pa2IWuwo7mkQWk9jGEk.roa
File: 8tBZ48y1Pa2IWuwo7mkQWk9jGEk.roa (raw, json)
Hash identifier: 2D2N4yQosIAzH0JYSzSWMm9SIXUi4RUImHJDqo4+cv4=
Subject key identifier: F2:D0:59:E3:CC:B5:3D:AD:88:5A:EC:28:EE:69:10:5A:4F:63:18:49
Certificate issuer: /CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Certificate serial: 0187CD69956EC832B71AD6C66C62F11DB824
Authority key identifier: 3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/8tBZ48y1Pa2IWuwo7mkQWk9jGEk.roa
Signing time: Sat 29 Apr 2023 14:27:41 +0000
ROA not before: Sat 29 Apr 2023 14:27:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208299
IP address blocks: 185.161.218.0/24 maxlen: 24
185.161.219.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:cd:69:95:6e:c8:32:b7:1a:d6:c6:6c:62:f1:1d:b8:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Validity
Not Before: Apr 29 14:27:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2d059e3ccb53dad885aec28ee69105a4f631849
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7e:57:ee:49:52:86:f3:a6:d1:1b:a4:6b:38:
a7:1c:aa:42:a4:fb:07:a8:f0:d8:08:bc:eb:e4:36:
0a:41:5c:4b:64:72:4a:e5:f1:d6:2c:88:46:a8:5f:
b4:4d:7f:76:16:99:cb:09:0e:09:94:64:98:4d:a0:
93:d4:63:04:25:d6:71:48:bb:c2:3f:23:08:d9:3b:
35:f8:2b:3a:40:72:f4:ee:67:63:71:4c:c8:48:ef:
cc:77:25:46:ec:e8:cc:6b:7c:fd:66:9d:2f:8a:fb:
b8:4b:ec:af:75:1b:26:23:c1:1b:32:b5:af:90:d3:
e1:e4:f0:31:d4:5b:1b:4d:e9:de:6d:6f:8d:85:66:
f5:a1:31:e2:68:0c:5c:c1:aa:25:5e:91:b6:6d:bb:
b9:3b:f0:3d:47:d8:14:18:d4:0d:3b:b7:7a:89:14:
da:a0:e3:59:58:98:84:f5:85:c4:d1:87:a7:98:1f:
57:e0:c7:d5:47:39:5c:92:ea:c5:7a:a0:72:7b:2a:
01:b9:7d:b3:e9:c9:ad:a1:02:50:bc:9b:8b:ee:ee:
fa:c8:ab:27:ff:7b:34:d9:0b:86:fd:35:15:73:4e:
40:6d:7c:22:23:74:2b:5f:98:f0:84:48:f6:f3:73:
fa:88:d5:eb:05:97:d8:b3:84:a8:e5:62:63:92:44:
fb:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:D0:59:E3:CC:B5:3D:AD:88:5A:EC:28:EE:69:10:5A:4F:63:18:49
X509v3 Authority Key Identifier:
keyid:3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/8tBZ48y1Pa2IWuwo7mkQWk9jGEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.218.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:1c:2c:07:c6:d3:57:10:83:b4:f6:56:3b:ca:5b:ea:6a:ab:
6b:f0:70:95:d8:7e:09:c7:df:8e:39:51:7e:1c:34:65:a0:8e:
2c:af:ab:2d:7e:0e:0e:85:ce:16:56:b7:ae:cc:0e:1b:73:4d:
c8:18:66:58:ac:89:b4:99:32:a3:04:bd:4e:bc:34:e2:b6:48:
e3:8b:fd:42:48:9f:bd:f5:c1:be:80:23:31:5d:c8:09:d3:92:
23:39:2c:97:46:72:b8:99:03:5d:85:e1:6e:a5:8a:c0:40:c9:
1c:9a:8c:00:7c:e3:e3:70:c0:1a:ca:8e:28:f8:d3:03:8d:8d:
6c:1e:50:4f:0c:14:b6:f5:df:2b:57:42:47:b8:9c:cc:53:b6:
1d:e0:ef:b2:37:ef:34:9a:5e:42:1e:fc:fb:60:c0:80:46:0b:
5a:b4:a1:6a:17:24:f3:f0:80:e8:f9:44:f9:7a:bd:0c:0a:47:
5b:71:e9:c5:f7:b4:0e:3d:c4:55:9c:26:b0:07:97:f3:62:b4:
e7:f0:a7:f8:36:c6:2f:f4:8b:08:97:6b:91:5c:97:67:dd:56:
83:50:1d:8d:ba:c5:9c:a6:91:0b:ae:55:87:7b:34:42:c5:0a:
7e:4d:36:ec:48:b1:9a:81:7b:dd:57:15:b5:5d:7a:3e:57:96:
dc:48:d4:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfNaZVuyDK3GtbGbGLxHbgkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZmE2NjM2ZmU2NDQwYWNmMjkzYjc1NzA1YTdhMWRjYWRh
ODQyMGIwHhcNMjMwNDI5MTQyNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmQwNTllM2NjYjUzZGFkODg1YWVjMjhlZTY5MTA1YTRmNjMxODQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnX5X7klShvOm0RukazinHKpCpPsH
qPDYCLzr5DYKQVxLZHJK5fHWLIhGqF+0TX92FpnLCQ4JlGSYTaCT1GMEJdZxSLvC
PyMI2Ts1+Cs6QHL07mdjcUzISO/MdyVG7OjMa3z9Zp0vivu4S+yvdRsmI8EbMrWv
kNPh5PAx1FsbTenebW+NhWb1oTHiaAxcwaolXpG2bbu5O/A9R9gUGNQNO7d6iRTa
oONZWJiE9YXE0YenmB9X4MfVRzlckurFeqByeyoBuX2z6cmtoQJQvJuL7u76yKsn
/3s02QuG/TUVc05AbXwiI3QrX5jwhEj283P6iNXrBZfYs4So5WJjkkT7mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPLQWePMtT2tiFrsKO5pEFpPYxhJMB8GA1UdIwQY
MBaAFDv6Zjb+ZECs8pO3VwWnodytqEILMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEt
OTJlYzUxNWM1OTVhLzEvOHRCWjQ4eTFQYTJJV3V3bzdta1FXazlqR0VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEtOTJlYzUxNWM1OTVh
LzEvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuaHaMA0G
CSqGSIb3DQEBCwUAA4IBAQBvHCwHxtNXEIO09lY7ylvqaqtr8HCV2H4Jx9+OOVF+
HDRloI4sr6stfg4Ohc4WVreuzA4bc03IGGZYrIm0mTKjBL1OvDTitkjji/1CSJ+9
9cG+gCMxXcgJ05IjOSyXRnK4mQNdheFupYrAQMkcmowAfOPjcMAayo4o+NMDjY1s
HlBPDBS29d8rV0JHuJzMU7Yd4O+yN+80ml5CHvz7YMCARgtatKFqFyTz8IDo+UT5
er0MCkdbcenF97QOPcRVnCawB5fzYrTn8Kf4NsYv9IsIl2uRXJdn3VaDUB2NusWc
ppELrlWHezRCxQp+TTbsSLGagXvdVxW1XXo+V5bcSNTR
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:08 2024 by rpki-client on console-ams.rpki-client.org