Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/8j3QLcykTVdW5qDQg5We00VAfa4.roa
File: 8j3QLcykTVdW5qDQg5We00VAfa4.roa (raw, json)
Hash identifier: J+KTs/Ry0hcSpLEvsf7mGUsc1ab0W1EqxcPkfYunJRg=
Subject key identifier: F2:3D:D0:2D:CC:A4:4D:57:56:E6:A0:D0:83:95:9E:D3:45:40:7D:AE
Certificate issuer: /CN=037862b4608c79f450295ec5c80c7c7ad6dfe2a2
Certificate serial: 01856FF02E1FA81D5EC38CC5B28E39979F3D
Authority key identifier: 03:78:62:B4:60:8C:79:F4:50:29:5E:C5:C8:0C:7C:7A:D6:DF:E2:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A3hitGCMefRQKV7FyAx8etbf4qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/8j3QLcykTVdW5qDQg5We00VAfa4.roa
Signing time: Mon 02 Jan 2023 00:44:49 +0000
ROA not before: Mon 02 Jan 2023 00:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6739
IP address blocks: 185.86.8.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:2e:1f:a8:1d:5e:c3:8c:c5:b2:8e:39:97:9f:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=037862b4608c79f450295ec5c80c7c7ad6dfe2a2
Validity
Not Before: Jan 2 00:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f23dd02dcca44d5756e6a0d083959ed345407dae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:56:20:9c:3c:6f:2c:39:9e:d8:20:b7:3e:57:
05:9b:f0:28:7a:29:84:be:e2:65:44:4c:13:5a:f2:
38:51:20:cf:48:86:05:74:ab:d5:df:1e:a6:f5:4c:
8f:ef:e8:94:c6:c6:52:03:2c:8b:c5:57:d5:03:2d:
83:b1:8f:53:8f:56:00:ba:3e:87:a8:ee:c5:f3:30:
e3:50:87:47:aa:77:af:24:ae:89:98:74:a5:80:9c:
6e:c6:8b:17:90:68:92:22:87:0c:70:6e:bf:5a:91:
3d:e6:c9:31:99:0b:12:68:5c:60:1d:d5:66:74:ae:
a1:4c:6a:75:69:13:32:61:84:72:48:2e:51:b7:2a:
02:05:24:ed:56:23:6f:31:07:e7:1f:2c:0c:57:84:
9c:fe:88:43:50:69:b7:84:ff:4e:3b:38:e2:f8:9f:
90:f7:49:0b:f0:b7:8c:d7:b6:3f:fb:00:58:0e:17:
8f:f0:02:85:c3:92:c0:41:a7:27:1e:da:37:2b:a1:
78:51:8a:16:53:18:60:7a:ff:cd:ba:dd:62:c7:45:
b3:75:66:70:f7:43:90:de:c0:88:1a:5e:49:f2:24:
9c:39:d6:b8:97:27:2b:4f:f2:32:6b:67:70:12:43:
5a:10:37:89:45:75:ec:36:91:6a:f8:11:a3:14:87:
59:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:3D:D0:2D:CC:A4:4D:57:56:E6:A0:D0:83:95:9E:D3:45:40:7D:AE
X509v3 Authority Key Identifier:
keyid:03:78:62:B4:60:8C:79:F4:50:29:5E:C5:C8:0C:7C:7A:D6:DF:E2:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A3hitGCMefRQKV7FyAx8etbf4qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/8j3QLcykTVdW5qDQg5We00VAfa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/A3hitGCMefRQKV7FyAx8etbf4qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.8.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:18:9d:07:e8:37:cd:f3:7e:ca:36:3b:92:63:32:2a:e5:3f:
23:7d:54:9c:91:5d:21:ae:57:25:f2:1d:b4:ff:7c:5d:24:c5:
35:5f:d5:93:c5:84:f2:c7:f0:c3:e7:a9:f2:5b:75:f1:3b:70:
aa:1c:95:4a:5e:b3:c2:fa:c9:b1:4e:15:74:db:c6:21:9c:9f:
8c:10:aa:32:d9:36:21:52:cc:e4:44:28:7f:62:53:b1:61:ed:
e6:35:31:5c:ad:42:20:27:5b:4a:82:43:21:79:e7:df:8a:ff:
89:80:02:27:b6:ea:1f:7a:35:ab:be:23:4d:4a:43:70:8c:d5:
6b:cb:ee:7c:ef:d6:d8:db:d3:d3:7e:08:ef:71:8a:2f:28:09:
c4:ac:70:74:34:83:94:8f:ee:b3:70:86:8c:8e:39:aa:d1:90:
9e:81:a5:b7:50:21:15:8b:26:a6:2d:7b:44:93:b3:c4:99:84:
9f:60:fe:22:79:a6:48:24:0e:ce:96:64:37:8d:3d:ce:ff:30:
6e:0f:52:6e:34:1e:84:c2:54:b7:ec:f6:2b:21:c0:9f:e2:6e:
91:39:76:53:b6:42:8f:90:59:45:fc:75:03:8f:c9:89:ca:b8:
dd:32:65:f1:ec:11:91:ac:a4:50:cf:8c:86:b2:f7:d2:d9:d2:
24:1f:e2:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv8C4fqB1ew4zFso45l589MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNzg2MmI0NjA4Yzc5ZjQ1MDI5NWVjNWM4MGM3YzdhZDZk
ZmUyYTIwHhcNMjMwMTAyMDA0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjNkZDAyZGNjYTQ0ZDU3NTZlNmEwZDA4Mzk1OWVkMzQ1NDA3ZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1YgnDxvLDme2CC3PlcFm/AoeimE
vuJlREwTWvI4USDPSIYFdKvV3x6m9UyP7+iUxsZSAyyLxVfVAy2DsY9Tj1YAuj6H
qO7F8zDjUIdHqnevJK6JmHSlgJxuxosXkGiSIocMcG6/WpE95skxmQsSaFxgHdVm
dK6hTGp1aRMyYYRySC5RtyoCBSTtViNvMQfnHywMV4Sc/ohDUGm3hP9OOzji+J+Q
90kL8LeM17Y/+wBYDheP8AKFw5LAQacnHto3K6F4UYoWUxhgev/Nut1ix0WzdWZw
90OQ3sCIGl5J8iScOda4lycrT/Iya2dwEkNaEDeJRXXsNpFq+BGjFIdZ8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPI90C3MpE1XVuag0IOVntNFQH2uMB8GA1UdIwQY
MBaAFAN4YrRgjHn0UClexcgMfHrW3+KiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTNoaXRHQ01lZlJRS1Y3RnlBeDhldGJmNHFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xYWZlNTMtZjFiOC00MzE1LWFiMWMt
ZjQ3NGY3YmQzNTMxLzEvOGozUUxjeWtUVmRXNXFEUWc1V2UwMFZBZmE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8xYWZlNTMtZjFiOC00MzE1LWFiMWMtZjQ3NGY3YmQzNTMx
LzEvQTNoaXRHQ01lZlJRS1Y3RnlBeDhldGJmNHFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVYIMA0G
CSqGSIb3DQEBCwUAA4IBAQAaGJ0H6DfN837KNjuSYzIq5T8jfVSckV0hrlcl8h20
/3xdJMU1X9WTxYTyx/DD56nyW3XxO3CqHJVKXrPC+smxThV028YhnJ+MEKoy2TYh
UszkRCh/YlOxYe3mNTFcrUIgJ1tKgkMheeffiv+JgAIntuofejWrviNNSkNwjNVr
y+5879bY29PTfgjvcYovKAnErHB0NIOUj+6zcIaMjjmq0ZCegaW3UCEViyamLXtE
k7PEmYSfYP4ieaZIJA7OlmQ3jT3O/zBuD1JuNB6EwlS37PYrIcCf4m6ROXZTtkKP
kFlF/HUDj8mJyrjdMmXx7BGRrKRQz4yGsvfS2dIkH+K7
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:21 2024 by rpki-client on console-fra.rpki-client.org