Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e7549e-5b25-4200-88b9-4e4a35dd3677/1/T8QPSxvohpAT5fMPIIp8DjdgzzQ.roa
File: T8QPSxvohpAT5fMPIIp8DjdgzzQ.roa (raw, json)
Hash identifier: 73Jkv6uwE7kr94mkTOfg6S/jtzWTI3IpR4XzlDz6iYk=
Subject key identifier: 4F:C4:0F:4B:1B:E8:86:90:13:E5:F3:0F:20:8A:7C:0E:37:60:CF:34
Certificate issuer: /CN=8c060040ef3a0823aa973f0d0592b1dda808f782
Certificate serial: 0187FB3B305D954162D571CBD0FE4DAA6B8E
Authority key identifier: 8C:06:00:40:EF:3A:08:23:AA:97:3F:0D:05:92:B1:DD:A8:08:F7:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jAYAQO86CCOqlz8NBZKx3agI94I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e7549e-5b25-4200-88b9-4e4a35dd3677/1/T8QPSxvohpAT5fMPIIp8DjdgzzQ.roa
Signing time: Mon 08 May 2023 11:59:32 +0000
ROA not before: Mon 08 May 2023 11:59:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20900
IP address blocks: 31.217.232.0/21 maxlen: 24
185.182.252.0/22 maxlen: 24
213.190.64.0/19 maxlen: 24
78.159.132.0/22 maxlen: 22
78.159.148.0/24 maxlen: 24
45.11.208.0/22 maxlen: 22
91.214.114.0/23 maxlen: 23
91.214.114.0/24 maxlen: 24
91.214.115.0/24 maxlen: 24
2001:1b08::/32 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fb:3b:30:5d:95:41:62:d5:71:cb:d0:fe:4d:aa:6b:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c060040ef3a0823aa973f0d0592b1dda808f782
Validity
Not Before: May 8 11:59:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fc40f4b1be8869013e5f30f208a7c0e3760cf34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:67:c6:45:a0:5d:58:9c:dd:28:3c:0f:46:65:
2f:1a:17:51:61:4f:51:ba:7f:c5:db:d4:aa:33:90:
95:bd:ff:4f:78:d6:4b:39:ee:e8:81:03:e0:fd:61:
51:1b:c9:8c:38:a5:c3:94:24:3f:4f:6f:d2:09:41:
23:09:68:5e:bd:e3:0c:dc:4a:6c:59:09:cc:2d:3e:
a0:fa:6a:2a:1f:6d:46:3e:1b:07:54:d8:a8:0a:2d:
20:71:d2:90:fd:72:0a:7c:00:a9:24:30:c3:f5:cd:
89:d0:a5:f2:20:18:c1:fb:e8:90:a6:9c:6e:dd:bf:
0c:12:89:0f:4a:af:06:da:80:a9:98:df:5e:39:06:
8b:c7:a7:49:d6:91:74:7e:e0:48:bf:47:fd:f0:c9:
30:42:7e:b1:c7:3e:92:9a:02:0a:26:aa:c1:b8:ff:
d0:73:a6:f1:a3:20:cf:bb:7d:41:44:ce:ef:99:5f:
b5:bb:b2:4f:e3:90:30:2f:7c:98:16:4e:9d:82:3c:
e9:53:a8:2a:7b:7d:b7:99:fd:7f:f5:43:ad:3a:cd:
e6:ea:46:97:28:1f:a2:5a:0e:d8:d5:30:33:46:4f:
81:b9:e2:b9:16:54:7d:11:bd:ff:9a:0f:38:5a:46:
65:ab:04:3a:5c:31:f6:89:47:99:fd:64:5d:9a:df:
83:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:C4:0F:4B:1B:E8:86:90:13:E5:F3:0F:20:8A:7C:0E:37:60:CF:34
X509v3 Authority Key Identifier:
keyid:8C:06:00:40:EF:3A:08:23:AA:97:3F:0D:05:92:B1:DD:A8:08:F7:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jAYAQO86CCOqlz8NBZKx3agI94I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e7549e-5b25-4200-88b9-4e4a35dd3677/1/T8QPSxvohpAT5fMPIIp8DjdgzzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e7549e-5b25-4200-88b9-4e4a35dd3677/1/jAYAQO86CCOqlz8NBZKx3agI94I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.232.0/21
45.11.208.0/22
78.159.132.0/22
78.159.148.0/24
91.214.114.0/23
185.182.252.0/22
213.190.64.0/19
IPv6:
2001:1b08::/32
Signature Algorithm: sha256WithRSAEncryption
da:65:48:8f:33:c0:8d:a4:19:f5:f8:db:5c:b9:da:53:a5:ef:
f5:2e:ac:7e:be:b7:91:0b:b1:b7:14:2d:e9:ef:51:9e:ab:67:
9e:8a:d2:38:df:eb:ec:bb:f6:23:d6:24:c2:88:0c:6a:5a:39:
96:3c:2b:a9:a5:f0:57:b8:7d:12:b6:16:f8:cf:aa:f8:c9:73:
b6:5e:7d:f2:6d:b0:8a:87:f7:27:9c:ed:41:f1:55:9c:a6:fc:
a9:88:e0:1c:bd:1f:6f:36:fd:79:52:48:36:fe:cc:0c:cf:ad:
20:f9:2e:9f:5f:68:75:52:65:50:39:cd:15:71:7d:69:92:1a:
f7:4c:5e:7a:80:d8:35:8f:5f:8a:26:db:31:36:e1:a8:e8:6c:
94:8e:bb:42:da:37:f4:78:f1:51:94:cc:7e:86:2b:31:94:6f:
24:f0:8e:d6:45:8b:8a:b4:8a:1f:34:4f:7c:ee:6f:7b:e5:96:
8d:cf:d8:4f:5a:47:fe:67:6b:5a:b1:58:11:6f:64:5d:6e:e5:
c2:c9:9d:1f:42:eb:b1:69:bd:2a:59:61:3f:57:9c:b9:51:e2:
cf:be:36:de:94:ac:34:ac:c0:aa:4a:9c:61:78:b6:4a:2e:b7:
99:29:59:12:c6:0a:be:6a:40:8e:d9:91:1b:bc:e6:62:79:75:
61:a2:b2:52
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYf7OzBdlUFi1XHL0P5NqmuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMDYwMDQwZWYzYTA4MjNhYTk3M2YwZDA1OTJiMWRkYTgw
OGY3ODIwHhcNMjMwNTA4MTE1OTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmM0MGY0YjFiZTg4NjkwMTNlNWYzMGYyMDhhN2MwZTM3NjBjZjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2fGRaBdWJzdKDwPRmUvGhdRYU9R
un/F29SqM5CVvf9PeNZLOe7ogQPg/WFRG8mMOKXDlCQ/T2/SCUEjCWheveMM3Eps
WQnMLT6g+moqH21GPhsHVNioCi0gcdKQ/XIKfACpJDDD9c2J0KXyIBjB++iQppxu
3b8MEokPSq8G2oCpmN9eOQaLx6dJ1pF0fuBIv0f98MkwQn6xxz6SmgIKJqrBuP/Q
c6bxoyDPu31BRM7vmV+1u7JP45AwL3yYFk6dgjzpU6gqe323mf1/9UOtOs3m6kaX
KB+iWg7Y1TAzRk+BueK5FlR9Eb3/mg84WkZlqwQ6XDH2iUeZ/WRdmt+DYwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFE/ED0sb6IaQE+XzDyCKfA43YM80MB8GA1UdIwQY
MBaAFIwGAEDvOggjqpc/DQWSsd2oCPeCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakFZQVFPODZDQ09xbHo4TkJaS3gzYWdJOTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lNzU0OWUtNWIyNS00MjAwLTg4Yjkt
NGU0YTM1ZGQzNjc3LzEvVDhRUFN4dm9ocEFUNWZNUElJcDhEamRnenpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lNzU0OWUtNWIyNS00MjAwLTg4YjktNGU0YTM1ZGQzNjc3
LzEvakFZQVFPODZDQ09xbHo4TkJaS3gzYWdJOTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDH9noAwQC
LQvQAwQCTp+EAwQATp+UAwQBW9ZyAwQCubb8AwQF1b5AMA0EAgACMAcDBQAgARsI
MA0GCSqGSIb3DQEBCwUAA4IBAQDaZUiPM8CNpBn1+NtcudpTpe/1Lqx+vreRC7G3
FC3p71Geq2eeitI43+vsu/Yj1iTCiAxqWjmWPCuppfBXuH0Sthb4z6r4yXO2Xn3y
bbCKh/cnnO1B8VWcpvypiOAcvR9vNv15Ukg2/swMz60g+S6fX2h1UmVQOc0VcX1p
khr3TF56gNg1j1+KJtsxNuGo6GyUjrtC2jf0ePFRlMx+hisxlG8k8I7WRYuKtIof
NE987m975ZaNz9hPWkf+Z2tasVgRb2RdbuXCyZ0fQuuxab0qWWE/V5y5UeLPvjbe
lKw0rMCqSpxheLZKLreZKVkSxgq+akCO2ZEbvOZieXVhorJS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:35 2024 by rpki-client on console-ams.rpki-client.org