Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/5b5f20-6ef6-44b9-a691-e554a35e9e77/1/s8iBM8wc16rW6MDUgxKM8u7pPkY.roa
File: s8iBM8wc16rW6MDUgxKM8u7pPkY.roa (raw, json)
Hash identifier: BidQ4jBlg+cxhj43kI7Ve2Q1ebMxBOa8mX0dxTjCa3U=
Subject key identifier: B3:C8:81:33:CC:1C:D7:AA:D6:E8:C0:D4:83:12:8C:F2:EE:E9:3E:46
Certificate issuer: /CN=1f9e25f4a88b8bb43c54d58f6b4e75089f906fd2
Certificate serial: 01857002710C8775072043D0D7746D7D0999
Authority key identifier: 1F:9E:25:F4:A8:8B:8B:B4:3C:54:D5:8F:6B:4E:75:08:9F:90:6F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H54l9KiLi7Q8VNWPa051CJ-Qb9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/5b5f20-6ef6-44b9-a691-e554a35e9e77/1/s8iBM8wc16rW6MDUgxKM8u7pPkY.roa
Signing time: Mon 02 Jan 2023 01:04:46 +0000
ROA not before: Mon 02 Jan 2023 01:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209390
IP address blocks: 185.108.64.0/22 maxlen: 22
185.108.64.0/24 maxlen: 24
185.108.65.0/24 maxlen: 24
185.108.66.0/24 maxlen: 24
2a06:6280::/29 maxlen: 29
2a06:6280:200::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:71:0c:87:75:07:20:43:d0:d7:74:6d:7d:09:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f9e25f4a88b8bb43c54d58f6b4e75089f906fd2
Validity
Not Before: Jan 2 01:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3c88133cc1cd7aad6e8c0d483128cf2eee93e46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:60:26:22:2e:e8:04:bd:95:ee:b7:a0:fe:96:
f4:57:4b:52:c0:63:cb:94:ad:8c:ac:2f:0d:f9:b9:
29:1b:f4:8c:54:5b:cd:f4:f4:a6:51:3c:5f:de:fd:
dc:70:e7:cd:88:9d:84:13:ca:a6:c4:00:de:e2:c0:
45:09:0f:a4:f8:cf:04:14:59:15:c8:e4:3d:96:79:
db:a4:f4:2b:ef:18:fd:4f:3e:49:73:05:71:3c:1d:
ab:ac:8e:8b:3c:80:9e:99:97:93:27:ed:14:90:c5:
23:3d:46:ad:80:93:86:63:b0:c0:4f:b8:6f:cf:98:
16:c8:79:b7:6c:cf:80:87:ad:5e:98:ce:c6:61:6b:
42:99:af:4b:1e:9b:67:71:ea:9b:c8:00:12:cf:df:
d0:ed:de:3a:93:8d:a8:6b:21:e6:8a:db:4f:19:ce:
0b:38:6e:cc:da:42:bb:db:3e:5f:8b:a2:29:dd:71:
3f:5b:47:d4:04:49:3e:fc:70:2d:4b:78:f9:63:d5:
7a:0f:41:6e:c6:c5:f8:78:67:32:4d:8d:87:76:cb:
2c:79:ab:de:eb:da:c4:e0:70:ef:c7:ce:81:60:75:
5a:e6:ed:e4:0d:29:ae:86:85:23:47:2e:fd:b9:13:
39:f3:73:bf:a5:80:8a:4e:60:5d:b1:e2:04:e4:2c:
d7:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C8:81:33:CC:1C:D7:AA:D6:E8:C0:D4:83:12:8C:F2:EE:E9:3E:46
X509v3 Authority Key Identifier:
keyid:1F:9E:25:F4:A8:8B:8B:B4:3C:54:D5:8F:6B:4E:75:08:9F:90:6F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H54l9KiLi7Q8VNWPa051CJ-Qb9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/5b5f20-6ef6-44b9-a691-e554a35e9e77/1/s8iBM8wc16rW6MDUgxKM8u7pPkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/5b5f20-6ef6-44b9-a691-e554a35e9e77/1/H54l9KiLi7Q8VNWPa051CJ-Qb9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.64.0/22
IPv6:
2a06:6280::/29
Signature Algorithm: sha256WithRSAEncryption
54:3c:9a:21:3f:dd:ef:da:5f:45:66:79:04:4f:2a:3a:57:fc:
06:6b:42:4a:21:5c:78:c6:cd:85:6d:9f:2c:32:54:28:39:67:
13:ba:bd:5c:e1:d1:da:53:63:f8:6a:d7:70:c9:84:fd:ab:41:
ff:9e:27:04:67:b6:0d:0a:e3:9f:c4:29:0d:ff:4f:8e:a3:23:
8b:25:9a:b5:b4:c0:9f:1f:be:14:77:ce:aa:ae:e3:59:6a:73:
95:e6:a2:f3:9f:a2:e5:c8:31:8b:34:8f:89:09:61:cf:72:40:
6f:7e:8b:ee:d4:c9:25:54:38:7b:3f:b0:31:84:e2:c7:f9:1c:
13:3e:11:cf:d1:a0:39:19:1a:b7:54:5e:08:4c:e9:94:4c:8d:
10:d7:ec:d2:38:9f:f2:4f:4f:de:f9:a8:92:eb:24:07:23:46:
cd:c6:97:3e:fc:d8:66:09:72:38:e0:02:da:bc:4e:e2:da:19:
93:0f:a0:47:6e:97:cb:b0:2c:09:86:2d:d8:12:56:88:16:c5:
72:a7:f4:21:ea:87:b1:99:fe:51:45:2b:3b:5e:cb:ef:34:2e:
75:30:74:97:0e:a1:54:5f:b7:11:79:b1:1e:bd:d2:8a:d9:a4:
b1:64:ec:83:5a:5e:27:16:90:80:3b:94:9c:c3:40:bc:96:e4:
f3:a1:a8:ba
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwAnEMh3UHIEPQ13RtfQmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmOWUyNWY0YTg4YjhiYjQzYzU0ZDU4ZjZiNGU3NTA4OWY5
MDZmZDIwHhcNMjMwMTAyMDEwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2M4ODEzM2NjMWNkN2FhZDZlOGMwZDQ4MzEyOGNmMmVlZTkzZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmAmIi7oBL2V7reg/pb0V0tSwGPL
lK2MrC8N+bkpG/SMVFvN9PSmUTxf3v3ccOfNiJ2EE8qmxADe4sBFCQ+k+M8EFFkV
yOQ9lnnbpPQr7xj9Tz5JcwVxPB2rrI6LPICemZeTJ+0UkMUjPUatgJOGY7DAT7hv
z5gWyHm3bM+Ah61emM7GYWtCma9LHptnceqbyAASz9/Q7d46k42oayHmittPGc4L
OG7M2kK72z5fi6Ip3XE/W0fUBEk+/HAtS3j5Y9V6D0FuxsX4eGcyTY2Hdssseave
69rE4HDvx86BYHVa5u3kDSmuhoUjRy79uRM583O/pYCKTmBdseIE5CzXrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLPIgTPMHNeq1ujA1IMSjPLu6T5GMB8GA1UdIwQY
MBaAFB+eJfSoi4u0PFTVj2tOdQifkG/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDU0bDlLaUxpN1E4Vk5XUGEwNTFDSi1RYjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi81YjVmMjAtNmVmNi00NGI5LWE2OTEt
ZTU1NGEzNWU5ZTc3LzEvczhpQk04d2MxNnJXNk1EVWd4S004dTdwUGtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi81YjVmMjAtNmVmNi00NGI5LWE2OTEtZTU1NGEzNWU5ZTc3
LzEvSDU0bDlLaUxpN1E4Vk5XUGEwNTFDSi1RYjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWxAMA0E
AgACMAcDBQMqBmKAMA0GCSqGSIb3DQEBCwUAA4IBAQBUPJohP93v2l9FZnkETyo6
V/wGa0JKIVx4xs2FbZ8sMlQoOWcTur1c4dHaU2P4atdwyYT9q0H/nicEZ7YNCuOf
xCkN/0+OoyOLJZq1tMCfH74Ud86qruNZanOV5qLzn6LlyDGLNI+JCWHPckBvfovu
1MklVDh7P7AxhOLH+RwTPhHP0aA5GRq3VF4ITOmUTI0Q1+zSOJ/yT0/e+aiS6yQH
I0bNxpc+/NhmCXI44ALavE7i2hmTD6BHbpfLsCwJhi3YElaIFsVyp/Qh6oexmf5R
RSs7XsvvNC51MHSXDqFUX7cRebEevdKK2aSxZOyDWl4nFpCAO5Scw0C8luTzoai6
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:42 2024 by rpki-client on console-ams.rpki-client.org