Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/2L8-ei_PVuQN8tq1q0fPynE16G0.roa
File: 2L8-ei_PVuQN8tq1q0fPynE16G0.roa (raw, json)
Hash identifier: buGm3ihVg2g2cE69R0dzeUAIxUJuWSkRJghWmAZumWY=
Subject key identifier: D8:BF:3E:7A:2F:CF:56:E4:0D:F2:DA:B5:AB:47:CF:CA:71:35:E8:6D
Certificate issuer: /CN=37518d180923a7f3c00653ec12bc702b95aab907
Certificate serial: 01856D0A9A826BA22F3D2C89D720AE85C745
Authority key identifier: 37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/2L8-ei_PVuQN8tq1q0fPynE16G0.roa
Signing time: Sun 01 Jan 2023 11:14:49 +0000
ROA not before: Sun 01 Jan 2023 11:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5474
IP address blocks: 193.140.111.0/24 maxlen: 24
193.140.108.0/24 maxlen: 24
193.140.109.0/24 maxlen: 24
193.140.110.0/24 maxlen: 24
2001:a98:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:9a:82:6b:a2:2f:3d:2c:89:d7:20:ae:85:c7:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37518d180923a7f3c00653ec12bc702b95aab907
Validity
Not Before: Jan 1 11:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8bf3e7a2fcf56e40df2dab5ab47cfca7135e86d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4a:f3:af:fb:3f:6b:c0:f7:80:0a:c7:ec:73:
c2:81:b3:12:35:c4:47:71:19:5d:a7:89:e7:3e:95:
b7:bb:44:c8:a1:94:47:cd:0e:fa:06:b3:80:6f:c1:
47:d0:0a:54:6b:63:6b:26:d5:05:f0:dc:13:bf:6f:
f4:aa:4b:7b:d9:12:99:df:5c:c8:08:74:00:9a:62:
e7:29:b9:a1:ad:39:ba:13:5c:cd:52:fb:f8:82:1a:
76:ef:d3:e1:c1:4d:73:26:02:2d:a1:aa:a0:05:45:
f5:ab:6d:8c:5e:b0:29:db:34:21:4f:84:51:b8:73:
f3:6f:b3:67:18:cb:6d:07:8d:e9:d9:90:ab:a3:f6:
ce:50:ec:8d:30:8a:ff:0d:61:d1:b1:92:4e:5d:93:
15:14:40:f4:66:b2:10:e9:70:da:b8:25:8b:5b:27:
15:06:ab:b4:84:6a:67:48:8a:79:ce:a3:95:d8:41:
b7:ee:c5:5e:23:76:eb:b5:26:12:69:89:8b:15:b9:
45:b7:14:29:9e:f7:cd:f4:bb:20:5d:fc:a0:57:db:
1a:f9:a2:7a:85:64:99:c0:45:63:44:76:3a:0b:ad:
9d:e6:17:8b:51:9d:74:e1:7f:3c:0e:e6:aa:ad:dc:
a4:d1:a3:0a:e7:22:1a:9c:36:9e:7d:c8:3d:55:be:
d4:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:BF:3E:7A:2F:CF:56:E4:0D:F2:DA:B5:AB:47:CF:CA:71:35:E8:6D
X509v3 Authority Key Identifier:
keyid:37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/2L8-ei_PVuQN8tq1q0fPynE16G0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.140.108.0/22
IPv6:
2001:a98:100::/48
Signature Algorithm: sha256WithRSAEncryption
71:27:45:71:b3:dd:03:70:6b:5d:e6:bd:4a:96:98:9c:81:a2:
0e:99:0f:54:00:55:e9:27:ed:38:9c:c7:38:c2:93:18:5c:33:
59:80:91:f3:05:b2:44:6a:af:03:83:29:16:71:f8:31:fc:bc:
52:88:1e:fb:ee:13:fa:0b:d1:e9:c1:80:4c:9d:1a:ba:96:ae:
4f:c8:f8:74:da:d5:88:29:8b:02:32:cb:44:20:1a:94:d9:7f:
82:4c:22:d7:a9:f0:53:1e:eb:03:91:a4:9d:5e:62:dd:c4:16:
af:43:0e:77:bf:b3:f1:12:c4:7e:b6:73:7e:ce:ad:b3:3b:1c:
2c:d0:fd:18:57:0c:cd:fd:14:1b:27:fc:26:58:7a:66:0b:66:
17:d9:dd:5a:85:09:6d:bd:f3:19:26:ad:27:38:f8:60:ce:e0:
bf:50:93:ae:d1:1f:2d:bb:0e:cf:3a:ad:0e:8d:61:9c:44:83:
a2:32:4b:5d:8b:ca:5e:7a:25:c2:8e:e2:a7:77:03:f7:72:f0:
8b:4f:b9:7c:09:37:35:e2:61:95:b9:ad:26:a2:71:97:a7:d5:
fc:c9:5f:0d:4f:db:12:b9:bb:35:fa:4d:21:23:1d:78:12:2d:
23:92:3a:a3:3c:0b:01:dd:4b:02:4d:cc:8b:87:46:7c:86:e7:
84:80:a3:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVtCpqCa6IvPSyJ1yCuhcdFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NTE4ZDE4MDkyM2E3ZjNjMDA2NTNlYzEyYmM3MDJiOTVh
YWI5MDcwHhcNMjMwMTAxMTExNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGJmM2U3YTJmY2Y1NmU0MGRmMmRhYjVhYjQ3Y2ZjYTcxMzVlODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkrzr/s/a8D3gArH7HPCgbMSNcRH
cRldp4nnPpW3u0TIoZRHzQ76BrOAb8FH0ApUa2NrJtUF8NwTv2/0qkt72RKZ31zI
CHQAmmLnKbmhrTm6E1zNUvv4ghp279PhwU1zJgItoaqgBUX1q22MXrAp2zQhT4RR
uHPzb7NnGMttB43p2ZCro/bOUOyNMIr/DWHRsZJOXZMVFED0ZrIQ6XDauCWLWycV
Bqu0hGpnSIp5zqOV2EG37sVeI3brtSYSaYmLFblFtxQpnvfN9LsgXfygV9sa+aJ6
hWSZwEVjRHY6C62d5heLUZ104X88Duaqrdyk0aMK5yIanDaefcg9Vb7UGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNi/Pnovz1bkDfLatatHz8pxNehtMB8GA1UdIwQY
MBaAFDdRjRgJI6fzwAZT7BK8cCuVqrkHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgt
NTk2NzE5MjBmYjYwLzEvMkw4LWVpX1BWdVFOOHRxMXEwZlB5bkUxNkcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgtNTk2NzE5MjBmYjYw
LzEvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwYxsMA8E
AgACMAkDBwAgAQqYAQAwDQYJKoZIhvcNAQELBQADggEBAHEnRXGz3QNwa13mvUqW
mJyBog6ZD1QAVekn7TicxzjCkxhcM1mAkfMFskRqrwODKRZx+DH8vFKIHvvuE/oL
0enBgEydGrqWrk/I+HTa1YgpiwIyy0QgGpTZf4JMItep8FMe6wORpJ1eYt3EFq9D
Dne/s/ESxH62c37OrbM7HCzQ/RhXDM39FBsn/CZYemYLZhfZ3VqFCW298xkmrSc4
+GDO4L9Qk67RHy27Ds86rQ6NYZxEg6IyS12Lyl56JcKO4qd3A/dy8ItPuXwJNzXi
YZW5rSaicZen1fzJXw1P2xK5uzX6TSEjHXgSLSOSOqM8CwHdSwJNzIuHRnyG54SA
owA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:01 2024 by rpki-client on console-ams.rpki-client.org