Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/721920-939b-412b-a3c5-2329d79c4ae3/1/8q9U87YBNOYUheATx6knkx4wR88.roa
File: 8q9U87YBNOYUheATx6knkx4wR88.roa (raw, json)
Hash identifier: OfLrdKiv8hGQal6TCO5J510EU+JLrdrGuQAAftGhUIE=
Subject key identifier: F2:AF:54:F3:B6:01:34:E6:14:85:E0:13:C7:A9:27:93:1E:30:47:CF
Certificate issuer: /CN=d8073d06b58652f849fa8bcf3cec6b950909bd68
Certificate serial: 01856E820F6F6B95EEEEAE22130D2ADB0069
Authority key identifier: D8:07:3D:06:B5:86:52:F8:49:FA:8B:CF:3C:EC:6B:95:09:09:BD:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Ac9BrWGUvhJ-ovPPOxrlQkJvWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/721920-939b-412b-a3c5-2329d79c4ae3/1/8q9U87YBNOYUheATx6knkx4wR88.roa
Signing time: Sun 01 Jan 2023 18:04:55 +0000
ROA not before: Sun 01 Jan 2023 18:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61121
IP address blocks: 185.18.4.0/24 maxlen: 24
185.18.4.0/22 maxlen: 22
185.18.4.0/23 maxlen: 23
185.18.7.0/24 maxlen: 24
185.18.6.0/23 maxlen: 23
185.18.5.0/24 maxlen: 24
185.18.6.0/24 maxlen: 24
2a03:f1c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 28 Apr 2023 08:11:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:82:0f:6f:6b:95:ee:ee:ae:22:13:0d:2a:db:00:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8073d06b58652f849fa8bcf3cec6b950909bd68
Validity
Not Before: Jan 1 18:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2af54f3b60134e61485e013c7a927931e3047cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:df:d2:cd:14:d3:74:bb:fb:27:1e:bd:f4:1b:
0b:a6:b6:8b:fb:3a:ef:ec:df:ad:2e:b2:fa:cf:b0:
15:89:7a:62:d1:5d:7c:f4:2a:aa:9e:51:4c:53:81:
31:50:70:d6:0d:29:ba:cc:5c:59:5f:1e:61:56:a4:
1c:9a:1a:10:7d:73:df:24:ff:6d:23:e8:78:16:e1:
b9:77:90:cb:66:08:cb:ea:13:cf:e7:4e:da:06:9f:
ae:0b:47:00:bf:30:3e:08:b2:51:03:dd:ed:25:ef:
4a:4d:75:af:67:c5:84:cd:1a:57:51:9a:79:95:08:
c0:13:82:61:d6:81:96:e6:bb:05:cc:fb:f5:9e:12:
b8:42:5d:27:c9:f4:10:58:7c:d6:d2:94:61:4c:6d:
b3:0f:36:e6:f7:77:fa:17:a0:a4:79:73:d9:bf:dd:
8f:c9:a2:b0:33:87:0b:55:7f:dd:d2:30:94:22:2d:
f7:ce:54:ea:10:e8:ed:59:a9:32:a5:9c:2b:59:80:
75:d1:9f:b3:1b:4c:3d:98:e8:4a:c8:56:b4:fa:a8:
8d:68:6b:d5:78:2b:ce:4b:d8:37:7d:34:d5:ba:45:
27:64:d0:b8:d2:55:77:10:ae:4d:48:11:84:88:9e:
8c:af:37:30:5a:94:6b:9e:48:85:6d:95:24:f2:77:
51:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:AF:54:F3:B6:01:34:E6:14:85:E0:13:C7:A9:27:93:1E:30:47:CF
X509v3 Authority Key Identifier:
keyid:D8:07:3D:06:B5:86:52:F8:49:FA:8B:CF:3C:EC:6B:95:09:09:BD:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Ac9BrWGUvhJ-ovPPOxrlQkJvWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/721920-939b-412b-a3c5-2329d79c4ae3/1/8q9U87YBNOYUheATx6knkx4wR88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/721920-939b-412b-a3c5-2329d79c4ae3/1/2Ac9BrWGUvhJ-ovPPOxrlQkJvWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.4.0/22
IPv6:
2a03:f1c0::/32
Signature Algorithm: sha256WithRSAEncryption
41:80:db:03:71:bc:09:05:39:7e:84:9b:cf:ac:86:24:e3:54:
93:d7:0e:4b:a5:a4:1c:20:39:1d:dc:10:04:13:31:04:76:33:
c7:9d:f5:97:43:c3:2a:63:23:00:ec:41:fa:28:d0:2f:8e:c8:
1f:39:95:ff:18:45:13:df:ec:3b:de:ba:2e:23:8b:67:e4:4a:
43:78:97:2b:35:82:00:44:db:38:d2:c5:64:9b:58:d3:1e:9e:
46:74:ef:e1:fd:11:7f:e8:93:8e:3b:3b:7b:89:7a:91:e9:73:
8a:a4:db:bc:e2:1d:a8:96:8e:cb:87:da:a6:b1:8c:8c:9c:ff:
81:bb:17:e8:8c:6b:be:d3:fc:e7:a1:8a:78:79:ee:f2:13:cc:
1f:60:a5:05:37:12:0c:00:a2:ea:00:1f:7c:09:39:ec:88:70:
c4:4b:a1:23:2f:d6:18:9b:d2:0f:1b:7b:69:7f:a4:84:9b:bb:
d6:9b:3f:46:d0:a9:4f:a6:fc:ba:f2:34:5e:d9:24:57:dc:79:
ef:0c:8c:aa:c6:39:87:af:2a:59:33:3c:4e:c1:5e:6e:b8:1f:
74:f2:e2:a5:6d:39:7f:aa:65:37:5d:7e:34:3e:fe:24:1b:74:
0b:1d:e3:e8:a0:cb:3f:7d:69:00:e6:d6:dd:ed:fe:b4:c7:c9:
cf:43:02:50
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVugg9va5Xu7q4iEw0q2wBpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MDczZDA2YjU4NjUyZjg0OWZhOGJjZjNjZWM2Yjk1MDkw
OWJkNjgwHhcNMjMwMTAxMTgwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmFmNTRmM2I2MDEzNGU2MTQ4NWUwMTNjN2E5Mjc5MzFlMzA0N2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzd/SzRTTdLv7Jx699BsLpraL+zrv
7N+tLrL6z7AViXpi0V189CqqnlFMU4ExUHDWDSm6zFxZXx5hVqQcmhoQfXPfJP9t
I+h4FuG5d5DLZgjL6hPP507aBp+uC0cAvzA+CLJRA93tJe9KTXWvZ8WEzRpXUZp5
lQjAE4Jh1oGW5rsFzPv1nhK4Ql0nyfQQWHzW0pRhTG2zDzbm93f6F6CkeXPZv92P
yaKwM4cLVX/d0jCUIi33zlTqEOjtWakypZwrWYB10Z+zG0w9mOhKyFa0+qiNaGvV
eCvOS9g3fTTVukUnZNC40lV3EK5NSBGEiJ6MrzcwWpRrnkiFbZUk8ndR5QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPKvVPO2ATTmFIXgE8epJ5MeMEfPMB8GA1UdIwQY
MBaAFNgHPQa1hlL4SfqLzzzsa5UJCb1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkFjOUJyV0dVdmhKLW92UFBPeHJsUWtKdldnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MjE5MjAtOTM5Yi00MTJiLWEzYzUt
MjMyOWQ3OWM0YWUzLzEvOHE5VTg3WUJOT1lVaGVBVHg2a25reDR3Ujg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MjE5MjAtOTM5Yi00MTJiLWEzYzUtMjMyOWQ3OWM0YWUz
LzEvMkFjOUJyV0dVdmhKLW92UFBPeHJsUWtKdldnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRIEMA0E
AgACMAcDBQAqA/HAMA0GCSqGSIb3DQEBCwUAA4IBAQBBgNsDcbwJBTl+hJvPrIYk
41ST1w5LpaQcIDkd3BAEEzEEdjPHnfWXQ8MqYyMA7EH6KNAvjsgfOZX/GEUT3+w7
3rouI4tn5EpDeJcrNYIARNs40sVkm1jTHp5GdO/h/RF/6JOOOzt7iXqR6XOKpNu8
4h2olo7Lh9qmsYyMnP+BuxfojGu+0/znoYp4ee7yE8wfYKUFNxIMAKLqAB98CTns
iHDES6EjL9YYm9IPG3tpf6SEm7vWmz9G0KlPpvy68jRe2SRX3HnvDIyqxjmHrypZ
MzxOwV5uuB908uKlbTl/qmU3XX40Pv4kG3QLHePooMs/fWkA5tbd7f60x8nPQwJQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:42 2024 by rpki-client on console-fra.rpki-client.org