Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/8LruibCrAmExVMX4yAkxkX43EHc.roa
File: 8LruibCrAmExVMX4yAkxkX43EHc.roa (raw, json)
Hash identifier: 1LI7ds+ox2usNTRJ1qCUQjA1pwUkY+1A9z/b9LNMQK4=
Subject key identifier: F0:BA:EE:89:B0:AB:02:61:31:54:C5:F8:C8:09:31:91:7E:37:10:77
Certificate issuer: /CN=940a10a256728f11a4bbaadc3204b7f0a35a5000
Certificate serial: 018A60091CE0C169DF6B2D379CD50E28B773
Authority key identifier: 94:0A:10:A2:56:72:8F:11:A4:BB:AA:DC:32:04:B7:F0:A3:5A:50:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/8LruibCrAmExVMX4yAkxkX43EHc.roa
Signing time: Mon 04 Sep 2023 11:52:04 +0000
ROA not before: Mon 04 Sep 2023 11:52:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8860
IP address blocks: 195.189.80.0/22 maxlen: 24
79.98.104.0/21 maxlen: 24
185.228.24.0/22 maxlen: 24
185.55.228.0/22 maxlen: 24
185.239.124.0/24 maxlen: 24
185.239.126.0/24 maxlen: 24
194.145.63.0/24 maxlen: 24
185.199.37.0/24 maxlen: 24
185.199.38.0/24 maxlen: 24
185.52.204.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 14 Oct 2023 08:36:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:60:09:1c:e0:c1:69:df:6b:2d:37:9c:d5:0e:28:b7:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=940a10a256728f11a4bbaadc3204b7f0a35a5000
Validity
Not Before: Sep 4 11:52:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0baee89b0ab02613154c5f8c80931917e371077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:57:fa:de:f3:e7:93:ed:ae:c6:b7:b0:d5:85:
0f:a9:01:68:e0:cf:70:fe:9b:fc:72:b0:bb:b1:72:
7c:9c:86:fc:a2:a9:ce:6b:77:3b:c4:04:d6:c1:0c:
22:5d:a7:d2:76:3e:71:68:f6:b0:d9:16:70:8e:05:
39:f3:b7:f2:f6:a9:a3:06:15:37:f9:e5:f9:db:ba:
9a:82:2f:2c:a1:13:30:46:6f:ca:9c:70:20:94:a1:
ba:c8:37:11:44:aa:26:65:84:74:df:98:f8:e6:f1:
d3:a2:a7:30:67:27:0e:de:21:7b:79:5a:23:d8:68:
15:04:2b:40:cc:c6:1b:7d:79:6a:5d:7e:09:15:72:
2d:83:cd:5b:63:35:15:e1:6e:ec:65:fc:8e:08:e4:
62:ca:23:67:e1:34:ad:b5:e0:57:84:26:b4:a4:6a:
24:dc:41:5a:f4:97:4d:66:77:da:f6:08:44:10:5b:
f8:42:5f:1b:05:22:4a:22:0d:14:6c:4b:04:2a:9f:
b9:14:2a:6a:8e:ef:89:cb:28:25:35:27:a6:7f:7d:
6d:55:7a:3b:13:a2:17:e0:a4:69:45:d0:28:ef:67:
75:d3:56:f1:59:a1:97:b9:d1:4b:c7:06:4b:08:3c:
5b:bb:35:7f:02:89:32:9e:69:ba:83:1d:44:87:56:
29:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:BA:EE:89:B0:AB:02:61:31:54:C5:F8:C8:09:31:91:7E:37:10:77
X509v3 Authority Key Identifier:
keyid:94:0A:10:A2:56:72:8F:11:A4:BB:AA:DC:32:04:B7:F0:A3:5A:50:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/8LruibCrAmExVMX4yAkxkX43EHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.104.0/21
185.52.204.0/22
185.55.228.0/22
185.199.37.0-185.199.38.255
185.228.24.0/22
185.239.124.0/24
185.239.126.0/24
194.145.63.0/24
195.189.80.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:47:f3:88:86:fb:30:54:bc:b5:d0:91:7a:0c:4f:6f:7b:c3:
cb:4a:12:67:64:6d:72:9f:75:80:8e:af:a3:b5:ce:c6:aa:15:
b5:fc:be:59:09:50:5e:0a:63:48:f3:70:90:57:6a:95:7a:a6:
c4:cf:5e:06:1f:53:e2:79:2c:38:50:a4:f5:91:5a:eb:1e:8b:
64:ac:f3:52:5d:ff:6a:b6:3c:73:e0:c0:96:f4:12:ea:cc:a9:
17:23:01:e9:44:98:c1:56:8b:9f:9e:5a:1b:f3:fb:ee:f2:57:
5b:07:33:7f:2d:05:f3:8a:4b:f2:d0:da:e8:23:1c:31:9a:3e:
bd:da:02:82:56:c1:9b:db:8f:23:d7:bd:5d:a9:eb:a4:4e:ed:
59:f5:f2:bc:6b:ef:49:6b:0e:41:9f:5d:9a:7d:29:87:5e:18:
94:91:6f:15:3b:43:ba:1a:c7:95:b4:4c:6d:52:e2:74:13:87:
7a:c4:34:97:2e:f3:f7:60:78:35:25:1f:00:59:7a:61:aa:f6:
d5:fe:e7:bf:0f:1c:b8:f8:93:25:f1:b1:10:36:c3:05:65:f3:
68:63:88:89:1b:37:c0:2c:b6:b9:6a:88:09:9f:a2:44:f8:7b:
43:6f:61:40:9e:5c:a2:03:60:06:57:3e:60:2b:4a:45:ff:66:
62:35:ee:bc
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYpgCRzgwWnfay03nNUOKLdzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MGExMGEyNTY3MjhmMTFhNGJiYWFkYzMyMDRiN2YwYTM1
YTUwMDAwHhcNMjMwOTA0MTE1MjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGJhZWU4OWIwYWIwMjYxMzE1NGM1ZjhjODA5MzE5MTdlMzcxMDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFf63vPnk+2uxrew1YUPqQFo4M9w
/pv8crC7sXJ8nIb8oqnOa3c7xATWwQwiXafSdj5xaPaw2RZwjgU587fy9qmjBhU3
+eX527qagi8soRMwRm/KnHAglKG6yDcRRKomZYR035j45vHToqcwZycO3iF7eVoj
2GgVBCtAzMYbfXlqXX4JFXItg81bYzUV4W7sZfyOCORiyiNn4TStteBXhCa0pGok
3EFa9JdNZnfa9ghEEFv4Ql8bBSJKIg0UbEsEKp+5FCpqju+JyyglNSemf31tVXo7
E6IX4KRpRdAo72d101bxWaGXudFLxwZLCDxbuzV/Aokynmm6gx1Eh1YpWQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFPC67omwqwJhMVTF+MgJMZF+NxB3MB8GA1UdIwQY
MBaAFJQKEKJWco8RpLuq3DIEt/CjWlAAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hMWFlNzUtMmQ2Yi00Y2M2LWFjZWYt
ZGNlNmQ2OTA5MjQ3LzEvOExydWliQ3JBbUV4Vk1YNHlBa3hrWDQzRUhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hMWFlNzUtMmQ2Yi00Y2M2LWFjZWYtZGNlNmQ2OTA5MjQ3
LzEvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQDT2JoAwQC
uTTMAwQCuTfkMAwDBAC5xyUDBAC5xyYDBAK55BgDBAC573wDBAC5734DBADCkT8D
BALDvVAwDQYJKoZIhvcNAQELBQADggEBAH5H84iG+zBUvLXQkXoMT297w8tKEmdk
bXKfdYCOr6O1zsaqFbX8vlkJUF4KY0jzcJBXapV6psTPXgYfU+J5LDhQpPWRWuse
i2Ss81Jd/2q2PHPgwJb0EurMqRcjAelEmMFWi5+eWhvz++7yV1sHM38tBfOKS/LQ
2ugjHDGaPr3aAoJWwZvbjyPXvV2p66RO7Vn18rxr70lrDkGfXZp9KYdeGJSRbxU7
Q7oax5W0TG1S4nQTh3rENJcu8/dgeDUlHwBZemGq9tX+578PHLj4kyXxsRA2wwVl
82hjiIkbN8AstrlqiAmfokT4e0NvYUCeXKIDYAZXPmArSkX/ZmI17rw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:35 2024 by rpki-client on console-fra.rpki-client.org