Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/8eXQIBFZHglTJUpgxgLQi5VTZyo.roa
File: 8eXQIBFZHglTJUpgxgLQi5VTZyo.roa (raw, json)
Hash identifier: ujZN/yxzrovW16Er6o4uWlj4nPBrmxXBc+IRf/xtjT0=
Subject key identifier: F1:E5:D0:20:11:59:1E:09:53:25:4A:60:C6:02:D0:8B:95:53:67:2A
Certificate issuer: /CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Certificate serial: 01856FD532E8139183D7ACA1DCAD96B8814C
Authority key identifier: 38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/8eXQIBFZHglTJUpgxgLQi5VTZyo.roa
Signing time: Mon 02 Jan 2023 00:15:21 +0000
ROA not before: Mon 02 Jan 2023 00:15:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208650
IP address blocks: 185.202.135.0/24 maxlen: 24
185.202.134.0/24 maxlen: 24
2a0a:d6c0:134::/48 maxlen: 48
2a0a:d6c0:135::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:32:e8:13:91:83:d7:ac:a1:dc:ad:96:b8:81:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Validity
Not Before: Jan 2 00:15:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1e5d02011591e0953254a60c602d08b9553672a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:29:40:02:21:98:69:a8:41:da:55:7f:c5:90:
a5:71:a7:fa:0a:f9:5c:cc:96:3a:62:63:04:fa:de:
22:23:ff:3c:76:7c:dc:5e:8c:f0:38:12:2a:85:ee:
81:b7:fa:00:e2:25:21:a8:9b:66:50:b4:fc:27:94:
5d:ef:da:de:0f:0d:1c:66:79:af:fd:d8:19:a7:50:
80:6c:8f:c6:e2:d4:c7:b3:8b:c7:26:35:25:8b:e2:
78:6f:37:ad:f8:c3:76:24:03:12:76:09:56:8d:cc:
13:72:a6:02:28:0a:38:2d:bc:f9:83:4d:c3:d1:42:
66:4e:2a:f2:83:97:ff:6d:27:07:bd:71:64:63:2e:
ea:90:91:30:16:fe:d6:78:e0:00:90:f4:be:cb:9a:
5c:5a:c5:18:6a:9d:34:28:b3:3d:2b:f5:08:b8:dd:
dc:ee:bf:51:49:b5:62:a3:c5:a4:62:e4:5d:24:df:
4b:b0:6d:57:8a:71:9d:23:b4:26:f2:64:eb:e1:e7:
a8:22:08:c4:63:1c:85:8b:6e:e1:6f:cc:a2:4f:05:
48:81:63:f2:f4:ed:2b:ce:dc:01:70:e4:b3:c9:36:
31:d4:ab:dd:82:2a:ac:4d:79:a6:d8:9d:2c:e4:39:
c8:9d:08:ea:e9:a5:04:50:dd:68:44:db:3a:eb:8e:
63:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:E5:D0:20:11:59:1E:09:53:25:4A:60:C6:02:D0:8B:95:53:67:2A
X509v3 Authority Key Identifier:
keyid:38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/8eXQIBFZHglTJUpgxgLQi5VTZyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.134.0/23
IPv6:
2a0a:d6c0:134::/47
Signature Algorithm: sha256WithRSAEncryption
54:93:94:4e:a0:fe:1f:e4:f8:c3:44:f8:9b:23:76:90:cc:f5:
fa:16:03:5d:09:91:7b:16:12:53:21:ab:36:e2:17:bc:93:0d:
77:c4:5e:f5:25:75:35:93:29:c9:4d:e0:7c:80:34:02:6d:0e:
c1:59:de:20:88:01:6a:60:8e:37:97:d7:e1:b8:60:e1:07:2d:
4f:75:68:48:13:6e:81:48:b6:71:01:4c:b9:34:ce:e2:79:f6:
bb:5c:b3:2b:b1:b9:6f:6c:64:f4:59:59:d8:da:94:fb:68:bb:
6d:c1:33:37:ac:57:99:65:f6:c1:66:96:d6:1c:5c:21:9e:36:
16:cc:7d:ac:2d:0d:af:4b:36:09:62:e9:d2:cd:7c:60:68:c0:
12:7b:7e:70:1d:23:04:28:08:f3:c1:5f:54:a2:d8:38:5c:f8:
60:07:af:49:df:c2:69:98:97:a8:5f:1a:78:ab:15:9b:1f:3c:
d4:18:86:a9:6f:88:a3:46:01:0a:e4:3e:7a:e4:6a:74:7f:b4:
40:48:b7:88:f5:94:ed:9e:5c:f9:15:13:30:8f:67:59:b9:94:
76:16:d4:ea:d9:29:71:a8:d0:81:7d:76:1a:44:cb:c5:80:aa:
d2:b0:53:07:33:4c:0c:6f:53:d8:9a:4a:91:99:ba:02:2c:64:
1a:d5:b1:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVv1TLoE5GD16yh3K2WuIFMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4N2Q2ZGY3ZWI3NTQyZTAzMzNhZWVkZDE0YWRmZjhmNTFm
OGNiZDgwHhcNMjMwMTAyMDAxNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWU1ZDAyMDExNTkxZTA5NTMyNTRhNjBjNjAyZDA4Yjk1NTM2NzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8SlAAiGYaahB2lV/xZClcaf6Cvlc
zJY6YmME+t4iI/88dnzcXozwOBIqhe6Bt/oA4iUhqJtmULT8J5Rd79reDw0cZnmv
/dgZp1CAbI/G4tTHs4vHJjUli+J4bzet+MN2JAMSdglWjcwTcqYCKAo4Lbz5g03D
0UJmTiryg5f/bScHvXFkYy7qkJEwFv7WeOAAkPS+y5pcWsUYap00KLM9K/UIuN3c
7r9RSbVio8WkYuRdJN9LsG1XinGdI7Qm8mTr4eeoIgjEYxyFi27hb8yiTwVIgWPy
9O0rztwBcOSzyTYx1KvdgiqsTXmm2J0s5DnInQjq6aUEUN1oRNs6645jNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPHl0CARWR4JUyVKYMYC0IuVU2cqMB8GA1UdIwQY
MBaAFDh9bffrdULgMzru3RSt/49R+MvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2Mt
NjA5YTQ4YjJiMTRkLzEvOGVYUUlCRlpIZ2xUSlVwZ3hnTFFpNVZUWnlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2MtNjA5YTQ4YjJiMTRk
LzEvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBucqGMA8E
AgACMAkDBwEqCtbAATQwDQYJKoZIhvcNAQELBQADggEBAFSTlE6g/h/k+MNE+Jsj
dpDM9foWA10JkXsWElMhqzbiF7yTDXfEXvUldTWTKclN4HyANAJtDsFZ3iCIAWpg
jjeX1+G4YOEHLU91aEgTboFItnEBTLk0zuJ59rtcsyuxuW9sZPRZWdjalPtou23B
MzesV5ll9sFmltYcXCGeNhbMfawtDa9LNgli6dLNfGBowBJ7fnAdIwQoCPPBX1Si
2Dhc+GAHr0nfwmmYl6hfGnirFZsfPNQYhqlviKNGAQrkPnrkanR/tEBIt4j1lO2e
XPkVEzCPZ1m5lHYW1OrZKXGo0IF9dhpEy8WAqtKwUwczTAxvU9iaSpGZugIsZBrV
scA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:38 2024 by rpki-client on console-fra.rpki-client.org