Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/e5124f-1369-4901-9f56-2bb82a837b7b/1/jH8yTvvE7JuqCBxgSkWuCFSQdn4.roa
File: jH8yTvvE7JuqCBxgSkWuCFSQdn4.roa (raw, json)
Hash identifier: O10R4SxK7j+PLE2OeP3UiCx74OdWYy1LDCV9GUNNwEk=
Subject key identifier: 8C:7F:32:4E:FB:C4:EC:9B:AA:08:1C:60:4A:45:AE:08:54:90:76:7E
Certificate issuer: /CN=abcdfc1a7c520cf8d17729208e85e8b197c4adff
Certificate serial: 01889528FF4AF8875B499D1B24697DA05B37
Authority key identifier: AB:CD:FC:1A:7C:52:0C:F8:D1:77:29:20:8E:85:E8:B1:97:C4:AD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q838GnxSDPjRdykgjoXosZfErf8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/e5124f-1369-4901-9f56-2bb82a837b7b/1/jH8yTvvE7JuqCBxgSkWuCFSQdn4.roa
Signing time: Wed 07 Jun 2023 09:21:11 +0000
ROA not before: Wed 07 Jun 2023 09:21:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 209.127.220.0/24 maxlen: 24
185.44.176.0/24 maxlen: 24
185.44.177.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:95:28:ff:4a:f8:87:5b:49:9d:1b:24:69:7d:a0:5b:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abcdfc1a7c520cf8d17729208e85e8b197c4adff
Validity
Not Before: Jun 7 09:21:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c7f324efbc4ec9baa081c604a45ae085490767e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2d:92:7e:4c:e5:af:df:7e:3f:e1:b1:6a:49:
f0:65:8b:31:5b:89:2a:21:b9:18:2e:f3:00:78:59:
b0:19:e2:0b:49:bd:11:dd:a1:c9:3b:d7:07:0d:8f:
7c:1c:42:43:32:c5:56:02:b9:44:09:aa:2a:f7:1c:
fc:b9:ab:df:96:90:cc:97:17:55:2d:69:31:81:24:
67:15:a6:1f:04:cb:f4:72:6a:8a:90:78:3c:54:1b:
2a:79:04:ad:01:79:d5:c1:d3:28:f3:05:a7:80:92:
2d:62:f4:1d:35:12:76:e2:75:f4:9f:f3:44:02:c9:
b3:25:b6:36:d4:1a:37:13:98:94:f0:87:6b:b9:38:
01:1d:bf:48:34:56:7d:f8:cd:91:79:58:3b:99:42:
79:42:91:3c:08:1e:cb:3a:01:ff:31:ff:60:69:2b:
d5:4a:79:63:4c:58:9d:44:57:3f:a1:f2:94:ee:1c:
af:94:4b:c3:f8:9c:45:88:07:6e:b2:c1:3b:bc:32:
6e:c4:92:07:38:91:44:f4:80:ee:b9:9c:c3:1e:5a:
a1:76:59:9a:09:b4:6b:32:fb:f6:ec:f6:99:ea:c7:
7a:5d:79:14:ae:6d:7f:6b:94:c3:96:31:b6:2b:16:
42:97:0b:26:2e:15:ef:b6:f1:3f:c0:a6:96:ec:d4:
fd:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:7F:32:4E:FB:C4:EC:9B:AA:08:1C:60:4A:45:AE:08:54:90:76:7E
X509v3 Authority Key Identifier:
keyid:AB:CD:FC:1A:7C:52:0C:F8:D1:77:29:20:8E:85:E8:B1:97:C4:AD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q838GnxSDPjRdykgjoXosZfErf8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/e5124f-1369-4901-9f56-2bb82a837b7b/1/jH8yTvvE7JuqCBxgSkWuCFSQdn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/e5124f-1369-4901-9f56-2bb82a837b7b/1/q838GnxSDPjRdykgjoXosZfErf8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.44.176.0/23
209.127.220.0/24
Signature Algorithm: sha256WithRSAEncryption
26:d6:cd:3a:f1:52:74:33:6d:a3:1c:27:20:99:04:51:36:d2:
ad:8e:15:25:5b:18:5a:e4:e1:a2:21:cf:1a:4b:b8:62:21:a9:
a7:bd:86:63:39:5b:ad:7f:f3:d7:2b:2f:06:e2:e3:b3:f8:31:
36:ba:d9:8d:e5:bc:84:ff:a6:db:f5:d4:8e:14:e7:55:73:2b:
65:ef:b5:dc:a2:db:b7:e9:4d:55:28:ca:35:0d:76:02:1a:29:
e7:e0:d2:dd:86:9e:52:62:3a:7a:99:0e:81:74:9e:6c:bb:ef:
5f:72:f0:90:88:6e:35:8a:3d:29:b3:50:b7:58:1b:b1:d5:6b:
28:a8:14:e4:04:9a:d9:24:4a:dd:7e:90:aa:bd:03:29:f3:e2:
f9:0d:14:2b:56:53:ab:7c:e3:18:03:00:c1:23:f7:82:be:45:
1f:45:4d:7e:1f:83:dc:bf:cf:51:e4:59:ec:e1:ba:d8:e0:c7:
90:d5:d6:89:13:d9:8c:93:3a:c0:9b:ec:16:28:a1:be:0c:79:
eb:d6:3d:8c:f5:d5:80:b8:50:e5:2b:90:ed:5f:69:fd:75:17:
4a:ba:6b:b0:fd:a6:eb:94:78:c5:ec:7b:10:e2:ed:46:81:91:
cd:53:07:58:1e:a0:53:57:27:f6:b5:c3:2f:35:c8:83:51:99:
42:fa:39:35
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiVKP9K+IdbSZ0bJGl9oFs3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiY2RmYzFhN2M1MjBjZjhkMTc3MjkyMDhlODVlOGIxOTdj
NGFkZmYwHhcNMjMwNjA3MDkyMTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzdmMzI0ZWZiYzRlYzliYWEwODFjNjA0YTQ1YWUwODU0OTA3NjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhS2Sfkzlr99+P+GxaknwZYsxW4kq
IbkYLvMAeFmwGeILSb0R3aHJO9cHDY98HEJDMsVWArlECaoq9xz8uavflpDMlxdV
LWkxgSRnFaYfBMv0cmqKkHg8VBsqeQStAXnVwdMo8wWngJItYvQdNRJ24nX0n/NE
AsmzJbY21Bo3E5iU8IdruTgBHb9INFZ9+M2ReVg7mUJ5QpE8CB7LOgH/Mf9gaSvV
SnljTFidRFc/ofKU7hyvlEvD+JxFiAdussE7vDJuxJIHOJFE9IDuuZzDHlqhdlma
CbRrMvv27PaZ6sd6XXkUrm1/a5TDljG2KxZClwsmLhXvtvE/wKaW7NT9JwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIx/Mk77xOybqggcYEpFrghUkHZ+MB8GA1UdIwQY
MBaAFKvN/Bp8Ugz40XcpII6F6LGXxK3/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTgzOEdueFNEUGpSZHlrZ2pvWG9zWmZFcmY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9lNTEyNGYtMTM2OS00OTAxLTlmNTYt
MmJiODJhODM3YjdiLzEvakg4eVR2dkU3SnVxQ0J4Z1NrV3VDRlNRZG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9lNTEyNGYtMTM2OS00OTAxLTlmNTYtMmJiODJhODM3Yjdi
LzEvcTgzOEdueFNEUGpSZHlrZ2pvWG9zWmZFcmY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuSywAwQA
0X/cMA0GCSqGSIb3DQEBCwUAA4IBAQAm1s068VJ0M22jHCcgmQRRNtKtjhUlWxha
5OGiIc8aS7hiIamnvYZjOVutf/PXKy8G4uOz+DE2utmN5byE/6bb9dSOFOdVcytl
77Xcotu36U1VKMo1DXYCGinn4NLdhp5SYjp6mQ6BdJ5su+9fcvCQiG41ij0ps1C3
WBux1WsoqBTkBJrZJErdfpCqvQMp8+L5DRQrVlOrfOMYAwDBI/eCvkUfRU1+H4Pc
v89R5Fns4brY4MeQ1daJE9mMkzrAm+wWKKG+DHnr1j2M9dWAuFDlK5DtX2n9dRdK
umuw/abrlHjF7HsQ4u1GgZHNUwdYHqBTVyf2tcMvNciDUZlC+jk1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:54 2024 by rpki-client on console-ams.rpki-client.org