Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/1abe8a-45a2-4156-98d7-6806e3d4ce4f/1/8psNc1mlytU2CnoVuKFMtIrdNsI.roa
File: 8psNc1mlytU2CnoVuKFMtIrdNsI.roa (raw, json)
Hash identifier: pbfpwF2jeYTKc0IsUTNalupIBn3eH+bbzjmIKqJtns0=
Subject key identifier: F2:9B:0D:73:59:A5:CA:D5:36:0A:7A:15:B8:A1:4C:B4:8A:DD:36:C2
Certificate issuer: /CN=0b4cfabe47e9285f65f1f2d686baaf15b8b41773
Certificate serial: 01856D78B0294753501CF44F4342AACB429C
Authority key identifier: 0B:4C:FA:BE:47:E9:28:5F:65:F1:F2:D6:86:BA:AF:15:B8:B4:17:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C0z6vkfpKF9l8fLWhrqvFbi0F3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/1abe8a-45a2-4156-98d7-6806e3d4ce4f/1/8psNc1mlytU2CnoVuKFMtIrdNsI.roa
Signing time: Sun 01 Jan 2023 13:15:03 +0000
ROA not before: Sun 01 Jan 2023 13:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44919
IP address blocks: 188.92.144.0/21 maxlen: 24
193.46.73.0/24 maxlen: 24
2a02:d58::/29 maxlen: 35
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:b0:29:47:53:50:1c:f4:4f:43:42:aa:cb:42:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4cfabe47e9285f65f1f2d686baaf15b8b41773
Validity
Not Before: Jan 1 13:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f29b0d7359a5cad5360a7a15b8a14cb48add36c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:2c:11:31:6a:ed:57:b1:3f:3a:b2:14:ec:92:
23:dd:f4:e1:44:0f:1a:17:7f:4a:b4:71:9e:0a:40:
a0:75:92:03:7a:3f:cc:fb:e7:16:b6:06:e2:68:1f:
18:8e:fa:02:29:1c:d0:1c:89:b9:84:b7:2d:74:1c:
ac:64:3d:a0:09:c6:fd:c2:e0:36:e7:78:74:0c:df:
b3:af:be:73:f4:07:1a:99:b4:d8:19:06:2a:c8:06:
6a:ac:db:85:88:2b:7e:6b:93:66:a5:2a:4c:28:33:
57:46:4c:7d:ee:5f:53:69:2a:99:d5:d6:e7:a0:a7:
88:b1:58:0b:1c:b5:09:64:ec:83:1a:04:cf:85:56:
2a:1a:b5:3c:8a:c3:44:91:86:6c:f6:b5:b3:4b:11:
27:3d:9c:13:27:65:25:45:cf:00:42:92:f8:2d:6d:
be:15:66:ab:78:d7:6c:bc:cb:ef:ba:ba:b3:0d:66:
64:41:19:c3:55:cd:9f:14:d1:4e:67:54:5c:03:6e:
a9:7f:11:27:3a:40:9a:ae:42:18:fb:5f:87:1d:44:
c7:9b:27:20:d1:08:a7:f7:72:83:dd:f2:5b:5b:d4:
f2:55:1c:ff:b5:7d:97:e2:15:38:42:96:57:d8:b2:
12:be:07:cb:65:be:4d:5a:33:63:d6:a5:3e:67:66:
56:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:9B:0D:73:59:A5:CA:D5:36:0A:7A:15:B8:A1:4C:B4:8A:DD:36:C2
X509v3 Authority Key Identifier:
keyid:0B:4C:FA:BE:47:E9:28:5F:65:F1:F2:D6:86:BA:AF:15:B8:B4:17:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C0z6vkfpKF9l8fLWhrqvFbi0F3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/1abe8a-45a2-4156-98d7-6806e3d4ce4f/1/8psNc1mlytU2CnoVuKFMtIrdNsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/1abe8a-45a2-4156-98d7-6806e3d4ce4f/1/C0z6vkfpKF9l8fLWhrqvFbi0F3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.92.144.0/21
193.46.73.0/24
IPv6:
2a02:d58::/29
Signature Algorithm: sha256WithRSAEncryption
38:d8:5c:4b:79:c3:a3:fb:8e:72:23:85:2a:b4:94:a7:45:c9:
ed:cd:a8:37:63:ed:6d:50:d3:d1:bb:14:ab:17:8b:4e:68:22:
e5:f2:6a:10:72:0e:6e:91:65:0e:8a:29:d3:80:18:19:c7:ec:
94:60:04:ed:83:f8:e1:16:12:ea:2b:54:f7:07:45:1f:26:f1:
e0:33:4d:ee:22:b6:45:b4:38:18:a5:92:a4:4d:72:ff:33:0c:
e0:69:42:f1:d9:50:43:d4:67:ac:60:48:17:4f:bd:1e:ed:49:
a2:41:f7:12:b0:9c:a3:c1:50:ef:06:4c:82:35:19:ec:76:95:
31:c9:f9:a9:e8:7f:1f:39:3a:c7:c0:c6:e6:a9:31:d4:5d:5a:
81:92:b9:be:24:f3:49:9e:ca:bb:15:9e:b6:f5:58:73:88:8d:
89:49:4f:21:89:54:39:a6:3c:01:e9:7c:90:65:d2:38:90:bb:
47:9f:84:d8:75:b4:cb:82:ae:4f:af:10:ac:c5:7f:d5:04:5f:
64:f5:03:43:b5:83:95:05:a2:05:62:9b:57:97:20:0a:d2:19:
0c:39:5e:49:ac:34:16:b4:be:f5:66:4e:94:60:b8:92:13:1a:
af:ba:35:08:92:b5:a8:a3:65:a1:f8:b5:9e:46:e9:16:67:6a:
13:a4:da:0a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVteLApR1NQHPRPQ0Kqy0KcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGNmYWJlNDdlOTI4NWY2NWYxZjJkNjg2YmFhZjE1Yjhi
NDE3NzMwHhcNMjMwMTAxMTMxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjliMGQ3MzU5YTVjYWQ1MzYwYTdhMTViOGExNGNiNDhhZGQzNmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjiwRMWrtV7E/OrIU7JIj3fThRA8a
F39KtHGeCkCgdZIDej/M++cWtgbiaB8YjvoCKRzQHIm5hLctdBysZD2gCcb9wuA2
53h0DN+zr75z9AcambTYGQYqyAZqrNuFiCt+a5NmpSpMKDNXRkx97l9TaSqZ1dbn
oKeIsVgLHLUJZOyDGgTPhVYqGrU8isNEkYZs9rWzSxEnPZwTJ2UlRc8AQpL4LW2+
FWareNdsvMvvurqzDWZkQRnDVc2fFNFOZ1RcA26pfxEnOkCarkIY+1+HHUTHmycg
0Qin93KD3fJbW9TyVRz/tX2X4hU4QpZX2LISvgfLZb5NWjNj1qU+Z2ZWHQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPKbDXNZpcrVNgp6FbihTLSK3TbCMB8GA1UdIwQY
MBaAFAtM+r5H6ShfZfHy1oa6rxW4tBdzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzB6NnZrZnBLRjlsOGZMV2hycXZGYmkwRjNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8xYWJlOGEtNDVhMi00MTU2LTk4ZDct
NjgwNmUzZDRjZTRmLzEvOHBzTmMxbWx5dFUyQ25vVnVLRk10SXJkTnNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8xYWJlOGEtNDVhMi00MTU2LTk4ZDctNjgwNmUzZDRjZTRm
LzEvQzB6NnZrZnBLRjlsOGZMV2hycXZGYmkwRjNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDvFyQAwQA
wS5JMA0EAgACMAcDBQMqAg1YMA0GCSqGSIb3DQEBCwUAA4IBAQA42FxLecOj+45y
I4UqtJSnRcntzag3Y+1tUNPRuxSrF4tOaCLl8moQcg5ukWUOiinTgBgZx+yUYATt
g/jhFhLqK1T3B0UfJvHgM03uIrZFtDgYpZKkTXL/MwzgaULx2VBD1GesYEgXT70e
7UmiQfcSsJyjwVDvBkyCNRnsdpUxyfmp6H8fOTrHwMbmqTHUXVqBkrm+JPNJnsq7
FZ629VhziI2JSU8hiVQ5pjwB6XyQZdI4kLtHn4TYdbTLgq5PrxCsxX/VBF9k9QND
tYOVBaIFYptXlyAK0hkMOV5JrDQWtL71Zk6UYLiSExqvujUIkrWoo2Wh+LWeRukW
Z2oTpNoK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:03 2024 by rpki-client on console-ams.rpki-client.org