Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/w8purFjufSg8auBzMokyzKbR8A4.roa
File: w8purFjufSg8auBzMokyzKbR8A4.roa (raw, json)
Hash identifier: VuXkZY+279GivAQHIcB8f+M/WFI8tWuFICfZ48xJN4U=
Subject key identifier: C3:CA:6E:AC:58:EE:7D:28:3C:6A:E0:73:32:89:32:CC:A6:D1:F0:0E
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 01857246D41B6BF1CC04910752068D2EC4CD
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/w8purFjufSg8auBzMokyzKbR8A4.roa
Signing time: Mon 02 Jan 2023 11:38:42 +0000
ROA not before: Mon 02 Jan 2023 11:38:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42049
IP address blocks: 85.187.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:d4:1b:6b:f1:cc:04:91:07:52:06:8d:2e:c4:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 2 11:38:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3ca6eac58ee7d283c6ae073328932cca6d1f00e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fb:f6:3d:a1:aa:7e:1e:45:d9:3a:a6:58:6b:
70:9c:4d:f1:29:15:6b:29:67:80:20:dc:a3:95:5e:
53:ca:05:7b:5d:c6:8b:83:5e:91:6d:16:8c:1a:a1:
4b:20:9e:4c:9f:c3:8b:4a:ea:0c:40:d2:cb:a0:01:
81:21:3f:3b:b7:16:d0:a9:e0:f8:72:b2:86:a5:3e:
8e:d7:2c:02:67:89:c2:62:38:dd:b6:f6:f6:ff:68:
ea:15:b2:6d:e2:0c:a5:e5:77:0f:e6:3d:a3:d2:85:
61:c1:a3:a4:a1:c2:7c:34:3a:64:ca:4c:2c:7b:18:
32:ef:79:c5:1c:8d:af:f1:73:0e:f6:98:64:b8:9f:
3f:77:16:f6:0e:40:1b:ca:f4:34:f3:a2:d8:e2:73:
a3:0c:3a:e5:dd:06:2f:4d:d1:79:fb:40:e9:6d:3d:
19:13:67:71:9b:ad:da:e9:6c:60:42:12:3e:ac:bc:
c5:ce:88:71:2c:2c:aa:68:29:38:e3:c4:ab:79:57:
42:60:2f:7e:81:f8:de:56:eb:f7:02:56:68:da:8a:
d7:60:8f:d3:79:04:98:89:6f:91:93:ef:71:0f:41:
6a:12:8c:71:f1:7e:e2:24:70:46:6b:cb:49:7a:16:
63:19:f3:cc:2e:42:96:73:67:a1:8d:93:c3:8f:fe:
0a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:CA:6E:AC:58:EE:7D:28:3C:6A:E0:73:32:89:32:CC:A6:D1:F0:0E
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/w8purFjufSg8auBzMokyzKbR8A4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.41.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:b2:91:d7:29:9e:78:e2:6b:de:bb:63:25:17:75:b9:0b:84:
f6:3f:0c:db:35:0e:98:d5:26:67:66:d9:06:8b:23:bb:f2:bd:
4c:9b:64:da:89:e1:63:7a:81:ec:ad:aa:8f:2b:72:fa:98:5c:
d7:ee:fc:85:9c:6d:79:4a:51:3b:ed:72:2b:7c:9d:cb:e4:89:
7a:bd:96:9a:68:8e:ab:5a:e5:9d:03:c9:1a:9f:b1:19:cf:85:
46:b0:c2:f1:b1:57:9e:0d:12:86:84:cb:70:43:8e:80:40:38:
af:06:36:be:e6:e8:a4:a5:61:f1:2e:86:c4:fd:8d:df:0f:12:
19:9a:a2:e4:06:09:18:2f:40:40:e7:24:dd:66:e9:8e:b6:4f:
a0:dd:ab:58:81:85:55:df:1b:99:3f:ce:00:51:05:82:f6:e3:
91:2c:f2:75:5b:97:35:cd:29:3b:aa:52:b2:d5:64:c3:fc:2d:
85:f1:16:5a:57:40:59:82:bf:5a:fd:96:db:67:91:d7:a1:df:
37:d5:c8:a1:30:b7:da:eb:79:d4:dc:79:20:cf:a2:6a:51:26:
11:6c:33:81:2d:4b:60:bf:61:75:c3:f2:fd:45:25:f5:3c:04:
a5:14:aa:e3:43:58:73:3c:58:7e:58:7b:f0:27:ca:3e:bd:60:
37:08:f5:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRtQba/HMBJEHUgaNLsTNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjMwMTAyMTEzODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2NhNmVhYzU4ZWU3ZDI4M2M2YWUwNzMzMjg5MzJjY2E2ZDFmMDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/v2PaGqfh5F2TqmWGtwnE3xKRVr
KWeAINyjlV5TygV7XcaLg16RbRaMGqFLIJ5Mn8OLSuoMQNLLoAGBIT87txbQqeD4
crKGpT6O1ywCZ4nCYjjdtvb2/2jqFbJt4gyl5XcP5j2j0oVhwaOkocJ8NDpkykws
exgy73nFHI2v8XMO9phkuJ8/dxb2DkAbyvQ086LY4nOjDDrl3QYvTdF5+0DpbT0Z
E2dxm63a6WxgQhI+rLzFzohxLCyqaCk448SreVdCYC9+gfjeVuv3AlZo2orXYI/T
eQSYiW+Rk+9xD0FqEoxx8X7iJHBGa8tJehZjGfPMLkKWc2ehjZPDj/4KwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMPKbqxY7n0oPGrgczKJMsym0fAOMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvdzhwdXJGanVmU2c4YXVCek1va3l6S2JSOEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVbspMA0G
CSqGSIb3DQEBCwUAA4IBAQCLspHXKZ544mveu2MlF3W5C4T2PwzbNQ6Y1SZnZtkG
iyO78r1Mm2TaieFjeoHsraqPK3L6mFzX7vyFnG15SlE77XIrfJ3L5Il6vZaaaI6r
WuWdA8kan7EZz4VGsMLxsVeeDRKGhMtwQ46AQDivBja+5uikpWHxLobE/Y3fDxIZ
mqLkBgkYL0BA5yTdZumOtk+g3atYgYVV3xuZP84AUQWC9uORLPJ1W5c1zSk7qlKy
1WTD/C2F8RZaV0BZgr9a/ZbbZ5HXod831cihMLfa63nU3Hkgz6JqUSYRbDOBLUtg
v2F1w/L9RSX1PASlFKrjQ1hzPFh+WHvwJ8o+vWA3CPU/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:12 2024 by rpki-client on console-fra.rpki-client.org