Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/8vdNBkquHKqRkLPsQHkG63CNlfI.roa
File: 8vdNBkquHKqRkLPsQHkG63CNlfI.roa (raw, json)
Hash identifier: u+n0HnWAgjFaA7EsoCsZOb6E3FbcWWX3SFykqSErKqg=
Subject key identifier: F2:F7:4D:06:4A:AE:1C:AA:91:90:B3:EC:40:79:06:EB:70:8D:95:F2
Certificate issuer: /CN=68465b9cfb368c69ecb0e3fea3b542ba9c7301f4
Certificate serial: 01857227DDF17A427B88F6076AA8495C5A7F
Authority key identifier: 68:46:5B:9C:FB:36:8C:69:EC:B0:E3:FE:A3:B5:42:BA:9C:73:01:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aEZbnPs2jGnssOP-o7VCupxzAfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/8vdNBkquHKqRkLPsQHkG63CNlfI.roa
Signing time: Mon 02 Jan 2023 11:04:53 +0000
ROA not before: Mon 02 Jan 2023 11:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212865
IP address blocks: 5.183.0.0/22 maxlen: 24
185.71.139.0/24 maxlen: 24
2a0d:d00::/29 maxlen: 29
2a0e:2400::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:dd:f1:7a:42:7b:88:f6:07:6a:a8:49:5c:5a:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68465b9cfb368c69ecb0e3fea3b542ba9c7301f4
Validity
Not Before: Jan 2 11:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2f74d064aae1caa9190b3ec407906eb708d95f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:dd:98:20:bb:fc:dd:b1:85:4a:6a:c1:aa:bf:
3b:75:47:ae:66:66:49:75:ff:18:44:3a:9d:bc:36:
d5:a8:48:ec:99:d8:85:18:dd:3f:64:3e:ae:e0:eb:
ae:00:4d:70:e6:f1:28:ac:80:bf:4e:a0:37:e1:de:
c8:4d:31:27:6b:9c:3b:8c:db:5b:a8:3f:cf:b6:48:
49:ae:61:08:b6:88:43:6b:24:0c:44:fb:d2:bd:1b:
1c:c7:3b:2a:85:7e:cd:c7:ab:9a:90:05:9d:80:f8:
0b:42:b1:1b:f8:82:a9:38:29:5e:6f:ab:e7:b8:4e:
f6:a2:b5:41:27:5a:9d:f8:9e:ce:ca:16:bf:c0:85:
88:f8:ac:08:be:f7:fa:fd:d4:ff:cf:25:6d:46:a9:
c5:9c:cb:37:4e:31:4e:4f:0f:8a:df:89:86:f0:a6:
69:9e:82:44:f6:9a:d2:ff:43:4a:0a:6f:9c:52:0e:
5d:45:3f:13:7e:e2:54:d8:72:0a:ac:55:0d:5b:56:
0c:5f:12:80:11:c2:41:66:f1:cf:51:ff:63:c2:e6:
a4:c8:f3:97:59:be:4c:9a:b1:e9:f1:58:0f:5f:7a:
a5:b1:59:9f:c5:38:9c:8a:61:a7:a4:9e:67:21:2a:
1e:84:6a:97:9b:2a:84:17:4f:70:c7:a7:15:48:1d:
c7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:F7:4D:06:4A:AE:1C:AA:91:90:B3:EC:40:79:06:EB:70:8D:95:F2
X509v3 Authority Key Identifier:
keyid:68:46:5B:9C:FB:36:8C:69:EC:B0:E3:FE:A3:B5:42:BA:9C:73:01:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEZbnPs2jGnssOP-o7VCupxzAfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/8vdNBkquHKqRkLPsQHkG63CNlfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/267f9e-cccc-443f-beac-1aea5be150fa/1/aEZbnPs2jGnssOP-o7VCupxzAfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.0.0/22
185.71.139.0/24
IPv6:
2a0d:d00::/29
2a0e:2400::/29
Signature Algorithm: sha256WithRSAEncryption
b2:91:e8:8a:a4:1c:d2:41:97:0f:36:d8:53:7f:d0:b9:59:67:
eb:f7:72:02:14:c0:61:34:35:84:3f:a6:e4:a8:0a:26:1c:f7:
09:90:1c:65:0a:6a:cd:21:b4:65:0c:4b:cc:14:2d:70:6c:20:
db:09:cb:81:78:90:94:f6:98:22:8b:77:04:7a:f1:97:c5:e0:
00:30:6a:e6:8d:bd:8c:a6:cc:ed:c8:b9:34:dc:35:dc:ff:51:
3e:f6:b6:8c:7a:02:c2:d7:79:65:4a:31:16:12:ce:fe:0f:be:
47:c6:45:d0:94:e3:a7:13:a0:14:d2:c1:3d:bf:31:07:5f:59:
4a:c7:1e:fa:52:f7:cc:d0:64:d7:b4:57:d4:a3:d3:99:24:19:
9a:ad:34:71:28:38:5e:6c:66:16:69:5a:90:c8:0f:ba:7a:d8:
8d:3f:4d:17:85:ac:08:5d:4a:83:80:eb:53:f9:f5:1e:f8:04:
d9:ad:95:ff:cf:ca:9a:ed:e9:a3:b5:5b:eb:a1:b1:af:e3:20:
40:e8:d1:30:27:c8:98:c5:58:3f:2a:13:25:c4:fb:38:3a:28:
3a:5a:81:bc:fc:e1:78:b8:32:b2:ef:ee:c0:a4:43:af:ab:82:
68:68:48:ad:62:3b:02:f7:66:ea:6f:da:5e:6e:3a:aa:87:68:
28:05:a0:ec
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVyJ93xekJ7iPYHaqhJXFp/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NDY1YjljZmIzNjhjNjllY2IwZTNmZWEzYjU0MmJhOWM3
MzAxZjQwHhcNMjMwMTAyMTEwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmY3NGQwNjRhYWUxY2FhOTE5MGIzZWM0MDc5MDZlYjcwOGQ5NWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv92YILv83bGFSmrBqr87dUeuZmZJ
df8YRDqdvDbVqEjsmdiFGN0/ZD6u4OuuAE1w5vEorIC/TqA34d7ITTEna5w7jNtb
qD/PtkhJrmEItohDayQMRPvSvRscxzsqhX7Nx6uakAWdgPgLQrEb+IKpOCleb6vn
uE72orVBJ1qd+J7Oyha/wIWI+KwIvvf6/dT/zyVtRqnFnMs3TjFOTw+K34mG8KZp
noJE9prS/0NKCm+cUg5dRT8TfuJU2HIKrFUNW1YMXxKAEcJBZvHPUf9jwuakyPOX
Wb5MmrHp8VgPX3qlsVmfxTicimGnpJ5nISoehGqXmyqEF09wx6cVSB3HeQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPL3TQZKrhyqkZCz7EB5ButwjZXyMB8GA1UdIwQY
MBaAFGhGW5z7Noxp7LDj/qO1QrqccwH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVaYm5QczJqR25zc09QLW83VkN1cHh6QWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8yNjdmOWUtY2NjYy00NDNmLWJlYWMt
MWFlYTViZTE1MGZhLzEvOHZkTkJrcXVIS3FSa0xQc1FIa0c2M0NObGZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8yNjdmOWUtY2NjYy00NDNmLWJlYWMtMWFlYTViZTE1MGZh
LzEvYUVaYm5QczJqR25zc09QLW83VkN1cHh6QWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCBbcAAwQA
uUeLMBQEAgACMA4DBQMqDQ0AAwUDKg4kADANBgkqhkiG9w0BAQsFAAOCAQEAspHo
iqQc0kGXDzbYU3/QuVln6/dyAhTAYTQ1hD+m5KgKJhz3CZAcZQpqzSG0ZQxLzBQt
cGwg2wnLgXiQlPaYIot3BHrxl8XgADBq5o29jKbM7ci5NNw13P9RPva2jHoCwtd5
ZUoxFhLO/g++R8ZF0JTjpxOgFNLBPb8xB19ZSsce+lL3zNBk17RX1KPTmSQZmq00
cSg4XmxmFmlakMgPunrYjT9NF4WsCF1Kg4DrU/n1HvgE2a2V/8/Kmu3po7Vb66Gx
r+MgQOjRMCfImMVYPyoTJcT7ODooOlqBvPzheLgysu/uwKRDr6uCaGhIrWI7Avdm
6m/aXm46qodoKAWg7A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:13 2024 by rpki-client on console-fra.rpki-client.org