Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/V8l-dP3GEJ4OY2nIq2e8daxioP4.roa
File: V8l-dP3GEJ4OY2nIq2e8daxioP4.roa (raw, json)
Hash identifier: 9mkQN0T16HQvwylbSdlQx94VqBqoUez3vZtW8oJaouE=
Subject key identifier: 57:C9:7E:74:FD:C6:10:9E:0E:63:69:C8:AB:67:BC:75:AC:62:A0:FE
Certificate issuer: /CN=5cfe8d72526e4e73a3b57d9360f3a51beb59a45f
Certificate serial: 01867024FB9C6C7E9594CCEBE778DB6DC993
Authority key identifier: 5C:FE:8D:72:52:6E:4E:73:A3:B5:7D:93:60:F3:A5:1B:EB:59:A4:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/V8l-dP3GEJ4OY2nIq2e8daxioP4.roa
Signing time: Mon 20 Feb 2023 18:45:17 +0000
ROA not before: Mon 20 Feb 2023 18:45:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206894
IP address blocks: 185.215.96.0/22 maxlen: 22
45.89.132.0/22 maxlen: 22
193.142.154.0/23 maxlen: 23
185.219.192.0/22 maxlen: 22
185.192.104.0/22 maxlen: 22
185.38.88.0/22 maxlen: 22
2a0b:cf00::/32 maxlen: 32
2a0a:2bc0::/32 maxlen: 32
2a0b:a840::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 12 May 2023 10:54:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:70:24:fb:9c:6c:7e:95:94:cc:eb:e7:78:db:6d:c9:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cfe8d72526e4e73a3b57d9360f3a51beb59a45f
Validity
Not Before: Feb 20 18:45:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57c97e74fdc6109e0e6369c8ab67bc75ac62a0fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:72:be:e9:1c:57:4e:9c:4a:22:81:dc:99:4b:
9d:91:a6:ea:88:fe:41:02:97:f6:23:0d:f0:1a:14:
2d:f1:81:ce:c0:ac:8f:f3:ac:bf:34:b4:83:a0:99:
15:68:70:80:2b:8d:fc:b9:96:2f:2e:89:af:f2:bf:
70:fb:49:ba:51:25:2a:5c:be:4a:66:15:be:c3:d8:
30:88:c4:64:9b:3f:1c:34:36:98:17:81:c7:89:3f:
28:99:0f:e0:d5:61:2b:08:bb:36:75:bb:19:88:17:
7a:29:41:37:25:15:2d:4d:5b:1d:31:bf:ba:8a:e5:
fb:83:b8:e4:85:e4:89:27:1d:b7:54:e4:cf:5a:e8:
33:df:76:55:6a:5d:71:6a:12:b4:c8:6e:8a:37:b8:
15:ac:8c:5a:0d:6e:23:22:ac:e6:e9:04:86:95:c1:
a5:2a:a0:1a:49:39:ac:84:aa:57:0c:25:bc:d2:e7:
13:ec:d7:77:55:2f:3e:8a:c7:f5:dc:ef:3b:96:24:
ce:de:61:a3:23:59:f5:60:ef:34:40:4b:39:1d:ce:
e2:7d:a0:15:32:c6:1c:96:01:81:bf:95:f7:65:cf:
5f:4d:e8:e0:18:8d:36:f1:4d:96:7c:d7:19:9c:82:
43:a2:21:ac:e6:92:a6:7b:d8:55:c5:60:9e:04:8a:
88:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:C9:7E:74:FD:C6:10:9E:0E:63:69:C8:AB:67:BC:75:AC:62:A0:FE
X509v3 Authority Key Identifier:
keyid:5C:FE:8D:72:52:6E:4E:73:A3:B5:7D:93:60:F3:A5:1B:EB:59:A4:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/V8l-dP3GEJ4OY2nIq2e8daxioP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/XP6NclJuTnOjtX2TYPOlG-tZpF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.132.0/22
185.38.88.0/22
185.192.104.0/22
185.215.96.0/22
185.219.192.0/22
193.142.154.0/23
IPv6:
2a0a:2bc0::/32
2a0b:a840::/32
2a0b:cf00::/32
Signature Algorithm: sha256WithRSAEncryption
8f:be:89:b5:38:92:37:1e:81:99:22:8d:ef:c7:cd:2c:61:53:
b1:8c:39:46:93:82:53:f8:27:40:22:89:ec:50:8b:1c:53:b7:
4d:da:bc:4a:03:18:8f:a0:5b:86:a2:45:8c:32:9a:54:9b:b0:
73:d0:50:28:78:1a:db:61:93:33:72:b0:aa:e7:86:5a:8e:da:
a3:9a:bf:84:6f:36:35:c9:b2:43:76:d9:2a:de:3c:f5:1f:81:
bd:ee:c9:6b:e9:9a:2f:81:36:59:97:e3:b5:dd:ed:10:f5:28:
1a:b3:9e:3e:e8:dc:45:f8:2a:86:a6:87:d2:a1:d6:a0:09:20:
69:dc:8c:9c:21:93:93:f5:d5:9c:a2:cf:72:a5:d3:c2:a4:b1:
b4:78:63:f3:ad:f0:f5:1a:5b:ed:8c:53:87:1f:b7:5f:d1:26:
20:f2:11:88:b0:f7:11:dd:d6:b3:4e:d4:26:fd:79:b3:84:49:
f8:3a:ce:b4:7e:c0:55:bc:61:7e:39:aa:8f:f4:89:b9:9f:a5:
b6:5f:16:ba:da:bc:97:d7:e3:30:3c:74:f8:4c:40:fc:53:6d:
6b:51:2e:4f:2a:f0:fb:1c:a0:80:18:a6:1a:65:01:72:5d:5c:
7e:43:9c:12:86:2b:0e:a2:26:b5:94:49:a2:5c:a0:87:db:5e:
8d:82:d5:7d
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYZwJPucbH6VlMzr53jbbcmTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZmU4ZDcyNTI2ZTRlNzNhM2I1N2Q5MzYwZjNhNTFiZWI1
OWE0NWYwHhcNMjMwMjIwMTg0NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2M5N2U3NGZkYzYxMDllMGU2MzY5YzhhYjY3YmM3NWFjNjJhMGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXK+6RxXTpxKIoHcmUudkabqiP5B
Apf2Iw3wGhQt8YHOwKyP86y/NLSDoJkVaHCAK438uZYvLomv8r9w+0m6USUqXL5K
ZhW+w9gwiMRkmz8cNDaYF4HHiT8omQ/g1WErCLs2dbsZiBd6KUE3JRUtTVsdMb+6
iuX7g7jkheSJJx23VOTPWugz33ZVal1xahK0yG6KN7gVrIxaDW4jIqzm6QSGlcGl
KqAaSTmshKpXDCW80ucT7Nd3VS8+isf13O87liTO3mGjI1n1YO80QEs5Hc7ifaAV
MsYclgGBv5X3Zc9fTejgGI028U2WfNcZnIJDoiGs5pKme9hVxWCeBIqIbQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFFfJfnT9xhCeDmNpyKtnvHWsYqD+MB8GA1UdIwQY
MBaAFFz+jXJSbk5zo7V9k2DzpRvrWaRfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFA2TmNsSnVUbk9qdFgyVFlQT2xHLXRacEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84NGJmNTQtMDljMy00MzI0LWExMWMt
ZTRkZGZhMzJlNTJlLzEvVjhsLWRQM0dFSjRPWTJuSXEyZThkYXhpb1A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84NGJmNTQtMDljMy00MzI0LWExMWMtZTRkZGZhMzJlNTJl
LzEvWFA2TmNsSnVUbk9qdFgyVFlQT2xHLXRacEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQCLVmEAwQC
uSZYAwQCucBoAwQCuddgAwQCudvAAwQBwY6aMBsEAgACMBUDBQAqCivAAwUAKguo
QAMFACoLzwAwDQYJKoZIhvcNAQELBQADggEBAI++ibU4kjcegZkije/HzSxhU7GM
OUaTglP4J0AiiexQixxTt03avEoDGI+gW4aiRYwymlSbsHPQUCh4GtthkzNysKrn
hlqO2qOav4RvNjXJskN22SrePPUfgb3uyWvpmi+BNlmX47Xd7RD1KBqznj7o3EX4
Koamh9Kh1qAJIGncjJwhk5P11Zyiz3Kl08KksbR4Y/Ot8PUaW+2MU4cft1/RJiDy
EYiw9xHd1rNO1Cb9ebOESfg6zrR+wFW8YX45qo/0ibmfpbZfFrravJfX4zA8dPhM
QPxTbWtRLk8q8PscoIAYphplAXJdXH5DnBKGKw6iJrWUSaJcoIfbXo2C1X0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:49 2024 by rpki-client on console-ams.rpki-client.org