Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/8e5576-33c8-4002-a437-db6671ac7672/1/8Ii6LIjOVVIDbpDmc2cygORhDFk.roa
File: 8Ii6LIjOVVIDbpDmc2cygORhDFk.roa (raw, json)
Hash identifier: 13CcwPgWFDPuVLJc/a7TSf6fq7Rqcbz7sC+hqw7Op9A=
Subject key identifier: F0:88:BA:2C:88:CE:55:52:03:6E:90:E6:73:67:32:80:E4:61:0C:59
Certificate issuer: /CN=4aefcfed51ff158fbe68ccd60b7b39be5f3eae20
Certificate serial: 018571554491A9EA3A1F01851ECCD2788C2D
Authority key identifier: 4A:EF:CF:ED:51:FF:15:8F:BE:68:CC:D6:0B:7B:39:BE:5F:3E:AE:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Su_P7VH_FY--aMzWC3s5vl8-riA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/8e5576-33c8-4002-a437-db6671ac7672/1/8Ii6LIjOVVIDbpDmc2cygORhDFk.roa
Signing time: Mon 02 Jan 2023 07:14:51 +0000
ROA not before: Mon 02 Jan 2023 07:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39202
IP address blocks: 81.20.48.0/20 maxlen: 20
2a01:6000::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:44:91:a9:ea:3a:1f:01:85:1e:cc:d2:78:8c:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4aefcfed51ff158fbe68ccd60b7b39be5f3eae20
Validity
Not Before: Jan 2 07:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f088ba2c88ce5552036e90e673673280e4610c59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:40:04:ef:00:06:a9:57:15:32:2e:44:d5:dd:
62:96:f4:6d:56:50:c4:e1:bf:31:e1:ae:c0:21:30:
35:64:4b:37:56:c6:b6:ae:e6:78:3a:42:b7:1e:cf:
9e:36:bc:c7:f2:11:78:75:b7:26:34:96:2e:1b:0c:
c5:40:da:50:1f:90:6f:e5:08:df:1b:2b:0e:0a:2e:
0a:42:fd:8e:92:18:8a:1c:75:83:e1:3d:63:a4:7f:
fc:d8:75:37:bc:7c:20:95:1a:e3:65:25:40:96:61:
78:87:c8:44:21:5e:4e:66:c1:12:ae:1b:b8:90:36:
e3:0f:49:be:f9:b2:ab:b7:9f:2a:35:3e:f7:47:ce:
af:b9:ee:ee:a4:4e:a7:66:6c:7c:1b:74:03:bc:1b:
e9:33:3c:af:a6:9a:a1:7e:b7:d1:91:c2:f3:7c:65:
36:8c:00:c4:f5:d6:92:6b:c1:e2:db:75:37:d1:d3:
04:f3:19:b6:d9:4d:cb:c0:06:fa:8c:9f:7a:b7:9c:
21:2a:73:52:b4:31:4f:9a:4d:18:11:e4:87:51:77:
95:e4:0e:69:79:ff:de:b1:88:31:21:3a:cb:2a:82:
5f:e0:39:b6:e2:32:e8:95:d9:c4:9e:bd:ad:3b:f8:
f6:ca:ad:b2:51:f6:12:b7:5d:2e:a6:33:dc:7c:89:
5e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:88:BA:2C:88:CE:55:52:03:6E:90:E6:73:67:32:80:E4:61:0C:59
X509v3 Authority Key Identifier:
keyid:4A:EF:CF:ED:51:FF:15:8F:BE:68:CC:D6:0B:7B:39:BE:5F:3E:AE:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Su_P7VH_FY--aMzWC3s5vl8-riA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/8e5576-33c8-4002-a437-db6671ac7672/1/8Ii6LIjOVVIDbpDmc2cygORhDFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/8e5576-33c8-4002-a437-db6671ac7672/1/Su_P7VH_FY--aMzWC3s5vl8-riA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.20.48.0/20
IPv6:
2a01:6000::/32
Signature Algorithm: sha256WithRSAEncryption
6a:87:27:eb:23:24:80:ba:19:ad:90:35:a3:9a:18:0f:a5:54:
e4:db:18:70:52:67:e0:7c:02:ba:07:3c:0a:d9:97:ae:39:f9:
ac:c8:89:0e:87:0c:24:df:ca:1b:11:c4:52:08:7a:69:b3:c7:
c3:21:53:ba:15:6c:51:fd:f4:14:9c:b0:59:4c:f0:e1:b7:67:
51:b5:98:7b:83:dd:4b:50:af:af:66:c2:10:fe:35:9f:c0:de:
49:fa:fd:7e:0d:df:1b:32:9a:aa:8d:a4:83:0d:ba:97:18:fa:
87:86:08:c7:6d:b7:90:99:c8:92:6f:83:b5:29:cf:91:c6:94:
0b:dc:b9:1a:15:ce:96:8d:f8:94:98:b8:3b:9c:46:a7:c0:14:
fb:09:78:e9:d7:3b:5f:f6:6a:07:03:b3:2f:3b:c0:ca:bc:c5:
90:8f:e2:cb:32:d3:d0:59:82:91:f7:2e:e7:75:ab:a9:91:68:
3e:fb:ef:12:e9:0a:2b:7d:8b:43:c8:1e:64:27:75:05:58:cf:
c8:21:65:ed:67:6c:ee:8b:c7:26:0d:95:ed:fb:f6:fc:a0:00:
6a:e6:d8:3a:e8:17:f2:5c:6d:c7:56:09:d1:6b:1c:45:75:01:
59:b7:9e:9d:e7:fc:ce:93:bb:7b:7e:74:77:11:66:6f:1f:7f:
48:e0:a4:d4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxVUSRqeo6HwGFHszSeIwtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZWZjZmVkNTFmZjE1OGZiZTY4Y2NkNjBiN2IzOWJlNWYz
ZWFlMjAwHhcNMjMwMTAyMDcxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDg4YmEyYzg4Y2U1NTUyMDM2ZTkwZTY3MzY3MzI4MGU0NjEwYzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkAE7wAGqVcVMi5E1d1ilvRtVlDE
4b8x4a7AITA1ZEs3Vsa2ruZ4OkK3Hs+eNrzH8hF4dbcmNJYuGwzFQNpQH5Bv5Qjf
GysOCi4KQv2OkhiKHHWD4T1jpH/82HU3vHwglRrjZSVAlmF4h8hEIV5OZsESrhu4
kDbjD0m++bKrt58qNT73R86vue7upE6nZmx8G3QDvBvpMzyvppqhfrfRkcLzfGU2
jADE9daSa8Hi23U30dME8xm22U3LwAb6jJ96t5whKnNStDFPmk0YEeSHUXeV5A5p
ef/esYgxITrLKoJf4Dm24jLoldnEnr2tO/j2yq2yUfYSt10upjPcfIle5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPCIuiyIzlVSA26Q5nNnMoDkYQxZMB8GA1UdIwQY
MBaAFErvz+1R/xWPvmjM1gt7Ob5fPq4gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3VfUDdWSF9GWS0tYU16V0MzczV2bDgtcmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS84ZTU1NzYtMzNjOC00MDAyLWE0Mzct
ZGI2NjcxYWM3NjcyLzEvOElpNkxJak9WVklEYnBEbWMyY3lnT1JoREZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS84ZTU1NzYtMzNjOC00MDAyLWE0MzctZGI2NjcxYWM3Njcy
LzEvU3VfUDdWSF9GWS0tYU16V0MzczV2bDgtcmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEURQwMA0E
AgACMAcDBQAqAWAAMA0GCSqGSIb3DQEBCwUAA4IBAQBqhyfrIySAuhmtkDWjmhgP
pVTk2xhwUmfgfAK6BzwK2ZeuOfmsyIkOhwwk38obEcRSCHpps8fDIVO6FWxR/fQU
nLBZTPDht2dRtZh7g91LUK+vZsIQ/jWfwN5J+v1+Dd8bMpqqjaSDDbqXGPqHhgjH
bbeQmciSb4O1Kc+RxpQL3LkaFc6WjfiUmLg7nEanwBT7CXjp1ztf9moHA7MvO8DK
vMWQj+LLMtPQWYKR9y7ndaupkWg+++8S6QorfYtDyB5kJ3UFWM/IIWXtZ2zui8cm
DZXt+/b8oABq5tg66BfyXG3HVgnRaxxFdQFZt56d5/zOk7t7fnR3EWZvH39I4KTU
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:50 2024 by rpki-client on console-fra.rpki-client.org