Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/883c08-257f-4e84-afc3-a40d2fb39497/1/s8hkub_JGsBUpEeVAJsvYcl0o4o.roa
File: s8hkub_JGsBUpEeVAJsvYcl0o4o.roa (raw, json)
Hash identifier: VhE0rfLG5sBRVmIJ+e579aGEgkme0j6QdxA3UjQF8kk=
Subject key identifier: B3:C8:64:B9:BF:C9:1A:C0:54:A4:47:95:00:9B:2F:61:C9:74:A3:8A
Certificate issuer: /CN=b94dbc5823a1390b4bbc8858794cd057e329f851
Certificate serial: 019232D8E8324BE3C3E388094A3FDF359C51
Authority key identifier: B9:4D:BC:58:23:A1:39:0B:4B:BC:88:58:79:4C:D0:57:E3:29:F8:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uU28WCOhOQtLvIhYeUzQV-Mp-FE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/883c08-257f-4e84-afc3-a40d2fb39497/1/s8hkub_JGsBUpEeVAJsvYcl0o4o.roa
Signing time: Fri 27 Sep 2024 09:38:48 +0000
ROA not before: Fri 27 Sep 2024 09:38:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24740
IP address blocks: 185.59.160.0/23 maxlen: 23
193.111.22.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 10 Oct 2024 10:59:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:32:d8:e8:32:4b:e3:c3:e3:88:09:4a:3f:df:35:9c:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b94dbc5823a1390b4bbc8858794cd057e329f851
Validity
Not Before: Sep 27 09:38:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3c864b9bfc91ac054a44795009b2f61c974a38a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:59:55:cd:8b:96:1d:5f:a2:28:0c:3a:8a:2d:
d4:9c:66:e0:76:24:88:34:77:29:6f:0b:47:05:9a:
cd:04:cb:9c:ed:57:e3:7d:8f:06:a3:07:23:25:8d:
5f:b8:0a:48:bd:47:bc:12:6d:e0:52:4f:db:4d:41:
a0:51:ad:b6:76:bd:a1:0a:04:23:eb:31:cb:0a:b1:
df:73:4c:10:21:2c:49:2f:29:b2:ac:b2:98:f2:82:
82:1c:58:89:ff:b5:f9:89:e3:fb:5c:5a:2c:b8:43:
1e:d2:ec:fd:7b:56:15:75:03:6e:30:7d:34:56:41:
3b:34:12:41:a2:dc:13:7c:ab:ba:c8:68:f0:96:f9:
42:28:9f:33:17:3b:bc:e0:ed:eb:3c:e8:ff:48:8d:
f6:a7:a1:ff:bc:ac:ee:85:13:15:ba:86:39:a0:8d:
d5:1a:89:3b:67:f6:c2:cd:84:a7:39:81:70:32:30:
d6:a3:46:1c:a3:db:c4:f1:e5:14:2c:5b:7d:d8:9f:
2a:1e:47:46:cd:f7:45:b8:c2:b4:0e:90:f1:a8:23:
f8:e0:ff:11:ce:97:83:17:19:68:a0:b5:ef:f1:01:
e7:61:56:31:ba:59:3d:d2:ec:06:21:f8:c0:c8:86:
97:1a:e6:88:fa:31:84:d1:fb:ee:70:86:ed:61:b2:
46:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C8:64:B9:BF:C9:1A:C0:54:A4:47:95:00:9B:2F:61:C9:74:A3:8A
X509v3 Authority Key Identifier:
keyid:B9:4D:BC:58:23:A1:39:0B:4B:BC:88:58:79:4C:D0:57:E3:29:F8:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uU28WCOhOQtLvIhYeUzQV-Mp-FE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/883c08-257f-4e84-afc3-a40d2fb39497/1/s8hkub_JGsBUpEeVAJsvYcl0o4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/883c08-257f-4e84-afc3-a40d2fb39497/1/uU28WCOhOQtLvIhYeUzQV-Mp-FE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.59.160.0/23
193.111.22.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:ab:1e:0e:cb:a2:ab:49:46:4f:13:f3:46:16:dc:ee:dc:68:
bd:92:e7:be:ff:6e:64:93:f2:86:f3:0d:e5:91:db:e2:40:8b:
1b:a4:3e:82:cf:b1:b0:e0:f7:47:99:d7:5b:1e:1c:eb:a5:10:
c8:ba:91:08:3e:50:8a:22:a8:65:28:b9:9c:72:5f:a4:59:71:
c1:f4:a7:fc:0e:79:36:73:d5:33:d0:4d:c1:b8:53:b4:c8:46:
8a:31:6d:8b:0a:96:3f:57:92:8a:f6:12:8c:32:7b:41:95:f6:
46:6f:b8:90:26:12:7f:42:1d:c9:68:3e:22:2f:0d:e2:9f:b5:
cc:87:83:ca:13:03:55:c4:62:28:58:26:b9:a1:2f:31:15:db:
72:f5:54:f2:84:ce:64:7d:74:42:55:37:f9:67:f3:fc:97:67:
34:ab:e4:b4:e6:aa:08:1e:fa:84:43:2c:b8:da:1c:08:d2:97:
5b:17:90:bd:f2:20:7c:a9:7d:b0:96:0a:99:fd:42:dc:44:ca:
03:1a:49:de:b8:83:0e:a8:dd:5f:31:fc:50:af:b9:3e:5d:58:
d6:ce:4e:3b:34:06:01:da:a9:07:56:e8:ea:0a:d2:c1:1b:e5:
97:38:4a:2c:ec:29:63:ce:ef:8d:3f:0c:76:1c:4a:57:d1:43:
aa:db:f4:d3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIy2OgyS+PD44gJSj/fNZxRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NGRiYzU4MjNhMTM5MGI0YmJjODg1ODc5NGNkMDU3ZTMy
OWY4NTEwHhcNMjQwOTI3MDkzODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2M4NjRiOWJmYzkxYWMwNTRhNDQ3OTUwMDliMmY2MWM5NzRhMzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1lVzYuWHV+iKAw6ii3UnGbgdiSI
NHcpbwtHBZrNBMuc7VfjfY8GowcjJY1fuApIvUe8Em3gUk/bTUGgUa22dr2hCgQj
6zHLCrHfc0wQISxJLymyrLKY8oKCHFiJ/7X5ieP7XFosuEMe0uz9e1YVdQNuMH00
VkE7NBJBotwTfKu6yGjwlvlCKJ8zFzu84O3rPOj/SI32p6H/vKzuhRMVuoY5oI3V
Gok7Z/bCzYSnOYFwMjDWo0Yco9vE8eUULFt92J8qHkdGzfdFuMK0DpDxqCP44P8R
zpeDFxlooLXv8QHnYVYxulk90uwGIfjAyIaXGuaI+jGE0fvucIbtYbJGZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLPIZLm/yRrAVKRHlQCbL2HJdKOKMB8GA1UdIwQY
MBaAFLlNvFgjoTkLS7yIWHlM0FfjKfhRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVUyOFdDT2hPUXRMdkloWWVVelFWLU1wLUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84ODNjMDgtMjU3Zi00ZTg0LWFmYzMt
YTQwZDJmYjM5NDk3LzEvczhoa3ViX0pHc0JVcEVlVkFKc3ZZY2wwbzRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84ODNjMDgtMjU3Zi00ZTg0LWFmYzMtYTQwZDJmYjM5NDk3
LzEvdVUyOFdDT2hPUXRMdkloWWVVelFWLU1wLUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuTugAwQB
wW8WMA0GCSqGSIb3DQEBCwUAA4IBAQBdqx4Oy6KrSUZPE/NGFtzu3Gi9kue+/25k
k/KG8w3lkdviQIsbpD6Cz7Gw4PdHmddbHhzrpRDIupEIPlCKIqhlKLmccl+kWXHB
9Kf8Dnk2c9Uz0E3BuFO0yEaKMW2LCpY/V5KK9hKMMntBlfZGb7iQJhJ/Qh3JaD4i
Lw3in7XMh4PKEwNVxGIoWCa5oS8xFdty9VTyhM5kfXRCVTf5Z/P8l2c0q+S05qoI
HvqEQyy42hwI0pdbF5C98iB8qX2wlgqZ/ULcRMoDGkneuIMOqN1fMfxQr7k+XVjW
zk47NAYB2qkHVujqCtLBG+WXOEos7Cljzu+NPwx2HEpX0UOq2/TT
-----END CERTIFICATE-----
Generated at Thu Oct 10 14:31:20 2024 by rpki-client on console-ams.rpki-client.org