Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/05c0a3-7378-4542-897d-d3a58b5cb0c0/1/8gm2awe1gei1wuyPC300DirIbcE.roa
File: 8gm2awe1gei1wuyPC300DirIbcE.roa (raw, json)
Hash identifier: PBhlUA6DnJp6MvKPHeQi6Z8eOjQ/ocQcNPhxuxYyoCo=
Subject key identifier: F2:09:B6:6B:07:B5:81:E8:B5:C2:EC:8F:0B:7D:34:0E:2A:C8:6D:C1
Certificate issuer: /CN=8abdc26cddc0bbcfa354f11a01e6ff01296b3c7b
Certificate serial: 01856F393D9E58043BF3F5B2D682A636E790
Authority key identifier: 8A:BD:C2:6C:DD:C0:BB:CF:A3:54:F1:1A:01:E6:FF:01:29:6B:3C:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ir3CbN3Au8-jVPEaAeb_ASlrPHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/05c0a3-7378-4542-897d-d3a58b5cb0c0/1/8gm2awe1gei1wuyPC300DirIbcE.roa
Signing time: Sun 01 Jan 2023 21:25:00 +0000
ROA not before: Sun 01 Jan 2023 21:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16265
IP address blocks: 194.169.245.0/24 maxlen: 24
176.103.222.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:3d:9e:58:04:3b:f3:f5:b2:d6:82:a6:36:e7:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8abdc26cddc0bbcfa354f11a01e6ff01296b3c7b
Validity
Not Before: Jan 1 21:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f209b66b07b581e8b5c2ec8f0b7d340e2ac86dc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f8:ad:1b:59:cf:24:a1:a6:d6:ec:f8:39:3e:
f9:10:5d:dd:e2:be:74:c8:55:06:68:17:ab:19:96:
fc:06:0b:79:42:a5:01:6e:7a:2d:c7:83:7d:b0:bd:
55:36:cf:fd:46:25:d1:aa:f7:61:46:da:6a:c9:c8:
9e:ff:f9:30:12:17:1d:12:4b:bd:3c:90:22:22:17:
03:d6:f3:99:bf:a5:ba:80:32:63:04:fd:02:43:f4:
58:d7:72:3a:78:22:d0:4e:f6:1b:7c:27:4b:4c:c8:
ef:0c:7d:bc:94:ed:30:fe:0f:c2:3a:26:5c:3e:83:
62:b1:f3:0e:38:c8:a5:b6:32:2f:78:d1:fc:f2:5c:
f8:73:f8:c7:0e:18:3f:a6:46:38:05:6a:1c:c4:80:
b3:ec:57:84:f7:a0:50:42:d9:f0:42:5d:ef:1a:83:
5d:6d:99:e0:21:1d:3e:fc:18:63:b4:3b:62:63:03:
c9:0f:ae:7c:22:dd:c0:6a:77:96:72:24:ba:5d:16:
7c:30:1e:b8:3c:ed:17:d7:47:95:ef:99:81:90:dc:
e3:88:88:4d:3a:67:16:18:8b:9e:e0:58:aa:19:9e:
67:68:37:e5:4f:f8:67:29:4d:f9:99:f4:32:fb:d6:
c7:da:4c:1d:74:b2:ef:b3:9a:18:b2:8c:56:77:13:
bd:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:09:B6:6B:07:B5:81:E8:B5:C2:EC:8F:0B:7D:34:0E:2A:C8:6D:C1
X509v3 Authority Key Identifier:
keyid:8A:BD:C2:6C:DD:C0:BB:CF:A3:54:F1:1A:01:E6:FF:01:29:6B:3C:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ir3CbN3Au8-jVPEaAeb_ASlrPHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/05c0a3-7378-4542-897d-d3a58b5cb0c0/1/8gm2awe1gei1wuyPC300DirIbcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/05c0a3-7378-4542-897d-d3a58b5cb0c0/1/ir3CbN3Au8-jVPEaAeb_ASlrPHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.103.222.0/23
194.169.245.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:b2:5a:08:90:c6:f1:51:ce:a0:04:b9:fc:47:7f:55:d5:fe:
fd:33:88:05:f5:c3:75:8a:2a:e7:e9:da:82:50:3a:7c:b3:25:
b7:6f:9c:35:2b:fd:ef:7e:16:55:73:6b:fa:12:df:a0:0f:ca:
80:a6:96:81:7c:04:9e:be:37:b9:60:69:de:9c:51:f6:08:51:
a5:54:d2:b3:99:c9:f1:df:3a:59:c8:6e:59:7d:d8:8f:f4:27:
a6:69:7f:0f:63:ab:38:36:b4:a2:5d:ae:71:43:05:e3:90:82:
4a:62:ee:37:ce:49:1a:e0:af:45:5f:7b:7f:ac:e4:b6:d4:e2:
e8:00:8b:f8:17:2f:26:42:cf:8a:69:e9:4a:73:11:c4:c1:5e:
9c:91:8b:fd:d0:c7:a5:d6:c0:8c:fc:23:ff:d7:3b:41:76:5c:
f1:3a:94:f4:80:96:51:b3:f2:2c:b3:77:c2:e8:b9:79:88:fb:
a2:ab:c1:52:b3:05:2a:e2:52:09:b9:2a:96:b5:9d:73:fd:75:
e9:e3:2f:4e:f4:fc:fd:f4:b6:06:72:c3:ac:ec:8e:bd:ac:3e:
2a:fb:6f:60:1f:67:97:7b:4d:d5:07:ee:d8:eb:4c:b5:fa:de:
8b:80:f0:35:29:71:d1:05:2e:f5:68:e1:28:75:81:f7:1e:2d:
4b:3b:4a:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvOT2eWAQ78/Wy1oKmNueQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYmRjMjZjZGRjMGJiY2ZhMzU0ZjExYTAxZTZmZjAxMjk2
YjNjN2IwHhcNMjMwMTAxMjEyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjA5YjY2YjA3YjU4MWU4YjVjMmVjOGYwYjdkMzQwZTJhYzg2ZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PitG1nPJKGm1uz4OT75EF3d4r50
yFUGaBerGZb8Bgt5QqUBbnotx4N9sL1VNs/9RiXRqvdhRtpqycie//kwEhcdEku9
PJAiIhcD1vOZv6W6gDJjBP0CQ/RY13I6eCLQTvYbfCdLTMjvDH28lO0w/g/COiZc
PoNisfMOOMiltjIveNH88lz4c/jHDhg/pkY4BWocxICz7FeE96BQQtnwQl3vGoNd
bZngIR0+/BhjtDtiYwPJD658It3AaneWciS6XRZ8MB64PO0X10eV75mBkNzjiIhN
OmcWGIue4FiqGZ5naDflT/hnKU35mfQy+9bH2kwddLLvs5oYsoxWdxO9XwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPIJtmsHtYHotcLsjwt9NA4qyG3BMB8GA1UdIwQY
MBaAFIq9wmzdwLvPo1TxGgHm/wEpazx7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXIzQ2JOM0F1OC1qVlBFYUFlYl9BU2xyUEhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8wNWMwYTMtNzM3OC00NTQyLTg5N2Qt
ZDNhNThiNWNiMGMwLzEvOGdtMmF3ZTFnZWkxd3V5UEMzMDBEaXJJYmNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8wNWMwYTMtNzM3OC00NTQyLTg5N2QtZDNhNThiNWNiMGMw
LzEvaXIzQ2JOM0F1OC1qVlBFYUFlYl9BU2xyUEhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBsGfeAwQA
wqn1MA0GCSqGSIb3DQEBCwUAA4IBAQDHsloIkMbxUc6gBLn8R39V1f79M4gF9cN1
iirn6dqCUDp8syW3b5w1K/3vfhZVc2v6Et+gD8qAppaBfASevje5YGnenFH2CFGl
VNKzmcnx3zpZyG5ZfdiP9CemaX8PY6s4NrSiXa5xQwXjkIJKYu43zkka4K9FX3t/
rOS21OLoAIv4Fy8mQs+KaelKcxHEwV6ckYv90Mel1sCM/CP/1ztBdlzxOpT0gJZR
s/Iss3fC6Ll5iPuiq8FSswUq4lIJuSqWtZ1z/XXp4y9O9Pz99LYGcsOs7I69rD4q
+29gH2eXe03VB+7Y60y1+t6LgPA1KXHRBS71aOEodYH3Hi1LO0rn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:54 2024 by rpki-client on console-ams.rpki-client.org