Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/500fa9-6fb8-4768-80de-1340cc5b3d57/1/nJ8FaCp1CP4wwDC_k94Ufb5ZOwg.roa
File: nJ8FaCp1CP4wwDC_k94Ufb5ZOwg.roa (raw, json)
Hash identifier: jC5Nt4fA31MWw+80vszn3GThAMZm1rDD8sn/3RazYBo=
Subject key identifier: 9C:9F:05:68:2A:75:08:FE:30:C0:30:BF:93:DE:14:7D:BE:59:3B:08
Certificate issuer: /CN=f1b15e77af4edde11192c6fecd50b21cd379d421
Certificate serial: 018C5D2971E12C8B52F202B5BC11D7A4CABB
Authority key identifier: F1:B1:5E:77:AF:4E:DD:E1:11:92:C6:FE:CD:50:B2:1C:D3:79:D4:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8bFed69O3eERksb-zVCyHNN51CE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/500fa9-6fb8-4768-80de-1340cc5b3d57/1/nJ8FaCp1CP4wwDC_k94Ufb5ZOwg.roa
Signing time: Tue 12 Dec 2023 08:34:06 +0000
ROA not before: Tue 12 Dec 2023 08:34:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198335
IP address blocks: 185.194.187.0/24 maxlen: 24
176.241.248.0/21 maxlen: 24
185.194.184.0/22 maxlen: 22
185.194.186.0/24 maxlen: 24
2a00:5a40::/29 maxlen: 29
2a00:5a40::/32 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5d:29:71:e1:2c:8b:52:f2:02:b5:bc:11:d7:a4:ca:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1b15e77af4edde11192c6fecd50b21cd379d421
Validity
Not Before: Dec 12 08:34:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c9f05682a7508fe30c030bf93de147dbe593b08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:06:66:bf:c2:87:b6:fb:fc:d2:30:f1:c3:20:
d8:2d:ce:46:14:ab:87:7c:5f:4d:86:12:10:67:3c:
b2:48:ce:df:68:f8:fd:e6:ff:9a:92:63:cd:ce:eb:
fb:89:18:3d:5a:9b:fe:e5:34:8a:8a:42:e9:2c:87:
9d:53:4a:37:cb:72:d4:f3:9c:f6:59:ee:cd:fc:25:
3d:f5:74:9a:a7:ff:65:75:d5:e5:61:4a:0a:2e:d9:
f4:c3:c9:df:bd:b3:f2:81:bf:2f:cb:99:c9:0b:0e:
e5:f9:e5:14:15:e4:77:18:be:35:6e:fd:94:b8:c2:
8f:a4:d1:ab:95:5d:ec:b0:64:90:57:4c:0d:2c:e2:
ea:f1:2a:61:c5:a8:e9:34:bc:f2:9e:fc:03:4f:55:
59:c8:66:47:62:81:25:47:93:d6:57:22:53:6c:cf:
36:1c:1c:87:4c:ee:be:4d:a6:90:4b:6f:29:23:a5:
ef:8a:b9:5f:51:69:37:08:16:98:cb:ac:bb:43:ca:
a2:65:7f:20:da:b5:ae:30:48:72:46:4a:0b:11:21:
16:22:19:37:cb:cb:ba:11:fd:b6:92:61:3c:0b:81:
32:5d:52:5f:98:70:8a:2a:5a:e8:fa:8a:a6:72:f6:
bb:8e:7d:86:54:0f:5a:ea:69:80:72:ad:43:93:4c:
97:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:9F:05:68:2A:75:08:FE:30:C0:30:BF:93:DE:14:7D:BE:59:3B:08
X509v3 Authority Key Identifier:
keyid:F1:B1:5E:77:AF:4E:DD:E1:11:92:C6:FE:CD:50:B2:1C:D3:79:D4:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8bFed69O3eERksb-zVCyHNN51CE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/500fa9-6fb8-4768-80de-1340cc5b3d57/1/nJ8FaCp1CP4wwDC_k94Ufb5ZOwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/500fa9-6fb8-4768-80de-1340cc5b3d57/1/8bFed69O3eERksb-zVCyHNN51CE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.241.248.0/21
185.194.184.0/22
IPv6:
2a00:5a40::/29
Signature Algorithm: sha256WithRSAEncryption
21:8d:6c:c0:fe:aa:48:f4:9a:2d:45:7e:57:39:d0:64:a6:94:
e9:68:ce:f8:34:3c:c2:4a:23:1c:fa:09:a4:f6:98:0b:ce:ec:
91:fa:77:69:bf:ff:be:29:58:c8:34:77:1b:e7:7b:2c:c4:16:
8e:6b:7e:02:9c:f4:6a:a6:1b:1c:7b:df:2c:16:d5:22:49:25:
3f:8b:f1:fc:78:51:6d:b2:de:49:18:c3:36:25:da:dc:1b:50:
c4:1e:34:5f:e4:e0:ff:ba:ca:c5:4e:58:a3:f7:9b:11:60:f9:
3a:f7:1b:92:62:63:48:7a:4e:25:9d:78:78:a6:a4:b8:ae:06:
f5:af:1b:ad:b6:5e:bd:4f:0b:1f:aa:64:2d:4b:b9:3c:a2:a7:
cf:eb:9d:65:6f:c9:d8:30:ab:85:12:3c:5e:4c:b0:97:10:39:
42:39:d1:39:0e:38:36:8a:9a:ac:e7:41:88:91:da:cd:9a:58:
75:8c:3e:24:e1:9f:ae:65:5f:76:6f:6d:9a:a1:e9:c3:a5:37:
c6:ba:24:f8:c3:f3:c7:af:24:b4:6b:00:0b:0c:51:28:67:cd:
2a:f4:48:9e:d6:4f:95:23:e4:e1:ea:c6:c8:66:a0:0a:56:b6:
aa:5b:ad:54:a2:47:5f:fb:7f:b8:a3:04:74:19:61:34:d0:89:
3d:f4:e5:5b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYxdKXHhLItS8gK1vBHXpMq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYjE1ZTc3YWY0ZWRkZTExMTkyYzZmZWNkNTBiMjFjZDM3
OWQ0MjEwHhcNMjMxMjEyMDgzNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzlmMDU2ODJhNzUwOGZlMzBjMDMwYmY5M2RlMTQ3ZGJlNTkzYjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQZmv8KHtvv80jDxwyDYLc5GFKuH
fF9NhhIQZzyySM7faPj95v+akmPNzuv7iRg9Wpv+5TSKikLpLIedU0o3y3LU85z2
We7N/CU99XSap/9lddXlYUoKLtn0w8nfvbPygb8vy5nJCw7l+eUUFeR3GL41bv2U
uMKPpNGrlV3ssGSQV0wNLOLq8SphxajpNLzynvwDT1VZyGZHYoElR5PWVyJTbM82
HByHTO6+TaaQS28pI6XvirlfUWk3CBaYy6y7Q8qiZX8g2rWuMEhyRkoLESEWIhk3
y8u6Ef22kmE8C4EyXVJfmHCKKlro+oqmcva7jn2GVA9a6mmAcq1Dk0yXJQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJyfBWgqdQj+MMAwv5PeFH2+WTsIMB8GA1UdIwQY
MBaAFPGxXnevTt3hEZLG/s1QshzTedQhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGJGZWQ2OU8zZUVSa3NiLXpWQ3lITk41MUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy81MDBmYTktNmZiOC00NzY4LTgwZGUt
MTM0MGNjNWIzZDU3LzEvbko4RmFDcDFDUDR3d0RDX2s5NFVmYjVaT3dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy81MDBmYTktNmZiOC00NzY4LTgwZGUtMTM0MGNjNWIzZDU3
LzEvOGJGZWQ2OU8zZUVSa3NiLXpWQ3lITk41MUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsPH4AwQC
ucK4MA0EAgACMAcDBQMqAFpAMA0GCSqGSIb3DQEBCwUAA4IBAQAhjWzA/qpI9Jot
RX5XOdBkppTpaM74NDzCSiMc+gmk9pgLzuyR+ndpv/++KVjINHcb53ssxBaOa34C
nPRqphsce98sFtUiSSU/i/H8eFFtst5JGMM2JdrcG1DEHjRf5OD/usrFTlij95sR
YPk69xuSYmNIek4lnXh4pqS4rgb1rxuttl69TwsfqmQtS7k8oqfP651lb8nYMKuF
EjxeTLCXEDlCOdE5Djg2ipqs50GIkdrNmlh1jD4k4Z+uZV92b22aoenDpTfGuiT4
w/PHryS0awALDFEoZ80q9Eie1k+VI+Th6sbIZqAKVraqW61Uokdf+3+4owR0GWE0
0Ik99OVb
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:48 2024 by rpki-client on console-fra.rpki-client.org