Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/56036b-23d8-4b37-b546-8fc2373fc26e/1/8C4nzkHcJXN9R8vPEN2joFoeF4o.roa
File: 8C4nzkHcJXN9R8vPEN2joFoeF4o.roa (raw, json)
Hash identifier: BPbRu79qTgprO3b8/rmJqr00dgGv02Ec4aH35gwvQ80=
Subject key identifier: F0:2E:27:CE:41:DC:25:73:7D:47:CB:CF:10:DD:A3:A0:5A:1E:17:8A
Certificate issuer: /CN=29184647248b55523999cbb7fe5b20a99fe73be3
Certificate serial: 0185711E442BF5E43EB2BBDA24E3BB93FDC4
Authority key identifier: 29:18:46:47:24:8B:55:52:39:99:CB:B7:FE:5B:20:A9:9F:E7:3B:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRhGRySLVVI5mcu3_lsgqZ_nO-M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/56036b-23d8-4b37-b546-8fc2373fc26e/1/8C4nzkHcJXN9R8vPEN2joFoeF4o.roa
Signing time: Mon 02 Jan 2023 06:14:46 +0000
ROA not before: Mon 02 Jan 2023 06:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20514
IP address blocks: 217.151.207.0/24 maxlen: 24
185.166.32.0/22 maxlen: 23
217.151.192.0/21 maxlen: 21
217.151.192.0/20 maxlen: 20
2a03:c300::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:44:2b:f5:e4:3e:b2:bb:da:24:e3:bb:93:fd:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29184647248b55523999cbb7fe5b20a99fe73be3
Validity
Not Before: Jan 2 06:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f02e27ce41dc25737d47cbcf10dda3a05a1e178a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:9a:cf:7b:f7:4f:6f:c8:d4:b0:cc:48:29:4e:
2a:67:0b:a5:99:ac:29:bf:fb:f8:e2:28:6a:9c:a3:
6b:02:13:8e:89:e7:5e:b2:bf:e7:4d:a0:9c:20:2d:
f9:7a:4b:d3:23:3c:ef:11:04:48:19:21:5d:df:c6:
17:ad:78:83:fe:e5:b7:fc:a7:7a:44:a3:ef:18:33:
41:86:d0:78:80:cd:a8:a3:fb:6f:ce:76:a7:49:36:
6f:52:a6:50:0e:b1:fd:e0:45:b9:92:07:c4:8b:f1:
b3:c3:84:b5:93:bc:4f:c0:e1:09:97:a5:a2:7c:d3:
25:29:b0:69:ce:b9:ce:c6:16:60:e1:8c:4e:08:c3:
a9:8c:b6:7c:44:bd:0a:ae:d9:53:29:e8:ec:6b:18:
6c:ac:f0:89:be:3d:a1:44:2f:e0:a3:cf:b9:34:c4:
12:da:7e:de:17:8f:9e:8e:66:3d:f7:80:d3:e9:5d:
6d:c4:19:a6:34:8e:05:f3:aa:0c:c0:69:0c:63:cc:
7e:ed:99:0a:3a:48:61:58:32:b9:28:ef:ea:7c:cf:
25:8c:0c:16:b1:53:33:bc:58:9e:0d:44:c7:8f:e6:
a1:9a:c0:59:e3:59:6d:d9:1d:84:3c:0b:0d:5e:e1:
c9:45:d7:16:8d:2b:7e:18:82:68:84:35:c2:75:31:
e9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:2E:27:CE:41:DC:25:73:7D:47:CB:CF:10:DD:A3:A0:5A:1E:17:8A
X509v3 Authority Key Identifier:
keyid:29:18:46:47:24:8B:55:52:39:99:CB:B7:FE:5B:20:A9:9F:E7:3B:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRhGRySLVVI5mcu3_lsgqZ_nO-M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/56036b-23d8-4b37-b546-8fc2373fc26e/1/8C4nzkHcJXN9R8vPEN2joFoeF4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/56036b-23d8-4b37-b546-8fc2373fc26e/1/KRhGRySLVVI5mcu3_lsgqZ_nO-M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.32.0/22
217.151.192.0/20
IPv6:
2a03:c300::/32
Signature Algorithm: sha256WithRSAEncryption
4c:f5:94:67:48:6c:c1:a9:30:09:1c:63:06:51:a0:f8:34:d1:
76:16:35:3e:59:7c:1d:dd:30:14:3a:c7:ba:9e:f1:20:d3:af:
ac:85:cb:36:39:48:c0:e0:39:f6:47:d8:8d:90:a1:92:43:f2:
ae:37:f6:e8:d8:18:82:78:91:b7:92:18:95:a5:35:af:a9:f7:
fe:45:da:a4:a0:af:c2:bb:47:f3:fb:ef:3a:f8:9e:d4:92:19:
6c:b4:79:14:1a:d9:a4:1c:63:bc:f5:1b:6b:8b:2e:dc:b9:8b:
75:ef:8a:e2:46:02:68:39:af:1b:66:b1:46:84:7f:9b:e2:77:
d8:c8:97:50:cd:b7:2e:a2:57:28:f0:11:e9:5f:14:c6:e8:60:
e0:91:2c:47:26:93:1d:ab:48:cd:41:ad:34:0d:e8:4e:27:a0:
16:41:01:46:40:cc:ea:84:ce:cb:bb:9f:06:9f:89:01:36:df:
36:70:16:b4:3d:a5:48:ee:02:83:cd:51:16:c9:75:b4:19:a5:
f2:09:3f:f5:d2:31:55:32:c4:8c:2c:d1:40:95:ee:7e:15:eb:
8b:95:14:06:73:7b:ba:1a:aa:be:77:cc:87:81:51:7b:32:65:
eb:2d:9b:f0:bc:b7:d8:5e:57:6e:86:04:ea:6d:91:48:75:eb:
91:3e:74:1b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxHkQr9eQ+srvaJOO7k/3EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTg0NjQ3MjQ4YjU1NTIzOTk5Y2JiN2ZlNWIyMGE5OWZl
NzNiZTMwHhcNMjMwMTAyMDYxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDJlMjdjZTQxZGMyNTczN2Q0N2NiY2YxMGRkYTNhMDVhMWUxNzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgprPe/dPb8jUsMxIKU4qZwulmawp
v/v44ihqnKNrAhOOiedesr/nTaCcIC35ekvTIzzvEQRIGSFd38YXrXiD/uW3/Kd6
RKPvGDNBhtB4gM2oo/tvznanSTZvUqZQDrH94EW5kgfEi/Gzw4S1k7xPwOEJl6Wi
fNMlKbBpzrnOxhZg4YxOCMOpjLZ8RL0KrtlTKejsaxhsrPCJvj2hRC/go8+5NMQS
2n7eF4+ejmY994DT6V1txBmmNI4F86oMwGkMY8x+7ZkKOkhhWDK5KO/qfM8ljAwW
sVMzvFieDUTHj+ahmsBZ41lt2R2EPAsNXuHJRdcWjSt+GIJohDXCdTHpSQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPAuJ85B3CVzfUfLzxDdo6BaHheKMB8GA1UdIwQY
MBaAFCkYRkcki1VSOZnLt/5bIKmf5zvjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JoR1J5U0xWVkk1bWN1M19sc2dxWl9uTy1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS81NjAzNmItMjNkOC00YjM3LWI1NDYt
OGZjMjM3M2ZjMjZlLzEvOEM0bnprSGNKWE45Ujh2UEVOMmpvRm9lRjRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS81NjAzNmItMjNkOC00YjM3LWI1NDYtOGZjMjM3M2ZjMjZl
LzEvS1JoR1J5U0xWVkk1bWN1M19sc2dxWl9uTy1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuaYgAwQE
2ZfAMA0EAgACMAcDBQAqA8MAMA0GCSqGSIb3DQEBCwUAA4IBAQBM9ZRnSGzBqTAJ
HGMGUaD4NNF2FjU+WXwd3TAUOse6nvEg06+shcs2OUjA4Dn2R9iNkKGSQ/KuN/bo
2BiCeJG3khiVpTWvqff+RdqkoK/Cu0fz++86+J7UkhlstHkUGtmkHGO89Rtriy7c
uYt174riRgJoOa8bZrFGhH+b4nfYyJdQzbcuolco8BHpXxTG6GDgkSxHJpMdq0jN
Qa00DehOJ6AWQQFGQMzqhM7Lu58Gn4kBNt82cBa0PaVI7gKDzVEWyXW0GaXyCT/1
0jFVMsSMLNFAle5+FeuLlRQGc3u6Gqq+d8yHgVF7MmXrLZvwvLfYXlduhgTqbZFI
deuRPnQb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:35 2024 by rpki-client on console-ams.rpki-client.org