Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/dbdad2-7c43-4cac-b4a6-facf48586249/1/P8aOvpEoVxSlPWkZDiiff5jaIg8.roa
File: P8aOvpEoVxSlPWkZDiiff5jaIg8.roa (raw, json)
Hash identifier: 3VWV7a7eKLKXrvyGJx7i8ufmTA//Mcuat5TsFjHqpHQ=
Subject key identifier: 3F:C6:8E:BE:91:28:57:14:A5:3D:69:19:0E:28:9F:7F:98:DA:22:0F
Certificate issuer: /CN=e9d880e887077fad82b74c998010fa9b253e0ea8
Certificate serial: 01856FD4F40E7FD6D164AE28AA2CC139999F
Authority key identifier: E9:D8:80:E8:87:07:7F:AD:82:B7:4C:99:80:10:FA:9B:25:3E:0E:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6diA6IcHf62Ct0yZgBD6myU-Dqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/dbdad2-7c43-4cac-b4a6-facf48586249/1/P8aOvpEoVxSlPWkZDiiff5jaIg8.roa
Signing time: Mon 02 Jan 2023 00:15:05 +0000
ROA not before: Mon 02 Jan 2023 00:15:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12731
IP address blocks: 62.201.160.0/19 maxlen: 24
185.53.220.0/22 maxlen: 24
213.128.128.0/19 maxlen: 24
185.34.67.0/24 maxlen: 24
2001:868::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:f4:0e:7f:d6:d1:64:ae:28:aa:2c:c1:39:99:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9d880e887077fad82b74c998010fa9b253e0ea8
Validity
Not Before: Jan 2 00:15:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fc68ebe91285714a53d69190e289f7f98da220f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d5:b7:c4:0e:a5:20:92:33:42:fa:38:df:af:
5e:3e:69:88:cf:d1:8b:ac:e6:39:7e:85:f1:6c:ce:
a6:7b:da:e1:ca:d8:b7:fd:a9:9c:99:86:0b:33:7d:
61:92:0f:91:7b:7e:d5:19:40:37:9a:5c:5c:6a:ec:
b2:b9:67:b7:44:d7:f3:dd:3f:40:b1:ba:e8:01:cf:
44:df:c2:44:11:f8:70:75:c9:f2:a7:c7:91:df:91:
c8:8e:3a:d2:aa:5a:1a:ca:8d:6e:75:d3:7c:f4:4c:
4e:18:5b:a9:10:b1:32:7e:65:0c:94:f0:72:36:e2:
32:fa:12:91:9e:0b:aa:03:4f:d7:c5:60:7a:ef:1c:
82:4b:cc:8f:bb:94:c0:d1:52:e5:af:6c:a2:0c:4f:
9a:bf:96:08:48:eb:22:bf:d1:6d:28:30:3b:3f:de:
a9:8d:e3:fc:4e:7e:6c:43:76:0a:3c:fd:b4:42:21:
da:cf:8d:5c:63:d9:aa:f1:4a:bc:e3:f2:0a:5b:01:
0c:d5:be:bc:cc:98:58:d3:53:49:c3:b7:be:67:fb:
dd:ac:c5:18:f8:dc:e9:49:7c:0a:e3:cd:92:48:79:
38:b7:81:f7:c8:b2:ea:43:0a:8d:98:b4:c0:4d:d0:
b9:94:f4:a3:d2:76:64:91:48:94:2b:6d:97:04:aa:
3a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:C6:8E:BE:91:28:57:14:A5:3D:69:19:0E:28:9F:7F:98:DA:22:0F
X509v3 Authority Key Identifier:
keyid:E9:D8:80:E8:87:07:7F:AD:82:B7:4C:99:80:10:FA:9B:25:3E:0E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6diA6IcHf62Ct0yZgBD6myU-Dqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/dbdad2-7c43-4cac-b4a6-facf48586249/1/P8aOvpEoVxSlPWkZDiiff5jaIg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/dbdad2-7c43-4cac-b4a6-facf48586249/1/6diA6IcHf62Ct0yZgBD6myU-Dqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.160.0/19
185.34.67.0/24
185.53.220.0/22
213.128.128.0/19
IPv6:
2001:868::/29
Signature Algorithm: sha256WithRSAEncryption
81:63:62:60:57:19:ed:34:ab:64:23:94:71:c4:9a:30:d7:89:
d9:9b:0c:15:93:5c:fc:05:0c:31:83:18:ca:35:d2:1f:ff:34:
bf:06:49:1b:94:11:0a:63:09:be:e7:f1:20:b9:b3:9c:10:a4:
64:0f:2d:bc:c5:61:4b:e6:a8:50:17:cd:e9:ce:28:d4:a5:35:
9d:73:b4:48:94:75:ba:21:fe:9f:16:8b:0e:f3:ac:b6:4a:89:
93:ba:57:1c:6a:7b:fc:61:fd:a3:09:d5:31:71:34:62:10:2a:
fd:7f:5c:05:e3:27:b4:79:04:b1:3e:d7:db:e2:2c:db:b2:d6:
c6:45:6b:77:49:77:ee:f0:0e:04:00:3a:a0:e9:84:7a:30:23:
0e:1a:22:bf:92:0f:0c:3b:96:b5:fc:be:27:d2:b8:d2:34:df:
b5:26:98:22:f2:2d:94:95:76:3c:48:cc:e3:2c:89:3a:fc:12:
7d:e5:e6:c4:6a:f4:c9:1d:12:4a:df:4c:b1:62:0b:f3:f9:a9:
ce:0b:2d:b5:9a:c2:61:a3:6e:c4:0e:6e:3b:f4:63:61:66:62:
cf:4e:2d:7f:83:d5:61:f3:bb:0b:33:cc:4f:19:f7:31:6a:ca:
1c:61:91:03:81:49:87:7d:cf:b9:f8:7e:85:47:b5:8c:80:44:
ed:5b:25:8e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVv1PQOf9bRZK4oqizBOZmfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ZDg4MGU4ODcwNzdmYWQ4MmI3NGM5OTgwMTBmYTliMjUz
ZTBlYTgwHhcNMjMwMTAyMDAxNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmM2OGViZTkxMjg1NzE0YTUzZDY5MTkwZTI4OWY3Zjk4ZGEyMjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNW3xA6lIJIzQvo4369ePmmIz9GL
rOY5foXxbM6me9rhyti3/amcmYYLM31hkg+Re37VGUA3mlxcauyyuWe3RNfz3T9A
sbroAc9E38JEEfhwdcnyp8eR35HIjjrSqloayo1uddN89ExOGFupELEyfmUMlPBy
NuIy+hKRnguqA0/XxWB67xyCS8yPu5TA0VLlr2yiDE+av5YISOsiv9FtKDA7P96p
jeP8Tn5sQ3YKPP20QiHaz41cY9mq8Uq84/IKWwEM1b68zJhY01NJw7e+Z/vdrMUY
+NzpSXwK482SSHk4t4H3yLLqQwqNmLTATdC5lPSj0nZkkUiUK22XBKo6EQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFD/Gjr6RKFcUpT1pGQ4on3+Y2iIPMB8GA1UdIwQY
MBaAFOnYgOiHB3+tgrdMmYAQ+pslPg6oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmRpQTZJY0hmNjJDdDB5WmdCRDZteVUtRHFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9kYmRhZDItN2M0My00Y2FjLWI0YTYt
ZmFjZjQ4NTg2MjQ5LzEvUDhhT3ZwRW9WeFNsUFdrWkRpaWZmNWphSWc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9kYmRhZDItN2M0My00Y2FjLWI0YTYtZmFjZjQ4NTg2MjQ5
LzEvNmRpQTZJY0hmNjJDdDB5WmdCRDZteVUtRHFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFPsmgAwQA
uSJDAwQCuTXcAwQF1YCAMA0EAgACMAcDBQMgAQhoMA0GCSqGSIb3DQEBCwUAA4IB
AQCBY2JgVxntNKtkI5RxxJow14nZmwwVk1z8BQwxgxjKNdIf/zS/BkkblBEKYwm+
5/EgubOcEKRkDy28xWFL5qhQF83pzijUpTWdc7RIlHW6If6fFosO86y2SomTulcc
anv8Yf2jCdUxcTRiECr9f1wF4ye0eQSxPtfb4izbstbGRWt3SXfu8A4EADqg6YR6
MCMOGiK/kg8MO5a1/L4n0rjSNN+1Jpgi8i2UlXY8SMzjLIk6/BJ95ebEavTJHRJK
30yxYgvz+anOCy21msJho27EDm479GNhZmLPTi1/g9Vh87sLM8xPGfcxasocYZED
gUmHfc+5+H6FR7WMgETtWyWO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:59 2024 by rpki-client on console-fra.rpki-client.org