Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/I8u3zlJ4W7WcXMVA2Ac1u75Fnb8.roa
File: I8u3zlJ4W7WcXMVA2Ac1u75Fnb8.roa (raw, json)
Hash identifier: B3GQk4ntVpbIiT3DzNRj6gSeLvZhc5FYhaokgcYrACs=
Subject key identifier: 23:CB:B7:CE:52:78:5B:B5:9C:5C:C5:40:D8:07:35:BB:BE:45:9D:BF
Certificate issuer: /CN=8812a0a809dc3cd1fbd8951a8f80f69925e11908
Certificate serial: 01856F79A223DE9EE04402EA8B34CDCB196E
Authority key identifier: 88:12:A0:A8:09:DC:3C:D1:FB:D8:95:1A:8F:80:F6:99:25:E1:19:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBKgqAncPNH72JUaj4D2mSXhGQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/I8u3zlJ4W7WcXMVA2Ac1u75Fnb8.roa
Signing time: Sun 01 Jan 2023 22:35:20 +0000
ROA not before: Sun 01 Jan 2023 22:35:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51013
IP address blocks: 185.140.108.0/24 maxlen: 24
193.32.235.0/24 maxlen: 24
185.111.88.0/22 maxlen: 24
185.111.88.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:a2:23:de:9e:e0:44:02:ea:8b:34:cd:cb:19:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8812a0a809dc3cd1fbd8951a8f80f69925e11908
Validity
Not Before: Jan 1 22:35:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23cbb7ce52785bb59c5cc540d80735bbbe459dbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f5:33:06:8a:d4:6e:8e:9c:a0:3f:4b:ec:64:
c6:c0:f6:fb:50:b5:78:3b:a5:3d:49:09:bd:76:27:
ee:c2:98:c7:a1:03:17:6c:4a:15:41:8e:04:6c:f8:
33:53:c6:3e:a5:62:56:ae:de:cd:36:d1:24:e4:f1:
89:58:c5:23:1b:14:77:de:50:5a:e2:91:1e:56:2f:
c9:1e:82:cf:16:c0:f3:5f:27:fb:94:ce:e6:b6:f5:
01:f2:f2:68:28:9a:14:a5:36:2e:af:56:14:14:58:
50:f6:ee:89:7f:7d:c2:08:ef:fe:6e:b0:96:a2:6b:
52:d7:74:ca:6e:51:c5:b2:2a:32:df:10:8d:6d:a7:
ea:16:c3:55:ab:46:8b:dc:13:c4:75:74:87:bd:e0:
2b:42:55:dd:bd:a6:a1:da:7d:85:2f:c2:81:1e:40:
0a:26:20:34:5b:50:c5:a9:75:57:03:09:99:c1:e6:
98:de:a2:30:fe:68:9f:d0:ad:67:9d:ba:ea:08:7a:
f2:51:e3:24:6a:cf:be:81:ec:e1:39:2e:a5:74:f4:
90:e0:34:48:86:a0:2b:15:3e:59:11:33:75:fb:c5:
b1:eb:18:5f:6c:f1:12:3a:60:31:ff:27:70:94:fb:
04:c2:5e:ff:28:53:ba:a8:00:5f:55:39:11:b1:1d:
9a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:CB:B7:CE:52:78:5B:B5:9C:5C:C5:40:D8:07:35:BB:BE:45:9D:BF
X509v3 Authority Key Identifier:
keyid:88:12:A0:A8:09:DC:3C:D1:FB:D8:95:1A:8F:80:F6:99:25:E1:19:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBKgqAncPNH72JUaj4D2mSXhGQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/I8u3zlJ4W7WcXMVA2Ac1u75Fnb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/iBKgqAncPNH72JUaj4D2mSXhGQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.88.0/22
185.140.108.0/24
193.32.235.0/24
Signature Algorithm: sha256WithRSAEncryption
75:55:31:6f:0f:c2:0e:48:2b:f8:e0:9f:e2:ee:7b:93:03:f8:
ac:2d:db:8a:5c:b5:69:36:41:fd:60:1d:48:11:b4:04:cb:e0:
ef:2a:76:66:e2:ea:7a:f5:b1:3e:d8:7c:5c:05:11:0b:85:31:
be:02:12:e7:e7:73:0a:d2:aa:22:be:d0:9d:8b:94:1a:14:d5:
bd:37:14:0c:bd:d1:39:13:28:71:cc:60:cb:61:d4:42:93:04:
b3:29:bf:d5:fd:0c:71:b8:6e:58:77:63:5d:c0:d0:bd:00:f2:
37:e7:fd:4f:ff:89:c4:bc:7f:d6:12:f2:e4:c2:34:07:cd:fd:
b6:0e:15:10:d5:6b:4a:00:e9:77:5a:61:6d:0d:8b:c1:1c:6c:
76:5b:77:99:b0:d6:c9:b5:80:8f:87:19:03:cf:36:1c:4f:19:
9f:3d:ae:39:c4:07:52:59:c3:21:22:f4:63:27:3b:3e:39:3e:
c8:92:1b:9d:2f:68:20:71:f1:4c:ab:25:d6:15:82:78:a1:8d:
16:68:1a:d7:7a:17:1e:f3:19:6d:a3:57:e6:ec:6d:44:89:cb:
8d:06:64:e6:22:38:d3:09:84:4d:24:cc:78:af:f4:a1:b4:89:
a8:f2:cb:b0:9e:d8:4c:fc:c9:ea:f9:a8:ed:87:15:66:71:d1:
d8:2d:6b:41
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVveaIj3p7gRALqizTNyxluMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTJhMGE4MDlkYzNjZDFmYmQ4OTUxYThmODBmNjk5MjVl
MTE5MDgwHhcNMjMwMTAxMjIzNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2NiYjdjZTUyNzg1YmI1OWM1Y2M1NDBkODA3MzViYmJlNDU5ZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fUzBorUbo6coD9L7GTGwPb7ULV4
O6U9SQm9difuwpjHoQMXbEoVQY4EbPgzU8Y+pWJWrt7NNtEk5PGJWMUjGxR33lBa
4pEeVi/JHoLPFsDzXyf7lM7mtvUB8vJoKJoUpTYur1YUFFhQ9u6Jf33CCO/+brCW
omtS13TKblHFsioy3xCNbafqFsNVq0aL3BPEdXSHveArQlXdvaah2n2FL8KBHkAK
JiA0W1DFqXVXAwmZweaY3qIw/mif0K1nnbrqCHryUeMkas++gezhOS6ldPSQ4DRI
hqArFT5ZETN1+8Wx6xhfbPESOmAx/ydwlPsEwl7/KFO6qABfVTkRsR2aOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCPLt85SeFu1nFzFQNgHNbu+RZ2/MB8GA1UdIwQY
MBaAFIgSoKgJ3DzR+9iVGo+A9pkl4RkIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJLZ3FBbmNQTkg3MkpVYWo0RDJtU1hoR1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jOGFhMDktYmRmYi00M2NhLTg1MjIt
ZmE3NWNiZTliZWFkLzEvSTh1M3psSjRXN1djWE1WQTJBYzF1NzVGbmI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jOGFhMDktYmRmYi00M2NhLTg1MjItZmE3NWNiZTliZWFk
LzEvaUJLZ3FBbmNQTkg3MkpVYWo0RDJtU1hoR1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuW9YAwQA
uYxsAwQAwSDrMA0GCSqGSIb3DQEBCwUAA4IBAQB1VTFvD8IOSCv44J/i7nuTA/is
LduKXLVpNkH9YB1IEbQEy+DvKnZm4up69bE+2HxcBRELhTG+AhLn53MK0qoivtCd
i5QaFNW9NxQMvdE5EyhxzGDLYdRCkwSzKb/V/QxxuG5Yd2NdwNC9API35/1P/4nE
vH/WEvLkwjQHzf22DhUQ1WtKAOl3WmFtDYvBHGx2W3eZsNbJtYCPhxkDzzYcTxmf
Pa45xAdSWcMhIvRjJzs+OT7IkhudL2ggcfFMqyXWFYJ4oY0WaBrXehce8xlto1fm
7G1EicuNBmTmIjjTCYRNJMx4r/ShtImo8suwnthM/Mnq+ajthxVmcdHYLWtB
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:38 2023 by rpki-client on console.sobornost.net