Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/8hIFxoxFtjdO7Hkntx1K1OsGHRY.roa
File: 8hIFxoxFtjdO7Hkntx1K1OsGHRY.roa (raw, json)
Hash identifier: yK74qas26Uszdn4VFhqe8XJEDc0TkzWL+KJmp2uFtiQ=
Subject key identifier: F2:12:05:C6:8C:45:B6:37:4E:EC:79:27:B7:1D:4A:D4:EB:06:1D:16
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 01863067EBF6D4E7026153A41E12DCEB768F
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/8hIFxoxFtjdO7Hkntx1K1OsGHRY.roa
Signing time: Wed 08 Feb 2023 09:42:42 +0000
ROA not before: Wed 08 Feb 2023 09:42:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3177
IP address blocks: 195.28.11.0/24 maxlen: 24
103.215.223.0/24 maxlen: 24
103.215.221.0/24 maxlen: 24
103.215.222.0/24 maxlen: 24
103.215.220.0/24 maxlen: 24
2a05:63c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:30:67:eb:f6:d4:e7:02:61:53:a4:1e:12:dc:eb:76:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Feb 8 09:42:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f21205c68c45b6374eec7927b71d4ad4eb061d16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ca:b3:2c:a0:f5:72:03:ad:91:8a:2c:82:d0:
1d:13:cf:a3:38:52:24:71:57:46:d1:05:42:2d:10:
7a:81:53:95:bc:1e:17:3a:28:1b:16:16:99:74:3d:
34:29:38:31:d0:db:39:51:4e:65:ec:f3:6d:f0:2e:
0e:0b:9b:42:36:31:d7:58:a4:e7:fb:1f:de:5b:ec:
e4:ae:38:a9:4b:0d:70:bd:bc:d8:e6:67:9d:2e:79:
69:cf:30:57:b0:ba:6b:74:09:2c:2e:b7:57:25:1d:
8d:16:21:20:1e:fc:9d:12:5a:38:04:13:ba:33:6c:
c7:99:08:01:e5:5b:6d:62:29:8e:5c:6e:9c:cb:fa:
fd:1e:f2:c8:d1:e7:8e:2f:b9:2f:f9:3c:4a:e5:54:
76:8a:64:5b:63:fb:61:38:df:3c:6b:9c:95:f7:33:
6e:1b:6b:6e:89:cb:d3:73:0f:c4:1f:d9:84:36:08:
bd:fe:f3:55:ab:ff:14:42:21:c8:1e:29:34:82:fd:
52:58:f9:52:da:f8:85:a2:52:3f:42:7c:7b:08:d7:
49:02:cd:67:92:1c:ef:4c:11:bd:ed:ff:83:bb:d4:
2b:b4:01:75:88:26:8d:15:bc:4c:dd:bb:4a:fc:cd:
49:ac:a8:0c:1e:0b:93:37:d4:a8:25:58:97:dc:b7:
44:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:12:05:C6:8C:45:B6:37:4E:EC:79:27:B7:1D:4A:D4:EB:06:1D:16
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/8hIFxoxFtjdO7Hkntx1K1OsGHRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.215.220.0/22
195.28.11.0/24
IPv6:
2a05:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
6d:18:de:cd:e9:1a:ca:72:65:5b:03:ba:c3:73:3f:bd:41:22:
6a:38:b9:eb:71:8b:28:a6:9a:e4:f5:50:da:41:b9:c4:ac:ec:
28:2d:0f:76:d5:90:39:77:7c:2f:ca:9f:61:32:df:f2:54:a6:
84:a6:47:f8:95:4f:73:a5:8b:8c:7a:c7:59:d2:a6:de:99:f9:
cf:9f:9f:61:59:d1:7c:4d:10:f9:55:b8:6a:71:e8:10:15:04:
eb:e0:7a:89:5b:46:5d:78:64:63:14:e0:9c:3f:cf:a1:ef:17:
f6:94:d1:c9:0d:b9:d0:d4:82:70:d0:41:1b:a7:99:f4:d9:42:
7e:03:26:c7:8c:5f:00:91:b2:c6:50:b4:d7:bb:9c:2a:1e:b7:
b9:57:72:dd:ea:82:e8:8c:28:08:de:93:67:f4:0b:d5:d9:5e:
85:4d:88:9a:44:0f:af:91:28:a8:9a:79:a0:4a:92:f0:b2:6f:
e2:d9:cd:a3:d1:74:5e:77:36:8e:4f:28:c2:59:53:d5:d4:3a:
6e:09:a4:de:cf:2a:de:b5:20:dd:2d:60:18:a7:8d:80:c8:66:
7f:f4:1d:3a:d1:5d:9f:3d:cb:c0:fc:5a:60:9d:6e:81:0c:09:
7c:75:b4:d5:f7:3d:f5:83:55:15:8c:a9:53:02:08:e5:d2:6f:
03:aa:b3:f1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYYwZ+v21OcCYVOkHhLc63aPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjMwMjA4MDk0MjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjEyMDVjNjhjNDViNjM3NGVlYzc5MjdiNzFkNGFkNGViMDYxZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMqzLKD1cgOtkYosgtAdE8+jOFIk
cVdG0QVCLRB6gVOVvB4XOigbFhaZdD00KTgx0Ns5UU5l7PNt8C4OC5tCNjHXWKTn
+x/eW+zkrjipSw1wvbzY5medLnlpzzBXsLprdAksLrdXJR2NFiEgHvydElo4BBO6
M2zHmQgB5VttYimOXG6cy/r9HvLI0eeOL7kv+TxK5VR2imRbY/thON88a5yV9zNu
G2tuicvTcw/EH9mENgi9/vNVq/8UQiHIHik0gv1SWPlS2viFolI/Qnx7CNdJAs1n
khzvTBG97f+Du9QrtAF1iCaNFbxM3btK/M1JrKgMHguTN9SoJViX3LdEwQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPISBcaMRbY3Tux5J7cdStTrBh0WMB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvOGhJRnhveEZ0amRPN0hrbnR4MUsxT3NHSFJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCZ9fcAwQA
wxwLMA0EAgACMAcDBQMqBWPAMA0GCSqGSIb3DQEBCwUAA4IBAQBtGN7N6RrKcmVb
A7rDcz+9QSJqOLnrcYsopprk9VDaQbnErOwoLQ921ZA5d3wvyp9hMt/yVKaEpkf4
lU9zpYuMesdZ0qbemfnPn59hWdF8TRD5VbhqcegQFQTr4HqJW0ZdeGRjFOCcP8+h
7xf2lNHJDbnQ1IJw0EEbp5n02UJ+AybHjF8AkbLGULTXu5wqHre5V3Ld6oLojCgI
3pNn9AvV2V6FTYiaRA+vkSiomnmgSpLwsm/i2c2j0XRedzaOTyjCWVPV1DpuCaTe
zyretSDdLWAYp42AyGZ/9B060V2fPcvA/FpgnW6BDAl8dbTV9z31g1UVjKlTAgjl
0m8DqrPx
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:59 2023 by rpki-client on console.sobornost.net