Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/819e39-c00c-49b0-a768-4406688eef85/1/IYCj4Lz4_Zc_rBZKiTUgD_6K9kM.roa
File: IYCj4Lz4_Zc_rBZKiTUgD_6K9kM.roa (raw, json)
Hash identifier: LrzXDROXLhkvMGbMa7qprH7RYqo/7o7aqC+Yli2arvw=
Subject key identifier: 21:80:A3:E0:BC:F8:FD:97:3F:AC:16:4A:89:35:20:0F:FE:8A:F6:43
Certificate issuer: /CN=74d34abbe9afba280432c2ab83898c7b950df7ac
Certificate serial: 018CC49247EEEB6C8C6A2FF1AE8B78E8C91D
Authority key identifier: 74:D3:4A:BB:E9:AF:BA:28:04:32:C2:AB:83:89:8C:7B:95:0D:F7:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dNNKu-mvuigEMsKrg4mMe5UN96w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/819e39-c00c-49b0-a768-4406688eef85/1/IYCj4Lz4_Zc_rBZKiTUgD_6K9kM.roa
Signing time: Mon 01 Jan 2024 10:29:30 +0000
ROA not before: Mon 01 Jan 2024 10:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201895
IP address blocks: 85.117.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 08:27:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:47:ee:eb:6c:8c:6a:2f:f1:ae:8b:78:e8:c9:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74d34abbe9afba280432c2ab83898c7b950df7ac
Validity
Not Before: Jan 1 10:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2180a3e0bcf8fd973fac164a8935200ffe8af643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:98:04:a2:69:11:ea:34:3b:ef:f4:f6:bf:cf:
74:fd:df:b5:ee:fa:2d:24:d6:ea:aa:a1:f8:f0:85:
33:63:9e:1c:a7:11:92:86:b2:af:a7:14:13:9c:b4:
44:5d:22:b2:3c:28:62:0a:00:dd:81:3d:8e:3c:ec:
d3:da:6b:8f:48:8e:13:9e:51:b2:ea:20:68:26:70:
d2:f2:94:f8:e8:87:7c:1b:cb:cc:2e:64:88:14:de:
e9:8f:25:36:84:57:b2:5a:6e:75:70:5e:16:0d:ca:
b4:6a:2f:57:41:8d:c6:ef:6f:60:80:47:e6:5a:e3:
cc:ca:ab:63:09:02:39:55:9c:67:8e:54:fe:fc:d9:
63:bc:57:b3:4f:7d:2f:fe:0a:72:73:4d:02:fa:95:
49:ff:64:66:01:e3:36:d2:d5:24:5f:f2:d9:e7:be:
3f:55:40:76:6e:47:94:43:d7:6a:26:32:6f:37:d6:
83:b3:e3:03:83:bb:3a:f5:88:1e:f6:2f:e4:13:91:
c7:cb:fa:79:8b:ff:92:e0:b0:60:de:82:44:77:8f:
7e:50:64:21:56:10:13:92:c8:63:76:73:6a:65:c8:
04:78:82:77:57:ae:38:2f:e8:c2:06:e1:0e:03:2e:
58:ca:75:ea:45:3f:5a:51:bb:94:50:4c:30:0b:af:
04:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:80:A3:E0:BC:F8:FD:97:3F:AC:16:4A:89:35:20:0F:FE:8A:F6:43
X509v3 Authority Key Identifier:
keyid:74:D3:4A:BB:E9:AF:BA:28:04:32:C2:AB:83:89:8C:7B:95:0D:F7:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dNNKu-mvuigEMsKrg4mMe5UN96w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/819e39-c00c-49b0-a768-4406688eef85/1/IYCj4Lz4_Zc_rBZKiTUgD_6K9kM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/819e39-c00c-49b0-a768-4406688eef85/1/dNNKu-mvuigEMsKrg4mMe5UN96w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.228.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:48:63:38:d4:2b:00:4d:73:8b:18:b0:ed:2b:27:32:0c:3f:
2a:02:6d:f0:15:9b:5b:0f:55:1e:41:02:75:95:45:cc:89:a6:
10:38:2b:4c:a7:7d:5e:02:4c:41:fc:21:7e:87:e9:b8:69:e6:
3b:17:6f:1e:8c:1d:08:bb:2f:89:0d:8a:c4:da:d3:e3:5f:cb:
03:c7:26:a2:27:9f:47:a8:70:ee:3e:f0:93:36:3b:a0:7a:45:
20:5d:79:6b:e9:34:fb:da:63:e7:72:5e:0e:ef:da:2d:23:e3:
be:3f:3b:42:ea:47:d3:b0:90:cf:f1:99:d9:fa:d2:4c:48:11:
83:ab:14:aa:0d:e5:2c:6f:c8:4b:7c:fe:89:2e:55:64:e8:63:
30:3e:83:98:08:86:ea:2d:56:fd:0c:8f:03:de:a6:b3:b6:5a:
93:fa:45:7f:b2:1a:8d:1b:8f:f8:e3:b6:86:82:6f:ef:c9:68:
5a:4f:9c:c4:bd:29:dd:f6:61:a6:b6:79:1e:fb:bd:62:65:07:
a0:6a:2b:cf:12:5a:10:0a:3d:8b:9b:3d:d2:33:83:ba:4e:76:
bb:99:6c:8e:22:dc:1b:e8:d7:bc:bd:b3:e6:f3:79:83:7e:91:
38:f9:fb:b9:ab:6c:66:08:d3:81:c4:9c:84:15:cc:bc:27:51:
58:91:73:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkkfu62yMai/xrot46MkdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZDM0YWJiZTlhZmJhMjgwNDMyYzJhYjgzODk4YzdiOTUw
ZGY3YWMwHhcNMjQwMTAxMTAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTgwYTNlMGJjZjhmZDk3M2ZhYzE2NGE4OTM1MjAwZmZlOGFmNjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJgEomkR6jQ77/T2v890/d+17vot
JNbqqqH48IUzY54cpxGShrKvpxQTnLREXSKyPChiCgDdgT2OPOzT2muPSI4TnlGy
6iBoJnDS8pT46Id8G8vMLmSIFN7pjyU2hFeyWm51cF4WDcq0ai9XQY3G729ggEfm
WuPMyqtjCQI5VZxnjlT+/NljvFezT30v/gpyc00C+pVJ/2RmAeM20tUkX/LZ574/
VUB2bkeUQ9dqJjJvN9aDs+MDg7s69Yge9i/kE5HHy/p5i/+S4LBg3oJEd49+UGQh
VhATkshjdnNqZcgEeIJ3V644L+jCBuEOAy5YynXqRT9aUbuUUEwwC68EOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCGAo+C8+P2XP6wWSok1IA/+ivZDMB8GA1UdIwQY
MBaAFHTTSrvpr7ooBDLCq4OJjHuVDfesMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE5OS3UtbXZ1aWdFTXNLcmc0bU1lNVVOOTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84MTllMzktYzAwYy00OWIwLWE3Njgt
NDQwNjY4OGVlZjg1LzEvSVlDajRMejRfWmNfckJaS2lUVWdEXzZLOWtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84MTllMzktYzAwYy00OWIwLWE3NjgtNDQwNjY4OGVlZjg1
LzEvZE5OS3UtbXZ1aWdFTXNLcmc0bU1lNVVOOTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXXkMA0G
CSqGSIb3DQEBCwUAA4IBAQB+SGM41CsATXOLGLDtKycyDD8qAm3wFZtbD1UeQQJ1
lUXMiaYQOCtMp31eAkxB/CF+h+m4aeY7F28ejB0Iuy+JDYrE2tPjX8sDxyaiJ59H
qHDuPvCTNjugekUgXXlr6TT72mPncl4O79otI+O+PztC6kfTsJDP8ZnZ+tJMSBGD
qxSqDeUsb8hLfP6JLlVk6GMwPoOYCIbqLVb9DI8D3qaztlqT+kV/shqNG4/447aG
gm/vyWhaT5zEvSnd9mGmtnke+71iZQegaivPEloQCj2Lmz3SM4O6Tna7mWyOItwb
6Ne8vbPm83mDfpE4+fu5q2xmCNOBxJyEFcy8J1FYkXNx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:36 2024 by rpki-client on console-fra.rpki-client.org