Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/Cr7vx7QTv8Y-wnIvtL5kSHKUlrU.roa
File: Cr7vx7QTv8Y-wnIvtL5kSHKUlrU.roa (raw, json)
Hash identifier: wsfBHHNhP1eGIDY3SfYkYW1LI8jcf/OQh0PbBG1CZgs=
Subject key identifier: 0A:BE:EF:C7:B4:13:BF:C6:3E:C2:72:2F:B4:BE:64:48:72:94:96:B5
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 018C4480A2C2679B53EC6D928E0CAC53D620
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/Cr7vx7QTv8Y-wnIvtL5kSHKUlrU.roa
Signing time: Thu 07 Dec 2023 13:38:50 +0000
ROA not before: Thu 07 Dec 2023 13:38:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25211
IP address blocks: 85.239.144.0/24 maxlen: 24
85.239.146.0/24 maxlen: 24
85.239.147.0/24 maxlen: 24
85.239.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Dec 2023 10:16:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:44:80:a2:c2:67:9b:53:ec:6d:92:8e:0c:ac:53:d6:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Dec 7 13:38:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0abeefc7b413bfc63ec2722fb4be6448729496b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:38:22:fa:c2:2a:17:73:00:ff:7b:8e:c7:95:
42:44:ac:8f:49:7d:7d:65:e3:b3:9a:33:20:98:d2:
5b:62:a2:dc:9c:89:cf:a3:81:bf:ea:aa:05:16:17:
7b:7e:77:1a:fc:4b:ca:79:a6:b4:44:f9:52:6d:0c:
d5:1e:11:9d:c8:6a:1b:e5:99:29:d9:4b:1a:b3:5f:
29:2a:06:25:5b:ba:60:9e:96:0e:e4:9b:c0:d5:66:
bf:c4:0d:0e:60:e9:d6:40:6d:30:df:21:03:7a:fd:
9a:77:11:b4:68:2e:e2:03:1d:f7:60:9e:d6:38:8a:
72:37:4b:b3:d2:0b:cf:49:2f:97:65:3b:55:36:df:
d1:8a:59:a1:13:70:68:8a:a8:49:47:59:50:22:c3:
8d:44:94:9d:54:56:77:fa:97:47:61:a8:b8:d9:c4:
5b:4a:fc:d7:b8:e1:7a:b6:19:db:ef:c8:b6:0d:4f:
63:1e:aa:73:b4:47:48:18:29:3c:03:e9:21:84:25:
ef:61:fd:05:7e:e2:08:55:c8:9b:fb:5d:74:bd:f7:
9e:a0:04:75:c8:3d:f1:a9:55:08:da:18:61:26:7f:
e2:b2:6e:0b:65:dc:6f:f7:dc:65:00:25:a6:6b:a0:
46:fa:19:ae:33:3f:59:71:d3:dd:45:6d:b2:f9:4e:
84:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:BE:EF:C7:B4:13:BF:C6:3E:C2:72:2F:B4:BE:64:48:72:94:96:B5
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/Cr7vx7QTv8Y-wnIvtL5kSHKUlrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.144.0/24
85.239.146.0/23
85.239.150.0/24
Signature Algorithm: sha256WithRSAEncryption
78:41:ce:d9:54:71:0f:d4:cb:c0:7a:a2:5b:aa:4d:d6:4d:23:
b0:76:b2:bb:50:74:03:0b:ac:5a:ca:c6:82:18:77:64:b6:86:
a7:d7:cb:1e:af:eb:0b:47:13:98:cf:af:88:31:4d:a2:8a:f3:
0e:93:76:55:f5:b0:5e:43:f1:02:6a:d7:0f:05:56:8a:b8:b3:
7e:c2:6f:20:bd:71:44:0c:89:2a:11:9c:10:3d:1d:91:cf:d4:
95:a7:fe:4f:d9:22:1a:a1:8f:c4:52:8b:04:60:60:00:ca:af:
95:16:49:c9:c5:98:ca:e9:4c:8e:25:a0:f2:aa:cf:28:87:9c:
5a:f2:50:d0:bb:21:17:ad:46:20:3d:7c:f1:75:95:3f:c6:45:
54:d4:77:89:e2:bc:30:08:1f:cd:ac:84:6b:68:72:f8:13:b1:
6c:6b:d6:49:99:27:70:5f:10:5e:d1:94:f9:c4:ed:f7:f9:22:
22:05:9b:dc:a3:d5:ee:59:0b:aa:84:a4:ba:68:c2:38:08:35:
d0:e0:05:73:70:f8:8f:c4:c7:19:74:1e:4c:57:ff:b4:30:c9:
2e:0e:24:7a:bb:fa:fe:75:0c:58:ca:52:9f:71:d1:bc:41:38:
32:00:ca:91:7b:46:bc:59:2d:4d:78:f4:67:a7:2f:d5:e7:08:
88:9e:e2:fd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxEgKLCZ5tT7G2SjgysU9YgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjMxMjA3MTMzODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWJlZWZjN2I0MTNiZmM2M2VjMjcyMmZiNGJlNjQ0ODcyOTQ5NmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDgi+sIqF3MA/3uOx5VCRKyPSX19
ZeOzmjMgmNJbYqLcnInPo4G/6qoFFhd7fnca/EvKeaa0RPlSbQzVHhGdyGob5Zkp
2Usas18pKgYlW7pgnpYO5JvA1Wa/xA0OYOnWQG0w3yEDev2adxG0aC7iAx33YJ7W
OIpyN0uz0gvPSS+XZTtVNt/RilmhE3BoiqhJR1lQIsONRJSdVFZ3+pdHYai42cRb
SvzXuOF6thnb78i2DU9jHqpztEdIGCk8A+khhCXvYf0FfuIIVcib+110vfeeoAR1
yD3xqVUI2hhhJn/ism4LZdxv99xlACWma6BG+hmuMz9ZcdPdRW2y+U6EWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAq+78e0E7/GPsJyL7S+ZEhylJa1MB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvQ3I3dng3UVR2OFktd25JdnRMNWtTSEtVbHJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVe+QAwQB
Ve+SAwQAVe+WMA0GCSqGSIb3DQEBCwUAA4IBAQB4Qc7ZVHEP1MvAeqJbqk3WTSOw
drK7UHQDC6xaysaCGHdktoan18ser+sLRxOYz6+IMU2iivMOk3ZV9bBeQ/ECatcP
BVaKuLN+wm8gvXFEDIkqEZwQPR2Rz9SVp/5P2SIaoY/EUosEYGAAyq+VFknJxZjK
6UyOJaDyqs8oh5xa8lDQuyEXrUYgPXzxdZU/xkVU1HeJ4rwwCB/NrIRraHL4E7Fs
a9ZJmSdwXxBe0ZT5xO33+SIiBZvco9XuWQuqhKS6aMI4CDXQ4AVzcPiPxMcZdB5M
V/+0MMkuDiR6u/r+dQxYylKfcdG8QTgyAMqRe0a8WS1NePRnpy/V5wiInuL9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org