Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/FeY9y1LAc4pi-4eY76_gAHwKXZg.roa
File: FeY9y1LAc4pi-4eY76_gAHwKXZg.roa (raw, json)
Hash identifier: I8x2JMnJ+0p+NDdxEZOYyWhbKE7cHYRUefFsnNKN6vI=
Subject key identifier: 15:E6:3D:CB:52:C0:73:8A:62:FB:87:98:EF:AF:E0:00:7C:0A:5D:98
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 0189218943B1537EFC877345A6BA541E5FF5
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/FeY9y1LAc4pi-4eY76_gAHwKXZg.roa
Signing time: Tue 04 Jul 2023 15:33:11 +0000
ROA not before: Tue 04 Jul 2023 15:33:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 85.239.151.0/24 maxlen: 24
185.95.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Jul 2023 13:25:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:21:89:43:b1:53:7e:fc:87:73:45:a6:ba:54:1e:5f:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Jul 4 15:33:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15e63dcb52c0738a62fb8798efafe0007c0a5d98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:06:fd:bb:68:3b:17:a5:91:d9:fd:1d:e6:40:
48:81:5b:dd:f3:ad:ac:b0:f0:76:09:0f:85:0b:31:
e6:9d:45:93:49:af:54:c1:c1:a5:60:e7:31:1b:4d:
2f:ee:4e:fc:4f:1f:bf:e4:47:36:de:30:48:9a:b7:
0b:9a:97:8f:a0:46:85:f2:64:0a:01:4a:97:45:b4:
96:aa:7c:7b:b9:01:01:02:77:43:33:71:ad:ef:67:
59:51:57:d8:31:04:69:66:36:af:93:0d:fe:e4:5c:
e9:7b:52:f1:8a:0d:79:3e:21:20:3d:6e:ce:a1:03:
50:3d:4f:41:5e:58:11:05:53:71:68:a1:5c:ba:dc:
de:7e:b0:32:9e:29:c1:07:f7:b3:2a:a8:70:02:ee:
30:0c:75:5e:8e:7b:cb:5c:49:ec:70:22:bd:cc:18:
ec:61:ee:19:b5:32:60:bf:04:9a:c1:8d:9b:6d:9c:
27:26:16:fa:1d:8e:c4:43:ad:da:2a:dc:15:d9:93:
c8:2e:1f:d8:a2:26:3a:bf:42:0f:7d:14:7d:ac:ee:
5a:d6:3d:fd:e3:63:35:b1:3f:30:cb:90:ab:0f:17:
4c:c9:ab:46:ef:c1:8d:b6:aa:21:db:6a:5f:78:20:
e2:67:0a:3e:b6:2d:2e:57:b9:0e:a4:43:82:31:b3:
31:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:E6:3D:CB:52:C0:73:8A:62:FB:87:98:EF:AF:E0:00:7C:0A:5D:98
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/FeY9y1LAc4pi-4eY76_gAHwKXZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.151.0/24
185.95.157.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:07:6b:f9:b7:11:59:03:3c:d0:33:d9:07:6c:25:1a:2c:02:
26:e3:f0:34:14:0d:06:f6:57:a3:72:10:d5:05:b0:b1:e4:d8:
7c:e5:08:94:cb:fd:6a:e5:1a:3c:98:25:b9:52:fc:ee:e1:70:
13:2a:29:7c:30:1e:86:38:34:50:42:69:e0:96:b7:70:a9:47:
31:ed:26:bf:26:02:3e:69:3c:3d:dc:0e:59:a2:8c:b4:23:ae:
05:b5:cd:a2:6c:43:18:50:17:ba:5e:64:10:0d:a9:3d:f1:3e:
3e:ba:a2:a1:2f:e1:ba:09:c6:a8:7b:ef:5b:2b:71:b9:d7:34:
f1:35:d6:e4:52:28:86:d6:e7:64:e6:e4:56:7c:b1:33:8c:35:
38:15:cf:99:aa:7f:c9:a7:bc:e2:fc:4b:c9:db:28:d3:1c:eb:
6d:e5:4b:7c:55:c4:76:90:8d:4b:3d:39:73:a5:ad:f4:e5:96:
57:b7:ab:b1:03:67:9e:fa:17:39:bf:26:4a:34:1e:c6:fa:a4:
6e:c3:4a:8c:2b:7a:1c:d1:d6:bc:5d:19:99:43:36:c0:3c:fc:
97:8c:3b:c9:a4:6b:88:f3:6c:5e:60:ed:f1:05:ae:19:86:4e:
5d:78:c2:65:47:19:01:db:fe:9a:f2:54:a3:61:db:41:d0:c1:
40:76:b7:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkhiUOxU378h3NFprpUHl/1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjMwNzA0MTUzMzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWU2M2RjYjUyYzA3MzhhNjJmYjg3OThlZmFmZTAwMDdjMGE1ZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgb9u2g7F6WR2f0d5kBIgVvd862s
sPB2CQ+FCzHmnUWTSa9UwcGlYOcxG00v7k78Tx+/5Ec23jBImrcLmpePoEaF8mQK
AUqXRbSWqnx7uQEBAndDM3Gt72dZUVfYMQRpZjavkw3+5Fzpe1Lxig15PiEgPW7O
oQNQPU9BXlgRBVNxaKFcutzefrAyninBB/ezKqhwAu4wDHVejnvLXEnscCK9zBjs
Ye4ZtTJgvwSawY2bbZwnJhb6HY7EQ63aKtwV2ZPILh/YoiY6v0IPfRR9rO5a1j39
42M1sT8wy5CrDxdMyatG78GNtqoh22pfeCDiZwo+ti0uV7kOpEOCMbMxTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBXmPctSwHOKYvuHmO+v4AB8Cl2YMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvRmVZOXkxTEFjNHBpLTRlWTc2X2dBSHdLWFpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVe+XAwQA
uV+dMA0GCSqGSIb3DQEBCwUAA4IBAQBbB2v5txFZAzzQM9kHbCUaLAIm4/A0FA0G
9lejchDVBbCx5Nh85QiUy/1q5Ro8mCW5Uvzu4XATKil8MB6GODRQQmnglrdwqUcx
7Sa/JgI+aTw93A5Zooy0I64Ftc2ibEMYUBe6XmQQDak98T4+uqKhL+G6Ccaoe+9b
K3G51zTxNdbkUiiG1udk5uRWfLEzjDU4Fc+Zqn/Jp7zi/EvJ2yjTHOtt5Ut8VcR2
kI1LPTlzpa305ZZXt6uxA2ee+hc5vyZKNB7G+qRuw0qMK3oc0da8XRmZQzbAPPyX
jDvJpGuI82xeYO3xBa4Zhk5deMJlRxkB2/6a8lSjYdtB0MFAdrc9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org