Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/FsiPZqL1sbyZ4PIy36h63dRCJ-4.roa
File: FsiPZqL1sbyZ4PIy36h63dRCJ-4.roa (raw, json)
Hash identifier: 8cKXBZOcqwc5M+4/aFE5RuTy2ViX3QRMj3UcX1R2WxI=
Subject key identifier: 16:C8:8F:66:A2:F5:B1:BC:99:E0:F2:32:DF:A8:7A:DD:D4:42:27:EE
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 018C67D38B991BD021AC0EA3C1E6B4BC0560
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/FsiPZqL1sbyZ4PIy36h63dRCJ-4.roa
Signing time: Thu 14 Dec 2023 10:16:06 +0000
ROA not before: Thu 14 Dec 2023 10:16:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25211
IP address blocks: 85.239.144.0/24 maxlen: 24
85.239.148.0/24 maxlen: 24
85.239.146.0/24 maxlen: 24
85.239.147.0/24 maxlen: 24
85.239.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:d3:8b:99:1b:d0:21:ac:0e:a3:c1:e6:b4:bc:05:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Dec 14 10:16:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16c88f66a2f5b1bc99e0f232dfa87addd44227ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:22:bb:90:2e:66:c3:76:9c:c7:d4:11:3a:ce:
29:c2:c1:37:0f:c4:be:07:76:8c:54:cc:8b:bd:01:
78:6b:87:c1:a0:88:14:c0:ff:80:8c:62:dd:3d:59:
ce:aa:39:5d:b5:48:2d:af:86:53:71:3b:29:82:d3:
eb:8d:bf:cc:7e:ac:05:70:88:77:a7:95:c3:a1:e4:
c8:6e:a4:fb:1e:12:99:e6:c5:6f:87:85:90:0a:da:
dd:97:eb:d8:22:d7:7c:10:17:5d:f1:e9:4e:8c:7f:
dc:16:87:83:d2:46:6b:e6:7f:39:c5:c8:74:78:07:
9d:09:04:52:c9:5b:67:ad:2c:7c:27:0a:82:3a:f9:
93:34:b3:d5:16:3f:1a:48:bf:84:f2:22:32:1a:f3:
86:15:69:40:5c:21:a3:66:e3:bb:bc:13:0c:5d:63:
b3:59:6b:79:45:e7:11:0f:28:49:e7:8b:40:2d:f5:
7f:69:67:aa:5c:6d:fa:29:65:da:65:0a:cb:0e:19:
a1:02:87:ee:33:15:63:cd:9d:3f:29:bd:cf:26:94:
75:8a:1b:cb:25:fa:91:4c:3c:a0:cb:fa:16:6c:e3:
49:17:a1:90:71:44:b2:bd:a6:13:26:37:18:e6:20:
e4:c7:ca:73:84:57:88:d8:14:5f:47:41:1b:2c:83:
57:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:C8:8F:66:A2:F5:B1:BC:99:E0:F2:32:DF:A8:7A:DD:D4:42:27:EE
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/FsiPZqL1sbyZ4PIy36h63dRCJ-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.144.0/24
85.239.146.0-85.239.148.255
85.239.150.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:a5:40:4d:f4:ae:bf:94:34:d2:d7:81:3a:9c:51:dc:f7:a4:
42:36:8e:14:20:74:99:dc:8d:81:8f:e8:b2:91:15:7e:89:22:
6e:18:f1:e3:97:c5:c8:d0:af:6d:2e:46:8c:86:71:ed:69:23:
0c:a3:a5:f1:62:9c:ad:f6:08:db:7e:47:44:fa:69:1d:c2:ff:
63:87:e3:2b:24:0f:c8:b4:04:e4:c6:d9:58:3c:c9:10:57:77:
99:dc:33:cd:ef:92:de:dc:88:89:b2:49:0f:65:a7:a8:87:39:
ef:d5:e0:18:c3:ce:fc:f6:49:27:6e:71:ba:cf:ec:90:c4:42:
3a:50:15:33:8c:44:d1:13:5e:07:83:55:e8:f6:06:43:68:cb:
af:3b:bc:4c:9e:03:ca:8e:ac:b2:05:ef:f2:24:84:6e:0f:9d:
df:20:4a:4b:29:2a:b5:ad:15:b7:7a:e2:5d:39:a6:19:7b:19:
5b:c4:d1:81:d7:a2:26:24:d6:d4:5d:36:d3:96:8c:55:0d:e5:
f5:05:d0:70:fd:86:ee:13:4e:3a:5c:0b:3b:ec:64:e2:69:3c:
36:84:9a:3b:71:20:99:a8:b4:4b:fa:fa:56:90:e0:5f:cc:b4:
4b:f9:bf:f4:ea:65:24:58:4f:cb:4d:08:07:7c:2f:6e:01:d6:
a9:de:4c:3c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYxn04uZG9AhrA6jwea0vAVgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjMxMjE0MTAxNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmM4OGY2NmEyZjViMWJjOTllMGYyMzJkZmE4N2FkZGQ0NDIyN2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSK7kC5mw3acx9QROs4pwsE3D8S+
B3aMVMyLvQF4a4fBoIgUwP+AjGLdPVnOqjldtUgtr4ZTcTspgtPrjb/MfqwFcIh3
p5XDoeTIbqT7HhKZ5sVvh4WQCtrdl+vYItd8EBdd8elOjH/cFoeD0kZr5n85xch0
eAedCQRSyVtnrSx8JwqCOvmTNLPVFj8aSL+E8iIyGvOGFWlAXCGjZuO7vBMMXWOz
WWt5RecRDyhJ54tALfV/aWeqXG36KWXaZQrLDhmhAofuMxVjzZ0/Kb3PJpR1ihvL
JfqRTDygy/oWbONJF6GQcUSyvaYTJjcY5iDkx8pzhFeI2BRfR0EbLINXkQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBbIj2ai9bG8meDyMt+oet3UQifuMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvRnNpUFpxTDFzYnlaNFBJeTM2aDYzZFJDSi00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAVe+QMAwD
BAFV75IDBABV75QDBABV75YwDQYJKoZIhvcNAQELBQADggEBAI+lQE30rr+UNNLX
gTqcUdz3pEI2jhQgdJncjYGP6LKRFX6JIm4Y8eOXxcjQr20uRoyGce1pIwyjpfFi
nK32CNt+R0T6aR3C/2OH4yskD8i0BOTG2Vg8yRBXd5ncM83vkt7ciImySQ9lp6iH
Oe/V4BjDzvz2SSducbrP7JDEQjpQFTOMRNETXgeDVej2BkNoy687vEyeA8qOrLIF
7/IkhG4Pnd8gSkspKrWtFbd64l05phl7GVvE0YHXoiYk1tRdNtOWjFUN5fUF0HD9
hu4TTjpcCzvsZOJpPDaEmjtxIJmotEv6+laQ4F/MtEv5v/TqZSRYT8tNCAd8L24B
1qneTDw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org