Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/XNKDOTqo3ZfuG1dQYbq5RzqB0Tg.roa
File: XNKDOTqo3ZfuG1dQYbq5RzqB0Tg.roa (raw, json)
Hash identifier: 8vxumy9S4w2lgAn81V38m6j6Mt0rBQRyHlD9tTxZgxk=
Subject key identifier: 5C:D2:83:39:3A:A8:DD:97:EE:1B:57:50:61:BA:B9:47:3A:81:D1:38
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01856DE6778B286B2B5284C9F53D49FC4CC4
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/XNKDOTqo3ZfuG1dQYbq5RzqB0Tg.roa
Signing time: Sun 01 Jan 2023 15:14:58 +0000
ROA not before: Sun 01 Jan 2023 15:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 85.239.151.0/24 maxlen: 24
85.239.150.0/24 maxlen: 24
85.239.149.0/24 maxlen: 24
85.239.148.0/24 maxlen: 24
185.95.158.0/24 maxlen: 24
185.95.157.0/24 maxlen: 24
185.95.156.0/24 maxlen: 24
185.95.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Aug 2023 14:12:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:77:8b:28:6b:2b:52:84:c9:f5:3d:49:fc:4c:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Jan 1 15:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cd283393aa8dd97ee1b575061bab9473a81d138
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:43:d6:f9:eb:b5:78:e0:5e:f4:3c:a9:e9:4b:
64:42:58:63:5c:8d:cc:6b:ea:9e:2d:f5:ef:b6:62:
2c:a1:e0:1b:24:83:47:bf:62:be:45:e9:30:b8:c9:
67:9f:71:20:e8:57:ff:4b:39:be:31:88:06:55:79:
e6:28:70:6d:93:06:80:13:29:a8:df:ba:6d:5c:87:
2a:23:e4:85:b4:40:d0:97:a2:35:05:b7:1a:df:1a:
f8:34:19:15:22:b3:9a:f0:24:f2:38:81:6f:83:f0:
ce:09:5b:3b:94:dc:1c:40:d6:bd:8c:8b:cf:96:4e:
ff:e7:e3:c6:e3:42:e5:ef:2c:37:cc:ef:87:c7:e5:
eb:5a:91:3b:a3:ef:74:b9:5a:fa:22:3d:53:3b:77:
9f:4e:a9:87:89:f5:47:b7:27:39:cc:c6:e5:03:97:
93:49:0e:50:11:c0:fb:ee:c2:ba:00:c9:e3:40:d0:
7e:e4:ae:00:ff:ff:3b:01:a4:cd:c9:4c:94:48:16:
9d:6f:4a:e3:4e:62:d9:f0:06:66:2f:c0:7f:ae:ab:
38:ae:be:19:6a:1a:1c:ce:9e:c9:ac:67:7b:64:53:
f5:23:25:19:2f:93:b5:67:36:f2:fd:5c:83:0d:37:
d8:3c:47:62:c0:85:d1:f5:ca:1d:f7:79:83:12:50:
d1:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:D2:83:39:3A:A8:DD:97:EE:1B:57:50:61:BA:B9:47:3A:81:D1:38
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/XNKDOTqo3ZfuG1dQYbq5RzqB0Tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.148.0/22
185.95.156.0/22
Signature Algorithm: sha256WithRSAEncryption
c4:db:fd:ba:3e:28:5e:cf:cf:75:01:3f:34:20:c3:64:e9:49:
e7:02:55:c9:15:b4:aa:5b:7a:c3:be:d6:90:ab:53:82:98:23:
4e:33:05:4c:b2:72:f2:11:98:1a:ed:da:39:db:74:6c:93:39:
dc:99:7e:66:4e:f5:61:4e:d8:92:b4:12:69:78:9f:0e:91:29:
ad:c4:ba:06:b3:81:ca:4b:09:5e:d7:a9:17:13:58:c8:79:5d:
d5:d9:f1:d5:32:a2:e9:39:fe:f3:1f:19:36:d1:3f:ed:d6:08:
15:31:fd:b4:b2:c9:6d:e1:10:6d:26:13:0e:14:c7:f5:aa:9b:
0b:8a:01:b1:42:b4:0e:8c:e2:7f:85:d9:f1:5b:78:8d:bb:e1:
a1:87:8b:db:44:30:40:13:d2:36:e5:a3:34:35:51:06:a8:b2:
73:ac:10:c3:a1:9b:8b:4c:52:1b:96:81:01:db:ea:c4:12:7c:
40:c4:81:c9:a5:26:46:da:fb:7f:62:9b:10:60:b3:19:b7:21:
54:b3:8e:81:18:36:75:e7:e1:70:e4:2a:80:5a:0f:db:e8:00:
2a:87:f6:c4:3a:32:76:1a:61:7b:98:d2:d9:4b:ef:5a:2f:af:
2a:36:8f:ec:b7:ab:1a:fe:a5:f0:08:e4:05:e9:96:d8:28:a1:
4f:bc:ed:f3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVt5neLKGsrUoTJ9T1J/EzEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjMwMTAxMTUxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2QyODMzOTNhYThkZDk3ZWUxYjU3NTA2MWJhYjk0NzNhODFkMTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0PW+eu1eOBe9Dyp6UtkQlhjXI3M
a+qeLfXvtmIsoeAbJINHv2K+RekwuMlnn3Eg6Ff/Szm+MYgGVXnmKHBtkwaAEymo
37ptXIcqI+SFtEDQl6I1Bbca3xr4NBkVIrOa8CTyOIFvg/DOCVs7lNwcQNa9jIvP
lk7/5+PG40Ll7yw3zO+Hx+XrWpE7o+90uVr6Ij1TO3efTqmHifVHtyc5zMblA5eT
SQ5QEcD77sK6AMnjQNB+5K4A//87AaTNyUyUSBadb0rjTmLZ8AZmL8B/rqs4rr4Z
ahoczp7JrGd7ZFP1IyUZL5O1Zzby/VyDDTfYPEdiwIXR9cod93mDElDRrQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFzSgzk6qN2X7htXUGG6uUc6gdE4MB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvWE5LRE9UcW8zWmZ1RzFkUVlicTVSenFCMFRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVe+UAwQC
uV+cMA0GCSqGSIb3DQEBCwUAA4IBAQDE2/26Pihez891AT80IMNk6UnnAlXJFbSq
W3rDvtaQq1OCmCNOMwVMsnLyEZga7do523RskzncmX5mTvVhTtiStBJpeJ8OkSmt
xLoGs4HKSwle16kXE1jIeV3V2fHVMqLpOf7zHxk20T/t1ggVMf20sslt4RBtJhMO
FMf1qpsLigGxQrQOjOJ/hdnxW3iNu+Ghh4vbRDBAE9I25aM0NVEGqLJzrBDDoZuL
TFIbloEB2+rEEnxAxIHJpSZG2vt/YpsQYLMZtyFUs46BGDZ15+Fw5CqAWg/b6AAq
h/bEOjJ2GmF7mNLZS+9aL68qNo/st6sa/qXwCOQF6ZbYKKFPvO3z
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:33 2024 by rpki-client on console-ams.rpki-client.org