Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/jvD9S8CoQN9HP6QqDyUNcGo7w6c.roa
File: jvD9S8CoQN9HP6QqDyUNcGo7w6c.roa (raw, json)
Hash identifier: XZ6ro/xsN8wnF6IHCIfvMTgppbT7QxO1X9ZhcDN+Qq8=
Subject key identifier: 8E:F0:FD:4B:C0:A8:40:DF:47:3F:A4:2A:0F:25:0D:70:6A:3B:C3:A7
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 0189C0E4F7C61E50F494449DCC000E4292B3
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/jvD9S8CoQN9HP6QqDyUNcGo7w6c.roa
Signing time: Fri 04 Aug 2023 14:12:58 +0000
ROA not before: Fri 04 Aug 2023 14:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 85.239.151.0/24 maxlen: 24
85.239.150.0/24 maxlen: 24
85.239.149.0/24 maxlen: 24
85.239.148.0/24 maxlen: 24
185.95.158.0/24 maxlen: 24
185.95.157.0/24 maxlen: 24
185.95.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Sep 2023 19:30:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c0:e4:f7:c6:1e:50:f4:94:44:9d:cc:00:0e:42:92:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Aug 4 14:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ef0fd4bc0a840df473fa42a0f250d706a3bc3a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:eb:5a:a9:d2:5e:c0:0f:d4:74:5e:04:d4:f6:
05:fc:20:5a:bf:aa:bd:7a:f5:5c:ba:1c:b9:6d:45:
a1:3b:45:d5:53:38:fb:a5:c7:d7:e6:8a:05:7a:b5:
57:63:fa:83:5a:cf:cc:af:df:d9:a2:b3:ef:ba:b9:
6d:c1:38:3d:a4:38:b6:71:3f:8f:1f:1c:21:be:f7:
4f:8c:92:cb:9c:be:d9:ff:1f:2c:ca:07:b5:e5:af:
54:53:f8:8e:9f:b3:0a:e1:e3:2e:75:d2:10:da:05:
e2:ab:6f:59:84:29:44:58:c7:08:12:d0:a4:ca:21:
a0:bf:16:93:ca:28:90:c1:b5:fe:4e:c2:b8:6a:94:
a0:23:52:48:84:c0:99:66:d9:0f:0d:03:09:3e:0e:
47:5e:1d:d6:78:2c:4a:f0:c4:7c:72:d3:8d:1c:5e:
37:7a:61:e7:cc:43:e7:03:ae:13:5b:03:6b:a1:e8:
89:c9:39:c1:74:4f:26:87:a0:f9:a8:f3:1e:4a:61:
6b:38:49:51:a4:c4:8d:24:eb:f2:b8:d3:0a:59:81:
ab:c2:72:cc:52:e5:66:1e:cc:40:ed:34:54:e2:3a:
b4:6a:ef:05:f1:42:66:00:8e:33:3a:b7:fd:f8:c7:
22:dc:da:45:56:3a:46:43:7c:93:80:59:83:40:82:
1e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:F0:FD:4B:C0:A8:40:DF:47:3F:A4:2A:0F:25:0D:70:6A:3B:C3:A7
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/jvD9S8CoQN9HP6QqDyUNcGo7w6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.148.0/22
185.95.156.0-185.95.158.255
Signature Algorithm: sha256WithRSAEncryption
95:31:67:66:7b:a1:20:9a:8e:8e:c2:68:6f:1d:04:4b:1d:08:
72:f2:fc:c4:d0:96:ad:a6:fc:fd:bf:96:59:0f:c6:18:37:2f:
47:70:26:b6:06:c6:3d:a0:00:ee:b4:67:3c:3a:cf:ec:54:d3:
58:13:cc:bb:88:f3:4b:a1:6d:d5:34:b8:75:c4:66:2e:8c:d6:
b0:2e:91:e7:db:9d:48:c3:d3:8f:1c:c1:68:10:b8:6a:fa:8c:
4c:f5:20:bc:31:ca:a2:a0:d8:ea:32:6e:66:6e:28:1e:35:98:
56:b1:5e:90:7e:e8:5d:82:4e:26:1a:60:e5:7e:4a:43:44:ce:
41:bd:92:30:d4:56:0d:e5:bc:1a:1a:8d:ec:34:bf:71:4b:8b:
27:df:74:57:ca:b9:8b:03:e7:15:ea:c9:82:7b:88:97:22:66:
4d:5b:50:ee:95:01:5f:c2:88:fa:79:3f:e4:f6:5f:4b:9e:42:
0a:df:5f:54:db:a8:ee:5d:24:9d:25:1b:90:95:1d:5c:0a:92:
ef:5d:0d:69:34:73:d2:78:17:30:4a:76:d2:d3:d8:17:b9:1f:
09:2e:ac:e3:28:14:9a:f9:ab:27:fc:f9:4b:8a:91:28:34:28:
28:e6:e1:9e:e9:8b:fd:4c:95:66:29:dc:9f:04:b1:3a:bb:2e:
4a:c6:1b:28
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYnA5PfGHlD0lESdzAAOQpKzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjMwODA0MTQxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWYwZmQ0YmMwYTg0MGRmNDczZmE0MmEwZjI1MGQ3MDZhM2JjM2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjetaqdJewA/UdF4E1PYF/CBav6q9
evVcuhy5bUWhO0XVUzj7pcfX5ooFerVXY/qDWs/Mr9/ZorPvurltwTg9pDi2cT+P
HxwhvvdPjJLLnL7Z/x8syge15a9UU/iOn7MK4eMuddIQ2gXiq29ZhClEWMcIEtCk
yiGgvxaTyiiQwbX+TsK4apSgI1JIhMCZZtkPDQMJPg5HXh3WeCxK8MR8ctONHF43
emHnzEPnA64TWwNroeiJyTnBdE8mh6D5qPMeSmFrOElRpMSNJOvyuNMKWYGrwnLM
UuVmHsxA7TRU4jq0au8F8UJmAI4zOrf9+Mci3NpFVjpGQ3yTgFmDQIIehQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFI7w/UvAqEDfRz+kKg8lDXBqO8OnMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvanZEOVM4Q29RTjlIUDZRcUR5VU5jR283dzZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCVe+UMAwD
BAK5X5wDBAC5X54wDQYJKoZIhvcNAQELBQADggEBAJUxZ2Z7oSCajo7CaG8dBEsd
CHLy/MTQlq2m/P2/llkPxhg3L0dwJrYGxj2gAO60Zzw6z+xU01gTzLuI80uhbdU0
uHXEZi6M1rAukefbnUjD048cwWgQuGr6jEz1ILwxyqKg2OoybmZuKB41mFaxXpB+
6F2CTiYaYOV+SkNEzkG9kjDUVg3lvBoajew0v3FLiyffdFfKuYsD5xXqyYJ7iJci
Zk1bUO6VAV/CiPp5P+T2X0ueQgrfX1TbqO5dJJ0lG5CVHVwKku9dDWk0c9J4FzBK
dtLT2Be5HwkurOMoFJr5qyf8+UuKkSg0KCjm4Z7pi/1MlWYp3J8EsTq7LkrGGyg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:33 2024 by rpki-client on console-ams.rpki-client.org