Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/86VzB_Ay2z4SgVNNBKmyONo2pEM.roa
File: 86VzB_Ay2z4SgVNNBKmyONo2pEM.roa (raw, json)
Hash identifier: dmEIxkJd3BDMdqOKL+MQiAQzY96/6ki/247SQU8i7FE=
Subject key identifier: F3:A5:73:07:F0:32:DB:3E:12:81:53:4D:04:A9:B2:38:DA:36:A4:43
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018571E895FF47F1BF13A00B038452D187F3
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/86VzB_Ay2z4SgVNNBKmyONo2pEM.roa
Signing time: Mon 02 Jan 2023 09:55:46 +0000
ROA not before: Mon 02 Jan 2023 09:55:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212669
IP address blocks: 85.209.121.0/24 maxlen: 24
45.151.0.0/24 maxlen: 24
45.138.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:e8:95:ff:47:f1:bf:13:a0:0b:03:84:52:d1:87:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 2 09:55:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3a57307f032db3e1281534d04a9b238da36a443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f2:9e:56:7a:93:0e:59:fc:be:d5:56:48:f0:
df:91:ec:9e:8e:55:7c:b7:59:04:40:fe:b5:b5:e1:
62:a0:40:85:f7:b8:35:67:f7:b0:73:49:52:21:9e:
d4:27:85:fb:70:47:08:cd:e2:54:e5:53:23:d9:63:
8e:4e:b5:1e:dc:de:97:43:23:51:74:a9:36:46:19:
15:f2:51:69:ac:93:a6:43:47:12:4a:61:2c:45:7a:
97:c3:69:97:0a:f5:e7:68:05:bc:39:59:b2:80:d3:
80:0a:93:c7:54:8d:ce:be:4e:4b:47:4c:0e:06:12:
74:32:06:ea:fa:b2:84:fb:8a:76:fd:26:af:f3:b9:
08:0d:8f:9b:e1:9e:31:4e:f4:60:fc:dd:c5:9d:53:
e9:dd:ba:0a:57:75:22:4e:a7:11:c7:04:4c:df:b2:
8b:e7:7b:70:35:be:5e:21:ce:28:79:88:c7:fc:fc:
6e:b0:29:44:c2:37:55:32:8b:c0:82:25:fc:70:cd:
26:8b:7f:71:03:47:8c:79:94:d8:f7:98:e1:33:e7:
40:5e:a4:b2:4c:3b:3c:5a:75:79:be:c7:cb:8a:20:
97:f3:6b:63:a1:ac:80:d7:36:54:91:b3:a3:42:71:
fe:c0:64:09:38:b0:b7:5a:6e:78:a8:7c:36:21:4f:
36:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:A5:73:07:F0:32:DB:3E:12:81:53:4D:04:A9:B2:38:DA:36:A4:43
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/86VzB_Ay2z4SgVNNBKmyONo2pEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.181.0/24
45.151.0.0/24
85.209.121.0/24
Signature Algorithm: sha256WithRSAEncryption
75:60:55:fc:1d:34:db:9b:23:56:22:f9:0a:f3:30:58:92:5a:
f7:8a:65:8a:6d:4e:bd:32:a7:85:fe:98:3d:b6:25:7a:8e:92:
1b:b3:8b:b7:b2:71:fe:f6:eb:c5:ad:b6:ea:c9:af:cc:e4:53:
3a:2a:c8:66:45:40:83:3b:3f:8f:af:94:1c:a7:6d:db:5c:23:
aa:a5:a9:4d:63:d3:69:0a:85:6e:48:81:d7:11:da:65:25:96:
a9:e1:a3:61:d4:95:fe:f5:5e:75:55:d4:03:1f:38:90:ec:8a:
66:51:e5:a2:18:83:5e:45:59:74:a7:a4:5d:b3:6c:37:a2:d9:
ae:59:d4:db:cc:ec:5d:09:54:cf:96:f5:27:4a:9d:46:8b:ac:
d2:96:52:cc:b9:92:c5:12:47:f8:eb:19:eb:60:19:3c:1a:a9:
81:c2:2c:33:2a:ac:3e:86:00:03:c7:de:08:98:ad:32:f6:c7:
96:b8:f4:f5:66:d3:63:cb:f4:a9:79:cb:32:bc:70:4a:ab:b0:
fc:00:c3:84:e4:47:0a:9a:a8:c6:32:f9:36:2f:29:2b:1f:f6:
eb:c9:58:44:74:ba:17:31:49:06:f0:0a:1c:aa:18:95:e1:99:
30:bf:a6:a3:f8:49:41:57:18:81:ce:c1:57:1d:85:00:16:dc:
41:50:a9:bb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVx6JX/R/G/E6ALA4RS0YfzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMTAyMDk1NTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2E1NzMwN2YwMzJkYjNlMTI4MTUzNGQwNGE5YjIzOGRhMzZhNDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/KeVnqTDln8vtVWSPDfkeyejlV8
t1kEQP61teFioECF97g1Z/ewc0lSIZ7UJ4X7cEcIzeJU5VMj2WOOTrUe3N6XQyNR
dKk2RhkV8lFprJOmQ0cSSmEsRXqXw2mXCvXnaAW8OVmygNOACpPHVI3Ovk5LR0wO
BhJ0Mgbq+rKE+4p2/Sav87kIDY+b4Z4xTvRg/N3FnVPp3boKV3UiTqcRxwRM37KL
53twNb5eIc4oeYjH/PxusClEwjdVMovAgiX8cM0mi39xA0eMeZTY95jhM+dAXqSy
TDs8WnV5vsfLiiCX82tjoayA1zZUkbOjQnH+wGQJOLC3Wm54qHw2IU82xwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPOlcwfwMts+EoFTTQSpsjjaNqRDMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvODZWekJfQXkyejRTZ1ZOTkJLbXlPTm8ycEVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYq1AwQA
LZcAAwQAVdF5MA0GCSqGSIb3DQEBCwUAA4IBAQB1YFX8HTTbmyNWIvkK8zBYklr3
imWKbU69MqeF/pg9tiV6jpIbs4u3snH+9uvFrbbqya/M5FM6KshmRUCDOz+Pr5Qc
p23bXCOqpalNY9NpCoVuSIHXEdplJZap4aNh1JX+9V51VdQDHziQ7IpmUeWiGINe
RVl0p6Rds2w3otmuWdTbzOxdCVTPlvUnSp1Gi6zSllLMuZLFEkf46xnrYBk8GqmB
wiwzKqw+hgADx94ImK0y9seWuPT1ZtNjy/SpecsyvHBKq7D8AMOE5EcKmqjGMvk2
LykrH/bryVhEdLoXMUkG8AocqhiV4Zkwv6aj+ElBVxiBzsFXHYUAFtxBUKm7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org