Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/DqMW0bKwGGodtKvR7ePwVQHUfZE.roa
File: DqMW0bKwGGodtKvR7ePwVQHUfZE.roa (raw, json)
Hash identifier: v3782WEqog0hop5dxPE+d7sOKc5lEu5D59EkilOAci4=
Subject key identifier: 0E:A3:16:D1:B2:B0:18:6A:1D:B4:AB:D1:ED:E3:F0:55:01:D4:7D:91
Certificate issuer: /CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Certificate serial: 018BF1D3F504EB5CDCD9D4479CDB9066077A
Authority key identifier: 3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/DqMW0bKwGGodtKvR7ePwVQHUfZE.roa
Signing time: Tue 21 Nov 2023 12:21:21 +0000
ROA not before: Tue 21 Nov 2023 12:21:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208905
IP address blocks: 85.130.240.0/22 maxlen: 24
85.130.248.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f1:d3:f5:04:eb:5c:dc:d9:d4:47:9c:db:90:66:07:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Validity
Not Before: Nov 21 12:21:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ea316d1b2b0186a1db4abd1ede3f05501d47d91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:86:af:f4:16:9a:0a:dc:ff:34:a8:8a:34:07:
ee:9d:3f:b1:63:63:83:24:73:dd:56:8f:13:82:76:
d2:b9:4a:fc:8f:00:21:7d:ef:f9:06:99:50:53:24:
5a:02:16:fb:98:22:0f:dd:a1:0e:74:7b:a8:f0:f8:
ce:f4:b6:8d:4d:b5:49:a7:25:da:a5:ef:37:df:f5:
95:ac:6f:c9:cd:7e:eb:18:07:cc:16:7e:80:cd:6a:
f8:f8:1f:6a:10:de:e1:3f:6a:04:e2:0f:57:d9:18:
29:7d:d6:c2:c7:73:f4:84:a6:ac:4d:28:0c:1f:f9:
b7:64:a1:e5:19:eb:65:2e:36:d2:f6:2f:ea:6f:ea:
14:d5:01:88:4e:2f:f8:b8:f1:d6:56:23:c3:df:18:
a6:dc:1f:9c:83:fb:24:4e:40:26:f2:e8:46:0f:f6:
2d:17:f6:6e:ed:a3:93:a8:76:c1:a0:bf:29:29:45:
02:1b:59:17:1f:0d:47:0f:4c:0a:af:42:33:eb:6a:
c2:3e:33:d9:45:43:80:01:91:29:e6:25:2a:e6:1d:
90:c6:ea:c6:70:ad:76:5a:69:5c:ec:74:13:48:99:
de:68:6f:73:86:c5:cc:e8:76:b2:cf:91:12:8f:1a:
08:f4:33:28:55:98:89:6a:9e:f4:34:4c:8e:ab:dd:
78:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:A3:16:D1:B2:B0:18:6A:1D:B4:AB:D1:ED:E3:F0:55:01:D4:7D:91
X509v3 Authority Key Identifier:
keyid:3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/DqMW0bKwGGodtKvR7ePwVQHUfZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.130.240.0/22
85.130.248.0/21
Signature Algorithm: sha256WithRSAEncryption
1f:15:e7:c2:f2:6f:7f:d7:c8:30:89:e7:bf:17:e2:bd:10:5e:
40:5b:d8:06:c5:1b:49:69:00:99:26:4f:c4:1a:63:47:0e:b2:
75:ed:bb:04:02:2f:52:59:96:77:ab:83:94:1a:ba:6f:3c:b3:
9d:18:62:3e:c1:56:c1:68:19:57:a2:6a:6c:98:42:60:c8:ba:
d4:59:46:3d:7b:ce:c8:0d:da:72:09:c0:ce:1b:86:c6:9c:d7:
d2:9a:9f:74:fc:a0:52:cc:b3:e1:30:ae:2f:e1:23:ad:5c:04:
20:6c:d2:2e:a8:6c:a9:6a:ac:6c:6c:33:86:5d:00:86:8e:da:
28:43:59:69:b7:ae:0a:da:c4:e9:bc:45:a4:be:5b:1d:f9:ae:
6d:17:3b:aa:1c:01:49:5b:b1:25:e8:3a:8b:ee:0e:6a:6d:3f:
39:57:25:f6:2a:61:98:f7:fe:97:1e:7f:69:3c:bb:ab:63:be:
62:ef:53:5b:ec:15:4c:d9:4a:44:d9:0f:e4:bc:de:37:59:50:
f9:66:a5:5f:74:07:c9:18:a5:ab:27:01:9b:51:23:68:d9:34:
78:93:96:5b:3b:eb:28:4a:fd:b9:38:e8:48:39:95:19:14:6a:
da:10:6f:d2:82:fd:b1:a5:52:9f:87:25:43:b9:e8:b7:ce:27:
30:70:58:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvx0/UE61zc2dRHnNuQZgd6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZWRkODVjMWVjY2I1ZmY0YmE5MzAxMTdhNzMyOTA5OWMw
ZmYyZWIwHhcNMjMxMTIxMTIyMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWEzMTZkMWIyYjAxODZhMWRiNGFiZDFlZGUzZjA1NTAxZDQ3ZDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloav9BaaCtz/NKiKNAfunT+xY2OD
JHPdVo8TgnbSuUr8jwAhfe/5BplQUyRaAhb7mCIP3aEOdHuo8PjO9LaNTbVJpyXa
pe833/WVrG/JzX7rGAfMFn6AzWr4+B9qEN7hP2oE4g9X2RgpfdbCx3P0hKasTSgM
H/m3ZKHlGetlLjbS9i/qb+oU1QGITi/4uPHWViPD3xim3B+cg/skTkAm8uhGD/Yt
F/Zu7aOTqHbBoL8pKUUCG1kXHw1HD0wKr0Iz62rCPjPZRUOAAZEp5iUq5h2QxurG
cK12Wmlc7HQTSJneaG9zhsXM6Hayz5ESjxoI9DMoVZiJap70NEyOq914iQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA6jFtGysBhqHbSr0e3j8FUB1H2RMB8GA1UdIwQY
MBaAFD/t2FwezLX/S6kwEXpzKQmcD/LrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQt
ZTJiNTI3NzI4ZTk2LzEvRHFNVzBiS3dHR29kdEt2UjdlUHdWUUhVZlpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQtZTJiNTI3NzI4ZTk2
LzEvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVYLwAwQD
VYL4MA0GCSqGSIb3DQEBCwUAA4IBAQAfFefC8m9/18gwiee/F+K9EF5AW9gGxRtJ
aQCZJk/EGmNHDrJ17bsEAi9SWZZ3q4OUGrpvPLOdGGI+wVbBaBlXompsmEJgyLrU
WUY9e87IDdpyCcDOG4bGnNfSmp90/KBSzLPhMK4v4SOtXAQgbNIuqGypaqxsbDOG
XQCGjtooQ1lpt64K2sTpvEWkvlsd+a5tFzuqHAFJW7El6DqL7g5qbT85VyX2KmGY
9/6XHn9pPLurY75i71Nb7BVM2UpE2Q/kvN43WVD5ZqVfdAfJGKWrJwGbUSNo2TR4
k5ZbO+soSv25OOhIOZUZFGraEG/Sgv2xpVKfhyVDuei3zicwcFjP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:16 2024 by rpki-client on console-ams.rpki-client.org