Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/gm9MLhXOH5BU9GCgeHpCcYtvKrM.roa
File: gm9MLhXOH5BU9GCgeHpCcYtvKrM.roa (raw, json)
Hash identifier: Qjd3qEPfWj9VoCcPBEK1qbUuz0D3wyk+Ccgmo96/yR0=
Subject key identifier: 82:6F:4C:2E:15:CE:1F:90:54:F4:60:A0:78:7A:42:71:8B:6F:2A:B3
Certificate issuer: /CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Certificate serial: 018CC348F0A8690063708999C6C1BE5C0691
Authority key identifier: 3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/gm9MLhXOH5BU9GCgeHpCcYtvKrM.roa
Signing time: Mon 01 Jan 2024 04:29:46 +0000
ROA not before: Mon 01 Jan 2024 04:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208905
IP address blocks: 85.130.240.0/22 maxlen: 24
85.130.248.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 16:20:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f0:a8:69:00:63:70:89:99:c6:c1:be:5c:06:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Validity
Not Before: Jan 1 04:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=826f4c2e15ce1f9054f460a0787a42718b6f2ab3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c9:b2:f6:86:20:82:a8:26:3c:05:33:d0:58:
6a:3b:c0:e9:e1:9d:33:75:ca:ab:78:48:5d:d8:17:
92:cf:ed:5d:55:03:63:c5:8d:e0:35:f3:21:c7:88:
f2:51:53:c4:3c:b3:40:d5:b1:07:8b:3a:81:6f:ea:
d2:6d:7f:f1:b6:bd:4a:97:c9:7b:23:bb:6e:fe:fd:
55:1e:e8:00:2d:04:00:d8:92:8e:0b:d0:c4:70:77:
92:c0:f8:df:58:27:60:04:b2:0a:44:3a:f6:2f:31:
07:2b:d8:64:d9:59:4a:76:fa:c9:10:72:1a:82:79:
ad:6f:32:e5:05:17:3a:ba:22:c4:3d:64:69:6e:b6:
cf:73:81:56:d3:03:ab:69:8c:c4:2d:25:32:d3:c8:
5e:59:cf:fa:61:64:9f:76:9a:1a:fe:e1:39:18:de:
de:6c:92:24:ba:5e:27:0c:2a:e6:c6:71:03:b8:69:
a5:6b:11:1a:48:80:fa:d0:4a:89:ea:ce:a4:4e:68:
d9:95:0e:96:4c:43:46:10:9f:2f:19:c9:6a:e2:da:
42:26:1d:a5:78:01:0c:ee:f5:87:ef:c0:a8:28:28:
60:1d:a0:7b:65:d5:28:4b:e3:0b:29:52:71:1e:d9:
ee:6f:c7:d0:e6:5d:c4:62:09:fb:a3:60:6b:3c:e1:
d4:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:6F:4C:2E:15:CE:1F:90:54:F4:60:A0:78:7A:42:71:8B:6F:2A:B3
X509v3 Authority Key Identifier:
keyid:3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/gm9MLhXOH5BU9GCgeHpCcYtvKrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.130.240.0/22
85.130.248.0/21
Signature Algorithm: sha256WithRSAEncryption
23:e2:c7:54:ec:72:62:20:9b:c9:4c:f0:58:79:4b:25:02:cf:
c5:a4:0d:a9:8c:5b:39:47:b5:b2:6e:28:13:62:06:2d:8a:6b:
12:c5:08:ef:0b:20:5b:67:fc:09:4c:45:18:60:30:bc:17:a2:
fa:bf:f6:87:e9:52:23:ef:df:6e:09:42:a4:a5:c6:cd:b8:a2:
41:69:7f:54:01:7e:ed:a7:80:ff:1c:39:30:23:35:f2:94:c0:
e9:aa:10:78:16:91:ea:3b:98:c8:7e:af:51:71:1c:d0:e5:03:
25:05:35:fd:c7:3a:c4:66:f2:43:aa:f7:6e:bc:a8:de:d6:8d:
06:40:a1:4b:c7:2e:e3:73:2d:9c:de:d7:e2:85:8a:81:8f:71:
31:dc:00:9c:a3:45:7d:04:01:35:1d:9f:e6:ba:23:75:a7:b0:
da:de:02:fd:3c:7a:98:01:ad:07:e7:50:71:b0:01:fa:2a:5d:
0c:18:f5:0d:da:c0:45:00:51:37:15:d4:18:e8:bd:19:ef:af:
2d:87:61:e8:22:1d:da:3b:7a:e9:57:23:13:21:f0:a3:54:31:
e0:28:77:21:d0:df:fa:69:81:09:93:97:e5:8f:5f:0d:52:90:
8f:b0:54:37:ea:9c:75:78:e2:df:f1:ef:a1:99:c1:37:df:5c:
de:01:77:06
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSPCoaQBjcImZxsG+XAaRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZWRkODVjMWVjY2I1ZmY0YmE5MzAxMTdhNzMyOTA5OWMw
ZmYyZWIwHhcNMjQwMTAxMDQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjZmNGMyZTE1Y2UxZjkwNTRmNDYwYTA3ODdhNDI3MThiNmYyYWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsmy9oYggqgmPAUz0FhqO8Dp4Z0z
dcqreEhd2BeSz+1dVQNjxY3gNfMhx4jyUVPEPLNA1bEHizqBb+rSbX/xtr1Kl8l7
I7tu/v1VHugALQQA2JKOC9DEcHeSwPjfWCdgBLIKRDr2LzEHK9hk2VlKdvrJEHIa
gnmtbzLlBRc6uiLEPWRpbrbPc4FW0wOraYzELSUy08heWc/6YWSfdpoa/uE5GN7e
bJIkul4nDCrmxnEDuGmlaxEaSID60EqJ6s6kTmjZlQ6WTENGEJ8vGclq4tpCJh2l
eAEM7vWH78CoKChgHaB7ZdUoS+MLKVJxHtnub8fQ5l3EYgn7o2BrPOHUkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIJvTC4Vzh+QVPRgoHh6QnGLbyqzMB8GA1UdIwQY
MBaAFD/t2FwezLX/S6kwEXpzKQmcD/LrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQt
ZTJiNTI3NzI4ZTk2LzEvZ205TUxoWE9INUJVOUdDZ2VIcENjWXR2S3JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQtZTJiNTI3NzI4ZTk2
LzEvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVYLwAwQD
VYL4MA0GCSqGSIb3DQEBCwUAA4IBAQAj4sdU7HJiIJvJTPBYeUslAs/FpA2pjFs5
R7WybigTYgYtimsSxQjvCyBbZ/wJTEUYYDC8F6L6v/aH6VIj799uCUKkpcbNuKJB
aX9UAX7tp4D/HDkwIzXylMDpqhB4FpHqO5jIfq9RcRzQ5QMlBTX9xzrEZvJDqvdu
vKje1o0GQKFLxy7jcy2c3tfihYqBj3Ex3ACco0V9BAE1HZ/muiN1p7Da3gL9PHqY
Aa0H51BxsAH6Kl0MGPUN2sBFAFE3FdQY6L0Z768th2HoIh3aO3rpVyMTIfCjVDHg
KHch0N/6aYEJk5flj18NUpCPsFQ36px1eOLf8e+hmcE331zeAXcG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:17 2024 by rpki-client on console-ams.rpki-client.org