Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/7Cg1TpVKRnQsbYLL2XmGzSIe73A.roa
File: 7Cg1TpVKRnQsbYLL2XmGzSIe73A.roa (raw, json)
Hash identifier: c7+KFhfDLyXjVj/2FN0JSzNkhUaa8MdcMJH8FHpXXP4=
Subject key identifier: EC:28:35:4E:95:4A:46:74:2C:6D:82:CB:D9:79:86:CD:22:1E:EF:70
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018572CCA2027531FC4FF62E7F1904B70DF8
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/7Cg1TpVKRnQsbYLL2XmGzSIe73A.roa
Signing time: Mon 02 Jan 2023 14:04:51 +0000
ROA not before: Mon 02 Jan 2023 14:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206092
IP address blocks: 85.203.21.0/24 maxlen: 24
85.203.20.0/24 maxlen: 24
85.203.34.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:a2:02:75:31:fc:4f:f6:2e:7f:19:04:b7:0d:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 14:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec28354e954a46742c6d82cbd97986cd221eef70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e9:cf:b2:7b:9f:62:73:a4:f4:4e:af:36:de:
f4:3f:85:a7:98:32:2e:09:e7:d6:60:2e:0f:f2:29:
b7:3f:e5:d1:dd:bd:09:e9:3c:90:c5:c1:94:b8:06:
6a:30:41:00:ed:02:1c:a5:86:09:60:88:db:21:f9:
91:62:cd:cb:a3:be:a4:dc:3b:49:55:c0:42:9f:1d:
05:1b:ae:bd:75:ee:c2:78:80:46:42:cc:61:15:ef:
67:0f:01:5a:18:e9:6d:4b:65:d9:96:a6:fa:d6:c6:
2d:8b:43:b7:9b:64:c3:7b:f9:b7:6a:6a:4a:0d:3f:
d0:1f:b0:4d:77:11:fe:a9:e8:c4:da:7a:86:1c:64:
68:f6:9d:9e:d5:dd:24:c0:df:cf:19:af:74:20:ca:
c6:ea:21:86:83:ac:6c:9f:63:bf:07:f6:20:b4:06:
b3:90:08:e4:5a:7c:1c:0d:7c:ce:cb:90:d5:51:9a:
18:34:48:54:6e:77:80:76:38:bc:db:41:24:b6:31:
bf:21:25:80:f5:0c:49:37:03:86:20:f1:b4:66:a0:
e7:23:c2:13:da:f6:09:d3:fb:5b:2e:78:32:c8:74:
05:da:d7:5a:be:57:de:63:54:6c:30:46:83:34:80:
1d:fa:07:0d:44:df:4a:76:55:f4:55:af:5b:27:8d:
a1:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:28:35:4E:95:4A:46:74:2C:6D:82:CB:D9:79:86:CD:22:1E:EF:70
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/7Cg1TpVKRnQsbYLL2XmGzSIe73A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.20.0/23
85.203.34.0/24
Signature Algorithm: sha256WithRSAEncryption
66:54:fb:7e:b2:ec:16:3f:64:c1:aa:96:25:93:b8:bb:59:2d:
6b:f5:15:cd:3a:e2:28:79:44:d1:80:b0:71:82:8a:c8:62:b2:
51:86:aa:37:31:72:cf:b1:06:9c:e8:2f:a8:af:75:cb:ae:9e:
f2:9e:02:03:49:bb:55:0b:e4:4f:2c:ab:0e:f1:8b:b4:36:05:
62:07:db:d7:71:ba:8d:8d:18:a5:0b:1e:15:ea:6d:ad:16:e2:
0a:dc:57:18:c1:37:76:44:37:71:65:59:02:9b:9c:a2:92:b2:
fc:34:49:d0:55:c7:1c:52:f2:4f:c7:cd:5e:da:a5:44:73:a2:
cd:cb:ab:55:dc:13:5b:8b:e7:cb:35:a1:6a:70:93:b6:d8:9e:
1d:dc:a8:90:fa:49:ed:f1:3d:56:a7:2e:bc:3d:be:d8:d6:b4:
ba:8d:26:01:33:6a:6a:17:50:24:48:6f:b8:5d:7b:62:c9:f7:
ed:d3:e9:4b:40:d9:17:89:5e:ab:59:c9:84:f7:7c:d4:00:3b:
82:c5:52:af:5f:6e:98:bf:14:03:57:c1:36:92:e3:20:eb:63:
cb:73:50:be:be:46:88:a8:a5:4b:1a:1b:4b:63:23:83:6e:1d:
18:d6:7a:b3:4e:39:b7:40:c5:b3:11:60:6c:34:b4:23:90:e2:
c4:9c:2b:7f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyzKICdTH8T/YufxkEtw34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjMwMTAyMTQwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzI4MzU0ZTk1NGE0Njc0MmM2ZDgyY2JkOTc5ODZjZDIyMWVlZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtunPsnufYnOk9E6vNt70P4WnmDIu
CefWYC4P8im3P+XR3b0J6TyQxcGUuAZqMEEA7QIcpYYJYIjbIfmRYs3Lo76k3DtJ
VcBCnx0FG669de7CeIBGQsxhFe9nDwFaGOltS2XZlqb61sYti0O3m2TDe/m3ampK
DT/QH7BNdxH+qejE2nqGHGRo9p2e1d0kwN/PGa90IMrG6iGGg6xsn2O/B/YgtAaz
kAjkWnwcDXzOy5DVUZoYNEhUbneAdji820EktjG/ISWA9QxJNwOGIPG0ZqDnI8IT
2vYJ0/tbLngyyHQF2tdavlfeY1RsMEaDNIAd+gcNRN9KdlX0Va9bJ42htwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOwoNU6VSkZ0LG2Cy9l5hs0iHu9wMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvN0NnMVRwVktSblFzYllMTDJYbUd6U0llNzNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVcsUAwQA
VcsiMA0GCSqGSIb3DQEBCwUAA4IBAQBmVPt+suwWP2TBqpYlk7i7WS1r9RXNOuIo
eUTRgLBxgorIYrJRhqo3MXLPsQac6C+or3XLrp7yngIDSbtVC+RPLKsO8Yu0NgVi
B9vXcbqNjRilCx4V6m2tFuIK3FcYwTd2RDdxZVkCm5yikrL8NEnQVcccUvJPx81e
2qVEc6LNy6tV3BNbi+fLNaFqcJO22J4d3KiQ+knt8T1Wpy68Pb7Y1rS6jSYBM2pq
F1AkSG+4XXtiyfft0+lLQNkXiV6rWcmE93zUADuCxVKvX26YvxQDV8E2kuMg62PL
c1C+vkaIqKVLGhtLYyODbh0Y1nqzTjm3QMWzEWBsNLQjkOLEnCt/
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:33 2024 by rpki-client on console-ams.rpki-client.org