Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/ARoRJni3n1b5HCxXxlb054ZO-NE.roa
File: ARoRJni3n1b5HCxXxlb054ZO-NE.roa (raw, json)
Hash identifier: 14wGjvH7XbR0b7I2QCs2v9aCs5ocOrW7LSFaREOu2AA=
Subject key identifier: 01:1A:11:26:78:B7:9F:56:F9:1C:2C:57:C6:56:F4:E7:86:4E:F8:D1
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 0185A5D51B13AB278B4193A47A65A2E262F3
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/ARoRJni3n1b5HCxXxlb054ZO-NE.roa
Signing time: Thu 12 Jan 2023 11:54:44 +0000
ROA not before: Thu 12 Jan 2023 11:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39855
IP address blocks: 85.203.9.0/24 maxlen: 24
85.203.16.0/24 maxlen: 24
85.203.28.0/22 maxlen: 24
85.203.25.0/24 maxlen: 24
85.203.38.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:d5:1b:13:ab:27:8b:41:93:a4:7a:65:a2:e2:62:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 12 11:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=011a112678b79f56f91c2c57c656f4e7864ef8d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:29:66:8a:c4:db:0d:cf:13:1c:1b:d9:99:66:
cc:3c:2d:fa:bb:70:97:12:da:5d:d5:0c:50:e6:e2:
62:74:9d:df:66:48:8d:9d:db:16:15:5e:38:82:41:
a4:73:cf:be:d8:74:e1:f9:60:29:5d:d5:76:1b:03:
fc:8d:88:62:f5:96:57:fb:87:75:dc:39:12:4c:9b:
92:6e:3e:24:3a:85:2f:e0:7f:b8:14:ae:f1:21:61:
88:5f:98:f3:e0:fc:72:9d:33:0f:84:56:3e:37:3f:
89:93:81:f2:e4:95:95:dc:48:56:2f:af:8d:37:5d:
b3:aa:88:a3:ea:e3:18:69:8e:69:01:80:56:91:19:
2a:47:b7:ac:ff:0f:79:50:15:3b:3d:e1:7c:46:54:
c7:57:d4:f5:62:90:34:92:c1:10:d6:52:4f:88:4e:
92:4b:a5:59:ff:02:c2:04:9d:14:9d:06:3e:c2:8f:
df:cf:01:47:f2:22:53:16:85:c4:7c:ed:07:09:20:
cb:d7:79:fa:66:16:36:1b:d6:35:8a:81:ce:b6:5f:
26:50:ce:b9:ae:b4:65:5c:49:0f:52:37:7e:99:69:
26:fa:53:c2:70:05:2c:33:a4:42:93:c1:d1:03:b9:
b3:64:87:16:61:4c:93:92:c0:a2:93:d8:1e:32:7e:
83:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:1A:11:26:78:B7:9F:56:F9:1C:2C:57:C6:56:F4:E7:86:4E:F8:D1
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/ARoRJni3n1b5HCxXxlb054ZO-NE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.9.0/24
85.203.16.0/24
85.203.25.0/24
85.203.28.0/22
85.203.38.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:38:0e:2f:aa:8f:88:bd:88:2d:63:1c:c8:22:1c:c7:97:df:
4e:98:59:a0:4b:04:15:eb:eb:4c:a6:01:1b:82:3e:25:17:06:
7e:a6:4b:4b:46:52:9d:1b:0b:86:e9:f2:44:b8:5d:ea:ac:df:
42:b3:41:97:1f:e8:57:c0:22:f9:aa:85:1e:05:f4:be:2a:93:
4c:e0:bd:36:d1:db:b5:94:ed:75:de:3b:a9:19:dd:6c:bd:9a:
ad:59:cd:44:cf:77:e9:b4:45:93:c1:2d:5e:a7:7c:9b:d3:b8:
3a:44:da:2d:fd:c3:e4:d7:36:06:11:ae:43:a7:8c:05:01:a8:
d7:e8:16:0a:98:17:6b:73:68:fc:20:82:0d:eb:c2:9c:1c:f7:
09:b2:ff:44:95:36:aa:d5:4d:d0:3a:64:ed:c4:60:1b:ad:8a:
e6:4b:6f:9f:b3:ed:77:ba:21:ac:9a:41:2d:eb:00:d3:97:de:
d8:a1:3b:a7:e3:ac:4b:da:a2:c6:43:79:47:fa:a5:ae:c3:9d:
e7:1f:7c:89:99:54:08:33:82:c1:38:16:78:45:8a:3b:bc:97:
6b:d5:49:25:e7:e0:e5:98:7c:52:b6:0e:80:45:ac:73:00:8a:
e5:0f:7f:2f:bd:9f:63:ce:c6:18:39:33:91:1f:b2:87:67:29:
c8:3c:12:02
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYWl1RsTqyeLQZOkemWi4mLzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjMwMTEyMTE1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTFhMTEyNjc4Yjc5ZjU2ZjkxYzJjNTdjNjU2ZjRlNzg2NGVmOGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6SlmisTbDc8THBvZmWbMPC36u3CX
Etpd1QxQ5uJidJ3fZkiNndsWFV44gkGkc8++2HTh+WApXdV2GwP8jYhi9ZZX+4d1
3DkSTJuSbj4kOoUv4H+4FK7xIWGIX5jz4PxynTMPhFY+Nz+Jk4Hy5JWV3EhWL6+N
N12zqoij6uMYaY5pAYBWkRkqR7es/w95UBU7PeF8RlTHV9T1YpA0ksEQ1lJPiE6S
S6VZ/wLCBJ0UnQY+wo/fzwFH8iJTFoXEfO0HCSDL13n6ZhY2G9Y1ioHOtl8mUM65
rrRlXEkPUjd+mWkm+lPCcAUsM6RCk8HRA7mzZIcWYUyTksCik9geMn6D+wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAEaESZ4t59W+RwsV8ZW9OeGTvjRMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvQVJvUkpuaTNuMWI1SEN4WHhsYjA1NFpPLU5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVcsJAwQA
VcsQAwQAVcsZAwQCVcscAwQAVcsmMA0GCSqGSIb3DQEBCwUAA4IBAQBcOA4vqo+I
vYgtYxzIIhzHl99OmFmgSwQV6+tMpgEbgj4lFwZ+pktLRlKdGwuG6fJEuF3qrN9C
s0GXH+hXwCL5qoUeBfS+KpNM4L020du1lO113jupGd1svZqtWc1Ez3fptEWTwS1e
p3yb07g6RNot/cPk1zYGEa5Dp4wFAajX6BYKmBdrc2j8IIIN68KcHPcJsv9ElTaq
1U3QOmTtxGAbrYrmS2+fs+13uiGsmkEt6wDTl97YoTun46xL2qLGQ3lH+qWuw53n
H3yJmVQIM4LBOBZ4RYo7vJdr1Ukl5+DlmHxStg6ARaxzAIrlD38vvZ9jzsYYOTOR
H7KHZynIPBIC
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:15 2024 by rpki-client on console-fra.rpki-client.org