Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/JE0v0S8DTtTH-rFDzXg3S91oPls.roa
File: JE0v0S8DTtTH-rFDzXg3S91oPls.roa (raw, json)
Hash identifier: yapdt3Zm8mjIGEIzhu6Ziawx8J8yLaTUODTOa7/7rJE=
Subject key identifier: 24:4D:2F:D1:2F:03:4E:D4:C7:FA:B1:43:CD:78:37:4B:DD:68:3E:5B
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018CCA2980FB644D6A505A8108BCA17717B4
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/JE0v0S8DTtTH-rFDzXg3S91oPls.roa
Signing time: Tue 02 Jan 2024 12:32:46 +0000
ROA not before: Tue 02 Jan 2024 12:32:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 85.203.45.0/24 maxlen: 24
85.203.54.0/24 maxlen: 24
85.203.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Mar 2024 09:16:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:80:fb:64:4d:6a:50:5a:81:08:bc:a1:77:17:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 12:32:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=244d2fd12f034ed4c7fab143cd78374bdd683e5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4e:24:99:4d:dc:df:4c:b6:b4:a6:4a:37:a9:
a2:71:5a:4c:30:e3:2d:bd:db:db:1f:7c:07:92:a9:
b4:0c:57:84:a3:06:57:47:c2:1c:26:fe:b8:8b:c8:
31:09:8e:b5:b0:1c:70:da:e4:59:4a:21:3c:9b:7d:
14:bb:68:a9:5e:bb:05:51:49:fe:70:37:85:24:f2:
21:3f:fd:aa:d2:c1:75:20:cc:64:73:f1:4a:01:fa:
81:be:99:ec:be:39:2d:ec:6d:92:5d:45:9d:d5:28:
11:4d:7a:16:13:f9:6a:4a:26:57:d3:d4:31:9c:3d:
1f:c2:db:a1:fb:e1:15:77:a1:bc:a8:6f:2d:79:7d:
8d:63:20:0f:61:a7:44:2b:68:d2:91:5c:6d:95:a3:
27:ff:84:a1:76:b7:75:24:96:4f:bc:65:f7:8e:f0:
c4:8e:09:47:cc:7d:df:36:7e:97:c8:34:1d:12:6f:
96:a6:aa:28:f2:f6:71:6e:94:50:dd:6a:9b:a2:20:
49:91:8c:f7:a5:b3:a2:52:4b:cf:48:52:fd:98:b2:
7c:b0:d2:c3:e0:b1:f9:ae:87:65:64:7e:5b:19:ae:
9c:27:f1:83:be:73:0a:f6:2e:35:fd:58:11:d7:21:
65:d9:4d:70:96:d0:18:40:80:ed:a8:80:f3:dc:b6:
72:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:4D:2F:D1:2F:03:4E:D4:C7:FA:B1:43:CD:78:37:4B:DD:68:3E:5B
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/JE0v0S8DTtTH-rFDzXg3S91oPls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.32.0/24
85.203.45.0/24
85.203.54.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:8a:f7:79:18:95:fd:83:8a:16:50:af:e8:4a:fb:9b:86:b5:
b6:ec:3e:fb:ce:b4:ec:50:1b:89:3a:a9:90:f4:82:f7:4f:2e:
9a:ef:9c:6c:28:57:c1:6e:8f:a9:80:42:1f:7b:5e:83:ea:50:
42:d5:0f:c9:55:07:b8:a6:e7:df:f4:59:82:8b:e6:97:e2:b7:
5f:8a:d1:f4:aa:64:b0:4d:ea:d0:c9:6a:4e:cd:28:37:7a:54:
e3:c4:47:54:be:a9:bc:93:30:f5:d1:33:56:d7:26:65:fb:78:
61:6b:37:39:16:68:36:fa:52:9b:1c:e8:2f:da:6d:b9:ac:87:
bb:ac:8c:84:6a:a5:7b:2d:0f:f4:76:06:b0:45:3a:15:9d:0f:
40:15:f4:97:e9:b7:74:8b:6d:f4:aa:33:3a:15:28:89:a0:97:
76:27:72:d5:43:f4:b3:c9:7b:38:41:81:59:68:a8:e7:37:74:
5a:92:9d:bb:be:e5:ad:68:35:b8:14:a3:c6:bc:b2:ae:3b:7f:
71:fb:b9:bf:e1:fc:62:c9:ed:bf:33:9a:e1:13:bc:7c:40:10:
6f:08:c9:8a:d8:86:a2:fb:f9:28:f7:f4:b8:00:df:18:ee:55:
d5:fc:8a:79:c8:de:3a:1a:c2:a5:22:d2:01:75:7e:9a:96:82:
ae:80:84:14
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKYD7ZE1qUFqBCLyhdxe0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjQwMTAyMTIzMjQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDRkMmZkMTJmMDM0ZWQ0YzdmYWIxNDNjZDc4Mzc0YmRkNjgzZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjk4kmU3c30y2tKZKN6micVpMMOMt
vdvbH3wHkqm0DFeEowZXR8IcJv64i8gxCY61sBxw2uRZSiE8m30Uu2ipXrsFUUn+
cDeFJPIhP/2q0sF1IMxkc/FKAfqBvpnsvjkt7G2SXUWd1SgRTXoWE/lqSiZX09Qx
nD0fwtuh++EVd6G8qG8teX2NYyAPYadEK2jSkVxtlaMn/4Shdrd1JJZPvGX3jvDE
jglHzH3fNn6XyDQdEm+Wpqoo8vZxbpRQ3WqboiBJkYz3pbOiUkvPSFL9mLJ8sNLD
4LH5rodlZH5bGa6cJ/GDvnMK9i41/VgR1yFl2U1wltAYQIDtqIDz3LZynwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCRNL9EvA07Ux/qxQ814N0vdaD5bMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvSkUwdjBTOERUdFRILXJGRHpYZzNTOTFvUGxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVcsgAwQA
VcstAwQAVcs2MA0GCSqGSIb3DQEBCwUAA4IBAQAqivd5GJX9g4oWUK/oSvubhrW2
7D77zrTsUBuJOqmQ9IL3Ty6a75xsKFfBbo+pgEIfe16D6lBC1Q/JVQe4puff9FmC
i+aX4rdfitH0qmSwTerQyWpOzSg3elTjxEdUvqm8kzD10TNW1yZl+3hhazc5Fmg2
+lKbHOgv2m25rIe7rIyEaqV7LQ/0dgawRToVnQ9AFfSX6bd0i230qjM6FSiJoJd2
J3LVQ/SzyXs4QYFZaKjnN3Rakp27vuWtaDW4FKPGvLKuO39x+7m/4fxiye2/M5rh
E7x8QBBvCMmK2Iai+/ko9/S4AN8Y7lXV/Ip5yN46GsKlItIBdX6aloKugIQU
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:23:07 2024 by rpki-client on console-fra.rpki-client.org