Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/cJA8bnY8bAkOsifmy5Zb4DMGvhM.roa
File: cJA8bnY8bAkOsifmy5Zb4DMGvhM.roa (raw, json)
Hash identifier: C0L8VKoqaBRaD8a32/vA0VOw1/D0/Dr7DdPlpQ7zUdk=
Subject key identifier: 70:90:3C:6E:76:3C:6C:09:0E:B2:27:E6:CB:96:5B:E0:33:06:BE:13
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018AFE320E69316CB8F6E8398DC04E5F3F57
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/cJA8bnY8bAkOsifmy5Zb4DMGvhM.roa
Signing time: Thu 05 Oct 2023 04:56:47 +0000
ROA not before: Thu 05 Oct 2023 04:56:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13213
IP address blocks: 85.203.46.0/24 maxlen: 24
85.203.23.0/24 maxlen: 24
85.203.22.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fe:32:0e:69:31:6c:b8:f6:e8:39:8d:c0:4e:5f:3f:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Oct 5 04:56:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70903c6e763c6c090eb227e6cb965be03306be13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:68:5e:f9:78:13:e7:32:77:d6:4c:8e:4d:71:
12:74:90:01:08:09:80:75:3d:a3:00:b7:7a:c4:d5:
6f:01:b6:83:05:f4:f6:17:c5:f9:8e:24:d2:6d:02:
89:cf:d8:b8:0a:49:50:bf:98:e0:91:1e:d0:1c:66:
2e:b6:1c:51:a0:14:3e:db:74:00:37:24:34:ed:be:
49:b8:db:10:12:54:c7:eb:90:5d:10:c2:82:31:7c:
15:94:56:6b:84:4f:bc:9f:56:73:ba:45:8f:df:c2:
ac:31:aa:2d:6e:34:bd:f9:c4:fc:56:e9:6e:8e:97:
50:76:c4:04:2c:7d:59:51:83:2f:64:cb:c9:0c:7d:
7d:91:58:cb:05:25:2f:8e:4b:05:92:6b:fe:a1:f5:
11:bc:21:92:0a:de:b9:ed:a5:08:2e:48:c0:e7:3d:
8a:c1:29:28:a1:ab:22:71:5b:5b:7f:01:fd:0e:0c:
37:0e:4f:51:b8:78:94:db:a6:80:f2:a4:9f:91:78:
14:00:cc:c3:7b:30:0e:a2:e0:bb:ff:5a:a6:f2:15:
b0:b1:d4:7e:67:ce:8c:9f:ff:e0:a4:3d:91:1c:b5:
16:bd:73:6f:66:84:c1:64:aa:04:6b:ee:4d:11:d8:
62:6c:0e:49:1e:01:1e:8f:36:9d:7c:82:7e:47:e5:
ae:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:90:3C:6E:76:3C:6C:09:0E:B2:27:E6:CB:96:5B:E0:33:06:BE:13
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/cJA8bnY8bAkOsifmy5Zb4DMGvhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.22.0/23
85.203.46.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:48:86:0f:78:31:02:1b:0e:71:6d:12:8f:91:20:c4:48:3e:
58:13:c6:02:78:87:d3:42:72:49:01:a5:e9:a3:02:b2:13:c0:
cf:6e:5c:93:be:f1:d9:bc:45:45:36:27:21:cd:6d:6c:a3:42:
a8:72:46:73:36:9a:8d:4c:38:7f:69:e7:16:bb:7b:34:b5:dc:
ec:54:f1:39:9f:e1:ef:27:65:89:ee:01:74:cf:8b:0e:43:45:
e5:ab:3e:80:47:2f:d3:87:5c:ac:a5:dc:52:26:ab:f0:c9:b6:
ea:a5:00:d9:35:b3:78:1e:07:e7:47:bf:b7:69:44:76:f6:58:
b0:e0:19:11:7e:e7:7b:47:73:2b:b7:62:11:db:1e:8f:54:82:
df:26:b8:07:5e:20:2a:cf:75:73:dd:58:48:1f:1d:2f:6d:9b:
a4:80:00:ff:4a:1b:41:49:8f:ec:86:f3:07:68:63:cf:3b:b8:
94:d8:64:67:cb:3a:85:50:10:4d:39:b2:36:b7:72:dc:54:91:
fb:f9:ad:a5:87:c6:5e:b5:ec:54:9c:13:78:88:ea:ee:6d:81:
e5:84:96:cc:63:6f:b5:56:d3:1c:9e:dc:3c:45:b5:2c:18:9f:
3d:21:62:00:ed:e8:1a:7d:3c:83:0e:f6:03:5e:01:bb:21:3d:
9f:73:d5:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYr+Mg5pMWy49ug5jcBOXz9XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjMxMDA1MDQ1NjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDkwM2M2ZTc2M2M2YzA5MGViMjI3ZTZjYjk2NWJlMDMzMDZiZTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGhe+XgT5zJ31kyOTXESdJABCAmA
dT2jALd6xNVvAbaDBfT2F8X5jiTSbQKJz9i4CklQv5jgkR7QHGYuthxRoBQ+23QA
NyQ07b5JuNsQElTH65BdEMKCMXwVlFZrhE+8n1ZzukWP38KsMaotbjS9+cT8Vulu
jpdQdsQELH1ZUYMvZMvJDH19kVjLBSUvjksFkmv+ofURvCGSCt657aUILkjA5z2K
wSkooasicVtbfwH9Dgw3Dk9RuHiU26aA8qSfkXgUAMzDezAOouC7/1qm8hWwsdR+
Z86Mn//gpD2RHLUWvXNvZoTBZKoEa+5NEdhibA5JHgEejzadfIJ+R+Wu/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHCQPG52PGwJDrIn5suWW+AzBr4TMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvY0pBOGJuWThiQWtPc2lmbXk1WmI0RE1HdmhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVcsWAwQA
VcsuMA0GCSqGSIb3DQEBCwUAA4IBAQCPSIYPeDECGw5xbRKPkSDESD5YE8YCeIfT
QnJJAaXpowKyE8DPblyTvvHZvEVFNichzW1so0KockZzNpqNTDh/aecWu3s0tdzs
VPE5n+HvJ2WJ7gF0z4sOQ0Xlqz6ARy/Th1yspdxSJqvwybbqpQDZNbN4HgfnR7+3
aUR29liw4BkRfud7R3Mrt2IR2x6PVILfJrgHXiAqz3Vz3VhIHx0vbZukgAD/ShtB
SY/shvMHaGPPO7iU2GRnyzqFUBBNObI2t3LcVJH7+a2lh8ZetexUnBN4iOrubYHl
hJbMY2+1VtMcntw8RbUsGJ89IWIA7egafTyDDvYDXgG7IT2fc9Vq
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:15 2024 by rpki-client on console-fra.rpki-client.org