Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/1279fc-1b27-407c-81f4-a7fb36cc2fe3/1/AEK8qGQB7a9Dv46898E2AiT10L4.roa
File: AEK8qGQB7a9Dv46898E2AiT10L4.roa (raw, json)
Hash identifier: 80kurcuUU8FL5hyt09drL2HT8v7yLJchpEKjE1zz5L8=
Subject key identifier: 00:42:BC:A8:64:01:ED:AF:43:BF:8E:BC:F7:C1:36:02:24:F5:D0:BE
Certificate issuer: /CN=751483655b35a2b847185f689c8fd1601dcc7187
Certificate serial: 01856C4A6A9CB5D0AE2C82868D76F68AE2A5
Authority key identifier: 75:14:83:65:5B:35:A2:B8:47:18:5F:68:9C:8F:D1:60:1D:CC:71:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dRSDZVs1orhHGF9onI_RYB3McYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/1279fc-1b27-407c-81f4-a7fb36cc2fe3/1/AEK8qGQB7a9Dv46898E2AiT10L4.roa
Signing time: Sun 01 Jan 2023 07:44:54 +0000
ROA not before: Sun 01 Jan 2023 07:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35171
IP address blocks: 85.118.245.0/24 maxlen: 24
85.118.246.0/24 maxlen: 24
85.118.241.0/24 maxlen: 24
85.118.240.0/21 maxlen: 21
85.118.242.0/24 maxlen: 24
85.118.243.0/24 maxlen: 24
85.118.244.0/24 maxlen: 24
85.118.247.0/24 maxlen: 24
85.118.240.0/24 maxlen: 24
45.143.34.0/24 maxlen: 24
45.143.35.0/24 maxlen: 24
45.143.32.0/22 maxlen: 22
45.143.32.0/24 maxlen: 24
45.143.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:6a:9c:b5:d0:ae:2c:82:86:8d:76:f6:8a:e2:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=751483655b35a2b847185f689c8fd1601dcc7187
Validity
Not Before: Jan 1 07:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0042bca86401edaf43bf8ebcf7c1360224f5d0be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e7:db:7e:9e:51:63:36:23:ee:ad:03:ce:38:
87:69:ce:b2:58:13:94:09:75:1c:44:f2:c9:89:93:
03:85:d0:c5:f5:f0:bb:92:c8:e5:bd:ce:22:6a:57:
25:cc:7a:99:ac:4b:bc:e3:2a:a3:72:0d:84:29:a8:
46:cc:39:48:ed:7e:c5:a5:92:24:eb:1d:52:bb:e5:
64:6a:dc:59:3d:08:ce:8e:c0:5e:1b:04:de:de:ed:
a8:4e:4f:29:9e:b6:83:51:ef:5b:8f:1c:19:54:b9:
dc:12:45:90:1b:6f:52:9e:fb:c6:d6:3a:19:4a:0c:
5f:76:25:24:ae:46:44:fe:7d:32:6a:c5:ab:27:42:
4c:99:c5:ff:46:f5:ef:60:b6:b3:db:bb:f3:ee:6c:
3a:71:14:e5:1a:fd:8e:c1:3c:f6:f6:d1:7b:d7:fd:
e5:df:a2:be:52:51:18:49:e4:c2:90:00:42:49:1b:
f6:9f:bc:dd:b6:b5:39:dd:a0:2c:e5:3c:d3:76:67:
b8:86:ac:ad:2d:5b:46:17:47:9d:fc:72:b6:1a:95:
a7:5d:28:1e:66:b9:8b:d4:ed:8e:51:0c:73:53:13:
74:6c:a9:b8:4e:93:7e:28:d8:6f:de:cd:37:ac:74:
5f:51:df:0b:9b:a4:07:8f:d6:ac:67:fc:af:72:c3:
85:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:42:BC:A8:64:01:ED:AF:43:BF:8E:BC:F7:C1:36:02:24:F5:D0:BE
X509v3 Authority Key Identifier:
keyid:75:14:83:65:5B:35:A2:B8:47:18:5F:68:9C:8F:D1:60:1D:CC:71:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dRSDZVs1orhHGF9onI_RYB3McYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/1279fc-1b27-407c-81f4-a7fb36cc2fe3/1/AEK8qGQB7a9Dv46898E2AiT10L4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/1279fc-1b27-407c-81f4-a7fb36cc2fe3/1/dRSDZVs1orhHGF9onI_RYB3McYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.32.0/22
85.118.240.0/21
Signature Algorithm: sha256WithRSAEncryption
5f:53:a8:f5:6a:85:0f:9e:c7:ce:fb:8e:8f:7e:d2:a3:1b:82:
5c:04:eb:38:ac:2f:44:79:df:4a:76:43:3c:bf:11:8f:a3:5a:
ae:aa:64:ec:13:88:a4:cc:5d:f0:4d:44:b3:a0:04:0b:31:9e:
c7:6f:f8:bc:69:3f:87:ef:68:58:f3:b4:29:e8:bb:33:04:a4:
9b:e8:1c:b5:04:2e:56:db:c6:c9:4c:22:00:2d:e4:65:be:fc:
68:1b:0b:6c:e2:5e:1c:f7:eb:d7:23:6b:e4:c1:e3:99:3b:f7:
92:3b:d5:e2:32:a1:b5:bf:6b:78:8b:cd:76:2d:59:41:cb:bc:
0b:e8:7e:76:0b:8d:92:23:a6:02:6d:59:c2:61:6a:f5:1a:7d:
8c:b0:71:af:9c:ac:26:8e:47:65:5c:94:d1:a6:3f:c4:22:8b:
43:ee:be:34:b5:6d:a4:88:56:87:bf:41:4b:af:63:9f:cd:86:
9e:8a:2e:8c:b5:c8:ce:4d:01:24:ef:be:31:06:e4:bc:94:a3:
05:72:df:7f:b3:d0:ce:4a:a8:4f:f8:1b:e0:eb:bc:49:50:d8:
85:dc:b5:0d:eb:87:21:88:c1:c9:2b:bf:bc:5c:12:2f:cb:e0:
f3:51:05:87:6c:f6:c2:3d:87:1f:dc:2d:4d:a5:68:24:38:89:
00:73:cf:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsSmqctdCuLIKGjXb2iuKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MTQ4MzY1NWIzNWEyYjg0NzE4NWY2ODljOGZkMTYwMWRj
YzcxODcwHhcNMjMwMTAxMDc0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDQyYmNhODY0MDFlZGFmNDNiZjhlYmNmN2MxMzYwMjI0ZjVkMGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+fbfp5RYzYj7q0DzjiHac6yWBOU
CXUcRPLJiZMDhdDF9fC7ksjlvc4ialclzHqZrEu84yqjcg2EKahGzDlI7X7FpZIk
6x1Su+VkatxZPQjOjsBeGwTe3u2oTk8pnraDUe9bjxwZVLncEkWQG29SnvvG1joZ
SgxfdiUkrkZE/n0yasWrJ0JMmcX/RvXvYLaz27vz7mw6cRTlGv2OwTz29tF71/3l
36K+UlEYSeTCkABCSRv2n7zdtrU53aAs5TzTdme4hqytLVtGF0ed/HK2GpWnXSge
ZrmL1O2OUQxzUxN0bKm4TpN+KNhv3s03rHRfUd8Lm6QHj9asZ/yvcsOF8wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFABCvKhkAe2vQ7+OvPfBNgIk9dC+MB8GA1UdIwQY
MBaAFHUUg2VbNaK4RxhfaJyP0WAdzHGHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFJTRFpWczFvcmhIR0Y5b25JX1JZQjNNY1ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8xMjc5ZmMtMWIyNy00MDdjLTgxZjQt
YTdmYjM2Y2MyZmUzLzEvQUVLOHFHUUI3YTlEdjQ2ODk4RTJBaVQxMEw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8xMjc5ZmMtMWIyNy00MDdjLTgxZjQtYTdmYjM2Y2MyZmUz
LzEvZFJTRFpWczFvcmhIR0Y5b25JX1JZQjNNY1ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLY8gAwQD
VXbwMA0GCSqGSIb3DQEBCwUAA4IBAQBfU6j1aoUPnsfO+46PftKjG4JcBOs4rC9E
ed9KdkM8vxGPo1quqmTsE4ikzF3wTUSzoAQLMZ7Hb/i8aT+H72hY87Qp6LszBKSb
6By1BC5W28bJTCIALeRlvvxoGwts4l4c9+vXI2vkweOZO/eSO9XiMqG1v2t4i812
LVlBy7wL6H52C42SI6YCbVnCYWr1Gn2MsHGvnKwmjkdlXJTRpj/EIotD7r40tW2k
iFaHv0FLr2OfzYaeii6MtcjOTQEk774xBuS8lKMFct9/s9DOSqhP+Bvg67xJUNiF
3LUN64chiMHJK7+8XBIvy+DzUQWHbPbCPYcf3C1NpWgkOIkAc89y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:19 2024 by rpki-client on console-fra.rpki-client.org