Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/h90nQLw9ydGtmATu9uUOmcQWsks.roa
File: h90nQLw9ydGtmATu9uUOmcQWsks.roa (raw, json)
Hash identifier: +PCfSc5rLssUJZB63Y7BBzgso9L/Su9A+OTtlLrHMOk=
Subject key identifier: 87:DD:27:40:BC:3D:C9:D1:AD:98:04:EE:F6:E5:0E:99:C4:16:B2:4B
Certificate issuer: /CN=6ed0392ac7660bd1460fa1d5031d1840d01b9412
Certificate serial: 0191A2857D24D74A7703FFE3E63F50414E9C
Authority key identifier: 6E:D0:39:2A:C7:66:0B:D1:46:0F:A1:D5:03:1D:18:40:D0:1B:94:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/btA5KsdmC9FGD6HVAx0YQNAblBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/h90nQLw9ydGtmATu9uUOmcQWsks.roa
Signing time: Fri 30 Aug 2024 09:02:22 +0000
ROA not before: Fri 30 Aug 2024 09:02:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 85.116.196.0/22 maxlen: 22
85.116.220.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 16 Oct 2024 11:02:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a2:85:7d:24:d7:4a:77:03:ff:e3:e6:3f:50:41:4e:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed0392ac7660bd1460fa1d5031d1840d01b9412
Validity
Not Before: Aug 30 09:02:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87dd2740bc3dc9d1ad9804eef6e50e99c416b24b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:f0:3d:91:58:95:06:d2:18:79:15:83:25:2b:
33:01:13:d0:d2:07:1b:b0:ee:c3:13:3f:95:6e:af:
d4:5e:96:34:15:fc:a1:79:0c:82:52:3c:6f:66:e1:
76:3e:e5:6d:d9:e3:c9:f4:4f:37:3b:ef:75:98:af:
e0:54:1b:06:28:0e:14:e0:12:fd:b2:59:26:80:b5:
b4:43:40:a3:15:c7:1a:df:43:67:70:f4:fd:86:f5:
af:dd:1f:87:4e:7d:48:d1:ef:f9:4a:d7:e6:a8:af:
51:14:88:c1:0d:44:66:c2:d4:c3:54:82:43:f3:cb:
d7:37:d2:89:73:e1:0b:3d:36:a8:62:71:65:2f:5b:
59:6f:50:6b:42:fd:97:89:45:14:06:7f:93:2f:0c:
3f:e3:9e:b3:3e:35:85:37:57:e5:0e:66:4e:ce:2f:
11:9a:ca:e6:ff:7e:c1:4c:1f:22:23:f1:37:3c:a8:
c6:d4:32:3d:ff:72:bd:24:4a:7d:7f:df:89:55:f3:
21:b6:69:7b:88:42:e0:70:a7:17:fc:f2:cb:c3:43:
ba:ca:2d:13:9a:3d:fc:20:03:39:1a:c0:8a:22:28:
31:9f:8c:f0:4f:3f:ec:61:68:ae:d2:ac:cb:f7:ab:
22:dc:1d:d6:6d:c2:22:2b:03:5a:36:09:bf:cd:78:
81:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:DD:27:40:BC:3D:C9:D1:AD:98:04:EE:F6:E5:0E:99:C4:16:B2:4B
X509v3 Authority Key Identifier:
keyid:6E:D0:39:2A:C7:66:0B:D1:46:0F:A1:D5:03:1D:18:40:D0:1B:94:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/btA5KsdmC9FGD6HVAx0YQNAblBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/h90nQLw9ydGtmATu9uUOmcQWsks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/btA5KsdmC9FGD6HVAx0YQNAblBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.196.0/22
85.116.220.0/22
Signature Algorithm: sha256WithRSAEncryption
87:4a:a1:56:f1:77:55:02:75:3f:9f:70:54:f9:77:0b:5d:75:
19:9f:16:17:2c:a8:67:24:8e:cd:c7:44:60:61:52:ce:ba:54:
cc:61:d4:3e:a8:6c:e2:ee:5d:7c:85:03:53:8a:b6:bb:f8:b1:
dd:3d:8b:8e:c4:fe:3f:68:2f:a9:3f:6d:6e:03:73:31:ce:a4:
b2:bf:21:84:8b:04:06:5c:e1:71:e7:c8:38:49:7e:3b:8f:da:
14:7c:3c:d5:97:35:54:3c:d3:5b:f9:c1:ee:67:13:7d:fe:25:
aa:ab:25:4b:01:97:74:23:a5:4c:29:7b:29:c4:fe:75:49:c3:
82:45:2c:d6:53:83:ec:1a:60:cd:a1:ef:a8:39:38:1b:21:d5:
8f:7e:8b:75:e3:25:e0:12:05:c3:fa:8f:12:1c:9e:73:0b:34:
4b:9b:e2:12:a2:19:89:69:b0:b9:0a:6f:8a:ba:82:1e:4f:b2:
cc:45:0d:54:b4:51:05:3d:96:a6:7d:ec:8b:af:98:58:e1:77:
ac:d1:51:15:dc:99:80:04:83:75:0d:c4:c3:7b:e7:9e:e0:41:
35:01:3b:14:35:e4:b1:0f:67:fb:12:f6:cf:d5:8c:a2:32:c2:
bb:dc:cd:0d:02:26:1a:24:26:0f:3f:ca:71:d2:ee:d5:da:16:
03:0d:d7:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGihX0k10p3A//j5j9QQU6cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlZDAzOTJhYzc2NjBiZDE0NjBmYTFkNTAzMWQxODQwZDAx
Yjk0MTIwHhcNMjQwODMwMDkwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2RkMjc0MGJjM2RjOWQxYWQ5ODA0ZWVmNmU1MGU5OWM0MTZiMjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5vA9kViVBtIYeRWDJSszARPQ0gcb
sO7DEz+Vbq/UXpY0FfyheQyCUjxvZuF2PuVt2ePJ9E83O+91mK/gVBsGKA4U4BL9
slkmgLW0Q0CjFcca30NncPT9hvWv3R+HTn1I0e/5StfmqK9RFIjBDURmwtTDVIJD
88vXN9KJc+ELPTaoYnFlL1tZb1BrQv2XiUUUBn+TLww/456zPjWFN1flDmZOzi8R
msrm/37BTB8iI/E3PKjG1DI9/3K9JEp9f9+JVfMhtml7iELgcKcX/PLLw0O6yi0T
mj38IAM5GsCKIigxn4zwTz/sYWiu0qzL96si3B3WbcIiKwNaNgm/zXiBowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIfdJ0C8PcnRrZgE7vblDpnEFrJLMB8GA1UdIwQY
MBaAFG7QOSrHZgvRRg+h1QMdGEDQG5QSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnRBNUtzZG1DOUZHRDZIVkF4MFlRTkFibEJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83OGUwM2MtYzljNy00Yzg1LWJmZGQt
ZThiYWY5ZmZhZGY4LzEvaDkwblFMdzl5ZEd0bUFUdTl1VU9tY1FXc2tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83OGUwM2MtYzljNy00Yzg1LWJmZGQtZThiYWY5ZmZhZGY4
LzEvYnRBNUtzZG1DOUZHRDZIVkF4MFlRTkFibEJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVXTEAwQC
VXTcMA0GCSqGSIb3DQEBCwUAA4IBAQCHSqFW8XdVAnU/n3BU+XcLXXUZnxYXLKhn
JI7Nx0RgYVLOulTMYdQ+qGzi7l18hQNTira7+LHdPYuOxP4/aC+pP21uA3MxzqSy
vyGEiwQGXOFx58g4SX47j9oUfDzVlzVUPNNb+cHuZxN9/iWqqyVLAZd0I6VMKXsp
xP51ScOCRSzWU4PsGmDNoe+oOTgbIdWPfot14yXgEgXD+o8SHJ5zCzRLm+ISohmJ
abC5Cm+KuoIeT7LMRQ1UtFEFPZamfeyLr5hY4Xes0VEV3JmABIN1DcTDe+ee4EE1
ATsUNeSxD2f7EvbP1YyiMsK73M0NAiYaJCYPP8px0u7V2hYDDdeT
-----END CERTIFICATE-----
Generated at Wed Oct 16 13:44:39 2024 by rpki-client on console-fra.rpki-client.org