Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/d597b0-6425-425f-b723-4eb8b0b49c4a/1/x_eUxUU8sP_QjPLQ-pmNr_u8dos.roa
File: x_eUxUU8sP_QjPLQ-pmNr_u8dos.roa (raw, json)
Hash identifier: ybH1KESPDV1SrCDNinAS6zJOpi/7YwOdOjw3ZS8KLkw=
Subject key identifier: C7:F7:94:C5:45:3C:B0:FF:D0:8C:F2:D0:FA:99:8D:AF:FB:BC:76:8B
Certificate issuer: /CN=892d21566ccfc3bb079ec5854b044ab809804157
Certificate serial: 018570671AC6BF8098196EBACA393BBB41D7
Authority key identifier: 89:2D:21:56:6C:CF:C3:BB:07:9E:C5:85:4B:04:4A:B8:09:80:41:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iS0hVmzPw7sHnsWFSwRKuAmAQVc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/d597b0-6425-425f-b723-4eb8b0b49c4a/1/x_eUxUU8sP_QjPLQ-pmNr_u8dos.roa
Signing time: Mon 02 Jan 2023 02:54:43 +0000
ROA not before: Mon 02 Jan 2023 02:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205836
IP address blocks: 85.255.94.0/23 maxlen: 23
85.255.94.0/24 maxlen: 24
85.255.92.0/24 maxlen: 24
85.255.92.0/23 maxlen: 23
85.255.95.0/24 maxlen: 24
85.255.92.0/22 maxlen: 22
85.255.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:1a:c6:bf:80:98:19:6e:ba:ca:39:3b:bb:41:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=892d21566ccfc3bb079ec5854b044ab809804157
Validity
Not Before: Jan 2 02:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7f794c5453cb0ffd08cf2d0fa998daffbbc768b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:bd:62:05:83:32:d8:25:10:3c:21:51:74:f2:
6a:c8:fc:29:77:50:3b:40:e0:af:13:66:1e:9f:19:
dc:32:f2:d4:3f:99:54:88:ee:ae:a1:24:a6:87:44:
19:af:ce:4d:aa:cd:c9:76:d8:65:a1:71:a2:75:6f:
4a:3d:0f:b7:ef:90:fd:01:8e:1b:d3:1d:03:39:e3:
49:06:dd:4e:82:7d:3a:6b:d5:f9:63:3c:04:9e:6b:
5f:b0:60:09:70:13:ba:3b:91:61:8d:a5:d3:cc:55:
6f:2c:50:ad:fc:d1:8a:12:cc:cb:04:6e:5d:75:be:
f3:a6:b6:e3:c3:e1:96:b7:8b:1e:53:1b:98:66:80:
cf:9d:58:28:52:c5:c8:ac:f7:8c:e4:81:7e:cc:10:
4f:d7:43:b7:90:00:cc:77:82:5a:a3:1b:aa:26:77:
42:6f:e1:b1:82:91:4a:08:b0:75:be:35:50:9f:24:
f4:93:29:79:f7:4e:38:fc:e7:80:e9:f3:f9:25:62:
52:cc:07:35:ad:34:8d:30:a9:37:65:fd:f6:39:f0:
b2:fa:0d:64:1e:38:6d:26:e8:32:4b:71:80:b5:12:
04:55:e6:67:75:a8:0b:d7:47:82:e8:18:24:e5:78:
99:b4:84:6b:09:f9:b2:e6:82:ef:d7:f8:f5:9d:15:
3e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:F7:94:C5:45:3C:B0:FF:D0:8C:F2:D0:FA:99:8D:AF:FB:BC:76:8B
X509v3 Authority Key Identifier:
keyid:89:2D:21:56:6C:CF:C3:BB:07:9E:C5:85:4B:04:4A:B8:09:80:41:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iS0hVmzPw7sHnsWFSwRKuAmAQVc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/d597b0-6425-425f-b723-4eb8b0b49c4a/1/x_eUxUU8sP_QjPLQ-pmNr_u8dos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/d597b0-6425-425f-b723-4eb8b0b49c4a/1/iS0hVmzPw7sHnsWFSwRKuAmAQVc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.92.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:5d:f2:1c:fb:71:c4:b3:21:77:e8:29:21:8a:19:c8:13:cc:
23:68:2f:a7:57:36:4e:85:86:96:1f:f2:6c:60:b2:99:7e:1f:
cd:0d:53:26:91:62:d7:27:24:a1:03:c1:7f:bd:de:cd:0b:1f:
2a:6b:39:19:7e:10:5f:a8:d4:a7:82:14:a2:e2:ae:ed:dc:17:
46:d8:bb:fb:73:65:d6:81:b6:27:e7:ad:54:5f:8b:a0:75:6e:
88:f3:78:4d:d0:23:4d:12:68:dd:02:0b:10:40:3b:50:25:05:
14:93:da:96:4e:d6:6d:0f:16:ad:6b:85:0a:ef:0e:44:73:8b:
03:d7:49:c2:95:68:6b:21:23:37:5a:33:a3:66:cb:c1:6d:59:
43:a3:d9:3f:cf:c3:c7:35:53:39:52:e0:32:12:59:30:27:32:
ca:ee:29:64:8b:71:60:61:21:9e:50:23:4f:a1:9e:48:fd:64:
d1:83:46:50:a9:9e:35:dd:27:22:5f:31:93:27:c6:03:0a:06:
90:a2:42:a9:ea:1b:87:d1:6f:9c:e6:68:1e:22:e0:25:0e:2d:
fd:87:2c:04:26:43:f3:a0:38:dd:a3:d6:c3:b7:f9:b1:e1:4e:
73:e7:98:a2:ef:4d:9d:dc:a5:e2:e3:3d:7f:5e:93:14:36:1e:
7a:6d:97:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZxrGv4CYGW66yjk7u0HXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MmQyMTU2NmNjZmMzYmIwNzllYzU4NTRiMDQ0YWI4MDk4
MDQxNTcwHhcNMjMwMTAyMDI1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2Y3OTRjNTQ1M2NiMGZmZDA4Y2YyZDBmYTk5OGRhZmZiYmM3NjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiL1iBYMy2CUQPCFRdPJqyPwpd1A7
QOCvE2YenxncMvLUP5lUiO6uoSSmh0QZr85Nqs3JdthloXGidW9KPQ+375D9AY4b
0x0DOeNJBt1Ogn06a9X5YzwEnmtfsGAJcBO6O5FhjaXTzFVvLFCt/NGKEszLBG5d
db7zprbjw+GWt4seUxuYZoDPnVgoUsXIrPeM5IF+zBBP10O3kADMd4JaoxuqJndC
b+GxgpFKCLB1vjVQnyT0kyl59044/OeA6fP5JWJSzAc1rTSNMKk3Zf32OfCy+g1k
HjhtJugyS3GAtRIEVeZndagL10eC6Bgk5XiZtIRrCfmy5oLv1/j1nRU+SwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMf3lMVFPLD/0Izy0PqZja/7vHaLMB8GA1UdIwQY
MBaAFIktIVZsz8O7B57FhUsESrgJgEFXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVMwaFZtelB3N3NIbnNXRlN3Ukt1QW1BUVZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9kNTk3YjAtNjQyNS00MjVmLWI3MjMt
NGViOGIwYjQ5YzRhLzEveF9lVXhVVThzUF9RalBMUS1wbU5yX3U4ZG9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9kNTk3YjAtNjQyNS00MjVmLWI3MjMtNGViOGIwYjQ5YzRh
LzEvaVMwaFZtelB3N3NIbnNXRlN3Ukt1QW1BUVZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVf9cMA0G
CSqGSIb3DQEBCwUAA4IBAQBsXfIc+3HEsyF36CkhihnIE8wjaC+nVzZOhYaWH/Js
YLKZfh/NDVMmkWLXJyShA8F/vd7NCx8qazkZfhBfqNSnghSi4q7t3BdG2Lv7c2XW
gbYn561UX4ugdW6I83hN0CNNEmjdAgsQQDtQJQUUk9qWTtZtDxata4UK7w5Ec4sD
10nClWhrISM3WjOjZsvBbVlDo9k/z8PHNVM5UuAyElkwJzLK7ilki3FgYSGeUCNP
oZ5I/WTRg0ZQqZ413SciXzGTJ8YDCgaQokKp6huH0W+c5mgeIuAlDi39hywEJkPz
oDjdo9bDt/mx4U5z55ii702d3KXi4z1/XpMUNh56bZfI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:09 2024 by rpki-client on console-ams.rpki-client.org