Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/60e63c-e63b-4e16-a5eb-79a5b3978ff2/1/xor4EOSsBL9BdtfoIJLraIqJXeo.roa
File: xor4EOSsBL9BdtfoIJLraIqJXeo.roa (raw, json)
Hash identifier: gEYCAjdAy38DFAjaRcP6VvbR5zauWhEdL1aDGk2PTV0=
Subject key identifier: C6:8A:F8:10:E4:AC:04:BF:41:76:D7:E8:20:92:EB:68:8A:89:5D:EA
Certificate issuer: /CN=f8ad110d39e95b542df8d2071d9245469a1b9f42
Certificate serial: 01856DD428C44229F61B4CF9EB5907A694A7
Authority key identifier: F8:AD:11:0D:39:E9:5B:54:2D:F8:D2:07:1D:92:45:46:9A:1B:9F:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-K0RDTnpW1Qt-NIHHZJFRpobn0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/60e63c-e63b-4e16-a5eb-79a5b3978ff2/1/xor4EOSsBL9BdtfoIJLraIqJXeo.roa
Signing time: Sun 01 Jan 2023 14:54:58 +0000
ROA not before: Sun 01 Jan 2023 14:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208920
IP address blocks: 85.116.136.0/22 maxlen: 22
45.130.108.0/22 maxlen: 22
185.126.204.0/22 maxlen: 22
2a06:c100::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:28:c4:42:29:f6:1b:4c:f9:eb:59:07:a6:94:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8ad110d39e95b542df8d2071d9245469a1b9f42
Validity
Not Before: Jan 1 14:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c68af810e4ac04bf4176d7e82092eb688a895dea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2e:c1:70:31:1e:aa:08:81:a0:41:69:de:42:
3f:d8:2a:d5:d6:24:8b:d0:3a:e1:17:c1:ed:76:40:
f8:ae:84:a6:e6:b3:f5:a5:e0:3f:7a:cb:a8:df:88:
94:38:99:e0:8a:73:33:6c:5d:ae:5b:7e:78:2e:3d:
81:20:64:35:30:05:2c:5d:76:06:95:cb:b5:5d:3d:
a2:44:86:3d:bf:d2:61:63:9d:d9:b1:a4:08:e8:bc:
5e:6d:2d:e0:0d:69:b9:41:5e:37:2e:a9:6d:c2:8b:
47:50:c4:d0:70:23:f0:6d:96:e6:11:69:0e:26:50:
b0:52:c9:39:bc:39:2c:c5:e3:59:88:76:1e:90:22:
e2:72:c9:08:17:32:1c:ef:48:3c:ed:10:1f:97:34:
29:e9:41:23:8c:d7:b4:0d:de:61:6a:88:b2:07:96:
52:d4:57:30:ff:5a:2a:73:97:9c:62:70:3b:78:d0:
d1:f7:8f:50:4d:55:8d:bc:22:fc:c7:75:2c:23:1a:
3e:0a:04:51:9d:a0:72:4d:cf:c4:94:97:c8:63:f7:
97:ee:53:d0:39:bc:73:d0:b4:18:71:6c:38:13:65:
fc:35:fd:ff:14:bf:5c:3f:b5:26:eb:f7:19:3f:6a:
10:31:79:cf:9e:8d:7f:b7:91:98:7a:b6:48:18:05:
2b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:8A:F8:10:E4:AC:04:BF:41:76:D7:E8:20:92:EB:68:8A:89:5D:EA
X509v3 Authority Key Identifier:
keyid:F8:AD:11:0D:39:E9:5B:54:2D:F8:D2:07:1D:92:45:46:9A:1B:9F:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-K0RDTnpW1Qt-NIHHZJFRpobn0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/60e63c-e63b-4e16-a5eb-79a5b3978ff2/1/xor4EOSsBL9BdtfoIJLraIqJXeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/60e63c-e63b-4e16-a5eb-79a5b3978ff2/1/1-K0RDTnpW1Qt-NIHHZJFRpobn0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.108.0/22
85.116.136.0/22
185.126.204.0/22
IPv6:
2a06:c100::/29
Signature Algorithm: sha256WithRSAEncryption
c2:ea:ab:ab:d4:26:b0:1e:83:f6:d0:34:ce:c9:7d:63:d1:f5:
b3:83:ee:4f:3b:69:8f:08:10:80:a0:69:2f:bb:7b:b2:ee:76:
d4:d5:1d:5e:0a:50:cb:9b:2c:c2:b1:21:82:24:ec:77:81:aa:
1c:dc:f7:0d:bd:bb:25:b7:3d:80:89:e9:bb:c2:07:bf:d7:9f:
e6:45:b2:bd:77:5d:82:e8:14:ce:92:f2:38:60:27:2c:ef:fe:
15:d5:4c:cf:b0:b0:fe:1b:52:67:50:fe:48:53:db:f6:54:46:
ae:1d:46:e6:bd:48:f2:ec:b3:6a:a0:d0:c8:2f:f5:4e:f6:d0:
7d:3d:ca:b4:36:25:94:5b:43:69:da:e5:c3:0b:09:40:0e:27:
73:26:f1:f9:06:8a:44:41:83:3b:67:eb:cc:87:f8:f5:a0:22:
b9:fb:21:a3:67:eb:53:9b:7c:23:c4:ca:70:4a:83:fd:6a:b0:
aa:c0:cc:f6:ee:25:12:40:e6:91:a6:bb:4f:6a:b1:56:aa:2c:
7d:6e:b4:fa:ff:73:2f:fc:86:cd:2f:2e:03:95:b8:c9:07:b9:
03:81:8f:b9:e0:da:c6:3d:04:2a:ff:08:96:47:33:a3:12:ac:
1b:fd:b0:6f:89:86:24:98:14:09:1a:e0:f6:67:85:b5:f3:41:
9d:81:fc:66
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVt1CjEQin2G0z561kHppSnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YWQxMTBkMzllOTViNTQyZGY4ZDIwNzFkOTI0NTQ2OWEx
YjlmNDIwHhcNMjMwMTAxMTQ1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjhhZjgxMGU0YWMwNGJmNDE3NmQ3ZTgyMDkyZWI2ODhhODk1ZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvy7BcDEeqgiBoEFp3kI/2CrV1iSL
0DrhF8HtdkD4roSm5rP1peA/esuo34iUOJnginMzbF2uW354Lj2BIGQ1MAUsXXYG
lcu1XT2iRIY9v9JhY53ZsaQI6LxebS3gDWm5QV43LqltwotHUMTQcCPwbZbmEWkO
JlCwUsk5vDksxeNZiHYekCLicskIFzIc70g87RAflzQp6UEjjNe0Dd5haoiyB5ZS
1Fcw/1oqc5ecYnA7eNDR949QTVWNvCL8x3UsIxo+CgRRnaByTc/ElJfIY/eX7lPQ
Obxz0LQYcWw4E2X8Nf3/FL9cP7Um6/cZP2oQMXnPno1/t5GYerZIGAUrGwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFMaK+BDkrAS/QXbX6CCS62iKiV3qMB8GA1UdIwQY
MBaAFPitEQ056VtULfjSBx2SRUaaG59CMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1LMFJEVG5wVzFRdC1OSUhIWkpGUnBvYm4wSS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2IvNjBlNjNjLWU2M2ItNGUxNi1hNWVi
LTc5YTViMzk3OGZmMi8xL3hvcjRFT1NzQkw5QmR0Zm9JSkxyYUlxSlhlby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2IvNjBlNjNjLWU2M2ItNGUxNi1hNWViLTc5YTViMzk3OGZm
Mi8xLzEtSzBSRFRucFcxUXQtTklISFpKRlJwb2JuMEkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAItgmwD
BAJVdIgDBAK5fswwDQQCAAIwBwMFAyoGwQAwDQYJKoZIhvcNAQELBQADggEBAMLq
q6vUJrAeg/bQNM7JfWPR9bOD7k87aY8IEICgaS+7e7LudtTVHV4KUMubLMKxIYIk
7HeBqhzc9w29uyW3PYCJ6bvCB7/Xn+ZFsr13XYLoFM6S8jhgJyzv/hXVTM+wsP4b
UmdQ/khT2/ZURq4dRua9SPLss2qg0Mgv9U720H09yrQ2JZRbQ2na5cMLCUAOJ3Mm
8fkGikRBgztn68yH+PWgIrn7IaNn61ObfCPEynBKg/1qsKrAzPbuJRJA5pGmu09q
sVaqLH1utPr/cy/8hs0vLgOVuMkHuQOBj7ng2sY9BCr/CJZHM6MSrBv9sG+JhiSY
FAka4PZnhbXzQZ2B/GY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:29 2024 by rpki-client on console-ams.rpki-client.org