Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6afa3c-c069-4604-9df8-7b3f82ee2587/1/L9WSsbcD9QvyteaqW_imCm0fiaY.roa
File: L9WSsbcD9QvyteaqW_imCm0fiaY.roa (raw, json)
Hash identifier: a6bTh7ZmWgCDqN8XwZyKB0bAP2nU+5Z4YJfZSAHTVCU=
Subject key identifier: 2F:D5:92:B1:B7:03:F5:0B:F2:B5:E6:AA:5B:F8:A6:0A:6D:1F:89:A6
Certificate issuer: /CN=31fa64addcb0f86580c388912341cc47c39c4aed
Certificate serial: 018571B9FE2EC28D475D6D7F3FC52022F951
Authority key identifier: 31:FA:64:AD:DC:B0:F8:65:80:C3:88:91:23:41:CC:47:C3:9C:4A:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mfpkrdyw-GWAw4iRI0HMR8OcSu0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6afa3c-c069-4604-9df8-7b3f82ee2587/1/L9WSsbcD9QvyteaqW_imCm0fiaY.roa
Signing time: Mon 02 Jan 2023 09:04:52 +0000
ROA not before: Mon 02 Jan 2023 09:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202334
IP address blocks: 185.85.255.0/24 maxlen: 24
185.243.138.0/24 maxlen: 24
185.243.137.0/24 maxlen: 24
185.243.139.0/24 maxlen: 24
185.243.136.0/24 maxlen: 24
2a0c:fd80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b9:fe:2e:c2:8d:47:5d:6d:7f:3f:c5:20:22:f9:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31fa64addcb0f86580c388912341cc47c39c4aed
Validity
Not Before: Jan 2 09:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2fd592b1b703f50bf2b5e6aa5bf8a60a6d1f89a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9a:fe:93:24:87:46:fa:70:04:f2:4b:fe:8a:
12:e4:26:c9:f2:9a:c5:ca:2c:b1:48:69:84:54:15:
86:95:6e:7f:d8:f5:0b:42:19:07:24:68:93:cd:be:
9c:bc:42:e5:4e:61:e3:51:7c:01:84:cb:5d:92:7f:
76:85:14:fc:0b:34:c8:19:31:4b:28:1f:78:8b:a0:
da:25:cf:ae:53:d5:12:2c:78:5a:e4:3d:48:90:2b:
15:fa:10:b4:1c:b8:99:15:25:20:93:dc:5a:ac:25:
f1:8e:34:68:fc:26:d3:c5:d8:96:65:c7:f1:49:52:
c1:4d:cd:5d:38:fd:b4:fe:38:a3:0d:aa:27:5a:1b:
b5:f4:10:64:ef:70:c8:1b:f4:63:ad:93:11:eb:37:
e9:3a:8b:92:ef:53:f8:13:f5:24:91:b4:3e:77:c8:
eb:59:63:e4:e0:62:ca:11:cd:10:f9:29:3e:75:bb:
bf:7a:58:7d:a0:81:ee:07:84:a9:43:63:fe:20:aa:
35:3a:b0:ba:b0:c6:33:cb:25:87:34:42:73:b0:a7:
2e:c6:25:d7:f8:41:4b:4c:d1:6c:f7:e1:d9:e5:6d:
37:78:f6:83:83:b6:43:07:9a:c4:c3:b7:2d:30:74:
0d:6f:4b:17:f1:79:a1:c6:c2:b8:e6:d0:ef:ac:35:
e5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D5:92:B1:B7:03:F5:0B:F2:B5:E6:AA:5B:F8:A6:0A:6D:1F:89:A6
X509v3 Authority Key Identifier:
keyid:31:FA:64:AD:DC:B0:F8:65:80:C3:88:91:23:41:CC:47:C3:9C:4A:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mfpkrdyw-GWAw4iRI0HMR8OcSu0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6afa3c-c069-4604-9df8-7b3f82ee2587/1/L9WSsbcD9QvyteaqW_imCm0fiaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6afa3c-c069-4604-9df8-7b3f82ee2587/1/Mfpkrdyw-GWAw4iRI0HMR8OcSu0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.255.0/24
185.243.136.0/22
IPv6:
2a0c:fd80::/29
Signature Algorithm: sha256WithRSAEncryption
64:26:66:ab:ca:55:c2:79:d6:00:c0:a4:2a:f9:59:34:dd:60:
d0:ff:37:aa:e5:fe:e7:18:d0:11:bb:88:54:c9:1c:01:5a:a9:
7b:f9:d1:e5:e1:2e:86:25:3f:cc:04:4f:23:b0:3d:d8:e1:79:
b3:ef:45:07:79:b9:a6:ab:71:e4:ff:06:84:79:7d:c2:33:69:
95:4b:b7:51:fa:04:c5:66:0b:47:64:d0:55:45:1a:b3:b5:1d:
ca:9d:63:67:4b:e4:80:53:f2:00:8e:75:3b:b9:cd:0c:19:4a:
f9:31:e7:92:3e:e3:e1:4a:86:39:c2:60:0a:00:e1:c3:d5:fd:
6e:76:be:26:6f:7b:9f:e5:44:e8:98:01:16:3a:90:e1:b3:bb:
c6:1d:9e:17:17:7c:74:cb:06:b0:6d:0a:9d:93:e4:71:5a:d5:
b9:99:2e:96:20:b1:a9:8e:89:2b:24:34:4b:df:9d:ce:11:68:
09:9e:73:40:fa:57:69:d1:f2:38:91:ad:cf:5d:4d:e3:11:24:
2c:a6:25:a1:ee:ec:08:d6:42:4f:4f:09:64:62:7c:4d:bc:c4:
25:6c:4b:71:2f:f3:74:b2:c7:37:0b:57:b4:8a:6e:0c:a8:3d:
b7:67:3c:49:63:8f:ee:54:17:e4:dc:28:f8:1a:57:b0:30:7c:
89:64:fd:2e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxuf4uwo1HXW1/P8UgIvlRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZmE2NGFkZGNiMGY4NjU4MGMzODg5MTIzNDFjYzQ3YzM5
YzRhZWQwHhcNMjMwMTAyMDkwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmQ1OTJiMWI3MDNmNTBiZjJiNWU2YWE1YmY4YTYwYTZkMWY4OWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpr+kySHRvpwBPJL/ooS5CbJ8prF
yiyxSGmEVBWGlW5/2PULQhkHJGiTzb6cvELlTmHjUXwBhMtdkn92hRT8CzTIGTFL
KB94i6DaJc+uU9USLHha5D1IkCsV+hC0HLiZFSUgk9xarCXxjjRo/CbTxdiWZcfx
SVLBTc1dOP20/jijDaonWhu19BBk73DIG/RjrZMR6zfpOouS71P4E/UkkbQ+d8jr
WWPk4GLKEc0Q+Sk+dbu/elh9oIHuB4SpQ2P+IKo1OrC6sMYzyyWHNEJzsKcuxiXX
+EFLTNFs9+HZ5W03ePaDg7ZDB5rEw7ctMHQNb0sX8XmhxsK45tDvrDXlIQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC/VkrG3A/UL8rXmqlv4pgptH4mmMB8GA1UdIwQY
MBaAFDH6ZK3csPhlgMOIkSNBzEfDnErtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWZwa3JkeXctR1dBdzRpUkkwSE1SOE9jU3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YWZhM2MtYzA2OS00NjA0LTlkZjgt
N2IzZjgyZWUyNTg3LzEvTDlXU3NiY0Q5UXZ5dGVhcVdfaW1DbTBmaWFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YWZhM2MtYzA2OS00NjA0LTlkZjgtN2IzZjgyZWUyNTg3
LzEvTWZwa3JkeXctR1dBdzRpUkkwSE1SOE9jU3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuVX/AwQC
ufOIMA0EAgACMAcDBQMqDP2AMA0GCSqGSIb3DQEBCwUAA4IBAQBkJmarylXCedYA
wKQq+Vk03WDQ/zeq5f7nGNARu4hUyRwBWql7+dHl4S6GJT/MBE8jsD3Y4Xmz70UH
ebmmq3Hk/waEeX3CM2mVS7dR+gTFZgtHZNBVRRqztR3KnWNnS+SAU/IAjnU7uc0M
GUr5MeeSPuPhSoY5wmAKAOHD1f1udr4mb3uf5UTomAEWOpDhs7vGHZ4XF3x0ywaw
bQqdk+RxWtW5mS6WILGpjokrJDRL353OEWgJnnNA+ldp0fI4ka3PXU3jESQspiWh
7uwI1kJPTwlkYnxNvMQlbEtxL/N0ssc3C1e0im4MqD23ZzxJY4/uVBfk3Cj4Glew
MHyJZP0u
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-fra.rpki-client.org