Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/d5cc4a-d266-40e6-88f9-d91484eb0c38/1/Sm8aaZXfxfpTetMUx20oCNbVIBg.roa
File: Sm8aaZXfxfpTetMUx20oCNbVIBg.roa (raw, json)
Hash identifier: qIkTERMLodVuoJD4KECN5PC9BQ91UZcO8Ya15Drmmkw=
Subject key identifier: 4A:6F:1A:69:95:DF:C5:FA:53:7A:D3:14:C7:6D:28:08:D6:D5:20:18
Certificate issuer: /CN=6a6fdd2fd42fabf872720952468d29634c68c9dc
Certificate serial: 018CC56EA62701A3D318F65F79368E40EA79
Authority key identifier: 6A:6F:DD:2F:D4:2F:AB:F8:72:72:09:52:46:8D:29:63:4C:68:C9:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/am_dL9Qvq_hycglSRo0pY0xoydw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/d5cc4a-d266-40e6-88f9-d91484eb0c38/1/Sm8aaZXfxfpTetMUx20oCNbVIBg.roa
Signing time: Mon 01 Jan 2024 14:30:12 +0000
ROA not before: Mon 01 Jan 2024 14:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201118
IP address blocks: 185.85.121.0/24 maxlen: 24
185.85.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Apr 2024 15:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:a6:27:01:a3:d3:18:f6:5f:79:36:8e:40:ea:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a6fdd2fd42fabf872720952468d29634c68c9dc
Validity
Not Before: Jan 1 14:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a6f1a6995dfc5fa537ad314c76d2808d6d52018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:8a:0c:09:9f:47:66:55:f1:fa:96:9f:9f:ae:
1b:bd:34:74:43:ce:92:c1:4f:00:08:e2:57:9a:1d:
c2:aa:96:0d:b5:90:c9:09:00:ce:40:cb:fa:8c:d4:
32:05:e1:60:2e:8f:e7:54:b1:8a:e6:da:4b:56:50:
ac:6c:38:40:67:5a:c7:53:45:43:39:fd:d3:59:39:
6e:79:4f:48:d9:4f:85:b6:40:fb:a4:28:dd:65:a1:
0d:5c:50:b9:eb:8e:b7:a3:3e:d1:aa:5d:99:1c:e8:
47:81:3e:4e:28:dd:1f:5f:7c:11:a9:2e:c5:78:7f:
26:41:77:de:d9:76:5d:4d:41:40:c7:90:67:85:ce:
57:3e:2b:07:bc:ce:e2:49:01:d4:59:f9:40:b1:02:
b2:9d:01:81:78:7a:72:85:5c:4e:62:5f:b8:b9:47:
f1:69:28:23:76:60:3f:23:01:b5:4e:35:ee:23:0b:
6e:dd:82:8b:3d:89:2c:b9:15:3e:6b:16:67:76:f2:
e0:14:d7:e7:05:80:2f:1d:86:a2:f8:c0:da:20:ca:
61:20:a8:d5:16:dc:17:52:c9:07:0b:f8:16:ed:cc:
ef:55:90:4f:9a:04:6c:2d:60:c8:74:5e:70:a3:bb:
73:7e:0a:fd:1c:92:fc:6d:9a:68:66:8a:16:73:8d:
75:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:6F:1A:69:95:DF:C5:FA:53:7A:D3:14:C7:6D:28:08:D6:D5:20:18
X509v3 Authority Key Identifier:
keyid:6A:6F:DD:2F:D4:2F:AB:F8:72:72:09:52:46:8D:29:63:4C:68:C9:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/am_dL9Qvq_hycglSRo0pY0xoydw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d5cc4a-d266-40e6-88f9-d91484eb0c38/1/Sm8aaZXfxfpTetMUx20oCNbVIBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d5cc4a-d266-40e6-88f9-d91484eb0c38/1/am_dL9Qvq_hycglSRo0pY0xoydw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.120.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:5f:98:cd:fa:51:b6:e9:0b:1a:2e:d2:94:ec:b6:1d:96:c3:
28:14:13:89:5e:f1:0b:cf:d7:e5:9d:57:24:fb:f4:d7:57:fe:
27:fe:92:71:8e:6e:b0:ac:c5:25:e3:10:dd:1c:d4:17:72:79:
c7:e8:53:1b:b7:c8:91:bb:fa:49:90:fa:74:7f:20:23:e4:fe:
bc:cc:13:54:94:39:cd:c5:c7:cc:de:fc:85:da:b0:d9:59:a7:
7a:ab:e3:44:3e:87:af:4c:ce:52:ba:ec:48:e1:0d:28:a3:c7:
55:ab:1c:05:e3:9c:8d:86:2d:1b:81:20:97:0f:e9:b3:e0:80:
02:59:5b:b6:02:05:b7:a0:b4:1a:9e:f5:30:16:1a:49:97:8f:
6b:21:a8:24:24:2c:ac:1c:95:1b:13:77:87:af:d4:59:bf:b9:
11:7b:fa:56:84:a0:88:5a:3b:fd:a3:d8:2c:9f:71:a5:df:ab:
d7:1c:b2:d3:9e:e8:5b:68:67:1f:22:94:35:83:2d:3d:2e:81:
e7:96:71:d4:73:e6:38:66:0d:90:04:0f:c0:78:7c:0a:9a:e6:
8f:38:28:01:69:a3:42:e8:b4:fb:74:5e:47:c9:56:68:00:1f:
b3:00:c2:16:30:f3:69:c9:30:19:4c:54:9f:fa:f2:b7:e7:4b:
4d:c3:b1:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbqYnAaPTGPZfeTaOQOp5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNmZkZDJmZDQyZmFiZjg3MjcyMDk1MjQ2OGQyOTYzNGM2
OGM5ZGMwHhcNMjQwMTAxMTQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTZmMWE2OTk1ZGZjNWZhNTM3YWQzMTRjNzZkMjgwOGQ2ZDUyMDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4IoMCZ9HZlXx+pafn64bvTR0Q86S
wU8ACOJXmh3CqpYNtZDJCQDOQMv6jNQyBeFgLo/nVLGK5tpLVlCsbDhAZ1rHU0VD
Of3TWTlueU9I2U+FtkD7pCjdZaENXFC56463oz7Rql2ZHOhHgT5OKN0fX3wRqS7F
eH8mQXfe2XZdTUFAx5Bnhc5XPisHvM7iSQHUWflAsQKynQGBeHpyhVxOYl+4uUfx
aSgjdmA/IwG1TjXuIwtu3YKLPYksuRU+axZndvLgFNfnBYAvHYai+MDaIMphIKjV
FtwXUskHC/gW7czvVZBPmgRsLWDIdF5wo7tzfgr9HJL8bZpoZooWc411rQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEpvGmmV38X6U3rTFMdtKAjW1SAYMB8GA1UdIwQY
MBaAFGpv3S/UL6v4cnIJUkaNKWNMaMncMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW1fZEw5UXZxX2h5Y2dsU1JvMHBZMHhveWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kNWNjNGEtZDI2Ni00MGU2LTg4Zjkt
ZDkxNDg0ZWIwYzM4LzEvU204YWFaWGZ4ZnBUZXRNVXgyMG9DTmJWSUJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kNWNjNGEtZDI2Ni00MGU2LTg4ZjktZDkxNDg0ZWIwYzM4
LzEvYW1fZEw5UXZxX2h5Y2dsU1JvMHBZMHhveWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuVV4MA0G
CSqGSIb3DQEBCwUAA4IBAQAcX5jN+lG26QsaLtKU7LYdlsMoFBOJXvELz9flnVck
+/TXV/4n/pJxjm6wrMUl4xDdHNQXcnnH6FMbt8iRu/pJkPp0fyAj5P68zBNUlDnN
xcfM3vyF2rDZWad6q+NEPoevTM5SuuxI4Q0oo8dVqxwF45yNhi0bgSCXD+mz4IAC
WVu2AgW3oLQanvUwFhpJl49rIagkJCysHJUbE3eHr9RZv7kRe/pWhKCIWjv9o9gs
n3Gl36vXHLLTnuhbaGcfIpQ1gy09LoHnlnHUc+Y4Zg2QBA/AeHwKmuaPOCgBaaNC
6LT7dF5HyVZoAB+zAMIWMPNpyTAZTFSf+vK350tNw7EW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:37 2024 by rpki-client on console-fra.rpki-client.org