Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/6MJW8RaJ2WIrNXYRSJwgU-wEtHg.roa
File: 6MJW8RaJ2WIrNXYRSJwgU-wEtHg.roa (raw, json)
Hash identifier: B+jVt8nMif9vwsSaw4aFW52njoD85+G8D9ytGQiZaGw=
Subject key identifier: E8:C2:56:F1:16:89:D9:62:2B:35:76:11:48:9C:20:53:EC:04:B4:78
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018CCEC9DF9213FBCDC54AD9C299226E6E26
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/6MJW8RaJ2WIrNXYRSJwgU-wEtHg.roa
Signing time: Wed 03 Jan 2024 10:06:25 +0000
ROA not before: Wed 03 Jan 2024 10:06:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212728
IP address blocks: 85.117.241.0/24 maxlen: 24
2a09:ff00:8000::/37 maxlen: 37
Validation: Failed, certificate revoked on Mon 15 Jan 2024 19:18:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ce:c9:df:92:13:fb:cd:c5:4a:d9:c2:99:22:6e:6e:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 3 10:06:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8c256f11689d9622b357611489c2053ec04b478
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:39:a5:25:88:fa:f2:75:df:e0:b9:29:7f:17:
a8:61:a2:05:d1:65:e4:dd:c3:08:56:04:bf:86:20:
da:6e:b4:10:b8:d1:84:90:89:b3:23:a8:17:fd:67:
84:61:7d:b5:3c:09:e0:1f:c0:2c:b1:3e:b3:f2:fc:
a4:b3:78:ca:20:b8:41:de:fd:12:29:0c:f0:1f:e1:
7a:65:eb:b4:87:59:76:d3:69:1a:1e:5f:74:d2:ba:
78:04:cf:7c:ee:e0:0f:86:4f:b1:6d:d8:f7:8d:dd:
2d:ce:d1:fe:82:2e:7c:83:ac:52:1e:21:48:0b:67:
ae:c0:4e:ca:9c:60:e7:0a:ae:ea:b7:c2:2e:0f:da:
26:a1:db:7b:b8:56:10:2a:bd:9e:91:fb:c5:cf:11:
0f:43:70:ad:4c:d2:b7:db:f9:bb:21:a8:01:d5:cc:
9b:01:f3:03:c8:12:49:e7:25:b9:0c:39:d7:a5:58:
9f:03:02:37:29:d2:2e:10:4d:52:f3:a2:fd:3e:00:
a8:60:75:66:b5:96:62:fb:5f:07:62:b6:dc:b8:17:
4e:d5:d2:79:ec:28:fa:7e:23:61:58:77:47:b0:49:
b0:c1:e3:7f:de:78:8c:52:dc:97:56:c5:63:42:7e:
fc:62:56:21:92:61:69:b9:64:63:03:c6:a4:95:1e:
6c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:C2:56:F1:16:89:D9:62:2B:35:76:11:48:9C:20:53:EC:04:B4:78
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/6MJW8RaJ2WIrNXYRSJwgU-wEtHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.241.0/24
IPv6:
2a09:ff00:8000::/37
Signature Algorithm: sha256WithRSAEncryption
7e:1c:22:d6:b9:2d:95:f3:ff:a4:14:dd:1d:83:c5:aa:a5:93:
93:78:e7:61:2f:3f:f4:65:a6:fe:c4:11:7b:b7:9f:19:71:84:
74:bd:08:b8:f3:8a:60:51:c2:c3:3d:0c:ed:ee:aa:ad:1f:7e:
41:96:5a:22:e3:14:d5:6c:eb:a4:64:ea:66:78:b3:e7:67:41:
dd:97:69:5e:e9:ac:73:79:fc:5c:64:20:17:4c:7f:66:a2:82:
92:10:e4:69:2a:da:d5:94:a4:9a:31:b0:8a:dc:16:10:08:54:
3b:2e:2b:84:7d:94:d4:e9:83:dd:5e:6f:b2:82:d4:53:02:75:
b7:85:83:d2:40:21:bc:ef:90:93:55:93:bf:16:3e:d7:78:a9:
e0:ba:c7:41:f4:6f:f0:73:48:87:a5:e4:28:d1:d9:94:7b:b2:
8c:43:b9:37:b3:b5:20:a9:b2:92:59:d8:48:d4:3b:4e:f6:7c:
3d:4d:d0:bf:ca:d4:7c:39:20:b4:31:29:2c:54:4e:92:49:2f:
03:e9:99:48:30:f5:ec:56:13:34:09:93:f1:bd:0a:30:e9:dd:
45:2b:55:a4:a1:09:4c:7a:e8:b9:61:d3:af:26:08:10:a5:f3:
5a:f8:a1:d1:8b:61:65:5d:5c:6c:c7:ac:31:2e:91:ad:49:ed:
9f:1b:1a:31
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzOyd+SE/vNxUrZwpkibm4mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwMTAzMTAwNjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGMyNTZmMTE2ODlkOTYyMmIzNTc2MTE0ODljMjA1M2VjMDRiNDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDmlJYj68nXf4LkpfxeoYaIF0WXk
3cMIVgS/hiDabrQQuNGEkImzI6gX/WeEYX21PAngH8AssT6z8vyks3jKILhB3v0S
KQzwH+F6Zeu0h1l202kaHl900rp4BM987uAPhk+xbdj3jd0tztH+gi58g6xSHiFI
C2euwE7KnGDnCq7qt8IuD9omodt7uFYQKr2ekfvFzxEPQ3CtTNK32/m7IagB1cyb
AfMDyBJJ5yW5DDnXpVifAwI3KdIuEE1S86L9PgCoYHVmtZZi+18HYrbcuBdO1dJ5
7Cj6fiNhWHdHsEmwweN/3niMUtyXVsVjQn78YlYhkmFpuWRjA8aklR5sEwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFOjCVvEWidliKzV2EUicIFPsBLR4MB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvNk1KVzhSYUoyV0lyTlhZUlNKd2dVLXdFdEhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAVXXxMA4E
AgACMAgDBgMqCf8AgDANBgkqhkiG9w0BAQsFAAOCAQEAfhwi1rktlfP/pBTdHYPF
qqWTk3jnYS8/9GWm/sQRe7efGXGEdL0IuPOKYFHCwz0M7e6qrR9+QZZaIuMU1Wzr
pGTqZniz52dB3ZdpXumsc3n8XGQgF0x/ZqKCkhDkaSra1ZSkmjGwitwWEAhUOy4r
hH2U1OmD3V5vsoLUUwJ1t4WD0kAhvO+Qk1WTvxY+13ip4LrHQfRv8HNIh6XkKNHZ
lHuyjEO5N7O1IKmyklnYSNQ7TvZ8PU3Qv8rUfDkgtDEpLFROkkkvA+mZSDD17FYT
NAmT8b0KMOndRStVpKEJTHrouWHTryYIEKXzWvih0YthZV1cbMesMS6RrUntnxsa
MQ==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:50:42 2024 by rpki-client on console-fra.rpki-client.org