Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/D6vQN6qmV81hKfNvbz3ATE3vqJk.roa
File: D6vQN6qmV81hKfNvbz3ATE3vqJk.roa (raw, json)
Hash identifier: GR+h6S5I5NSrebtFvODAIInK42fYDFBQJe6MtygvClE=
Subject key identifier: 0F:AB:D0:37:AA:A6:57:CD:61:29:F3:6F:6F:3D:C0:4C:4D:EF:A8:99
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018E67C5E06B9699A90A5147142DA85A8BDA
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/D6vQN6qmV81hKfNvbz3ATE3vqJk.roa
Signing time: Fri 22 Mar 2024 20:06:45 +0000
ROA not before: Fri 22 Mar 2024 20:06:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58212
IP address blocks: 85.117.243.0/24 maxlen: 24
185.236.11.0/24 maxlen: 24
194.110.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Mar 2024 23:13:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:67:c5:e0:6b:96:99:a9:0a:51:47:14:2d:a8:5a:8b:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Mar 22 20:06:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fabd037aaa657cd6129f36f6f3dc04c4defa899
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b3:c2:42:1b:15:1a:8b:01:9a:2d:9b:ee:f0:
8d:82:5c:70:fb:a7:63:61:fc:21:74:9c:18:68:b6:
5b:d6:b5:ac:40:a1:ff:5e:0d:41:c3:05:17:42:50:
32:f7:c5:d4:b2:29:8d:d4:d1:fc:ab:a5:97:6b:61:
23:b8:95:d7:ce:93:4a:e3:bc:f1:d0:82:0b:03:81:
71:43:5c:38:e7:c0:1b:98:fb:7f:86:40:13:db:9f:
07:09:b6:d6:a4:47:1c:78:86:ef:da:14:00:7d:21:
39:dd:32:d6:c7:2f:d0:75:d5:fe:72:5d:d7:d2:38:
fc:66:5d:a0:95:8a:e2:13:27:09:a5:3a:d9:23:d9:
a2:f2:15:b9:50:38:82:d4:f4:93:97:f0:97:a9:f9:
73:0a:ad:a8:fa:0f:76:a2:5d:c0:7e:aa:4f:d1:23:
d9:90:9e:fc:4b:2f:bb:d3:ff:a4:f5:4d:da:0f:5c:
42:86:15:26:e3:c6:e1:25:c2:82:de:54:71:88:83:
b7:0c:a8:ae:e9:e6:a7:89:9e:21:64:5f:56:bc:98:
b2:77:6e:d0:d6:d8:b1:69:11:e7:a1:18:af:73:76:
5d:9e:ac:88:06:31:89:ef:bb:33:f9:25:11:b8:44:
d2:09:15:4e:f7:a9:8b:78:b2:dc:64:a3:fe:14:b4:
d2:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:AB:D0:37:AA:A6:57:CD:61:29:F3:6F:6F:3D:C0:4C:4D:EF:A8:99
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/D6vQN6qmV81hKfNvbz3ATE3vqJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.243.0/24
185.236.11.0/24
194.110.174.0/24
Signature Algorithm: sha256WithRSAEncryption
69:24:69:14:3f:06:49:92:fe:fb:d9:df:d9:af:13:66:99:df:
97:e9:aa:32:ca:ab:4c:fd:37:01:0d:a4:44:05:bc:a0:52:3b:
5a:25:d0:59:af:3b:a3:1e:9f:d3:1c:12:2e:85:22:4e:1e:e6:
22:bf:2d:ac:20:a5:e5:a5:2b:8a:8c:a2:4a:55:40:50:d1:6d:
79:ff:6a:23:44:78:f2:e4:21:19:65:39:07:8f:a3:52:a4:bb:
87:86:f7:b4:2e:8a:b9:b9:7e:18:b8:5a:d0:48:e2:e2:7f:fa:
41:85:10:64:1f:9c:a3:bc:f7:4d:5b:d2:8e:c0:3a:3f:79:75:
98:d2:b4:1f:b7:df:3e:ca:b2:cc:94:5d:f6:0b:47:b4:38:3b:
34:5c:61:99:be:01:63:0e:71:da:b0:9b:36:3d:fe:d6:59:be:
42:5b:f6:33:71:30:c5:22:d3:2c:5a:ee:6f:43:b9:2c:51:fb:
91:87:fe:fb:d7:c5:f8:a9:9e:f0:4b:99:35:d3:4d:35:51:d8:
d8:f4:ff:a1:f9:09:df:bb:00:36:8e:5c:0c:05:1b:f4:0d:fd:
88:46:78:2d:7e:61:8a:aa:a4:c3:d2:30:38:f3:b8:b5:48:e4:
50:43:a4:f1:ff:6d:5f:52:33:8b:0e:bc:37:19:28:9a:24:f1:
41:52:69:d8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY5nxeBrlpmpClFHFC2oWovaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwMzIyMjAwNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmFiZDAzN2FhYTY1N2NkNjEyOWYzNmY2ZjNkYzA0YzRkZWZhODk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrPCQhsVGosBmi2b7vCNglxw+6dj
YfwhdJwYaLZb1rWsQKH/Xg1BwwUXQlAy98XUsimN1NH8q6WXa2EjuJXXzpNK47zx
0IILA4FxQ1w458AbmPt/hkAT258HCbbWpEcceIbv2hQAfSE53TLWxy/QddX+cl3X
0jj8Zl2glYriEycJpTrZI9mi8hW5UDiC1PSTl/CXqflzCq2o+g92ol3AfqpP0SPZ
kJ78Sy+70/+k9U3aD1xChhUm48bhJcKC3lRxiIO3DKiu6eaniZ4hZF9WvJiyd27Q
1tixaRHnoRivc3ZdnqyIBjGJ77sz+SURuETSCRVO96mLeLLcZKP+FLTSZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA+r0DeqplfNYSnzb289wExN76iZMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvRDZ2UU42cW1WODFoS2ZOdmJ6M0FURTN2cUprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVXXzAwQA
uewLAwQAwm6uMA0GCSqGSIb3DQEBCwUAA4IBAQBpJGkUPwZJkv772d/ZrxNmmd+X
6aoyyqtM/TcBDaREBbygUjtaJdBZrzujHp/THBIuhSJOHuYivy2sIKXlpSuKjKJK
VUBQ0W15/2ojRHjy5CEZZTkHj6NSpLuHhve0Loq5uX4YuFrQSOLif/pBhRBkH5yj
vPdNW9KOwDo/eXWY0rQft98+yrLMlF32C0e0ODs0XGGZvgFjDnHasJs2Pf7WWb5C
W/YzcTDFItMsWu5vQ7ksUfuRh/7718X4qZ7wS5k10001UdjY9P+h+QnfuwA2jlwM
BRv0Df2IRngtfmGKqqTD0jA487i1SORQQ6Tx/21fUjOLDrw3GSiaJPFBUmnY
-----END CERTIFICATE-----
Generated at Mon Mar 25 23:59:55 2024 by rpki-client on console-fra.rpki-client.org