Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/Ig9MJ5se107WI0p3L58YKTx3Xxs.roa
File: Ig9MJ5se107WI0p3L58YKTx3Xxs.roa (raw, json)
Hash identifier: JefWaZ9tKKWr4rPFxCHJILjYvpz0eUiFhjBWklLzXpk=
Subject key identifier: 22:0F:4C:27:9B:1E:D7:4E:D6:23:4A:77:2F:9F:18:29:3C:77:5F:1B
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018A8A34CB50239482538F19D8ECC83355D6
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/Ig9MJ5se107WI0p3L58YKTx3Xxs.roa
Signing time: Tue 12 Sep 2023 16:23:50 +0000
ROA not before: Tue 12 Sep 2023 16:23:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 85.117.242.0/24 maxlen: 24
2a09:ff00:200::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8a:34:cb:50:23:94:82:53:8f:19:d8:ec:c8:33:55:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Sep 12 16:23:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=220f4c279b1ed74ed6234a772f9f18293c775f1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:00:8b:de:4d:d8:ec:73:08:31:58:6e:d2:a3:
82:d0:f1:69:69:f8:47:96:74:2f:e8:2f:22:f8:01:
20:f1:3a:9d:38:fc:bf:69:e7:4d:a9:e2:b2:b9:22:
a8:4e:59:20:91:80:4c:af:c2:7b:f5:56:51:67:b5:
97:ae:f0:b1:e8:83:54:b8:fb:3d:7a:e6:32:07:29:
79:dd:c0:da:43:28:28:fe:b0:81:0c:e6:90:5f:31:
d5:41:e1:38:dc:16:34:66:51:12:27:b0:42:f4:42:
3f:b8:2c:ce:14:62:32:1e:ec:86:5e:1f:06:21:9b:
bf:7d:d4:5c:fe:ce:e6:06:8e:d7:b3:ca:a1:cc:2e:
26:d5:9d:b1:bb:00:26:83:11:13:e9:0d:0c:1f:a5:
92:a4:0f:6f:fc:f8:e2:ee:f3:ed:f6:73:eb:a2:7a:
01:a6:8e:5a:50:59:4c:b9:38:75:99:96:4e:69:7f:
b9:c6:6a:6f:05:5c:b1:aa:ed:5f:05:fd:3b:24:3f:
d7:28:5f:c9:d9:86:5f:7d:7d:18:e9:8b:a2:7f:72:
93:4f:97:cd:bb:bd:47:8b:d0:f6:e8:f1:3a:ee:b9:
0f:a6:01:e5:bc:71:35:41:2d:5e:c6:20:79:8c:e3:
ec:3e:6c:3a:b0:bf:37:42:90:ab:11:15:8d:24:02:
e8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:0F:4C:27:9B:1E:D7:4E:D6:23:4A:77:2F:9F:18:29:3C:77:5F:1B
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/Ig9MJ5se107WI0p3L58YKTx3Xxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.242.0/24
IPv6:
2a09:ff00:200::/44
Signature Algorithm: sha256WithRSAEncryption
55:d2:ff:8c:57:08:47:7d:58:15:1d:4a:a3:72:ce:9e:8c:ae:
96:22:e7:da:04:6f:b6:82:21:96:59:5d:8d:95:a7:5f:f4:80:
9c:61:85:fd:a8:83:a3:75:d5:74:85:2c:ca:13:c0:0d:ce:58:
e2:6a:7a:7e:6b:36:4a:4e:f6:2d:ee:b9:63:ad:65:2e:8a:f3:
ca:e0:0e:39:d2:25:3a:95:1c:61:ae:d7:01:64:c6:19:3c:11:
9d:3d:d3:e4:aa:f0:3b:d3:75:e7:23:50:c4:c8:c8:80:2c:9c:
6a:a5:80:5f:39:a7:ec:0a:37:ea:fc:4d:f4:08:2c:c4:fe:9c:
dd:dd:35:1a:36:8a:7f:35:d3:b7:ad:26:80:fd:30:23:1a:33:
4a:76:bd:d9:ea:ae:5f:c6:2c:d9:3d:f5:f4:5b:33:5d:79:1f:
57:46:60:7f:97:77:e3:0d:78:da:4e:2c:a3:32:29:4d:47:21:
6a:0f:ab:ca:c8:f9:17:60:bf:0b:15:70:48:c5:56:bc:8d:96:
1f:56:9c:2d:d6:04:da:81:8e:52:50:e1:ab:6b:b7:8e:72:ff:
47:5b:1a:aa:2c:00:9d:73:2b:29:ba:df:49:3a:e5:94:40:d0:
e4:32:11:d9:9c:fe:4a:3d:65:54:b8:e4:a2:c4:3a:3d:08:72:
27:b6:28:a6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqKNMtQI5SCU48Z2OzIM1XWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjMwOTEyMTYyMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjBmNGMyNzliMWVkNzRlZDYyMzRhNzcyZjlmMTgyOTNjNzc1ZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQCL3k3Y7HMIMVhu0qOC0PFpafhH
lnQv6C8i+AEg8TqdOPy/aedNqeKyuSKoTlkgkYBMr8J79VZRZ7WXrvCx6INUuPs9
euYyByl53cDaQygo/rCBDOaQXzHVQeE43BY0ZlESJ7BC9EI/uCzOFGIyHuyGXh8G
IZu/fdRc/s7mBo7Xs8qhzC4m1Z2xuwAmgxET6Q0MH6WSpA9v/Pji7vPt9nPronoB
po5aUFlMuTh1mZZOaX+5xmpvBVyxqu1fBf07JD/XKF/J2YZffX0Y6Yuif3KTT5fN
u71Hi9D26PE67rkPpgHlvHE1QS1exiB5jOPsPmw6sL83QpCrERWNJALoXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCIPTCebHtdO1iNKdy+fGCk8d18bMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvSWc5TUo1c2UxMDdXSTBwM0w1OFlLVHgzWHhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAVXXyMA8E
AgACMAkDBwQqCf8AAgAwDQYJKoZIhvcNAQELBQADggEBAFXS/4xXCEd9WBUdSqNy
zp6MrpYi59oEb7aCIZZZXY2Vp1/0gJxhhf2og6N11XSFLMoTwA3OWOJqen5rNkpO
9i3uuWOtZS6K88rgDjnSJTqVHGGu1wFkxhk8EZ090+Sq8DvTdecjUMTIyIAsnGql
gF85p+wKN+r8TfQILMT+nN3dNRo2in8107etJoD9MCMaM0p2vdnqrl/GLNk99fRb
M115H1dGYH+Xd+MNeNpOLKMyKU1HIWoPq8rI+RdgvwsVcEjFVryNlh9WnC3WBNqB
jlJQ4atrt45y/0dbGqosAJ1zKym630k65ZRA0OQyEdmc/ko9ZVS45KLEOj0Icie2
KKY=
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:10:23 2024 by rpki-client on console-fra.rpki-client.org