Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/KAYj9HFY4IOUYmqI-t4wFDkYBZo.roa
File: KAYj9HFY4IOUYmqI-t4wFDkYBZo.roa (raw, json)
Hash identifier: F4PPUtgwP4QBEhYx0beje9LEw9IgtV36DyNxGF690gc=
Subject key identifier: 28:06:23:F4:71:58:E0:83:94:62:6A:88:FA:DE:30:14:39:18:05:9A
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 01856F9E08487C3174C35C1C5EB4FE36AF03
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/KAYj9HFY4IOUYmqI-t4wFDkYBZo.roa
Signing time: Sun 01 Jan 2023 23:15:05 +0000
ROA not before: Sun 01 Jan 2023 23:15:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 85.239.34.0/24 maxlen: 24
85.239.44.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9e:08:48:7c:31:74:c3:5c:1c:5e:b4:fe:36:af:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Jan 1 23:15:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=280623f47158e08394626a88fade30143918059a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:30:54:7d:7c:99:6b:e5:5b:8f:5c:d9:35:38:
1a:80:45:22:a9:66:80:54:7b:0d:fc:99:08:e4:02:
31:21:4d:b6:95:c8:11:7d:b2:83:e5:d4:9e:05:8d:
42:05:e0:65:52:26:9d:6f:9a:03:18:a1:85:14:10:
46:1b:ae:de:0c:84:3e:23:b1:94:da:95:fe:b1:32:
09:f9:67:ea:50:55:1d:ac:2f:84:e0:34:44:04:84:
95:c2:2d:f5:99:db:d4:f3:c2:f9:3f:79:a2:90:cf:
5f:aa:ca:1e:2f:16:4a:23:6f:57:b9:7b:68:ca:df:
79:2e:4d:1e:6e:0e:0f:c3:3c:94:76:02:58:c9:1d:
ca:92:f7:3e:20:4d:ce:d0:0a:53:c6:4c:51:5d:06:
6d:d7:72:50:a4:9a:3e:89:aa:e7:d3:18:12:50:f3:
17:02:ed:4c:e9:ae:c5:45:35:d7:97:f6:6c:cc:29:
20:55:86:65:f4:77:7a:86:5a:13:f2:0d:78:eb:42:
a5:e1:71:15:41:48:da:20:a1:4b:43:87:63:aa:59:
b4:fb:ab:00:2e:58:39:f8:9b:04:aa:dc:03:3a:7c:
30:8d:a1:cd:77:7f:c8:9a:cb:ec:7f:e6:d4:61:26:
14:89:c3:1b:2e:fc:9f:e4:6d:62:b0:d6:b8:4b:cf:
db:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:06:23:F4:71:58:E0:83:94:62:6A:88:FA:DE:30:14:39:18:05:9A
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/KAYj9HFY4IOUYmqI-t4wFDkYBZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.34.0/24
85.239.44.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:8e:dc:58:c6:56:98:ac:e0:0b:3a:c7:a5:fd:a5:76:b9:50:
74:a6:07:be:ae:59:64:57:db:e5:56:3e:51:8c:e3:e9:7f:29:
cc:60:48:21:cf:bc:18:70:f8:5d:96:9d:47:88:41:b3:46:65:
29:1f:93:77:c5:7f:92:87:26:7e:82:b7:dd:4d:34:85:6f:de:
03:82:72:cf:7b:63:ab:86:47:03:d4:59:35:2f:92:37:ea:66:
46:67:aa:5c:f7:5e:eb:af:c7:46:51:8b:c0:9f:e2:d4:dc:8e:
71:38:e0:d2:d2:22:df:d4:61:3e:30:1e:f7:af:6a:c3:b0:d9:
c8:c0:80:24:52:a1:a0:2c:14:2d:e9:4d:20:4d:0b:82:ee:f8:
c0:d3:6f:b8:84:fc:22:b9:77:3d:e2:c0:04:46:e7:f9:55:91:
3d:e5:5a:ed:0e:85:e7:de:ac:cd:e6:e6:b5:d8:fb:21:ea:f5:
18:b3:fe:7b:30:4f:b2:87:59:36:04:ac:bd:d0:db:47:b5:04:
ff:51:f3:8a:a0:78:ac:85:5d:ab:c4:25:2d:ff:b7:9e:dc:b4:
34:77:ef:03:3f:78:40:2d:c3:cd:3f:35:24:87:c4:18:fa:2c:
24:8f:cf:fd:dd:e2:36:56:d9:ed:a7:3c:1c:5c:49:ce:9d:c6:
94:e8:92:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvnghIfDF0w1wcXrT+Nq8DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjMwMTAxMjMxNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODA2MjNmNDcxNThlMDgzOTQ2MjZhODhmYWRlMzAxNDM5MTgwNTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTBUfXyZa+Vbj1zZNTgagEUiqWaA
VHsN/JkI5AIxIU22lcgRfbKD5dSeBY1CBeBlUiadb5oDGKGFFBBGG67eDIQ+I7GU
2pX+sTIJ+WfqUFUdrC+E4DREBISVwi31mdvU88L5P3mikM9fqsoeLxZKI29XuXto
yt95Lk0ebg4PwzyUdgJYyR3Kkvc+IE3O0ApTxkxRXQZt13JQpJo+iarn0xgSUPMX
Au1M6a7FRTXXl/ZszCkgVYZl9Hd6hloT8g1460Kl4XEVQUjaIKFLQ4djqlm0+6sA
Llg5+JsEqtwDOnwwjaHNd3/Imsvsf+bUYSYUicMbLvyf5G1isNa4S8/b6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCgGI/RxWOCDlGJqiPreMBQ5GAWaMB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvS0FZajlIRlk0SU9VWW1xSS10NHdGRGtZQlpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVe8iAwQC
Ve8sMA0GCSqGSIb3DQEBCwUAA4IBAQAMjtxYxlaYrOALOsel/aV2uVB0pge+rllk
V9vlVj5RjOPpfynMYEghz7wYcPhdlp1HiEGzRmUpH5N3xX+ShyZ+grfdTTSFb94D
gnLPe2OrhkcD1Fk1L5I36mZGZ6pc917rr8dGUYvAn+LU3I5xOODS0iLf1GE+MB73
r2rDsNnIwIAkUqGgLBQt6U0gTQuC7vjA02+4hPwiuXc94sAERuf5VZE95VrtDoXn
3qzN5ua12Psh6vUYs/57ME+yh1k2BKy90NtHtQT/UfOKoHishV2rxCUt/7ee3LQ0
d+8DP3hALcPNPzUkh8QY+iwkj8/93eI2VtntpzwcXEnOncaU6JJt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:28 2024 by rpki-client on console-ams.rpki-client.org