Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-oM6xLRs0tTcxgt6C0Sw-W0UQrI.roa
File: 1-oM6xLRs0tTcxgt6C0Sw-W0UQrI.roa (raw, json)
Hash identifier: aDspLVt5IN0uOU31tFcr2vjprvSgGXEBH3MYTLTzBfQ=
Subject key identifier: FA:83:3A:C4:B4:6C:D2:D4:DC:C6:0B:7A:0B:44:B0:F9:6D:14:42:B2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCD0A12FEE76035288D25F726A4010
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-oM6xLRs0tTcxgt6C0Sw-W0UQrI.roa
Signing time: Tue 02 Jan 2024 06:29:23 +0000
ROA not before: Tue 02 Jan 2024 06:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 85.217.144.0/23 maxlen: 24
193.149.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Mar 2024 08:32:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:d0:a1:2f:ee:76:03:52:88:d2:5f:72:6a:40:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa833ac4b46cd2d4dcc60b7a0b44b0f96d1442b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e6:fd:51:85:ec:94:a7:94:91:67:1a:be:77:
23:fe:79:7c:55:43:48:3b:c3:33:64:5f:df:88:a0:
d7:47:a6:74:65:bb:bf:91:1f:c0:93:4a:82:2f:8d:
c0:c2:04:f6:f9:d9:74:e6:17:8e:50:b9:d5:81:5c:
19:b0:2f:2a:fc:5c:06:ea:e0:43:b2:6a:6b:15:a2:
ea:22:1c:da:b0:b0:43:87:61:7d:50:1e:a2:70:96:
59:3d:23:79:4c:12:93:90:c7:c4:a1:ac:11:b8:ed:
42:e5:58:39:d6:46:a9:ec:8b:ae:04:63:1b:b6:5d:
b6:66:09:51:c9:4d:05:ea:e1:4f:85:bd:88:7f:ac:
8f:d8:79:2d:d8:b5:4f:b2:b3:5d:d5:81:e1:87:77:
cd:f5:49:44:12:6e:51:b6:57:fc:40:dd:71:51:2d:
fa:d4:ef:b0:dd:77:22:70:eb:05:ac:a3:0a:72:16:
d5:ff:5e:90:08:1d:f5:75:c7:e0:c4:1f:89:5c:3f:
8f:e8:8a:4e:a5:f4:a4:b2:f0:56:e2:c5:29:24:09:
72:51:a0:4f:5d:69:1d:a2:f7:01:dd:fa:ab:33:ee:
f5:a7:8d:64:24:3f:7d:e5:32:ed:38:c9:1a:ea:03:
eb:c0:c1:2e:40:c9:b6:ed:49:aa:e7:fd:f7:67:50:
88:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:83:3A:C4:B4:6C:D2:D4:DC:C6:0B:7A:0B:44:B0:F9:6D:14:42:B2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-oM6xLRs0tTcxgt6C0Sw-W0UQrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.144.0/23
193.149.28.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:2b:6f:54:b0:5f:73:af:1b:f2:2a:4e:f5:cd:23:82:2f:25:
c1:41:ee:04:7a:08:55:f4:bc:c9:e4:01:2a:7a:57:ef:b1:9b:
ca:81:12:1e:9b:10:47:65:ed:aa:3f:6b:d4:c8:8d:0a:fb:28:
cc:e0:3c:5a:6b:55:6f:63:d2:da:5b:d6:d7:9b:82:4d:62:3c:
ff:e1:31:4f:37:1f:96:23:a8:72:30:50:8a:67:be:30:23:ec:
d5:6c:10:55:70:a0:e3:28:81:27:8a:ab:fd:63:91:41:a5:70:
07:de:80:29:d5:20:09:29:eb:2b:6f:c2:fe:db:bc:35:24:90:
d7:81:cf:34:f6:c0:06:00:15:0f:7c:45:90:ea:a8:3f:04:c8:
1c:86:b0:46:9b:65:a5:3c:32:47:f6:45:f0:2f:5a:07:94:b3:
2d:94:7d:73:9c:57:4a:9b:bc:db:8d:b9:70:a0:bc:80:a8:ac:
90:f7:52:d5:88:fc:03:80:92:a3:98:68:4e:cb:84:b2:f0:46:
ae:4f:65:52:46:53:8b:57:89:07:bc:19:db:f7:a9:4f:97:ef:
37:ca:d1:28:b0:ce:ce:e3:72:f5:7a:29:61:9c:d9:0c:1c:65:
cc:06:05:d2:49:8e:5f:b3:9a:0c:54:8a:ca:29:9c:16:8b:9f:
a6:f5:8c:0f
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzI3NChL+52A1KI0l9yakAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTgzM2FjNGI0NmNkMmQ0ZGNjNjBiN2EwYjQ0YjBmOTZkMTQ0MmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+b9UYXslKeUkWcavncj/nl8VUNI
O8MzZF/fiKDXR6Z0Zbu/kR/Ak0qCL43AwgT2+dl05heOULnVgVwZsC8q/FwG6uBD
smprFaLqIhzasLBDh2F9UB6icJZZPSN5TBKTkMfEoawRuO1C5Vg51kap7IuuBGMb
tl22ZglRyU0F6uFPhb2If6yP2Hkt2LVPsrNd1YHhh3fN9UlEEm5Rtlf8QN1xUS36
1O+w3XcicOsFrKMKchbV/16QCB31dcfgxB+JXD+P6IpOpfSksvBW4sUpJAlyUaBP
XWkdovcB3fqrM+71p41kJD995TLtOMka6gPrwMEuQMm27Umq5/33Z1CIhwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPqDOsS0bNLU3MYLegtEsPltFEKyMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS1vTTZ4TFJzMHRUY3hndDZDMFN3LVcwVVFySS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAVXZkAME
AsGVHDANBgkqhkiG9w0BAQsFAAOCAQEAbStvVLBfc68b8ipO9c0jgi8lwUHuBHoI
VfS8yeQBKnpX77GbyoESHpsQR2Xtqj9r1MiNCvsozOA8WmtVb2PS2lvW15uCTWI8
/+ExTzcfliOocjBQime+MCPs1WwQVXCg4yiBJ4qr/WORQaVwB96AKdUgCSnrK2/C
/tu8NSSQ14HPNPbABgAVD3xFkOqoPwTIHIawRptlpTwyR/ZF8C9aB5SzLZR9c5xX
Spu82425cKC8gKiskPdS1Yj8A4CSo5hoTsuEsvBGrk9lUkZTi1eJB7wZ2/epT5fv
N8rRKLDOzuNy9XopYZzZDBxlzAYF0kmOX7OaDFSKyimcFoufpvWMDw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:56 2024 by rpki-client on console-fra.rpki-client.org