Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iQ80JM6JjXHgEH0qXPCQptgq3_A.roa
File: iQ80JM6JjXHgEH0qXPCQptgq3_A.roa (raw, json)
Hash identifier: Py/JgsiRriLqlXSx+niCC1IrRK5/3VtwZYBWut8S4To=
Subject key identifier: 89:0F:34:24:CE:89:8D:71:E0:10:7D:2A:5C:F0:90:A6:D8:2A:DF:F0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019260E627DA76A8961C9FCE4B995A4F4EC0
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iQ80JM6JjXHgEH0qXPCQptgq3_A.roa
Signing time: Sun 06 Oct 2024 08:15:48 +0000
ROA not before: Sun 06 Oct 2024 08:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34368
IP address blocks: 85.217.192.0/24 maxlen: 32
85.217.193.0/24 maxlen: 32
85.217.194.0/24 maxlen: 32
85.217.195.0/24 maxlen: 32
85.217.196.0/23 maxlen: 32
85.217.198.0/24 maxlen: 32
85.217.199.0/24 maxlen: 32
85.217.200.0/22 maxlen: 32
85.217.204.0/22 maxlen: 32
2a00:1728:18::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 08 Oct 2024 13:56:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:60:e6:27:da:76:a8:96:1c:9f:ce:4b:99:5a:4f:4e:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 6 08:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=890f3424ce898d71e0107d2a5cf090a6d82adff0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:40:7a:73:c0:9d:56:1e:bc:b2:e3:79:c7:94:
a8:1a:8d:ca:65:6a:f6:9f:5f:86:49:d0:25:2b:4d:
38:1c:3b:e4:17:4a:4f:43:8c:0e:7a:df:a5:cf:e7:
67:62:24:37:57:9f:b5:12:5f:28:25:b3:a4:4f:df:
e1:e0:3c:1b:90:8e:ba:46:b6:71:86:6c:33:57:e3:
99:d7:e7:b1:c9:f7:ac:7d:c0:08:a5:e5:9e:cd:cc:
ab:c5:64:fa:47:4b:a9:3f:a0:34:93:51:49:1a:f4:
45:11:27:2e:38:0b:cf:66:02:d0:4e:08:01:0f:ab:
ac:12:fa:25:c2:ea:b4:3c:62:b2:07:e8:72:92:d3:
f7:9a:98:ef:ec:f6:51:ce:c7:8c:5f:a8:a5:da:79:
f4:63:fc:62:56:4f:91:36:b7:3a:eb:0a:da:21:60:
6d:c6:95:a3:94:66:5d:b7:60:54:2c:69:f8:c2:a3:
1e:a0:3f:fa:17:b6:92:43:98:2f:75:3d:f3:32:51:
11:02:f5:6b:91:f6:41:f9:0d:a5:fb:a0:23:be:ff:
8b:2c:66:64:7a:ff:45:0d:50:f7:55:28:ce:b3:cb:
3b:49:d3:c1:09:07:c2:17:af:71:1a:68:64:ea:d9:
95:ec:b8:20:fb:e6:a9:d0:5c:20:ba:7a:b1:cd:ea:
21:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:0F:34:24:CE:89:8D:71:E0:10:7D:2A:5C:F0:90:A6:D8:2A:DF:F0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iQ80JM6JjXHgEH0qXPCQptgq3_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.192.0/20
IPv6:
2a00:1728:18::/48
Signature Algorithm: sha256WithRSAEncryption
ad:2c:94:24:b3:d7:42:d6:a6:1a:c0:4f:fb:58:b1:05:6b:96:
15:bb:4c:5e:89:5c:35:ef:64:7f:ca:55:c8:1c:0b:35:76:1d:
c7:d2:a2:b3:38:ee:06:2c:a0:d1:f3:89:8a:b8:69:f3:02:6f:
31:e9:26:1e:33:5e:4e:f9:c3:3e:31:c6:df:43:46:f0:8f:aa:
5b:bc:c1:a8:39:a9:20:e9:6e:07:c2:56:4b:50:ed:69:b1:c7:
a9:6d:d3:e0:df:69:e3:89:d4:91:9a:00:57:63:06:04:22:1c:
ca:79:11:f6:ae:c1:70:3e:38:44:aa:17:83:d4:af:c5:ce:b8:
1d:1b:7e:be:75:90:a9:4a:3a:7e:5b:cf:5e:03:14:57:5c:15:
82:a1:f3:1b:01:92:db:be:80:f7:7a:8e:a1:b8:59:b4:7b:b8:
dd:f0:f6:75:1c:07:79:81:00:08:78:ca:cd:9e:fe:06:10:40:
24:bc:01:dc:e9:77:10:1d:e5:fd:5b:1d:a5:42:d6:4c:ab:56:
19:30:86:1b:cf:df:94:ae:cf:80:f3:a7:c4:e5:b5:c8:8c:03:
99:9e:b0:c7:ed:81:c4:d7:06:88:65:7e:49:ab:80:0e:9a:fd:
b6:37:95:bd:11:8c:f8:3e:6e:76:cd:c0:92:8a:db:74:93:56:
5b:55:4e:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZJg5ifadqiWHJ/OS5laT07AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDA2MDgxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTBmMzQyNGNlODk4ZDcxZTAxMDdkMmE1Y2YwOTBhNmQ4MmFkZmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUB6c8CdVh68suN5x5SoGo3KZWr2
n1+GSdAlK004HDvkF0pPQ4wOet+lz+dnYiQ3V5+1El8oJbOkT9/h4DwbkI66RrZx
hmwzV+OZ1+exyfesfcAIpeWezcyrxWT6R0upP6A0k1FJGvRFEScuOAvPZgLQTggB
D6usEvolwuq0PGKyB+hyktP3mpjv7PZRzseMX6il2nn0Y/xiVk+RNrc66wraIWBt
xpWjlGZdt2BULGn4wqMeoD/6F7aSQ5gvdT3zMlERAvVrkfZB+Q2l+6Ajvv+LLGZk
ev9FDVD3VSjOs8s7SdPBCQfCF69xGmhk6tmV7Lgg++ap0Fwgunqxzeoh/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIkPNCTOiY1x4BB9KlzwkKbYKt/wMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaVE4MEpNNkpqWEhnRUgwcVhQQ1FwdGdxM19BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQEVdnAMA8E
AgACMAkDBwAqABcoABgwDQYJKoZIhvcNAQELBQADggEBAK0slCSz10LWphrAT/tY
sQVrlhW7TF6JXDXvZH/KVcgcCzV2HcfSorM47gYsoNHziYq4afMCbzHpJh4zXk75
wz4xxt9DRvCPqlu8wag5qSDpbgfCVktQ7Wmxx6lt0+DfaeOJ1JGaAFdjBgQiHMp5
EfauwXA+OESqF4PUr8XOuB0bfr51kKlKOn5bz14DFFdcFYKh8xsBktu+gPd6jqG4
WbR7uN3w9nUcB3mBAAh4ys2e/gYQQCS8AdzpdxAd5f1bHaVC1kyrVhkwhhvP35Su
z4Dzp8TltciMA5mesMftgcTXBohlfkmrgA6a/bY3lb0RjPg+bnbNwJKK23STVltV
Tmk=
-----END CERTIFICATE-----
Generated at Tue Oct 8 17:14:55 2024 by rpki-client on console-fra.rpki-client.org