Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lU2jM-PbLxU-cT08emNtQpjGI4s.roa
File: lU2jM-PbLxU-cT08emNtQpjGI4s.roa (raw, json)
Hash identifier: hId0Ywu/yz5h4lvK6FKRVJet0k0LQmDXUyrpMoCzPxs=
Subject key identifier: 95:4D:A3:33:E3:DB:2F:15:3E:71:3D:3C:7A:63:6D:42:98:C6:23:8B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018BFCB8A75BF6BD88AF8F62920E83B18638
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lU2jM-PbLxU-cT08emNtQpjGI4s.roa
Signing time: Thu 23 Nov 2023 15:07:21 +0000
ROA not before: Thu 23 Nov 2023 15:07:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16276
IP address blocks: 85.217.144.0/23 maxlen: 24
193.149.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fc:b8:a7:5b:f6:bd:88:af:8f:62:92:0e:83:b1:86:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 23 15:07:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=954da333e3db2f153e713d3c7a636d4298c6238b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:fc:78:c1:25:22:9c:29:9c:99:7e:63:2b:80:
6b:97:44:89:3f:49:dd:6d:15:b0:ff:fd:e8:a9:43:
d2:98:2f:3b:d9:ca:d3:e7:31:bf:37:b0:22:ff:bf:
43:03:f3:c2:c0:87:59:09:19:23:a6:01:56:33:2e:
26:d0:bf:51:8a:17:05:ab:1d:a5:5a:f2:c6:93:5d:
bf:9a:e7:0c:6b:d5:2a:79:ab:68:07:1d:8f:a5:90:
9c:d0:a6:e3:91:34:ee:d4:46:56:b4:aa:a0:f0:1f:
d1:9a:96:3e:5b:c0:78:ec:ea:26:4b:39:4b:dc:fb:
7d:d3:9b:84:11:a5:8b:9b:53:c3:e4:4f:10:f2:53:
4b:45:86:61:d1:67:96:8a:66:fc:22:9f:00:47:5b:
f9:f9:fc:86:cd:ed:b7:43:f5:10:5d:9a:43:00:31:
a3:70:95:44:d4:c7:74:f6:13:cb:ef:2f:5e:62:4a:
a9:7f:ed:0a:2e:03:ac:67:22:b4:60:45:b9:06:f1:
8a:d1:a1:cc:5a:e3:a2:5c:c3:c7:af:27:6f:d5:12:
c9:49:25:b4:c5:b1:4f:b9:66:de:af:d8:db:69:b6:
07:7f:b9:29:71:66:65:f7:2e:5a:e4:4f:63:1b:c0:
cc:07:db:33:74:ea:5b:bc:29:9d:11:53:9c:50:b8:
72:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4D:A3:33:E3:DB:2F:15:3E:71:3D:3C:7A:63:6D:42:98:C6:23:8B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lU2jM-PbLxU-cT08emNtQpjGI4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.144.0/23
193.149.28.0/22
Signature Algorithm: sha256WithRSAEncryption
19:3b:2a:b6:05:04:20:75:65:40:32:f2:62:c6:f2:13:95:38:
95:34:c8:15:b1:fe:5b:d8:54:6a:0d:bc:d3:9b:da:b8:ad:aa:
aa:49:ef:b7:ee:c0:bc:00:06:2b:f7:36:ab:25:81:25:03:0c:
d9:7f:a2:eb:d9:4e:7f:70:27:80:82:3a:69:ac:27:6b:13:f8:
dc:05:4b:dc:d6:7d:62:3c:61:b8:a6:61:e3:1a:ad:10:66:db:
a5:36:6b:f6:04:50:5a:f6:51:b9:d9:6f:29:d1:70:28:3e:8c:
ce:ad:2d:b2:e2:46:63:e7:1f:12:32:2a:80:ac:47:f9:fb:01:
d8:93:fd:2a:a1:83:b5:92:aa:d7:0e:b2:1e:59:06:ca:99:30:
29:2a:a8:5a:14:cc:3d:b1:38:80:92:91:36:22:0b:22:9e:c1:
2d:94:8a:a8:c8:f3:fc:30:36:91:a6:d6:f5:1c:31:7f:c2:a9:
94:e4:7e:a8:77:8d:9a:3c:25:bf:be:5d:af:3e:31:4e:05:5a:
6b:1f:a2:34:b3:3a:4c:60:a3:a7:5b:07:86:4f:c7:a3:41:4b:
d8:f9:d1:88:23:80:ee:3c:bc:57:79:dc:b0:46:d1:76:6a:71:
6a:c4:42:c4:16:1f:95:9b:2e:0d:47:20:ea:20:a3:a7:9c:02:
2d:b2:7d:e5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYv8uKdb9r2Ir49ikg6DsYY4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTIzMTUwNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTRkYTMzM2UzZGIyZjE1M2U3MTNkM2M3YTYzNmQ0Mjk4YzYyMzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/x4wSUinCmcmX5jK4Brl0SJP0nd
bRWw//3oqUPSmC872crT5zG/N7Ai/79DA/PCwIdZCRkjpgFWMy4m0L9RihcFqx2l
WvLGk12/mucMa9UqeatoBx2PpZCc0KbjkTTu1EZWtKqg8B/RmpY+W8B47OomSzlL
3Pt905uEEaWLm1PD5E8Q8lNLRYZh0WeWimb8Ip8AR1v5+fyGze23Q/UQXZpDADGj
cJVE1Md09hPL7y9eYkqpf+0KLgOsZyK0YEW5BvGK0aHMWuOiXMPHrydv1RLJSSW0
xbFPuWber9jbabYHf7kpcWZl9y5a5E9jG8DMB9szdOpbvCmdEVOcULhyKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJVNozPj2y8VPnE9PHpjbUKYxiOLMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbFUyak0tUGJMeFUtY1QwOGVtTnRRcGpHSTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVdmQAwQC
wZUcMA0GCSqGSIb3DQEBCwUAA4IBAQAZOyq2BQQgdWVAMvJixvITlTiVNMgVsf5b
2FRqDbzTm9q4raqqSe+37sC8AAYr9zarJYElAwzZf6Lr2U5/cCeAgjpprCdrE/jc
BUvc1n1iPGG4pmHjGq0QZtulNmv2BFBa9lG52W8p0XAoPozOrS2y4kZj5x8SMiqA
rEf5+wHYk/0qoYO1kqrXDrIeWQbKmTApKqhaFMw9sTiAkpE2IgsinsEtlIqoyPP8
MDaRptb1HDF/wqmU5H6od42aPCW/vl2vPjFOBVprH6I0szpMYKOnWweGT8ejQUvY
+dGII4DuPLxXedywRtF2anFqxELEFh+Vmy4NRyDqIKOnnAItsn3l
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:42 2024 by rpki-client on console-ams.rpki-client.org