Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/x7GkdZKSVzwTP3KfEG1a_8wb9mk.roa
File: x7GkdZKSVzwTP3KfEG1a_8wb9mk.roa (raw, json)
Hash identifier: BFi93ZoGQQOJ6rR7lco7JExkugc4VszMzGaTaahioRQ=
Subject key identifier: C7:B1:A4:75:92:92:57:3C:13:3F:72:9F:10:6D:5A:FF:CC:1B:F6:69
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0191A96263D3C64158DE9D7DABF5220300A4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/x7GkdZKSVzwTP3KfEG1a_8wb9mk.roa
Signing time: Sat 31 Aug 2024 17:01:23 +0000
ROA not before: Sat 31 Aug 2024 17:01:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 85.209.135.0/24 maxlen: 24
94.156.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 11:28:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a9:62:63:d3:c6:41:58:de:9d:7d:ab:f5:22:03:00:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 31 17:01:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7b1a4759292573c133f729f106d5affcc1bf669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b3:33:0d:10:1e:c9:e3:73:9e:fb:9d:1b:f1:
07:f6:3b:1f:35:d7:de:50:c7:8c:2e:df:a8:26:c9:
31:4e:5d:9a:c6:d3:13:69:dd:7d:60:fb:3b:11:d8:
81:54:26:8a:57:a2:d9:70:23:b3:cc:71:b9:0a:27:
95:7d:38:62:c7:96:ca:da:ce:70:98:0d:43:16:67:
d2:04:01:10:27:ae:dc:00:43:8b:b9:b7:ac:28:c8:
df:3a:09:27:c4:bf:71:ee:c8:f5:0c:2e:11:2f:c6:
df:36:5f:7b:11:60:42:db:11:e8:45:28:d1:e9:3f:
06:9e:47:a3:dd:13:23:6b:c4:4d:fb:8b:4d:e9:85:
64:e5:4f:24:9d:81:e5:cb:3c:7a:fc:51:32:16:88:
c2:d7:02:54:8a:88:27:9e:b2:85:ee:d8:39:01:6f:
76:50:2a:ef:59:98:3a:c2:61:52:5e:1c:32:0b:9d:
cd:bb:1b:46:9c:fc:ee:b5:2f:06:1a:4d:1b:5f:68:
a0:9f:f7:6f:1e:24:df:51:5e:53:33:ad:13:17:67:
92:13:3b:d3:04:9b:3b:ba:11:a2:54:20:0b:ca:c0:
73:24:1a:34:7f:f8:9e:a3:85:7c:ab:6f:bb:6c:de:
3d:a8:9a:ad:60:33:ec:0d:94:22:a1:bc:f1:54:5a:
70:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:B1:A4:75:92:92:57:3C:13:3F:72:9F:10:6D:5A:FF:CC:1B:F6:69
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/x7GkdZKSVzwTP3KfEG1a_8wb9mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.135.0/24
94.156.14.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:bf:cd:68:bd:37:6a:35:21:51:9c:f5:0a:7c:ae:10:c5:e5:
09:f9:26:4e:b8:41:f7:0a:5c:11:86:6c:92:b4:c9:86:40:e3:
b0:89:bb:bc:82:1d:95:12:e1:d4:0b:68:a4:ff:36:d5:64:66:
cf:6b:f5:7d:50:4b:9c:7f:84:af:9e:ff:9f:cb:9b:8a:4c:9f:
f9:35:d3:ea:e8:e5:73:d5:5f:46:80:02:58:99:a5:43:1c:eb:
eb:bb:b3:39:68:28:f2:cb:93:c6:08:aa:4d:b2:7d:29:16:0e:
18:59:1e:d2:a4:f6:36:45:d5:88:b8:6d:7f:79:80:54:d7:25:
ab:e0:2c:03:f1:c4:90:a3:21:48:43:16:b3:ba:7c:63:e8:39:
ff:b5:7c:f2:e7:10:8c:8f:74:82:5c:1f:63:04:c0:b8:e0:35:
cf:aa:d6:be:d5:fe:52:1b:4d:0b:7d:51:23:c5:a4:ee:2d:c8:
8a:00:2c:3b:af:67:0b:aa:b9:91:f5:0a:2b:6e:d8:e0:05:46:
ab:51:5a:0e:c5:3d:ab:19:39:8c:ab:d4:7a:af:12:aa:d3:4a:
9d:f8:2f:c0:88:37:aa:69:d1:38:1a:2c:ec:e2:07:99:51:3a:
6d:0d:c2:69:c1:de:d0:f3:8b:4a:41:49:14:e4:c6:3d:62:7e:
60:52:5c:5b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGpYmPTxkFY3p19q/UiAwCkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODMxMTcwMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2IxYTQ3NTkyOTI1NzNjMTMzZjcyOWYxMDZkNWFmZmNjMWJmNjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7MzDRAeyeNznvudG/EH9jsfNdfe
UMeMLt+oJskxTl2axtMTad19YPs7EdiBVCaKV6LZcCOzzHG5CieVfThix5bK2s5w
mA1DFmfSBAEQJ67cAEOLubesKMjfOgknxL9x7sj1DC4RL8bfNl97EWBC2xHoRSjR
6T8Gnkej3RMja8RN+4tN6YVk5U8knYHlyzx6/FEyFojC1wJUiognnrKF7tg5AW92
UCrvWZg6wmFSXhwyC53NuxtGnPzutS8GGk0bX2ign/dvHiTfUV5TM60TF2eSEzvT
BJs7uhGiVCALysBzJBo0f/ieo4V8q2+7bN49qJqtYDPsDZQiobzxVFpwwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMexpHWSklc8Ez9ynxBtWv/MG/ZpMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveDdHa2RaS1NWendUUDNLZkVHMWFfOHdiOW1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVdGHAwQA
XpwOMA0GCSqGSIb3DQEBCwUAA4IBAQAav81ovTdqNSFRnPUKfK4QxeUJ+SZOuEH3
ClwRhmyStMmGQOOwibu8gh2VEuHUC2ik/zbVZGbPa/V9UEucf4Svnv+fy5uKTJ/5
NdPq6OVz1V9GgAJYmaVDHOvru7M5aCjyy5PGCKpNsn0pFg4YWR7SpPY2RdWIuG1/
eYBU1yWr4CwD8cSQoyFIQxazunxj6Dn/tXzy5xCMj3SCXB9jBMC44DXPqta+1f5S
G00LfVEjxaTuLciKACw7r2cLqrmR9QorbtjgBUarUVoOxT2rGTmMq9R6rxKq00qd
+C/AiDeqadE4Gizs4geZUTptDcJpwd7Q84tKQUkU5MY9Yn5gUlxb
-----END CERTIFICATE-----
Generated at Mon Oct 21 13:26:13 2024 by rpki-client on console-fra.rpki-client.org