Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/3HSswypGz9t5PcujEbzCkGvtrzQ.roa
File: 3HSswypGz9t5PcujEbzCkGvtrzQ.roa (raw, json)
Hash identifier: p3QtADx+7c99V6Xkuu/S5dIPXtVI6gOLq5ur+GyPfd0=
Subject key identifier: DC:74:AC:C3:2A:46:CF:DB:79:3D:CB:A3:11:BC:C2:90:6B:ED:AF:34
Certificate issuer: /CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Certificate serial: 01856D81C25748DD9298AFB6ED830578A474
Authority key identifier: 32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/3HSswypGz9t5PcujEbzCkGvtrzQ.roa
Signing time: Sun 01 Jan 2023 13:24:58 +0000
ROA not before: Sun 01 Jan 2023 13:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24620
IP address blocks: 85.254.216.0/21 maxlen: 21
85.254.214.0/23 maxlen: 23
85.254.224.0/22 maxlen: 22
85.254.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:c2:57:48:dd:92:98:af:b6:ed:83:05:78:a4:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Validity
Not Before: Jan 1 13:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc74acc32a46cfdb793dcba311bcc2906bedaf34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:34:c3:08:5f:b2:ab:e0:ee:34:1b:e5:a6:c1:
d2:05:1b:c8:6d:42:6d:c1:9c:11:2d:b7:d3:7b:1f:
32:a8:f1:91:09:8a:62:23:c7:58:1d:6a:66:58:29:
57:63:6d:01:98:07:c9:1d:79:42:b0:d2:d1:ac:91:
80:4d:d7:df:ba:d8:46:cb:05:c4:ad:e2:80:0c:22:
45:8d:21:0a:9a:f3:89:ec:a3:b1:cc:79:b2:2d:37:
f1:ec:93:56:0f:96:3e:63:b6:1c:28:c9:29:b0:21:
5a:3a:27:91:e3:c1:a9:8b:07:e4:68:48:45:bf:f4:
d0:44:58:d7:07:6c:fe:5c:05:d0:ce:0e:40:c0:94:
62:ef:eb:4e:90:93:dd:4f:fd:55:9a:3c:20:43:07:
27:2a:e7:cd:fc:17:6d:75:1c:6a:96:2b:1e:8d:18:
ae:9a:74:f2:80:06:6d:c3:df:83:36:b6:a9:15:d0:
00:ce:43:54:52:a4:fb:a5:57:30:20:5a:64:52:75:
9c:9d:69:f4:62:bb:07:e6:ab:39:8a:4e:56:80:ef:
0b:1e:03:49:65:be:25:5f:7f:b9:1a:83:30:7c:28:
15:5e:ff:b3:17:ed:84:1a:8a:56:61:07:3d:22:05:
b9:2d:95:72:8c:eb:05:b6:2c:8e:30:f6:e4:3d:29:
7e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:74:AC:C3:2A:46:CF:DB:79:3D:CB:A3:11:BC:C2:90:6B:ED:AF:34
X509v3 Authority Key Identifier:
keyid:32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/3HSswypGz9t5PcujEbzCkGvtrzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.214.0-85.254.228.255
Signature Algorithm: sha256WithRSAEncryption
30:32:f7:03:c9:6f:8d:2f:db:37:ba:ef:3d:0c:7d:8a:d9:7e:
43:03:ee:99:0e:1b:d0:98:6b:8a:40:96:7d:b5:c0:a3:0b:5f:
0c:2c:48:73:3b:b9:15:98:a7:97:e5:e3:d1:e1:a7:b3:57:a6:
09:9c:12:97:50:fa:94:4d:77:fd:9e:f5:d0:23:26:a9:d7:59:
4b:b1:71:27:ac:e6:c8:e5:b7:6b:e3:d3:e7:dc:72:7c:51:ae:
0e:86:0c:59:47:1a:9f:74:5d:2c:96:14:84:18:f6:a3:f0:32:
bc:84:33:3a:d8:fc:7a:7e:9c:85:6d:2f:5b:f4:11:1b:ca:75:
01:6c:7c:8c:96:cb:dd:4c:22:1e:45:78:9f:8d:21:90:99:d8:
83:52:90:f5:63:19:80:f1:8c:02:91:a8:aa:2d:8f:78:5c:11:
f3:3c:81:db:74:df:dd:80:de:2e:56:04:fc:fe:c2:3f:cd:c9:
94:06:4b:1b:a5:1e:5c:5f:7d:cc:ed:75:a6:a7:7a:c7:c7:1b:
4c:c5:02:be:43:b7:7a:18:b1:a4:6e:9e:86:3f:76:6b:86:85:
60:1a:8d:fe:0c:91:67:a3:6e:10:fc:9d:7c:25:df:a9:58:bf:
86:6e:a5:aa:d1:12:76:23:07:74:2e:84:02:50:d1:c6:d8:a8:
97:73:e2:b0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVtgcJXSN2SmK+27YMFeKR0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMGIyNGE3NDBmMmU2MTYzMjA1MGFkYzE0NmMxZWU2YTNl
Njg2YzUwHhcNMjMwMTAxMTMyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzc0YWNjMzJhNDZjZmRiNzkzZGNiYTMxMWJjYzI5MDZiZWRhZjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTTDCF+yq+DuNBvlpsHSBRvIbUJt
wZwRLbfTex8yqPGRCYpiI8dYHWpmWClXY20BmAfJHXlCsNLRrJGATdffuthGywXE
reKADCJFjSEKmvOJ7KOxzHmyLTfx7JNWD5Y+Y7YcKMkpsCFaOieR48GpiwfkaEhF
v/TQRFjXB2z+XAXQzg5AwJRi7+tOkJPdT/1VmjwgQwcnKufN/BdtdRxqlisejRiu
mnTygAZtw9+DNrapFdAAzkNUUqT7pVcwIFpkUnWcnWn0YrsH5qs5ik5WgO8LHgNJ
Zb4lX3+5GoMwfCgVXv+zF+2EGopWYQc9IgW5LZVyjOsFtiyOMPbkPSl+3QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNx0rMMqRs/beT3LoxG8wpBr7a80MB8GA1UdIwQY
MBaAFDILJKdA8uYWMgUK3BRsHuaj5obFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWdza3AwRHk1aFl5QlFyY0ZHd2U1cVBtaHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85YzI3ZTQtZDdiMS00M2MxLWEzOGYt
OTQ5MTRmNWRkYjNjLzEvM0hTc3d5cEd6OXQ1UGN1akViekNrR3Z0cnpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85YzI3ZTQtZDdiMS00M2MxLWEzOGYtOTQ5MTRmNWRkYjNj
LzEvTWdza3AwRHk1aFl5QlFyY0ZHd2U1cVBtaHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFV/tYD
BABV/uQwDQYJKoZIhvcNAQELBQADggEBADAy9wPJb40v2ze67z0MfYrZfkMD7pkO
G9CYa4pAln21wKMLXwwsSHM7uRWYp5fl49Hhp7NXpgmcEpdQ+pRNd/2e9dAjJqnX
WUuxcSes5sjlt2vj0+fccnxRrg6GDFlHGp90XSyWFIQY9qPwMryEMzrY/Hp+nIVt
L1v0ERvKdQFsfIyWy91MIh5FeJ+NIZCZ2INSkPVjGYDxjAKRqKotj3hcEfM8gdt0
392A3i5WBPz+wj/NyZQGSxulHlxffcztdaanesfHG0zFAr5Dt3oYsaRunoY/dmuG
hWAajf4MkWejbhD8nXwl36lYv4ZuparREnYjB3QuhAJQ0cbYqJdz4rA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:51 2024 by rpki-client on console-fra.rpki-client.org