Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/6f6613-e798-47f4-b313-304a54e8c264/1/67vZR8VlB8t7GSh1mkiNVCe0Ur4.roa
File: 67vZR8VlB8t7GSh1mkiNVCe0Ur4.roa (raw, json)
Hash identifier: jTNESXb96uD3VFmXodgI34CiwVrx19o9lHWX92HotgM=
Subject key identifier: EB:BB:D9:47:C5:65:07:CB:7B:19:28:75:9A:48:8D:54:27:B4:52:BE
Certificate issuer: /CN=b0afed7a471d7ac385e3b9365a4e96012a01c095
Certificate serial: 01856D53E3283187F10EBE330014B010BCBC
Authority key identifier: B0:AF:ED:7A:47:1D:7A:C3:85:E3:B9:36:5A:4E:96:01:2A:01:C0:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sK_tekcdesOF47k2Wk6WASoBwJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/6f6613-e798-47f4-b313-304a54e8c264/1/67vZR8VlB8t7GSh1mkiNVCe0Ur4.roa
Signing time: Sun 01 Jan 2023 12:34:52 +0000
ROA not before: Sun 01 Jan 2023 12:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34620
IP address blocks: 85.255.64.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:e3:28:31:87:f1:0e:be:33:00:14:b0:10:bc:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0afed7a471d7ac385e3b9365a4e96012a01c095
Validity
Not Before: Jan 1 12:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ebbbd947c56507cb7b1928759a488d5427b452be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:78:fd:c5:d9:74:fc:0e:08:81:f7:22:17:f5:
e2:9e:1e:e8:dd:64:0c:53:9a:8c:09:0f:af:53:2e:
66:bd:0e:50:31:83:62:56:98:bb:13:3a:84:8c:0f:
a3:e4:37:c8:90:6e:f4:6f:4d:e6:b9:bd:55:91:68:
6f:88:8a:24:f2:05:1e:a9:e2:16:5c:4e:cc:24:01:
1b:42:0f:13:75:2a:c4:7f:09:08:b4:4e:c7:c9:00:
d1:8c:b5:40:8d:cd:b3:28:f0:43:c3:50:c8:42:12:
3e:f8:81:71:a6:57:c1:73:b1:aa:91:ed:86:e3:4c:
27:70:47:49:1d:fe:ab:8c:4b:cc:1e:d7:c6:d6:8d:
0c:f6:94:f6:27:5b:4e:36:58:a6:5c:4e:6d:6a:4c:
1b:60:3e:c8:a0:6f:1a:8b:43:8a:8e:4e:29:25:0e:
70:c3:4e:91:d8:db:c2:64:bc:18:cb:fa:10:72:6f:
da:f1:8e:8f:b3:10:fe:8e:6a:1e:11:5f:f0:ce:e9:
a9:b4:bf:6e:c1:12:10:02:85:c7:49:09:ee:0f:cd:
28:30:b1:04:76:9c:25:c8:56:18:e7:d1:a8:c9:e3:
64:7a:f9:23:d9:b0:54:f5:fd:ce:de:c8:0e:c2:ef:
2e:48:b4:cb:ae:89:6f:17:74:59:3f:c2:4b:21:75:
65:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:BB:D9:47:C5:65:07:CB:7B:19:28:75:9A:48:8D:54:27:B4:52:BE
X509v3 Authority Key Identifier:
keyid:B0:AF:ED:7A:47:1D:7A:C3:85:E3:B9:36:5A:4E:96:01:2A:01:C0:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sK_tekcdesOF47k2Wk6WASoBwJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/6f6613-e798-47f4-b313-304a54e8c264/1/67vZR8VlB8t7GSh1mkiNVCe0Ur4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/6f6613-e798-47f4-b313-304a54e8c264/1/sK_tekcdesOF47k2Wk6WASoBwJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.64.0/20
Signature Algorithm: sha256WithRSAEncryption
bc:74:c4:1a:80:00:7d:fd:f7:bc:13:b6:79:68:38:f7:88:31:
30:66:e2:12:ac:59:ad:1c:6e:d7:e0:8b:94:12:94:f3:52:6a:
b8:ea:21:8c:91:01:d2:6e:95:e4:02:f0:fb:1d:2e:a6:4d:fb:
3e:bb:31:34:73:ff:73:46:01:5c:36:18:4e:b1:29:4e:fe:bf:
ae:2a:be:44:1a:06:03:27:b3:72:35:13:b9:b0:73:6c:dc:5c:
6d:95:4e:fd:b4:67:75:44:9b:74:61:91:c1:24:c1:53:1c:1e:
00:5b:94:3b:04:9f:99:30:45:a1:f1:e1:f7:43:84:1d:52:bc:
5e:de:a7:d8:a2:f5:10:41:31:1d:5a:a0:4b:a9:f6:19:41:9f:
1d:cc:e7:e5:80:31:26:07:fe:3e:80:32:14:32:f1:94:df:b7:
a7:b3:ee:8a:da:6c:94:4d:08:65:9c:0a:a8:16:1c:d3:3c:16:
db:07:cc:bd:3b:07:92:f5:d0:1c:18:be:b3:61:b0:75:10:56:
0c:34:a8:82:0a:6d:51:d7:01:7b:75:be:d0:24:33:6a:51:4c:
ca:52:e7:65:47:fb:a6:d2:97:31:b1:2d:e0:2f:74:a5:a2:e0:
5c:f8:63:4e:57:9d:1a:c0:1f:c9:ab:9c:b8:32:6a:3f:05:5c:
58:05:8b:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtU+MoMYfxDr4zABSwELy8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYWZlZDdhNDcxZDdhYzM4NWUzYjkzNjVhNGU5NjAxMmEw
MWMwOTUwHhcNMjMwMTAxMTIzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmJiZDk0N2M1NjUwN2NiN2IxOTI4NzU5YTQ4OGQ1NDI3YjQ1MmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3j9xdl0/A4IgfciF/Xinh7o3WQM
U5qMCQ+vUy5mvQ5QMYNiVpi7EzqEjA+j5DfIkG70b03mub1VkWhviIok8gUeqeIW
XE7MJAEbQg8TdSrEfwkItE7HyQDRjLVAjc2zKPBDw1DIQhI++IFxplfBc7Gqke2G
40wncEdJHf6rjEvMHtfG1o0M9pT2J1tONlimXE5takwbYD7IoG8ai0OKjk4pJQ5w
w06R2NvCZLwYy/oQcm/a8Y6PsxD+jmoeEV/wzumptL9uwRIQAoXHSQnuD80oMLEE
dpwlyFYY59GoyeNkevkj2bBU9f3O3sgOwu8uSLTLrolvF3RZP8JLIXVlTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOu72UfFZQfLexkodZpIjVQntFK+MB8GA1UdIwQY
MBaAFLCv7XpHHXrDheO5NlpOlgEqAcCVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0tfdGVrY2Rlc09GNDdrMldrNldBU29Cd0pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC82ZjY2MTMtZTc5OC00N2Y0LWIzMTMt
MzA0YTU0ZThjMjY0LzEvNjd2WlI4VmxCOHQ3R1NoMW1raU5WQ2UwVXI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC82ZjY2MTMtZTc5OC00N2Y0LWIzMTMtMzA0YTU0ZThjMjY0
LzEvc0tfdGVrY2Rlc09GNDdrMldrNldBU29Cd0pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEVf9AMA0G
CSqGSIb3DQEBCwUAA4IBAQC8dMQagAB9/fe8E7Z5aDj3iDEwZuISrFmtHG7X4IuU
EpTzUmq46iGMkQHSbpXkAvD7HS6mTfs+uzE0c/9zRgFcNhhOsSlO/r+uKr5EGgYD
J7NyNRO5sHNs3FxtlU79tGd1RJt0YZHBJMFTHB4AW5Q7BJ+ZMEWh8eH3Q4QdUrxe
3qfYovUQQTEdWqBLqfYZQZ8dzOflgDEmB/4+gDIUMvGU37ens+6K2myUTQhlnAqo
FhzTPBbbB8y9OweS9dAcGL6zYbB1EFYMNKiCCm1R1wF7db7QJDNqUUzKUudlR/um
0pcxsS3gL3SlouBc+GNOV50awB/Jq5y4Mmo/BVxYBYt6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:58 2024 by rpki-client on console-fra.rpki-client.org