Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/tIkRFwFukC0CiEXMhOXJa1yJ2zI.roa
File: tIkRFwFukC0CiEXMhOXJa1yJ2zI.roa (raw, json)
Hash identifier: agV3+8A5uiLl+xP1VfcQ1uKGTeJYaVj5Ydr24jU0FDI=
Subject key identifier: B4:89:11:17:01:6E:90:2D:02:88:45:CC:84:E5:C9:6B:5C:89:DB:32
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 01856FF987D6118C49B5D21E656445047E83
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/tIkRFwFukC0CiEXMhOXJa1yJ2zI.roa
Signing time: Mon 02 Jan 2023 00:55:02 +0000
ROA not before: Mon 02 Jan 2023 00:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201642
IP address blocks: 85.196.128.0/23 maxlen: 23
85.196.131.0/24 maxlen: 24
85.196.128.0/24 maxlen: 24
85.196.129.0/24 maxlen: 24
85.196.130.0/23 maxlen: 23
85.196.130.0/24 maxlen: 24
2a01:288:4005::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:87:d6:11:8c:49:b5:d2:1e:65:64:45:04:7e:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 2 00:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4891117016e902d028845cc84e5c96b5c89db32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fa:01:76:bf:78:a2:1b:61:73:61:48:cf:51:
99:1d:4c:28:74:8d:7b:5b:36:1f:42:17:0c:4f:80:
1a:5e:f0:97:00:d9:33:83:fa:74:47:53:21:0b:51:
2a:ec:f6:05:f0:99:b8:02:fe:a5:5c:72:c7:06:68:
44:b8:3b:2e:c1:b4:d3:ca:5b:20:dd:69:ec:fd:e7:
2e:85:c5:0f:e0:8b:a5:b9:fb:81:f6:26:c2:01:ea:
ff:be:0f:42:34:d7:32:46:d7:0a:a4:3f:eb:97:a5:
87:e8:d4:e2:1f:c8:04:4f:64:e8:03:99:a2:05:40:
12:f5:0c:77:bd:2e:48:68:75:3c:b6:c6:0b:12:5a:
74:44:23:c8:5f:02:da:2d:17:0c:cd:ef:44:8b:c0:
3a:5e:49:13:cf:ec:cf:6e:a2:a8:65:23:9f:3c:71:
9b:b7:78:9a:da:82:03:6d:83:84:f2:69:32:36:15:
a5:61:54:f9:0e:6b:71:d3:48:93:e7:78:a5:b6:f3:
91:72:bf:c0:94:58:58:2e:06:7b:9d:fb:95:7a:ff:
5d:90:59:00:06:20:91:88:fc:c2:80:29:b7:27:bd:
2f:55:7e:f5:a0:3a:41:59:1f:83:1b:d0:f2:a5:81:
a0:04:27:22:17:e7:01:c7:69:a5:9b:69:48:66:35:
95:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:89:11:17:01:6E:90:2D:02:88:45:CC:84:E5:C9:6B:5C:89:DB:32
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/tIkRFwFukC0CiEXMhOXJa1yJ2zI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.196.128.0/22
IPv6:
2a01:288:4005::/48
Signature Algorithm: sha256WithRSAEncryption
51:0a:48:7c:5b:be:14:a0:7f:c7:37:31:aa:9f:73:74:84:f8:
e2:d4:8f:c6:7d:03:5a:8d:86:c9:a4:ab:84:4e:31:5e:f5:24:
c2:a0:fa:04:94:1d:fe:29:56:8d:24:d8:17:29:34:77:cb:d1:
19:a1:b1:19:5e:53:90:82:1e:83:1d:9b:a8:2e:fa:3f:58:36:
5e:e0:61:9e:5f:2d:80:b2:5e:f9:36:a5:84:87:91:92:99:5d:
f1:f3:f2:fc:a7:2d:11:f8:b0:6a:65:9f:2d:0e:83:c1:4c:20:
7b:79:64:d1:9f:95:4f:8d:b6:86:f1:c4:08:81:ea:7e:2e:6d:
65:a7:46:a1:9e:58:4d:9c:7a:bf:83:f9:32:e2:c6:ca:82:18:
8b:10:87:be:60:d2:41:16:fe:53:b8:7a:5d:13:da:e1:10:8a:
9c:6c:fb:ac:09:3a:51:40:b0:ef:8f:b0:c3:30:5d:1c:8f:30:
05:12:71:e7:84:62:37:23:14:79:1f:be:70:db:18:d6:aa:36:
e3:b1:74:a5:e2:a8:15:6a:ce:1a:70:91:67:f3:c1:01:7e:5b:
a4:4e:a0:93:e1:c7:42:be:81:64:6f:07:bf:a5:94:10:64:74:
3c:c8:43:5a:49:81:16:25:e9:3d:9e:a9:cb:0b:81:c0:74:ec:
df:3b:a3:f0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVv+YfWEYxJtdIeZWRFBH6DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjMwMTAyMDA1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDg5MTExNzAxNmU5MDJkMDI4ODQ1Y2M4NGU1Yzk2YjVjODlkYjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvoBdr94ohthc2FIz1GZHUwodI17
WzYfQhcMT4AaXvCXANkzg/p0R1MhC1Eq7PYF8Jm4Av6lXHLHBmhEuDsuwbTTylsg
3Wns/ecuhcUP4IulufuB9ibCAer/vg9CNNcyRtcKpD/rl6WH6NTiH8gET2ToA5mi
BUAS9Qx3vS5IaHU8tsYLElp0RCPIXwLaLRcMze9Ei8A6XkkTz+zPbqKoZSOfPHGb
t3ia2oIDbYOE8mkyNhWlYVT5Dmtx00iT53iltvORcr/AlFhYLgZ7nfuVev9dkFkA
BiCRiPzCgCm3J70vVX71oDpBWR+DG9DypYGgBCciF+cBx2mlm2lIZjWVNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLSJERcBbpAtAohFzITlyWtcidsyMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvdElrUkZ3RnVrQzBDaUVYTWhPWEphMXlKMnpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCVcSAMA8E
AgACMAkDBwAqAQKIQAUwDQYJKoZIhvcNAQELBQADggEBAFEKSHxbvhSgf8c3Maqf
c3SE+OLUj8Z9A1qNhsmkq4ROMV71JMKg+gSUHf4pVo0k2BcpNHfL0RmhsRleU5CC
HoMdm6gu+j9YNl7gYZ5fLYCyXvk2pYSHkZKZXfHz8vynLRH4sGplny0Og8FMIHt5
ZNGflU+NtobxxAiB6n4ubWWnRqGeWE2cer+D+TLixsqCGIsQh75g0kEW/lO4el0T
2uEQipxs+6wJOlFAsO+PsMMwXRyPMAUSceeEYjcjFHkfvnDbGNaqNuOxdKXiqBVq
zhpwkWfzwQF+W6ROoJPhx0K+gWRvB7+llBBkdDzIQ1pJgRYl6T2eqcsLgcB07N87
o/A=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:01 2024 by rpki-client on console-fra.rpki-client.org