Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/0-m1QQ9sHJphH6OXEwcDqH52Y5I.roa
File: 0-m1QQ9sHJphH6OXEwcDqH52Y5I.roa (raw, json)
Hash identifier: FSk9ufSWa8dbfg85xi34Agxx1vGg1ZLAlKGD1ZMdJ3M=
Subject key identifier: D3:E9:B5:41:0F:6C:1C:9A:61:1F:A3:97:13:07:03:A8:7E:76:63:92
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018E51B07F31FF251A0CD5E0136474812A03
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/0-m1QQ9sHJphH6OXEwcDqH52Y5I.roa
Signing time: Mon 18 Mar 2024 13:11:45 +0000
ROA not before: Mon 18 Mar 2024 13:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136787
IP address blocks: 85.254.62.0/24 maxlen: 24
85.254.104.0/21 maxlen: 21
85.254.116.0/24 maxlen: 24
85.254.122.0/24 maxlen: 24
159.148.125.0/24 maxlen: 24
159.148.138.0/24 maxlen: 24
159.148.150.0/24 maxlen: 24
159.148.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Mar 2024 13:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:51:b0:7f:31:ff:25:1a:0c:d5:e0:13:64:74:81:2a:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Mar 18 13:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3e9b5410f6c1c9a611fa397130703a87e766392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5d:e8:d1:ed:b8:96:ae:50:87:4e:b7:56:d7:
24:3b:ca:a7:e4:f9:26:0e:0e:0f:fb:ef:f3:1a:57:
e1:2d:47:41:9e:cb:d0:22:0e:c9:c9:77:69:4d:13:
d6:6f:b2:ba:ca:44:22:63:55:e5:39:99:84:2f:53:
bb:eb:be:3f:18:7c:4a:01:d7:23:d7:aa:9e:b7:ef:
45:ca:34:78:cb:9f:82:91:8d:06:51:c2:e9:61:93:
33:d6:f3:27:23:1b:b6:6a:01:1c:0d:07:d3:0d:be:
0c:9d:3d:65:e4:4c:5d:de:ab:6b:ae:c8:15:c7:7d:
cd:1c:18:72:8a:b9:5a:4a:21:60:ce:22:b2:aa:f7:
7a:f0:4c:75:dc:b4:bd:d0:47:41:32:b7:c8:74:6d:
66:98:4c:52:2b:e4:0b:b6:43:86:4c:f7:77:80:89:
07:21:bf:a4:9d:d6:a0:e1:e5:a5:88:0a:2a:6a:19:
b6:2c:8b:af:44:1b:39:27:c0:60:71:96:be:81:ee:
cf:6c:66:3d:4b:1d:51:75:37:dd:2c:7b:32:8d:67:
d7:45:10:51:d0:3a:d1:02:8d:7b:6e:ca:3d:45:a7:
43:86:ab:97:2c:dd:76:8b:fd:32:0b:3a:af:e4:95:
80:fc:c6:db:13:0a:94:77:12:94:d3:a1:34:ac:2c:
99:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:E9:B5:41:0F:6C:1C:9A:61:1F:A3:97:13:07:03:A8:7E:76:63:92
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/0-m1QQ9sHJphH6OXEwcDqH52Y5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.62.0/24
85.254.104.0/21
85.254.116.0/24
85.254.122.0/24
159.148.125.0/24
159.148.138.0/24
159.148.150.0/24
159.148.222.0/24
Signature Algorithm: sha256WithRSAEncryption
92:bc:04:e6:24:87:a8:1d:4e:b0:83:4a:0a:b9:a6:af:7c:9c:
3d:ac:a4:16:72:7e:3e:cb:4e:0e:d2:67:22:e7:4a:e7:be:75:
ae:df:da:9b:09:34:e0:43:2e:53:7e:3f:af:76:62:db:b4:ff:
ea:e4:ec:93:a3:d6:45:10:ac:fd:6c:31:66:00:61:4d:4a:cf:
ff:a3:93:51:5c:af:e7:95:92:d2:c6:ff:e4:c3:b3:40:59:13:
2d:7e:46:cb:9c:b5:ed:44:53:f7:27:ca:ad:fa:2f:ac:3c:f3:
d8:35:bc:82:5a:39:8d:3a:65:35:f4:de:dc:77:81:06:44:68:
f5:ab:fc:0e:9a:e1:1a:57:f4:f3:cb:dc:ca:64:a6:1b:57:4a:
bc:f4:34:32:27:f4:2b:4d:26:38:d6:18:b7:c3:d2:25:20:79:
97:76:c2:32:16:c4:15:88:5e:de:02:ee:29:03:6d:89:19:98:
e6:6c:51:ad:f2:84:86:79:9c:5e:7d:22:0f:35:68:68:02:5e:
e0:e7:76:ae:65:12:dc:17:07:a9:37:ee:78:34:ea:b2:11:b9:
25:1d:f0:d3:7d:e7:77:87:21:da:da:e3:97:6a:fd:b6:2e:5e:
82:b5:73:b5:c1:92:b2:da:f2:34:2c:c5:68:65:c5:98:1d:14:
6e:7b:4c:6f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY5RsH8x/yUaDNXgE2R0gSoDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMzE4MTMxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2U5YjU0MTBmNmMxYzlhNjExZmEzOTcxMzA3MDNhODdlNzY2MzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsl3o0e24lq5Qh063VtckO8qn5Pkm
Dg4P++/zGlfhLUdBnsvQIg7JyXdpTRPWb7K6ykQiY1XlOZmEL1O7674/GHxKAdcj
16qet+9FyjR4y5+CkY0GUcLpYZMz1vMnIxu2agEcDQfTDb4MnT1l5Exd3qtrrsgV
x33NHBhyirlaSiFgziKyqvd68Ex13LS90EdBMrfIdG1mmExSK+QLtkOGTPd3gIkH
Ib+kndag4eWliAoqahm2LIuvRBs5J8BgcZa+ge7PbGY9Sx1RdTfdLHsyjWfXRRBR
0DrRAo17bso9RadDhquXLN12i/0yCzqv5JWA/MbbEwqUdxKU06E0rCyZzQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNPptUEPbByaYR+jlxMHA6h+dmOSMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvMC1tMVFROXNISnBoSDZPWEV3Y0RxSDUyWTVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVf4+AwQD
Vf5oAwQAVf50AwQAVf56AwQAn5R9AwQAn5SKAwQAn5SWAwQAn5TeMA0GCSqGSIb3
DQEBCwUAA4IBAQCSvATmJIeoHU6wg0oKuaavfJw9rKQWcn4+y04O0mci50rnvnWu
39qbCTTgQy5Tfj+vdmLbtP/q5OyTo9ZFEKz9bDFmAGFNSs//o5NRXK/nlZLSxv/k
w7NAWRMtfkbLnLXtRFP3J8qt+i+sPPPYNbyCWjmNOmU19N7cd4EGRGj1q/wOmuEa
V/Tzy9zKZKYbV0q89DQyJ/QrTSY41hi3w9IlIHmXdsIyFsQViF7eAu4pA22JGZjm
bFGt8oSGeZxefSIPNWhoAl7g53auZRLcFwepN+54NOqyEbklHfDTfed3hyHa2uOX
av22Ll6CtXO1wZKy2vI0LMVoZcWYHRRue0xv
-----END CERTIFICATE-----
Generated at Thu Mar 21 15:37:20 2024 by rpki-client on console-ams.rpki-client.org