Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/39svNQeANE_HRbewvlBb4YaErjc.roa
File: 39svNQeANE_HRbewvlBb4YaErjc.roa (raw, json)
Hash identifier: xHp/QYzlmIKg9DmW2YjsqDme+Ol26pnmCwGLeEjrVU8=
Subject key identifier: DF:DB:2F:35:07:80:34:4F:C7:45:B7:B0:BE:50:5B:E1:86:84:AE:37
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018586734D91032FE13F9FC9BF0ECFED03B6
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/39svNQeANE_HRbewvlBb4YaErjc.roa
Signing time: Fri 06 Jan 2023 09:39:41 +0000
ROA not before: Fri 06 Jan 2023 09:39:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 85.254.137.0/24 maxlen: 24
85.254.30.0/24 maxlen: 24
85.254.29.0/24 maxlen: 24
85.254.140.0/24 maxlen: 24
85.254.47.0/24 maxlen: 24
85.254.59.0/24 maxlen: 24
85.254.84.0/23 maxlen: 23
85.254.103.0/24 maxlen: 24
85.254.124.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:86:73:4d:91:03:2f:e1:3f:9f:c9:bf:0e:cf:ed:03:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 6 09:39:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfdb2f350780344fc745b7b0be505be18684ae37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c0:ff:80:3d:94:a1:39:a7:05:56:cf:b8:a9:
eb:9a:e4:73:1a:30:d4:5e:36:72:fa:f5:be:29:3c:
64:86:76:09:3f:91:5a:0c:1b:f5:d2:88:28:10:f3:
0f:38:b6:e7:e7:e3:8f:b1:20:13:8b:d3:a8:d6:cc:
13:d5:5f:1b:32:03:c7:b7:f2:78:06:56:cb:b6:51:
2c:dc:75:fb:f7:e7:85:e1:09:13:30:76:51:07:01:
71:32:72:ea:ef:4b:cd:91:52:dd:52:19:aa:20:b1:
ac:22:47:7f:84:8c:06:3d:3f:40:f3:48:ee:4b:59:
70:d8:a9:94:3f:29:a5:13:4b:ac:fb:97:55:e7:06:
dd:83:c6:00:11:48:c4:87:14:83:8c:6e:02:ba:fc:
72:16:ca:fc:6e:db:f0:bd:09:a2:95:37:fd:17:83:
c1:42:a8:90:87:28:14:23:91:f0:13:7c:71:89:5a:
0d:fc:13:cc:80:60:f9:df:9f:09:d3:83:2b:ee:3c:
12:02:32:7a:57:40:85:e5:dd:54:af:7f:59:67:4e:
9f:3b:6a:71:19:ae:4f:cd:7b:92:63:73:b9:6f:5c:
c5:c1:f3:93:e1:23:9e:a0:3f:d8:e6:d7:f6:f5:13:
0b:8f:92:b9:69:b3:d2:6e:cb:73:30:3a:62:82:ad:
46:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:DB:2F:35:07:80:34:4F:C7:45:B7:B0:BE:50:5B:E1:86:84:AE:37
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/39svNQeANE_HRbewvlBb4YaErjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.29.0-85.254.30.255
85.254.47.0/24
85.254.59.0/24
85.254.84.0/23
85.254.103.0/24
85.254.124.0/23
85.254.137.0/24
85.254.140.0/24
Signature Algorithm: sha256WithRSAEncryption
83:92:0c:11:de:fb:96:5b:eb:27:d1:7f:a4:2a:4f:e8:b5:9e:
83:ca:13:d3:0c:2c:a9:7f:35:0f:d7:d9:02:5f:f8:51:3e:17:
57:8f:1f:0e:5e:a0:fa:a2:24:78:73:7f:39:56:1a:96:a1:02:
4f:5e:f6:43:e5:1a:80:67:c2:9f:1c:1e:d3:6d:30:db:47:94:
63:5a:86:61:66:89:9f:3c:de:59:8a:d6:93:aa:56:a5:ff:65:
b7:e5:34:06:97:9b:90:70:ce:17:04:18:cd:17:1f:76:dc:bd:
b4:12:ab:fc:17:76:26:44:be:de:44:58:52:a9:44:cd:7f:c3:
4a:b0:a9:95:a6:1f:55:28:82:ac:51:12:e0:10:d8:b4:2a:7a:
cb:9f:0b:fe:a3:af:6a:9f:dc:7b:79:f3:2f:b1:e6:59:87:0c:
4c:b1:4c:3b:c0:3a:1d:23:a0:d8:85:93:62:30:63:2a:93:c4:
71:09:04:79:e0:9a:91:63:ab:26:78:4c:6a:07:a8:f9:41:80:
39:31:ad:1f:24:e9:ca:b5:b7:f7:57:8c:10:f4:25:ef:51:ac:
5c:57:0b:a6:c1:67:2d:37:6c:1f:d9:36:74:90:81:2f:d9:40:
47:62:d0:68:e1:62:0e:e7:0d:2b:c8:0b:dc:e5:22:c4:bc:b8:
aa:99:5d:29
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYWGc02RAy/hP5/Jvw7P7QO2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTA2MDkzOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmRiMmYzNTA3ODAzNDRmYzc0NWI3YjBiZTUwNWJlMTg2ODRhZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8D/gD2UoTmnBVbPuKnrmuRzGjDU
XjZy+vW+KTxkhnYJP5FaDBv10ogoEPMPOLbn5+OPsSATi9Oo1swT1V8bMgPHt/J4
BlbLtlEs3HX79+eF4QkTMHZRBwFxMnLq70vNkVLdUhmqILGsIkd/hIwGPT9A80ju
S1lw2KmUPymlE0us+5dV5wbdg8YAEUjEhxSDjG4CuvxyFsr8btvwvQmilTf9F4PB
QqiQhygUI5HwE3xxiVoN/BPMgGD5358J04Mr7jwSAjJ6V0CF5d1Ur39ZZ06fO2px
Ga5PzXuSY3O5b1zFwfOT4SOeoD/Y5tf29RMLj5K5abPSbstzMDpigq1GzQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFN/bLzUHgDRPx0W3sL5QW+GGhK43MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvMzlzdk5RZUFORV9IUmJld3ZsQmI0WWFFcmpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4MAwDBABV/h0D
BABV/h4DBABV/i8DBABV/jsDBAFV/lQDBABV/mcDBAFV/nwDBABV/okDBABV/oww
DQYJKoZIhvcNAQELBQADggEBAIOSDBHe+5Zb6yfRf6QqT+i1noPKE9MMLKl/NQ/X
2QJf+FE+F1ePHw5eoPqiJHhzfzlWGpahAk9e9kPlGoBnwp8cHtNtMNtHlGNahmFm
iZ883lmK1pOqVqX/ZbflNAaXm5BwzhcEGM0XH3bcvbQSq/wXdiZEvt5EWFKpRM1/
w0qwqZWmH1UogqxREuAQ2LQqesufC/6jr2qf3Ht58y+x5lmHDEyxTDvAOh0joNiF
k2IwYyqTxHEJBHngmpFjqyZ4TGoHqPlBgDkxrR8k6cq1t/dXjBD0Je9RrFxXC6bB
Zy03bB/ZNnSQgS/ZQEdi0GjhYg7nDSvIC9zlIsS8uKqZXSk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:37 2023 by rpki-client on console-ams.rpki-client.org