Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/4kn2pTvzwKLvq0grGqJUEx6yMJM.roa
File: 4kn2pTvzwKLvq0grGqJUEx6yMJM.roa (raw, json)
Hash identifier: mZg8FmfLaySswLLluOtiWfhZ9RpTWRvcPLTYA+pC7ck=
Subject key identifier: E2:49:F6:A5:3B:F3:C0:A2:EF:AB:48:2B:1A:A2:54:13:1E:B2:30:93
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01856F0231D429B889C308BCABA031A4DB9A
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/4kn2pTvzwKLvq0grGqJUEx6yMJM.roa
Signing time: Sun 01 Jan 2023 20:24:52 +0000
ROA not before: Sun 01 Jan 2023 20:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13194
IP address blocks: 85.254.71.0/24 maxlen: 24
85.254.75.0/24 maxlen: 24
85.254.76.0/24 maxlen: 24
85.254.73.0/24 maxlen: 24
85.254.74.0/24 maxlen: 24
85.254.76.0/22 maxlen: 22
85.254.74.0/23 maxlen: 23
85.254.141.0/24 maxlen: 24
85.254.151.0/24 maxlen: 24
85.254.149.0/24 maxlen: 24
85.254.152.0/22 maxlen: 22
85.254.170.0/24 maxlen: 24
85.254.176.0/23 maxlen: 23
80.81.61.0/24 maxlen: 24
85.254.84.0/23 maxlen: 23
85.254.80.0/22 maxlen: 22
85.254.94.0/24 maxlen: 24
85.254.98.0/23 maxlen: 23
85.254.96.0/22 maxlen: 22
85.254.96.0/23 maxlen: 23
85.254.92.0/22 maxlen: 22
85.254.92.0/23 maxlen: 23
85.254.95.0/24 maxlen: 24
85.254.92.0/24 maxlen: 24
85.254.93.0/24 maxlen: 24
85.254.104.0/21 maxlen: 21
85.254.103.0/24 maxlen: 24
85.254.101.0/24 maxlen: 24
85.254.102.0/24 maxlen: 24
85.254.100.0/24 maxlen: 24
85.254.112.0/21 maxlen: 21
85.254.124.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:31:d4:29:b8:89:c3:08:bc:ab:a0:31:a4:db:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 20:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e249f6a53bf3c0a2efab482b1aa254131eb23093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c4:d0:d0:c2:7f:da:08:28:2e:8c:f7:e5:d4:
b6:47:f1:4a:38:d0:f0:7b:10:67:25:a9:cb:00:39:
84:3c:02:90:32:d1:be:3f:8c:19:1b:a8:e1:e1:ca:
51:d1:46:0a:1e:bd:af:2c:64:69:15:ae:2a:55:94:
f7:12:5c:66:a7:9d:ab:b0:4c:b0:c5:a3:4a:36:bf:
a7:76:41:ff:9f:1d:69:fb:65:00:4a:d7:c2:1c:cd:
f3:68:b4:75:b3:e3:8c:2b:1b:bd:b8:ac:d2:bc:03:
f0:2c:5d:04:5a:de:41:0b:3e:83:cd:d0:c2:a4:f8:
64:4b:a5:c6:65:92:05:c1:4b:0b:e2:b6:d8:f4:97:
82:73:f3:13:5c:ad:55:29:8c:03:fc:d3:56:2c:81:
ec:6c:26:3b:1d:6e:e6:0f:03:a6:46:e7:55:c1:70:
47:8f:42:72:70:0d:b8:90:dc:42:89:22:ab:58:d3:
f9:b2:d9:dd:19:b7:3f:06:06:40:59:d8:83:53:0f:
8d:68:8a:13:e6:30:ca:e9:4d:8b:ea:4e:6e:dd:79:
fd:e7:d9:23:ad:49:f4:a7:6b:6d:ca:c8:89:4e:21:
f6:71:1d:b6:e6:1e:99:c4:69:bf:a0:34:b3:30:35:
ab:86:e7:04:37:0d:6f:67:96:e7:95:99:c0:60:fd:
9e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:49:F6:A5:3B:F3:C0:A2:EF:AB:48:2B:1A:A2:54:13:1E:B2:30:93
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/4kn2pTvzwKLvq0grGqJUEx6yMJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.61.0/24
85.254.71.0/24
85.254.73.0-85.254.85.255
85.254.92.0-85.254.119.255
85.254.124.0/23
85.254.141.0/24
85.254.149.0/24
85.254.151.0-85.254.155.255
85.254.170.0/24
85.254.176.0/23
Signature Algorithm: sha256WithRSAEncryption
02:1f:43:c2:35:80:8a:8a:74:50:cf:c4:7c:12:68:25:44:9c:
e1:b9:58:eb:ea:57:f9:e4:88:a9:76:2b:ea:26:1c:f2:fa:79:
c8:48:02:d6:fd:ab:5c:25:85:b1:78:92:e6:4a:ae:fb:c3:be:
2b:0c:cb:2e:bd:67:5a:71:bd:d9:41:60:52:2a:02:9f:ab:d5:
80:da:66:f0:03:c3:49:ad:e1:54:69:2c:47:35:5a:36:c0:73:
6a:92:90:2f:8e:6e:72:b7:8e:c0:03:4a:5b:9d:15:f8:1f:fd:
c9:96:b0:d0:5f:44:96:9b:c3:08:21:a2:31:02:75:66:3a:cb:
89:1c:53:1a:16:23:4d:76:b0:28:53:6e:66:07:d2:78:8a:bf:
50:84:18:26:cb:63:c0:cf:47:9b:e7:76:61:6a:ba:f8:dc:f1:
2e:c2:85:93:f6:89:d9:1b:98:24:c8:cc:6c:d3:0f:df:a4:76:
3a:07:28:4a:23:18:45:51:d6:31:56:d1:d1:96:6f:55:8b:26:
28:3c:07:b6:38:d2:08:9d:3d:9c:74:02:f1:e4:a7:d4:1a:03:
d8:f7:bf:c5:3b:f8:1f:fb:1c:f3:d8:aa:2c:bf:22:95:c0:9a:
5c:97:5b:bf:ad:9e:dc:cd:34:0c:c1:2b:06:57:0e:96:c5:46:
6c:01:16:b9
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYVvAjHUKbiJwwi8q6AxpNuaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTAxMjAyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjQ5ZjZhNTNiZjNjMGEyZWZhYjQ4MmIxYWEyNTQxMzFlYjIzMDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocTQ0MJ/2ggoLoz35dS2R/FKONDw
exBnJanLADmEPAKQMtG+P4wZG6jh4cpR0UYKHr2vLGRpFa4qVZT3Elxmp52rsEyw
xaNKNr+ndkH/nx1p+2UAStfCHM3zaLR1s+OMKxu9uKzSvAPwLF0EWt5BCz6DzdDC
pPhkS6XGZZIFwUsL4rbY9JeCc/MTXK1VKYwD/NNWLIHsbCY7HW7mDwOmRudVwXBH
j0JycA24kNxCiSKrWNP5stndGbc/BgZAWdiDUw+NaIoT5jDK6U2L6k5u3Xn959kj
rUn0p2ttysiJTiH2cR225h6ZxGm/oDSzMDWrhucENw1vZ5bnlZnAYP2exwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFOJJ9qU788Ci76tIKxqiVBMesjCTMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvNGtuMnBUdnp3S0x2cTBnckdxSlVFeDZ5TUpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAUFE9AwQA
Vf5HMAwDBABV/kkDBAFV/lQwDAMEAlX+XAMEA1X+cAMEAVX+fAMEAFX+jQMEAFX+
lTAMAwQAVf6XAwQCVf6YAwQAVf6qAwQBVf6wMA0GCSqGSIb3DQEBCwUAA4IBAQAC
H0PCNYCKinRQz8R8EmglRJzhuVjr6lf55IipdivqJhzy+nnISALW/atcJYWxeJLm
Sq77w74rDMsuvWdacb3ZQWBSKgKfq9WA2mbwA8NJreFUaSxHNVo2wHNqkpAvjm5y
t47AA0pbnRX4H/3JlrDQX0SWm8MIIaIxAnVmOsuJHFMaFiNNdrAoU25mB9J4ir9Q
hBgmy2PAz0eb53Zharr43PEuwoWT9onZG5gkyMxs0w/fpHY6ByhKIxhFUdYxVtHR
lm9ViyYoPAe2ONIInT2cdALx5KfUGgPY97/FO/gf+xzz2KosvyKVwJpcl1u/rZ7c
zTQMwSsGVw6WxUZsARa5
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:37 2023 by rpki-client on console-ams.rpki-client.org