Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Xn2FmXoF8fjOi0e4r-FtNq0ah9Y.roa
File: Xn2FmXoF8fjOi0e4r-FtNq0ah9Y.roa (raw, json)
Hash identifier: GtvaZsnr6exeqv/OzhCSqzd8h6fptQb7ZVryvL7xUrc=
Subject key identifier: 5E:7D:85:99:7A:05:F1:F8:CE:8B:47:B8:AF:E1:6D:36:AD:1A:87:D6
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01856F02369BF3345FFC70E107557D6075B9
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Xn2FmXoF8fjOi0e4r-FtNq0ah9Y.roa
Signing time: Sun 01 Jan 2023 20:24:54 +0000
ROA not before: Sun 01 Jan 2023 20:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15899
IP address blocks: 85.254.9.0/24 maxlen: 24
85.254.10.0/24 maxlen: 24
85.254.8.0/24 maxlen: 24
85.254.11.0/24 maxlen: 24
85.254.14.0/24 maxlen: 24
85.254.15.0/24 maxlen: 24
85.254.13.0/24 maxlen: 24
85.254.12.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:36:9b:f3:34:5f:fc:70:e1:07:55:7d:60:75:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 20:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e7d85997a05f1f8ce8b47b8afe16d36ad1a87d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:eb:eb:43:9d:88:d7:2e:42:ee:38:55:7c:72:
50:3d:22:55:14:ce:7a:d1:58:af:aa:6d:13:cf:87:
58:1a:c8:98:d9:7f:d7:af:69:46:93:ef:ca:a1:d6:
cf:d9:1d:84:fb:41:0c:7b:69:ce:d4:a5:c2:21:cc:
37:86:20:c2:04:bc:e2:3a:80:eb:4d:96:9a:b9:21:
ce:5f:05:75:63:0d:5a:7d:56:4c:ea:75:0b:99:95:
a0:15:ed:b2:c4:d0:c9:5f:75:48:f6:38:d7:97:92:
a6:78:01:f2:27:0d:6d:76:4b:e4:ae:f6:c2:e3:52:
0b:19:fa:c0:eb:d2:ef:ab:b2:81:9f:f4:cc:bc:e5:
40:7f:fa:bd:72:9d:a6:3f:af:82:a9:e2:12:05:7d:
f7:48:07:28:ed:07:3b:e6:74:a9:db:d0:3c:c1:09:
b3:bc:83:eb:04:5a:ec:6e:a6:32:09:0c:db:8c:86:
0c:62:f8:47:be:b5:c4:c9:ef:33:d3:b4:a5:87:7c:
d8:9b:5c:9c:9f:35:6f:31:14:f1:6f:6e:95:83:7f:
8f:2c:87:95:62:6f:fd:56:30:eb:af:ac:ef:72:5c:
ce:21:25:b7:f4:4c:0c:ae:d1:33:93:8a:c3:17:91:
0b:5f:95:08:17:cf:a4:58:dd:db:ad:9a:71:be:6a:
79:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:7D:85:99:7A:05:F1:F8:CE:8B:47:B8:AF:E1:6D:36:AD:1A:87:D6
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Xn2FmXoF8fjOi0e4r-FtNq0ah9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.8.0/21
Signature Algorithm: sha256WithRSAEncryption
80:f7:4a:b7:9e:7d:99:48:a0:8e:c6:c3:8b:25:01:55:17:62:
1d:15:04:da:e9:2a:fe:79:37:b2:1a:e0:8a:fb:64:14:07:c7:
70:85:0e:f3:01:42:7d:52:39:b7:21:e5:4d:7c:d2:e9:21:87:
18:12:2f:ef:30:bd:27:b0:1b:bf:53:f4:76:b5:47:60:91:76:
8c:27:cb:c6:56:64:6f:b9:ad:d9:e0:65:73:b5:b8:8b:c4:f4:
ed:b6:7c:66:89:35:18:9a:66:b5:04:bc:fd:a1:cb:31:1a:22:
76:67:15:6a:9f:36:39:66:f5:ba:9f:1a:a8:fa:39:aa:d9:b0:
23:af:af:6c:b9:ca:b7:79:d1:d9:59:88:c6:33:71:17:18:b1:
98:29:cd:d5:33:5f:46:3c:10:f2:84:98:a3:ac:0a:8f:9d:f1:
8c:1d:84:47:60:92:71:13:9b:b5:9c:5a:96:ae:e1:88:a3:57:
0b:7f:fb:6c:12:4c:a8:ea:9b:7b:2d:08:ae:21:61:6c:2a:39:
b1:23:ff:9f:d6:29:24:57:e6:60:dd:0a:f6:55:67:12:f3:cc:
6e:a1:a9:d7:9f:c4:76:b1:38:6f:66:62:4d:e1:75:40:5f:79:
ad:d5:c1:d8:f7:91:ff:f5:cd:aa:d3:21:62:ed:5a:9c:2e:4f:
60:7a:15:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAjab8zRf/HDhB1V9YHW5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTAxMjAyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTdkODU5OTdhMDVmMWY4Y2U4YjQ3YjhhZmUxNmQzNmFkMWE4N2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6uvrQ52I1y5C7jhVfHJQPSJVFM56
0Vivqm0Tz4dYGsiY2X/Xr2lGk+/KodbP2R2E+0EMe2nO1KXCIcw3hiDCBLziOoDr
TZaauSHOXwV1Yw1afVZM6nULmZWgFe2yxNDJX3VI9jjXl5KmeAHyJw1tdkvkrvbC
41ILGfrA69Lvq7KBn/TMvOVAf/q9cp2mP6+CqeISBX33SAco7Qc75nSp29A8wQmz
vIPrBFrsbqYyCQzbjIYMYvhHvrXEye8z07Slh3zYm1ycnzVvMRTxb26Vg3+PLIeV
Ym/9VjDrr6zvclzOISW39EwMrtEzk4rDF5ELX5UIF8+kWN3brZpxvmp5KQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF59hZl6BfH4zotHuK/hbTatGofWMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvWG4yRm1Yb0Y4ZmpPaTBlNHItRnROcTBhaDlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVf4IMA0G
CSqGSIb3DQEBCwUAA4IBAQCA90q3nn2ZSKCOxsOLJQFVF2IdFQTa6Sr+eTeyGuCK
+2QUB8dwhQ7zAUJ9Ujm3IeVNfNLpIYcYEi/vML0nsBu/U/R2tUdgkXaMJ8vGVmRv
ua3Z4GVztbiLxPTttnxmiTUYmma1BLz9ocsxGiJ2ZxVqnzY5ZvW6nxqo+jmq2bAj
r69sucq3edHZWYjGM3EXGLGYKc3VM19GPBDyhJijrAqPnfGMHYRHYJJxE5u1nFqW
ruGIo1cLf/tsEkyo6pt7LQiuIWFsKjmxI/+f1ikkV+Zg3Qr2VWcS88xuoanXn8R2
sThvZmJN4XVAX3mt1cHY95H/9c2q0yFi7VqcLk9gehXE
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:38 2024 by rpki-client on console-fra.rpki-client.org