Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/iKcgJsBk4Z2lxBX8bGjdvoYpKSc.roa
File: iKcgJsBk4Z2lxBX8bGjdvoYpKSc.roa (raw, json)
Hash identifier: pnecujLZ2WUJKCXgspNe/dYPy6LPpi50uxJFcQoQxrA=
Subject key identifier: 88:A7:20:26:C0:64:E1:9D:A5:C4:15:FC:6C:68:DD:BE:86:29:29:27
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01856F024F3340947E23927109480625102B
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/iKcgJsBk4Z2lxBX8bGjdvoYpKSc.roa
Signing time: Sun 01 Jan 2023 20:25:00 +0000
ROA not before: Sun 01 Jan 2023 20:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202221
IP address blocks: 85.254.31.0/24 maxlen: 24
85.254.146.0/24 maxlen: 24
159.148.174.0/24 maxlen: 24
159.148.173.0/24 maxlen: 24
159.148.104.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:4f:33:40:94:7e:23:92:71:09:48:06:25:10:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 20:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88a72026c064e19da5c415fc6c68ddbe86292927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e3:58:dd:ee:3d:50:61:29:59:f5:f9:01:fa:
ee:7d:1b:4e:b8:5b:6b:a2:9f:55:30:32:49:44:c3:
fe:84:03:62:15:7b:44:d7:e2:7e:d3:01:15:27:75:
05:ee:6c:80:74:51:6f:1e:58:98:26:0f:59:47:a3:
7c:37:34:40:ff:86:30:51:0f:87:82:24:be:db:04:
67:70:ce:f2:dc:0a:2d:38:8f:be:4e:dc:e5:19:ef:
1a:c2:2d:64:f2:fd:4d:2c:53:39:5f:78:85:79:75:
97:10:4c:1d:e5:fa:1b:bc:52:39:80:47:f9:c8:25:
f7:ff:d1:b7:e3:73:44:85:e6:c8:0e:d2:3a:ca:ea:
e7:7c:b4:74:6f:67:c0:29:7e:a2:74:9e:07:48:25:
e0:f5:49:58:ae:56:55:07:4d:94:08:7a:ed:79:16:
00:4b:df:b5:1c:ac:e1:83:53:40:84:11:3d:92:8e:
3f:35:b4:01:78:df:fb:b2:23:fa:fe:4f:fa:38:70:
6e:c2:8a:23:0e:13:d5:49:7e:e1:6e:42:00:05:86:
9d:bb:22:f8:31:c5:5e:2c:29:93:46:71:49:81:93:
2e:ea:08:04:58:e9:68:cd:5a:be:bf:45:6d:7e:a5:
9e:a7:b6:c0:7d:fc:c4:bd:20:7e:de:77:9f:7d:19:
e0:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A7:20:26:C0:64:E1:9D:A5:C4:15:FC:6C:68:DD:BE:86:29:29:27
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/iKcgJsBk4Z2lxBX8bGjdvoYpKSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.31.0/24
85.254.146.0/24
159.148.104.0/23
159.148.173.0-159.148.174.255
Signature Algorithm: sha256WithRSAEncryption
61:23:b2:f0:0c:81:c0:f0:7c:8d:42:1d:bc:0a:8e:09:74:88:
90:fb:57:17:42:ac:88:68:6b:65:7e:c3:7c:b5:ea:50:9d:e4:
f7:6d:52:66:5c:48:43:51:28:38:cd:df:af:12:3c:75:e3:d2:
94:7e:82:1c:e0:2e:df:39:5c:ed:0b:87:8a:1d:6a:9b:b8:5d:
9c:f0:3a:e8:2f:c3:38:98:6d:13:d9:e7:cd:11:3e:a0:a4:f9:
4a:9d:73:a1:1a:07:44:36:e7:47:e7:e0:1e:04:ae:9a:60:2d:
8a:b2:a2:7d:b7:3d:d6:ba:82:d9:4e:bc:ab:e7:0b:e4:d0:3a:
2d:2b:0f:6f:44:93:d8:a2:25:a9:45:3e:b6:3d:49:49:d4:e9:
d0:a1:cc:ef:fa:70:6c:1b:61:d7:4a:7f:bc:4d:5a:16:0f:45:
a2:5d:17:0a:d5:e5:0e:c3:a8:0b:e8:0e:8d:a1:0e:cb:3a:63:
1b:72:0b:84:75:27:47:39:7e:bf:09:1b:79:48:96:6a:81:6c:
c9:53:3a:71:3d:f1:0d:b5:25:22:da:b6:dd:54:2b:a8:81:eb:
be:d9:ad:c8:b8:ac:62:84:51:d4:bb:03:ab:83:5e:5a:6d:b5:
e1:fe:5c:0a:16:03:ab:fe:a1:ae:e3:d7:86:e3:f5:39:c2:33:
f9:50:3a:e9
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVvAk8zQJR+I5JxCUgGJRArMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTAxMjAyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGE3MjAyNmMwNjRlMTlkYTVjNDE1ZmM2YzY4ZGRiZTg2MjkyOTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeNY3e49UGEpWfX5AfrufRtOuFtr
op9VMDJJRMP+hANiFXtE1+J+0wEVJ3UF7myAdFFvHliYJg9ZR6N8NzRA/4YwUQ+H
giS+2wRncM7y3AotOI++TtzlGe8awi1k8v1NLFM5X3iFeXWXEEwd5fobvFI5gEf5
yCX3/9G343NEhebIDtI6yurnfLR0b2fAKX6idJ4HSCXg9UlYrlZVB02UCHrteRYA
S9+1HKzhg1NAhBE9ko4/NbQBeN/7siP6/k/6OHBuwoojDhPVSX7hbkIABYaduyL4
McVeLCmTRnFJgZMu6ggEWOlozVq+v0VtfqWep7bAffzEvSB+3neffRnguwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIinICbAZOGdpcQV/Gxo3b6GKSknMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvaUtjZ0pzQms0WjJseEJYOGJHamR2b1lwS1NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAVf4fAwQA
Vf6SAwQBn5RoMAwDBACflK0DBACflK4wDQYJKoZIhvcNAQELBQADggEBAGEjsvAM
gcDwfI1CHbwKjgl0iJD7VxdCrIhoa2V+w3y16lCd5PdtUmZcSENRKDjN368SPHXj
0pR+ghzgLt85XO0Lh4odapu4XZzwOugvwziYbRPZ580RPqCk+Uqdc6EaB0Q250fn
4B4ErppgLYqyon23Pda6gtlOvKvnC+TQOi0rD29Ek9iiJalFPrY9SUnU6dChzO/6
cGwbYddKf7xNWhYPRaJdFwrV5Q7DqAvoDo2hDss6YxtyC4R1J0c5fr8JG3lIlmqB
bMlTOnE98Q21JSLatt1UK6iB677Zrci4rGKEUdS7A6uDXlptteH+XAoWA6v+oa7j
14bj9TnCM/lQOuk=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:31:48 2024 by rpki-client on console-ams.rpki-client.org