Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/ca2213-e5a1-4ad2-8a22-768d3fb08e70/1/j16jFCgJC80Dz8ypkBiWpjUGzbU.roa
File: j16jFCgJC80Dz8ypkBiWpjUGzbU.roa (raw, json)
Hash identifier: NJaiJ8A+cH5SthdeEk/hfor2ZVRqdWOFSAdvCjlrcvA=
Subject key identifier: 8F:5E:A3:14:28:09:0B:CD:03:CF:CC:A9:90:18:96:A6:35:06:CD:B5
Certificate issuer: /CN=2cf6136315a52d5247124b7cf369aafb8312227e
Certificate serial: 01856D0ADEC4C462F228B2AAC59EB5A8586B
Authority key identifier: 2C:F6:13:63:15:A5:2D:52:47:12:4B:7C:F3:69:AA:FB:83:12:22:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LPYTYxWlLVJHEkt882mq-4MSIn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/ca2213-e5a1-4ad2-8a22-768d3fb08e70/1/j16jFCgJC80Dz8ypkBiWpjUGzbU.roa
Signing time: Sun 01 Jan 2023 11:15:06 +0000
ROA not before: Sun 01 Jan 2023 11:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200735
IP address blocks: 85.208.237.0/24 maxlen: 24
85.208.236.0/24 maxlen: 24
2a09:8e40::/36 maxlen: 36
2a09:8e40:1000::/36 maxlen: 36
2a09:8e40:2000::/36 maxlen: 36
2a09:8e40:3000::/36 maxlen: 36
2a09:8e40:4000::/36 maxlen: 36
2a09:8e40:5000::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 25 May 2023 10:21:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:de:c4:c4:62:f2:28:b2:aa:c5:9e:b5:a8:58:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cf6136315a52d5247124b7cf369aafb8312227e
Validity
Not Before: Jan 1 11:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f5ea31428090bcd03cfcca9901896a63506cdb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:45:a1:0b:ff:90:3f:89:2f:e4:e7:e0:f5:ae:
92:a5:aa:f1:0e:a0:90:f8:27:c9:67:a7:6a:a7:0c:
62:bc:23:cc:2a:98:65:c1:f3:82:31:67:05:01:86:
03:52:c1:c5:43:1b:57:e7:b1:09:41:0c:ec:7a:48:
8f:c1:58:3b:e1:9e:7a:72:82:3f:38:39:7e:81:f6:
d4:de:8f:fd:af:8c:6d:09:29:f1:1c:d3:68:5b:8c:
5d:37:23:5b:fd:55:40:b7:a3:19:8a:38:75:a7:ed:
75:da:5e:7a:a9:73:77:90:a9:a2:d7:2f:0c:1d:68:
86:6e:c6:ca:f3:30:03:e3:e4:df:ab:fe:c8:7f:f5:
ac:ef:47:40:73:cc:8a:e7:4a:2c:1e:7f:b7:a6:f7:
61:20:7a:92:68:83:b0:f7:c5:b4:84:ed:22:58:ec:
40:6f:49:4a:73:c7:b9:7f:02:5e:42:90:9b:be:f3:
45:fb:40:30:f5:0b:59:28:45:66:05:be:39:d9:c0:
42:5f:f8:7b:88:3c:03:b1:75:dc:a1:b9:9a:14:cf:
b1:4f:86:83:e5:57:72:23:38:09:62:21:82:b5:ce:
f2:75:29:fe:9b:9d:96:e4:63:93:db:b0:3b:47:29:
a1:15:13:3f:5c:79:93:38:4c:de:7f:dc:ab:ef:76:
9c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:5E:A3:14:28:09:0B:CD:03:CF:CC:A9:90:18:96:A6:35:06:CD:B5
X509v3 Authority Key Identifier:
keyid:2C:F6:13:63:15:A5:2D:52:47:12:4B:7C:F3:69:AA:FB:83:12:22:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LPYTYxWlLVJHEkt882mq-4MSIn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ca2213-e5a1-4ad2-8a22-768d3fb08e70/1/j16jFCgJC80Dz8ypkBiWpjUGzbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ca2213-e5a1-4ad2-8a22-768d3fb08e70/1/LPYTYxWlLVJHEkt882mq-4MSIn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.236.0/23
IPv6:
2a09:8e40::-2a09:8e40:5fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
02:b4:4f:78:bd:28:c5:03:17:19:71:25:31:8b:d5:e1:ba:16:
bd:46:17:81:d0:cf:43:99:25:9f:0d:78:07:75:d9:36:6a:e8:
f8:46:3d:74:3a:7f:86:80:73:35:1f:a4:91:92:11:a2:bb:6c:
34:78:a2:56:82:1f:ee:5d:bc:e2:46:c2:87:27:58:55:90:40:
3a:3a:b3:0a:32:06:72:3d:ba:6c:05:a6:ba:2c:86:c3:93:1f:
5a:cb:ed:02:9c:d8:f5:34:e5:e5:de:c6:17:de:4e:4c:85:01:
75:a7:76:63:2a:10:63:00:75:e4:98:3a:4d:1c:67:33:a2:da:
1e:2d:58:ea:a4:e8:67:2e:88:9c:8c:8d:fe:1b:60:06:a6:21:
6a:83:4b:ef:a8:f8:3b:60:a6:fa:7f:29:2d:d6:02:28:5c:b6:
dc:5e:11:cc:13:4c:ab:86:f4:89:06:0d:5f:4e:8a:73:64:8e:
56:c2:dc:0f:ad:ed:be:e4:1d:85:df:f3:17:0f:e1:16:6d:bf:
f1:af:b0:af:bb:80:d0:06:64:99:e7:fc:39:e3:29:25:c5:d9:
1c:1f:e3:22:1f:e6:c8:bc:84:ab:fd:0c:84:8e:2a:8f:30:b1:
f9:76:3e:20:f0:68:90:58:66:13:29:05:ca:b7:7e:70:0f:ff:
aa:d4:4c:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYVtCt7ExGLyKLKqxZ61qFhrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZjYxMzYzMTVhNTJkNTI0NzEyNGI3Y2YzNjlhYWZiODMx
MjIyN2UwHhcNMjMwMTAxMTExNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjVlYTMxNDI4MDkwYmNkMDNjZmNjYTk5MDE4OTZhNjM1MDZjZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0WhC/+QP4kv5Ofg9a6SparxDqCQ
+CfJZ6dqpwxivCPMKphlwfOCMWcFAYYDUsHFQxtX57EJQQzsekiPwVg74Z56coI/
ODl+gfbU3o/9r4xtCSnxHNNoW4xdNyNb/VVAt6MZijh1p+112l56qXN3kKmi1y8M
HWiGbsbK8zAD4+Tfq/7If/Ws70dAc8yK50osHn+3pvdhIHqSaIOw98W0hO0iWOxA
b0lKc8e5fwJeQpCbvvNF+0Aw9QtZKEVmBb452cBCX/h7iDwDsXXcobmaFM+xT4aD
5VdyIzgJYiGCtc7ydSn+m52W5GOT27A7RymhFRM/XHmTOEzef9yr73acFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI9eoxQoCQvNA8/MqZAYlqY1Bs21MB8GA1UdIwQY
MBaAFCz2E2MVpS1SRxJLfPNpqvuDEiJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFBZVFl4V2xMVkpIRWt0ODgybXEtNE1TSW40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9jYTIyMTMtZTVhMS00YWQyLThhMjIt
NzY4ZDNmYjA4ZTcwLzEvajE2akZDZ0pDODBEejh5cGtCaVdwalVHemJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9jYTIyMTMtZTVhMS00YWQyLThhMjItNzY4ZDNmYjA4ZTcw
LzEvTFBZVFl4V2xMVkpIRWt0ODgybXEtNE1TSW40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQBVdDsMBcE
AgACMBEwDwMFBioJjkADBgUqCY5AQDANBgkqhkiG9w0BAQsFAAOCAQEAArRPeL0o
xQMXGXElMYvV4boWvUYXgdDPQ5klnw14B3XZNmro+EY9dDp/hoBzNR+kkZIRorts
NHiiVoIf7l284kbChydYVZBAOjqzCjIGcj26bAWmuiyGw5MfWsvtApzY9TTl5d7G
F95OTIUBdad2YyoQYwB15Jg6TRxnM6LaHi1Y6qToZy6InIyN/htgBqYhaoNL76j4
O2Cm+n8pLdYCKFy23F4RzBNMq4b0iQYNX06Kc2SOVsLcD63tvuQdhd/zFw/hFm2/
8a+wr7uA0AZkmef8OeMpJcXZHB/jIh/myLyEq/0MhI4qjzCx+XY+IPBokFhmEykF
yrd+cA//qtRMBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:05 2024 by rpki-client on console-fra.rpki-client.org