Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/RO0HvXOJK5jsa5lA7jw-fWFZ2rA.roa
File: RO0HvXOJK5jsa5lA7jw-fWFZ2rA.roa (raw, json)
Hash identifier: soaFSHTHYLdPXY1qw9SPLnlld/h1NGHq3G0iWHgBz2s=
Subject key identifier: 44:ED:07:BD:73:89:2B:98:EC:6B:99:40:EE:3C:3E:7D:61:59:DA:B0
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 018610F58A1C3F23071BE4111FE1BC03E9D1
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/RO0HvXOJK5jsa5lA7jw-fWFZ2rA.roa
Signing time: Thu 02 Feb 2023 07:09:32 +0000
ROA not before: Thu 02 Feb 2023 07:09:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 85.122.112.0/23 maxlen: 24
85.121.148.0/23 maxlen: 24
85.120.12.0/23 maxlen: 24
194.102.218.0/24 maxlen: 24
217.156.84.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:10:f5:8a:1c:3f:23:07:1b:e4:11:1f:e1:bc:03:e9:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Feb 2 07:09:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44ed07bd73892b98ec6b9940ee3c3e7d6159dab0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8a:22:a4:52:6e:d8:c8:84:e5:4a:34:cb:11:
97:b8:45:c6:3a:32:95:7e:15:99:fd:98:12:b3:de:
17:bd:49:c5:66:1e:7f:87:7e:c7:55:cc:16:62:ba:
a9:5d:7a:42:56:63:dc:88:3c:d5:2b:5b:a0:59:6b:
cb:72:a4:b2:29:19:1b:b3:9e:5d:b7:6a:cd:85:b7:
4f:b3:d7:44:30:23:06:60:3e:52:ca:09:6d:d5:6e:
1e:48:4a:3c:5b:b4:cd:9b:a2:d2:85:a1:64:43:d6:
0b:b2:85:f0:0f:d4:e8:b6:3e:89:48:1c:7d:82:a6:
1f:2d:81:05:57:0a:1c:ff:56:bb:41:a7:41:30:f8:
2e:0f:62:09:5a:48:b7:b8:06:c0:d2:69:5d:f1:74:
50:71:d5:ba:b2:de:bd:d5:8e:72:40:04:55:15:8f:
e3:c7:41:ac:25:00:5c:e8:71:a0:11:83:bd:3e:b3:
37:5a:77:11:f3:29:f0:a4:bf:6e:a6:f2:e2:5f:25:
e3:6a:ba:96:f6:d2:58:d2:1a:e4:ca:82:b6:2a:bb:
e8:73:76:08:4b:45:78:92:79:45:8b:75:77:fc:a7:
c8:1a:43:71:80:26:71:99:16:8b:a9:a8:ef:87:93:
66:d5:8b:d1:60:40:4f:c8:38:5d:e4:6e:d7:00:26:
2a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:ED:07:BD:73:89:2B:98:EC:6B:99:40:EE:3C:3E:7D:61:59:DA:B0
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/RO0HvXOJK5jsa5lA7jw-fWFZ2rA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.120.12.0/23
85.121.148.0/23
85.122.112.0/23
194.102.218.0/24
217.156.84.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:19:c5:02:0b:99:e1:fc:78:cd:24:1b:9e:fd:4e:15:83:02:
b1:1a:27:87:6c:14:76:3b:a8:08:f6:35:1b:70:21:71:43:2a:
db:d8:bc:e4:9d:7e:f1:ca:22:0c:bc:9d:94:2a:6a:67:9a:f0:
d4:2c:1b:52:32:75:65:b3:e7:ba:33:2b:a6:e4:a0:6f:bb:84:
26:4f:70:dc:17:66:96:03:bf:29:1c:82:c0:75:bf:54:49:c0:
d7:be:0c:5e:fb:c5:1c:14:71:dd:23:1a:55:59:c4:19:2e:cf:
27:cb:26:4d:b6:4f:76:32:8d:9f:e0:2e:32:56:cc:c3:06:63:
3f:b5:0d:5e:40:16:2e:d6:70:7c:fc:46:58:bc:da:9c:e3:e9:
84:53:7f:3d:3f:70:d9:8c:9c:1a:e6:a8:b1:e6:51:01:8a:65:
50:cf:41:ad:1a:86:5d:18:34:60:f9:65:b1:97:d3:1b:7a:e1:
b0:f5:be:6f:fb:9a:ee:80:f4:96:9d:b1:35:aa:f9:b7:2d:b7:
43:d1:06:2c:48:11:b4:ea:c1:84:ea:4d:51:31:bd:f1:72:58:
8b:b6:54:64:97:74:75:72:c4:a7:cf:7b:a6:05:81:d5:4b:a7:
ef:da:10:e5:88:0e:4f:32:a8:4f:77:d1:8a:8e:80:e0:dc:05:
07:58:fc:f4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYYQ9YocPyMHG+QRH+G8A+nRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwMjAyMDcwOTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGVkMDdiZDczODkyYjk4ZWM2Yjk5NDBlZTNjM2U3ZDYxNTlkYWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4oipFJu2MiE5Uo0yxGXuEXGOjKV
fhWZ/ZgSs94XvUnFZh5/h37HVcwWYrqpXXpCVmPciDzVK1ugWWvLcqSyKRkbs55d
t2rNhbdPs9dEMCMGYD5Syglt1W4eSEo8W7TNm6LShaFkQ9YLsoXwD9Totj6JSBx9
gqYfLYEFVwoc/1a7QadBMPguD2IJWki3uAbA0mld8XRQcdW6st691Y5yQARVFY/j
x0GsJQBc6HGgEYO9PrM3WncR8ynwpL9upvLiXyXjarqW9tJY0hrkyoK2Krvoc3YI
S0V4knlFi3V3/KfIGkNxgCZxmRaLqajvh5Nm1YvRYEBPyDhd5G7XACYqzwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFETtB71ziSuY7GuZQO48Pn1hWdqwMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvUk8wSHZYT0pLNWpzYTVsQTdqdy1mV0ZaMnJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBVXgMAwQB
VXmUAwQBVXpwAwQAwmbaAwQA2ZxUMA0GCSqGSIb3DQEBCwUAA4IBAQChGcUCC5nh
/HjNJBue/U4VgwKxGieHbBR2O6gI9jUbcCFxQyrb2LzknX7xyiIMvJ2UKmpnmvDU
LBtSMnVls+e6Myum5KBvu4QmT3DcF2aWA78pHILAdb9UScDXvgxe+8UcFHHdIxpV
WcQZLs8nyyZNtk92Mo2f4C4yVszDBmM/tQ1eQBYu1nB8/EZYvNqc4+mEU389P3DZ
jJwa5qix5lEBimVQz0GtGoZdGDRg+WWxl9MbeuGw9b5v+5rugPSWnbE1qvm3LbdD
0QYsSBG06sGE6k1RMb3xcliLtlRkl3R1csSnz3umBYHVS6fv2hDliA5PMqhPd9GK
joDg3AUHWPz0
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:16 2023 by rpki-client on console-ams.rpki-client.org