Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/cHlwbLmVZWd9nT_ZTQyc0UKjYjE.roa
File: cHlwbLmVZWd9nT_ZTQyc0UKjYjE.roa (raw, json)
Hash identifier: VKxp80dBapV7eOq6A5C6p1O0bBcPMuYFaDo+/WutViQ=
Subject key identifier: 70:79:70:6C:B9:95:65:67:7D:9D:3F:D9:4D:0C:9C:D1:42:A3:62:31
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0190DE53E85039F0AAFA1E207D7B25030851
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/cHlwbLmVZWd9nT_ZTQyc0UKjYjE.roa
Signing time: Tue 23 Jul 2024 06:42:39 +0000
ROA not before: Tue 23 Jul 2024 06:42:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39347
IP address blocks: 85.121.208.0/21 maxlen: 24
85.122.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 17 Sep 2024 11:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:de:53:e8:50:39:f0:aa:fa:1e:20:7d:7b:25:03:08:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jul 23 06:42:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7079706cb99565677d9d3fd94d0c9cd142a36231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e2:4e:57:5a:2e:39:4b:48:41:48:8f:e7:dc:
dd:03:d8:2a:11:08:bc:d6:14:eb:66:50:f9:c1:ac:
e2:b5:5f:43:0a:0c:ce:51:26:a9:4d:92:88:c9:9c:
5c:a6:69:35:9f:85:ad:a5:97:11:28:6f:cd:26:a3:
41:be:b2:aa:ee:74:53:86:2d:77:83:83:55:96:0e:
ed:41:e4:6e:9c:25:bb:36:af:88:72:35:ad:22:db:
1b:9c:06:db:5e:37:b5:9f:16:0c:55:0a:f3:fe:15:
82:14:99:20:59:51:d2:ad:e0:66:94:c8:45:0c:83:
70:b7:ac:4e:32:57:19:86:75:60:26:01:35:35:3a:
43:04:96:ee:f8:92:64:1b:ed:90:36:6f:39:4c:48:
97:83:a9:36:b1:f5:e7:31:f3:7c:8b:2c:df:39:22:
a1:a2:18:42:4c:1c:1c:54:69:4e:ad:18:2e:be:d1:
60:4c:37:f9:4b:64:ee:5d:7e:91:09:27:76:a7:98:
58:c4:00:5b:45:92:57:be:f4:33:13:4c:bc:ad:3a:
84:80:cd:55:4e:a2:fc:7f:e9:ba:26:78:52:13:6d:
77:92:bd:57:cd:89:c4:b1:30:ae:e6:0f:26:b9:dc:
cc:7e:d5:20:16:47:df:be:eb:fc:55:db:5e:cb:48:
1d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:79:70:6C:B9:95:65:67:7D:9D:3F:D9:4D:0C:9C:D1:42:A3:62:31
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/cHlwbLmVZWd9nT_ZTQyc0UKjYjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.121.208.0/21
85.122.120.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:15:9b:1b:88:f8:42:cd:65:81:07:63:a6:a9:d6:68:6c:67:
cc:db:63:65:8a:c9:4b:5a:1e:e0:b0:4b:38:0b:93:c8:13:83:
23:e4:22:de:10:7c:11:2d:b9:2a:70:93:33:e2:ad:39:67:51:
d3:98:9d:52:15:6f:3e:c7:1c:30:33:4a:e3:ef:00:da:df:33:
de:2a:bb:a0:8b:5a:5d:85:d4:fd:6e:ae:ef:7f:68:67:56:17:
c0:5f:37:f1:ea:8e:28:53:a4:8f:5b:02:d2:71:d9:5f:2d:65:
e1:6b:8c:84:e3:1e:34:10:fb:b3:4e:08:c9:28:db:a3:ed:33:
62:70:b9:d9:df:b5:1d:07:ca:ff:01:c3:b3:03:a4:db:d2:f4:
f3:03:89:34:1b:af:e5:39:62:26:b2:03:c7:f5:1f:11:05:df:
5b:52:1d:81:94:1f:1c:1c:8e:e3:fd:02:3a:63:b6:16:29:2f:
8c:6c:ce:10:47:87:b4:fa:1c:4a:51:21:8b:be:ff:c4:ec:d5:
71:dd:91:c5:e0:95:00:09:ba:53:33:ac:40:b2:c3:55:00:c0:
db:67:27:dc:5d:5a:db:ef:83:1c:3d:db:a6:38:dd:69:b2:b1:
03:37:c8:66:ca:0d:a5:68:2e:24:76:5f:2d:9b:89:92:f7:ac:
1b:98:a6:70
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZDeU+hQOfCq+h4gfXslAwhRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwNzIzMDY0MjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDc5NzA2Y2I5OTU2NTY3N2Q5ZDNmZDk0ZDBjOWNkMTQyYTM2MjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneJOV1ouOUtIQUiP59zdA9gqEQi8
1hTrZlD5wazitV9DCgzOUSapTZKIyZxcpmk1n4WtpZcRKG/NJqNBvrKq7nRThi13
g4NVlg7tQeRunCW7Nq+IcjWtItsbnAbbXje1nxYMVQrz/hWCFJkgWVHSreBmlMhF
DINwt6xOMlcZhnVgJgE1NTpDBJbu+JJkG+2QNm85TEiXg6k2sfXnMfN8iyzfOSKh
ohhCTBwcVGlOrRguvtFgTDf5S2TuXX6RCSd2p5hYxABbRZJXvvQzE0y8rTqEgM1V
TqL8f+m6JnhSE213kr1XzYnEsTCu5g8mudzMftUgFkffvuv8Vdtey0gdbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHB5cGy5lWVnfZ0/2U0MnNFCo2IxMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvY0hsd2JMbVZaV2Q5blRfWlRReWMwVUtqWWpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDVXnQAwQC
VXp4MA0GCSqGSIb3DQEBCwUAA4IBAQBcFZsbiPhCzWWBB2OmqdZobGfM22NlislL
Wh7gsEs4C5PIE4Mj5CLeEHwRLbkqcJMz4q05Z1HTmJ1SFW8+xxwwM0rj7wDa3zPe
Krugi1pdhdT9bq7vf2hnVhfAXzfx6o4oU6SPWwLScdlfLWXha4yE4x40EPuzTgjJ
KNuj7TNicLnZ37UdB8r/AcOzA6Tb0vTzA4k0G6/lOWImsgPH9R8RBd9bUh2BlB8c
HI7j/QI6Y7YWKS+MbM4QR4e0+hxKUSGLvv/E7NVx3ZHF4JUACbpTM6xAssNVAMDb
ZyfcXVrb74McPdumON1psrEDN8hmyg2laC4kdl8tm4mS96wbmKZw
-----END CERTIFICATE-----
Generated at Tue Sep 17 15:54:04 2024 by rpki-client on console-fra.rpki-client.org