Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/pOd6IIHZDZpfDsCTbqbTr9-wppk.roa
File: pOd6IIHZDZpfDsCTbqbTr9-wppk.roa (raw, json)
Hash identifier: J/B6EQDoFUW5TppY2JGANK8s/Pebmj8zIGFIQNDt8E4=
Subject key identifier: A4:E7:7A:20:81:D9:0D:9A:5F:0E:C0:93:6E:A6:D3:AF:DF:B0:A6:99
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0191461156D29E75B84630F7F19C073EC31E
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/pOd6IIHZDZpfDsCTbqbTr9-wppk.roa
Signing time: Mon 12 Aug 2024 10:10:26 +0000
ROA not before: Mon 12 Aug 2024 10:10:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41496
IP address blocks: 85.122.56.0/23 maxlen: 23
85.122.88.0/21 maxlen: 21
85.122.136.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:46:11:56:d2:9e:75:b8:46:30:f7:f1:9c:07:3e:c3:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Aug 12 10:10:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4e77a2081d90d9a5f0ec0936ea6d3afdfb0a699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:44:3c:57:52:8f:b2:b1:b3:67:d0:65:9a:f2:
be:0d:32:19:a3:f0:02:34:0e:f5:81:20:55:e0:37:
c7:cd:c9:f9:5b:42:ed:f6:63:e2:4c:60:34:02:10:
82:a5:8f:e9:6f:12:aa:ff:32:42:fd:59:6b:d2:a7:
6c:26:f4:a0:5b:93:18:3d:85:46:c4:56:61:b5:95:
42:21:9b:a2:1e:9c:87:48:fb:9d:f6:d3:d4:e5:09:
bd:e3:15:0a:72:ad:48:bb:0c:2b:4c:69:42:97:35:
96:d5:1b:fd:3c:24:49:f2:16:bd:1f:81:1f:34:16:
c5:69:60:ab:2a:48:76:9b:a6:a4:82:bb:96:f6:1d:
67:67:eb:ab:c6:80:a4:78:33:86:54:41:b9:55:8b:
a8:ab:18:54:54:0c:6d:cf:be:15:1a:db:b2:ca:71:
0f:86:85:09:74:03:b4:e1:5b:60:06:35:8e:fd:b6:
a0:68:8f:2b:2e:f5:d1:a2:cc:ec:f3:de:e7:81:d1:
08:90:e6:75:75:d7:f3:cf:e9:a4:2c:ea:91:ad:58:
5c:38:a1:a0:0a:57:19:4f:f2:72:c6:b2:07:40:3f:
94:d3:4e:81:05:9f:a4:9f:ae:dc:63:df:0e:f8:f9:
b8:52:8e:1c:d2:0c:60:aa:50:ff:8d:5c:fe:7a:24:
46:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:E7:7A:20:81:D9:0D:9A:5F:0E:C0:93:6E:A6:D3:AF:DF:B0:A6:99
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/pOd6IIHZDZpfDsCTbqbTr9-wppk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.122.56.0/23
85.122.88.0/21
85.122.136.0/21
Signature Algorithm: sha256WithRSAEncryption
3a:d3:a2:cd:85:00:e1:2c:35:20:6f:c7:13:33:7f:40:a3:3e:
de:a0:2c:f4:27:de:a7:a4:00:fe:92:73:b4:ba:ab:18:0f:33:
55:27:c7:0a:76:c2:20:f7:88:de:ad:4f:e5:a2:77:9e:ec:c3:
bb:73:d9:90:89:79:e4:a4:77:dc:ac:6b:ed:d7:13:71:c9:a5:
8f:52:00:a4:69:c6:f2:95:f3:07:a2:f7:c5:10:84:2b:63:03:
d5:0b:6d:4a:51:53:d2:5d:d0:60:54:3b:ce:bc:36:ea:9b:15:
48:7e:cc:6a:30:10:ab:d2:30:56:cd:58:ed:cf:81:e3:a3:f6:
77:b0:57:74:45:41:3c:58:2c:bc:57:c5:60:1a:ba:08:60:3a:
0c:a8:3b:4f:2e:93:e4:c4:2a:13:af:7b:74:84:3e:04:9e:48:
d4:8f:7a:5a:3b:eb:24:db:e8:0f:36:dd:c8:a9:0b:67:85:a6:
72:06:59:e7:c8:c7:b7:85:b5:a7:5a:ed:15:fb:9b:1b:be:51:
64:b4:f3:61:0b:52:4f:e9:ef:b2:cb:b1:59:48:18:e8:8c:22:
21:34:9f:a1:63:d1:55:2c:c3:d3:17:3e:e2:01:d6:80:a2:b3:
5a:da:56:df:9e:1a:9f:c0:5e:db:ae:9d:03:2e:e7:d7:de:78:
05:83:85:a2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFGEVbSnnW4RjD38ZwHPsMeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwODEyMTAxMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGU3N2EyMDgxZDkwZDlhNWYwZWMwOTM2ZWE2ZDNhZmRmYjBhNjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEQ8V1KPsrGzZ9BlmvK+DTIZo/AC
NA71gSBV4DfHzcn5W0Lt9mPiTGA0AhCCpY/pbxKq/zJC/Vlr0qdsJvSgW5MYPYVG
xFZhtZVCIZuiHpyHSPud9tPU5Qm94xUKcq1IuwwrTGlClzWW1Rv9PCRJ8ha9H4Ef
NBbFaWCrKkh2m6akgruW9h1nZ+urxoCkeDOGVEG5VYuoqxhUVAxtz74VGtuyynEP
hoUJdAO04VtgBjWO/bagaI8rLvXRoszs897ngdEIkOZ1ddfzz+mkLOqRrVhcOKGg
ClcZT/JyxrIHQD+U006BBZ+kn67cY98O+Pm4Uo4c0gxgqlD/jVz+eiRGhwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKTneiCB2Q2aXw7Ak26m06/fsKaZMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvcE9kNklJSFpEWnBmRHNDVGJxYlRyOS13cHBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVXo4AwQD
VXpYAwQDVXqIMA0GCSqGSIb3DQEBCwUAA4IBAQA606LNhQDhLDUgb8cTM39Aoz7e
oCz0J96npAD+knO0uqsYDzNVJ8cKdsIg94jerU/lonee7MO7c9mQiXnkpHfcrGvt
1xNxyaWPUgCkacbylfMHovfFEIQrYwPVC21KUVPSXdBgVDvOvDbqmxVIfsxqMBCr
0jBWzVjtz4Hjo/Z3sFd0RUE8WCy8V8VgGroIYDoMqDtPLpPkxCoTr3t0hD4EnkjU
j3paO+sk2+gPNt3IqQtnhaZyBlnnyMe3hbWnWu0V+5sbvlFktPNhC1JP6e+yy7FZ
SBjojCIhNJ+hY9FVLMPTFz7iAdaAorNa2lbfnhqfwF7brp0DLufX3ngFg4Wi
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:35:48 2025 by rpki-client