Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/K82nZ8Be9xAPsPKzkF3yJU32qoY.roa
File: K82nZ8Be9xAPsPKzkF3yJU32qoY.roa (raw, json)
Hash identifier: mJXugaJC67LO9G1h7t88a0cCAM+CMfgLziRhBBvuaEw=
Subject key identifier: 2B:CD:A7:67:C0:5E:F7:10:0F:B0:F2:B3:90:5D:F2:25:4D:F6:AA:86
Certificate issuer: /CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Certificate serial: 018B70DA4A4A17F9544DC6376F590AD03395
Authority key identifier: 59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/K82nZ8Be9xAPsPKzkF3yJU32qoY.roa
Signing time: Fri 27 Oct 2023 11:17:15 +0000
ROA not before: Fri 27 Oct 2023 11:17:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201382
IP address blocks: 213.208.171.0/24 maxlen: 24
85.91.105.0/24 maxlen: 24
85.91.107.0/24 maxlen: 24
85.91.108.0/22 maxlen: 22
85.91.108.0/24 maxlen: 24
85.91.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:70:da:4a:4a:17:f9:54:4d:c6:37:6f:59:0a:d0:33:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Validity
Not Before: Oct 27 11:17:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bcda767c05ef7100fb0f2b3905df2254df6aa86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:32:55:f4:c2:15:ea:2b:86:5c:e9:b9:96:1a:
c3:28:01:17:d0:16:79:7f:b0:9a:14:71:5d:8b:18:
38:10:ab:47:a6:a0:af:8d:f5:4f:e5:1d:4e:0a:dc:
2b:f4:da:9d:01:91:f3:35:47:7d:13:9f:1b:44:ca:
c0:4b:2e:1a:96:6e:0a:2c:30:12:e6:91:86:73:45:
3f:23:4b:20:58:fa:96:c3:64:e0:6f:b1:d5:e9:c6:
07:0b:34:e8:40:12:2f:3c:ee:98:d3:be:6a:e7:c7:
d2:dd:14:0a:74:42:ee:93:94:49:28:1c:f3:af:29:
70:ad:49:8d:8e:49:e8:79:72:c2:5a:f6:66:50:fb:
d3:de:94:26:ff:d9:b6:a0:d6:92:a4:fe:f6:49:93:
13:b4:be:9b:ad:c5:d8:2a:4a:2d:53:36:39:a9:4b:
f1:78:74:4d:23:5f:52:12:a6:22:fe:60:b7:04:0b:
65:1c:51:15:91:3c:09:5f:e5:5f:18:7c:9c:50:b3:
f2:60:76:c8:fe:d2:77:3b:f7:0d:74:c1:71:2f:7b:
cd:ba:10:d1:83:eb:18:de:e5:64:79:a5:4b:c9:e4:
06:01:59:0d:f3:b0:ee:a5:e7:41:10:a6:12:16:50:
ad:a7:db:e3:a9:61:d4:3c:4d:a5:0e:03:8f:bf:a3:
56:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:CD:A7:67:C0:5E:F7:10:0F:B0:F2:B3:90:5D:F2:25:4D:F6:AA:86
X509v3 Authority Key Identifier:
keyid:59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/K82nZ8Be9xAPsPKzkF3yJU32qoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.91.105.0/24
85.91.107.0-85.91.111.255
85.91.123.0/24
213.208.171.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:60:f0:70:32:f6:04:2d:62:38:b7:c4:d1:23:46:bc:ce:18:
da:7a:73:53:5d:a6:1c:6f:6d:c8:01:87:d2:f2:ee:77:d5:76:
02:33:4b:b0:70:99:ca:0e:14:ea:f3:8d:8a:13:d8:a9:f3:04:
b2:49:58:80:21:a5:c0:aa:dd:35:f3:9c:6f:7d:6c:d1:ca:73:
a4:07:48:66:d2:b5:98:d7:ce:6d:a6:0f:ec:06:05:99:5f:25:
0e:ca:34:7a:4b:ab:48:5a:14:14:c9:fe:c4:4b:f3:c7:0a:fd:
55:3c:91:70:c0:a7:3e:5a:5a:fc:62:5e:ac:3b:e5:93:a2:29:
8a:64:07:e0:8f:e8:44:df:c4:ec:7f:4e:a3:8f:11:b5:e7:ec:
75:db:de:2d:e7:71:f2:76:d7:96:7b:62:8d:4d:28:30:1b:1a:
4a:46:d1:dd:d4:68:57:2e:f5:54:5d:e5:12:fd:4a:88:71:15:
0a:af:fa:71:1a:36:7b:d1:05:8b:ee:31:76:56:ad:7b:be:4f:
d5:84:65:4d:6b:b3:b0:6d:df:6d:c8:53:bd:83:d6:89:4f:36:
84:13:03:b8:04:c1:93:e0:25:f5:c7:e2:e6:a5:9e:f7:f5:6e:
97:75:cc:cf:14:14:09:1a:2f:f8:eb:e4:b2:0a:56:40:93:f9:
a7:7f:68:39
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYtw2kpKF/lUTcY3b1kK0DOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZGQ1NDI3ODE4NTFjMGJjZTVhM2VhNWNjMzg3NjUwZmZj
ODI3N2UwHhcNMjMxMDI3MTExNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmNkYTc2N2MwNWVmNzEwMGZiMGYyYjM5MDVkZjIyNTRkZjZhYTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTJV9MIV6iuGXOm5lhrDKAEX0BZ5
f7CaFHFdixg4EKtHpqCvjfVP5R1OCtwr9NqdAZHzNUd9E58bRMrASy4alm4KLDAS
5pGGc0U/I0sgWPqWw2Tgb7HV6cYHCzToQBIvPO6Y075q58fS3RQKdELuk5RJKBzz
rylwrUmNjknoeXLCWvZmUPvT3pQm/9m2oNaSpP72SZMTtL6brcXYKkotUzY5qUvx
eHRNI19SEqYi/mC3BAtlHFEVkTwJX+VfGHycULPyYHbI/tJ3O/cNdMFxL3vNuhDR
g+sY3uVkeaVLyeQGAVkN87DupedBEKYSFlCtp9vjqWHUPE2lDgOPv6NWOQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCvNp2fAXvcQD7Dys5Bd8iVN9qqGMB8GA1UdIwQY
MBaAFFndVCeBhRwLzlo+pcw4dlD/yCd+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYt
NDdlMDkzNzk4OWE4LzEvSzgyblo4QmU5eEFQc1BLemtGM3lKVTMycW9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYtNDdlMDkzNzk4OWE4
LzEvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAVVtpMAwD
BABVW2sDBARVW2ADBABVW3sDBADV0KswDQYJKoZIhvcNAQELBQADggEBAF5g8HAy
9gQtYji3xNEjRrzOGNp6c1NdphxvbcgBh9Ly7nfVdgIzS7BwmcoOFOrzjYoT2Knz
BLJJWIAhpcCq3TXznG99bNHKc6QHSGbStZjXzm2mD+wGBZlfJQ7KNHpLq0haFBTJ
/sRL88cK/VU8kXDApz5aWvxiXqw75ZOiKYpkB+CP6ETfxOx/TqOPEbXn7HXb3i3n
cfJ215Z7Yo1NKDAbGkpG0d3UaFcu9VRd5RL9SohxFQqv+nEaNnvRBYvuMXZWrXu+
T9WEZU1rs7Bt323IU72D1olPNoQTA7gEwZPgJfXH4ualnvf1bpd1zM8UFAkaL/jr
5LIKVkCT+ad/aDk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:33 2024 by rpki-client on console-fra.rpki-client.org