Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/4ae1bd-5864-43f0-b4fd-80a66c0fc884/1/EvM-7aSntmvgFORczSD79-sTn_8.roa
File: EvM-7aSntmvgFORczSD79-sTn_8.roa (raw, json)
Hash identifier: 1SBxsMPga2OV5fj97eYGKF5BqV3jrTg+1d590Edkjl0=
Subject key identifier: 12:F3:3E:ED:A4:A7:B6:6B:E0:14:E4:5C:CD:20:FB:F7:EB:13:9F:FF
Certificate issuer: /CN=9bdba95290a985a697763d30ab42f9c3784078b2
Certificate serial: 018CCA2A0B7FF37F2093FB9638767957695C
Authority key identifier: 9B:DB:A9:52:90:A9:85:A6:97:76:3D:30:AB:42:F9:C3:78:40:78:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9upUpCphaaXdj0wq0L5w3hAeLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/4ae1bd-5864-43f0-b4fd-80a66c0fc884/1/EvM-7aSntmvgFORczSD79-sTn_8.roa
Signing time: Tue 02 Jan 2024 12:33:22 +0000
ROA not before: Tue 02 Jan 2024 12:33:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209368
IP address blocks: 85.208.76.0/22 maxlen: 24
2a09:83c0::/29 maxlen: 36
Validation: Failed, certificate revoked on Wed 29 May 2024 15:32:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:0b:7f:f3:7f:20:93:fb:96:38:76:79:57:69:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bdba95290a985a697763d30ab42f9c3784078b2
Validity
Not Before: Jan 2 12:33:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12f33eeda4a7b66be014e45ccd20fbf7eb139fff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f3:c9:4e:2b:f4:30:68:d0:81:35:29:06:09:
69:7e:0e:5c:d2:5d:c7:3e:a1:85:f9:75:05:cc:a1:
db:81:4c:f5:d0:69:28:10:99:98:ab:98:98:76:19:
2d:67:3d:07:d1:5e:0e:a2:48:9a:e9:2a:64:f5:00:
b0:a5:75:ea:d0:2f:5d:17:3c:c5:ea:a7:59:a7:18:
c8:43:07:15:ad:3e:23:3f:05:52:61:77:e3:e3:2e:
51:e1:72:67:4a:7b:f0:b7:49:35:4a:55:ca:18:97:
38:e0:b0:c0:ba:52:bb:69:25:30:00:32:d5:e5:ed:
0a:51:a6:43:c5:b8:47:66:3b:7a:2e:90:32:ce:a2:
45:4b:df:c2:98:8e:14:20:b9:fe:dd:d1:e1:02:42:
08:05:80:01:86:c3:0e:fd:35:7b:40:dc:62:2c:12:
a7:ac:a4:5b:73:8f:98:26:e9:c2:77:99:97:da:53:
9a:bd:d2:70:19:a4:97:91:1f:68:3a:d0:10:19:58:
81:b7:bf:8d:c9:c1:8a:95:7e:0d:15:c8:0c:ba:61:
0e:4e:68:57:13:ef:9f:91:42:9f:ab:81:2d:31:b8:
4c:50:34:26:92:cd:8d:49:f2:94:96:1f:44:67:bc:
94:98:c1:7a:d5:44:67:a9:73:3b:62:c6:e6:18:92:
03:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:F3:3E:ED:A4:A7:B6:6B:E0:14:E4:5C:CD:20:FB:F7:EB:13:9F:FF
X509v3 Authority Key Identifier:
keyid:9B:DB:A9:52:90:A9:85:A6:97:76:3D:30:AB:42:F9:C3:78:40:78:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9upUpCphaaXdj0wq0L5w3hAeLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/4ae1bd-5864-43f0-b4fd-80a66c0fc884/1/EvM-7aSntmvgFORczSD79-sTn_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/4ae1bd-5864-43f0-b4fd-80a66c0fc884/1/m9upUpCphaaXdj0wq0L5w3hAeLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.76.0/22
IPv6:
2a09:83c0::/29
Signature Algorithm: sha256WithRSAEncryption
58:d9:8e:86:09:78:90:d8:69:7e:d3:31:08:0f:67:d6:ab:e8:
d5:b9:1e:bd:cc:8a:af:b9:a5:5f:13:dc:a8:80:82:e9:92:20:
4e:f5:36:04:24:86:8e:f3:72:29:d6:e2:74:16:d7:41:f9:4e:
3a:ef:db:23:1e:43:b7:48:00:0d:05:bc:85:de:3e:08:6e:a2:
a2:2a:cf:32:54:38:f0:5b:9f:c7:6f:92:ec:14:8e:be:18:9b:
92:07:8f:2e:d5:5f:e8:22:2a:e9:7d:51:5b:51:88:11:19:28:
af:1b:ff:1e:16:ae:6a:10:0d:75:17:b8:b8:ec:71:7d:eb:9c:
f9:4a:41:3f:1d:e6:9e:58:0e:99:2b:ef:a2:4b:c8:02:02:c3:
69:fb:aa:24:5e:7e:db:7c:66:64:27:53:ab:63:e1:be:b9:16:
7c:0b:20:ab:ec:9e:f3:b3:c0:d7:ee:a6:ab:88:79:05:b8:1f:
bd:36:a3:ed:a2:96:7e:5b:d6:a4:12:fc:da:bb:71:e7:13:c4:
c3:a6:11:bf:db:78:c4:0c:51:92:27:d7:d6:1c:0a:9f:92:ed:
f2:06:19:de:fa:84:1f:fb:08:3b:39:a3:40:df:27:f6:1e:e2:
ec:d3:ec:c0:33:93:a6:0b:91:6b:94:88:3c:92:6b:3f:4e:ee:
62:df:33:e2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKgt/838gk/uWOHZ5V2lcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZGJhOTUyOTBhOTg1YTY5Nzc2M2QzMGFiNDJmOWMzNzg0
MDc4YjIwHhcNMjQwMTAyMTIzMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmYzM2VlZGE0YTdiNjZiZTAxNGU0NWNjZDIwZmJmN2ViMTM5ZmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvPJTiv0MGjQgTUpBglpfg5c0l3H
PqGF+XUFzKHbgUz10GkoEJmYq5iYdhktZz0H0V4Ookia6Spk9QCwpXXq0C9dFzzF
6qdZpxjIQwcVrT4jPwVSYXfj4y5R4XJnSnvwt0k1SlXKGJc44LDAulK7aSUwADLV
5e0KUaZDxbhHZjt6LpAyzqJFS9/CmI4UILn+3dHhAkIIBYABhsMO/TV7QNxiLBKn
rKRbc4+YJunCd5mX2lOavdJwGaSXkR9oOtAQGViBt7+NycGKlX4NFcgMumEOTmhX
E++fkUKfq4EtMbhMUDQmks2NSfKUlh9EZ7yUmMF61URnqXM7YsbmGJIDJwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBLzPu2kp7Zr4BTkXM0g+/frE5//MB8GA1UdIwQY
MBaAFJvbqVKQqYWml3Y9MKtC+cN4QHiyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTl1cFVwQ3BoYWFYZGowd3EwTDV3M2hBZUxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy80YWUxYmQtNTg2NC00M2YwLWI0ZmQt
ODBhNjZjMGZjODg0LzEvRXZNLTdhU250bXZnRk9SY3pTRDc5LXNUbl84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy80YWUxYmQtNTg2NC00M2YwLWI0ZmQtODBhNjZjMGZjODg0
LzEvbTl1cFVwQ3BoYWFYZGowd3EwTDV3M2hBZUxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdBMMA0E
AgACMAcDBQMqCYPAMA0GCSqGSIb3DQEBCwUAA4IBAQBY2Y6GCXiQ2Gl+0zEID2fW
q+jVuR69zIqvuaVfE9yogILpkiBO9TYEJIaO83Ip1uJ0FtdB+U4679sjHkO3SAAN
BbyF3j4IbqKiKs8yVDjwW5/Hb5LsFI6+GJuSB48u1V/oIirpfVFbUYgRGSivG/8e
Fq5qEA11F7i47HF965z5SkE/HeaeWA6ZK++iS8gCAsNp+6okXn7bfGZkJ1OrY+G+
uRZ8CyCr7J7zs8DX7qariHkFuB+9NqPtopZ+W9akEvzau3HnE8TDphG/23jEDFGS
J9fWHAqfku3yBhne+oQf+wg7OaNA3yf2HuLs0+zAM5OmC5FrlIg8kms/Tu5i3zPi
-----END CERTIFICATE-----
Generated at Wed May 29 20:47:46 2024 by rpki-client on console-ams.rpki-client.org