Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/4ae1bd-5864-43f0-b4fd-80a66c0fc884/1/bGxyEbq6iNHmlYbUx72c-pPYV2Y.roa
File: bGxyEbq6iNHmlYbUx72c-pPYV2Y.roa (raw, json)
Hash identifier: y8K2SL+ZdDiwW2R8TcSkcwTQo7f9OwwtGCAhyKtA0aU=
Subject key identifier: 6C:6C:72:11:BA:BA:88:D1:E6:95:86:D4:C7:BD:9C:FA:93:D8:57:66
Certificate issuer: /CN=9bdba95290a985a697763d30ab42f9c3784078b2
Certificate serial: 018571B9E8B3155A2ABDC57864E2A7EC4FBC
Authority key identifier: 9B:DB:A9:52:90:A9:85:A6:97:76:3D:30:AB:42:F9:C3:78:40:78:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9upUpCphaaXdj0wq0L5w3hAeLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/4ae1bd-5864-43f0-b4fd-80a66c0fc884/1/bGxyEbq6iNHmlYbUx72c-pPYV2Y.roa
Signing time: Mon 02 Jan 2023 09:04:47 +0000
ROA not before: Mon 02 Jan 2023 09:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209368
IP address blocks: 85.208.76.0/22 maxlen: 24
2a09:83c0::/29 maxlen: 36
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b9:e8:b3:15:5a:2a:bd:c5:78:64:e2:a7:ec:4f:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bdba95290a985a697763d30ab42f9c3784078b2
Validity
Not Before: Jan 2 09:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c6c7211baba88d1e69586d4c7bd9cfa93d85766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:46:20:71:b9:cc:2b:1d:b3:74:8e:9c:5c:a8:
3e:6e:39:4f:67:4a:c7:c0:21:21:57:87:6a:a9:91:
b6:c5:89:e4:64:05:a4:87:e4:f1:75:80:7a:a4:02:
66:66:2b:36:89:0a:3e:55:21:8d:bd:6c:ac:eb:1d:
1e:79:dc:59:25:fc:fc:ae:3c:20:94:14:b9:02:15:
7e:78:8a:6b:92:44:ce:26:a4:f7:0e:35:5c:f2:72:
b2:66:4b:c0:1a:ad:12:df:e3:1c:1b:cd:a4:d6:f1:
89:82:47:7c:a8:37:31:ee:7b:51:d1:d6:1a:de:05:
72:9b:3d:ca:af:18:ec:49:c3:0a:99:30:f3:13:77:
35:f4:33:1a:eb:a3:f4:ab:64:75:bf:a4:b1:af:42:
94:39:41:ba:5d:31:f6:2f:3e:cb:fb:19:cd:70:8c:
b5:c7:85:95:ce:12:e5:b1:c4:c4:33:74:a0:fd:45:
eb:f5:c9:e5:80:fa:60:f7:e1:cd:e9:56:1e:97:45:
64:31:70:63:b2:39:af:f4:34:af:65:23:9d:17:45:
d5:1b:3e:f1:28:d7:6e:21:44:f9:9c:1d:8e:1a:1f:
16:1e:c3:b2:3e:83:1a:28:26:be:b8:6f:7d:e4:24:
00:86:89:5f:df:98:b0:ce:31:98:7a:03:22:e1:31:
74:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:6C:72:11:BA:BA:88:D1:E6:95:86:D4:C7:BD:9C:FA:93:D8:57:66
X509v3 Authority Key Identifier:
keyid:9B:DB:A9:52:90:A9:85:A6:97:76:3D:30:AB:42:F9:C3:78:40:78:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9upUpCphaaXdj0wq0L5w3hAeLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/4ae1bd-5864-43f0-b4fd-80a66c0fc884/1/bGxyEbq6iNHmlYbUx72c-pPYV2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/4ae1bd-5864-43f0-b4fd-80a66c0fc884/1/m9upUpCphaaXdj0wq0L5w3hAeLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.76.0/22
IPv6:
2a09:83c0::/29
Signature Algorithm: sha256WithRSAEncryption
31:57:d2:dd:be:9b:83:9b:6b:8f:e6:97:82:47:c5:74:3e:28:
1c:6d:e3:5e:78:2f:30:8a:be:5a:34:b8:ae:df:66:e9:92:3d:
d5:52:e7:50:7c:4c:78:13:f6:b2:60:b0:33:60:d9:19:71:64:
79:ed:fb:ef:67:69:6b:8b:3b:ea:1e:07:f4:9d:13:86:de:e7:
17:f9:8d:c9:a1:49:6e:3f:ed:8b:70:90:d6:ad:3f:8f:68:fd:
bf:c8:18:86:90:d7:a6:65:f3:1b:34:6b:3a:46:46:38:18:94:
44:33:91:a5:cc:50:13:35:ec:43:7b:b2:e0:47:e3:92:0e:1f:
55:6e:60:bb:f1:85:54:ff:9a:f7:f6:af:26:b0:48:58:bf:40:
58:2e:e8:69:1a:9e:82:34:93:41:a6:37:d5:42:0f:63:21:ad:
c0:1e:89:8f:84:d6:86:88:be:0b:07:74:97:6b:34:30:2c:a5:
9a:ab:90:4a:08:f4:99:00:3e:15:c6:37:4f:6e:ca:f7:e1:c5:
dd:63:64:90:b0:bb:11:3f:29:25:05:61:26:40:d7:30:84:0f:
5e:e3:81:f8:92:fa:df:5a:f5:23:db:23:a6:d8:3d:75:24:56:
6b:85:f4:cd:18:14:03:85:89:c5:7d:df:b2:1a:41:6b:35:c7:
19:fd:b4:c8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxueizFVoqvcV4ZOKn7E+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZGJhOTUyOTBhOTg1YTY5Nzc2M2QzMGFiNDJmOWMzNzg0
MDc4YjIwHhcNMjMwMTAyMDkwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzZjNzIxMWJhYmE4OGQxZTY5NTg2ZDRjN2JkOWNmYTkzZDg1NzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEYgcbnMKx2zdI6cXKg+bjlPZ0rH
wCEhV4dqqZG2xYnkZAWkh+TxdYB6pAJmZis2iQo+VSGNvWys6x0eedxZJfz8rjwg
lBS5AhV+eIprkkTOJqT3DjVc8nKyZkvAGq0S3+McG82k1vGJgkd8qDcx7ntR0dYa
3gVymz3KrxjsScMKmTDzE3c19DMa66P0q2R1v6Sxr0KUOUG6XTH2Lz7L+xnNcIy1
x4WVzhLlscTEM3Sg/UXr9cnlgPpg9+HN6VYel0VkMXBjsjmv9DSvZSOdF0XVGz7x
KNduIUT5nB2OGh8WHsOyPoMaKCa+uG995CQAholf35iwzjGYegMi4TF0twIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGxschG6uojR5pWG1Me9nPqT2FdmMB8GA1UdIwQY
MBaAFJvbqVKQqYWml3Y9MKtC+cN4QHiyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTl1cFVwQ3BoYWFYZGowd3EwTDV3M2hBZUxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy80YWUxYmQtNTg2NC00M2YwLWI0ZmQt
ODBhNjZjMGZjODg0LzEvYkd4eUVicTZpTkhtbFliVXg3MmMtcFBZVjJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy80YWUxYmQtNTg2NC00M2YwLWI0ZmQtODBhNjZjMGZjODg0
LzEvbTl1cFVwQ3BoYWFYZGowd3EwTDV3M2hBZUxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdBMMA0E
AgACMAcDBQMqCYPAMA0GCSqGSIb3DQEBCwUAA4IBAQAxV9LdvpuDm2uP5peCR8V0
PigcbeNeeC8wir5aNLiu32bpkj3VUudQfEx4E/ayYLAzYNkZcWR57fvvZ2lrizvq
Hgf0nROG3ucX+Y3JoUluP+2LcJDWrT+PaP2/yBiGkNemZfMbNGs6RkY4GJREM5Gl
zFATNexDe7LgR+OSDh9VbmC78YVU/5r39q8msEhYv0BYLuhpGp6CNJNBpjfVQg9j
Ia3AHomPhNaGiL4LB3SXazQwLKWaq5BKCPSZAD4VxjdPbsr34cXdY2SQsLsRPykl
BWEmQNcwhA9e44H4kvrfWvUj2yOm2D11JFZrhfTNGBQDhYnFfd+yGkFrNccZ/bTI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:40 2024 by rpki-client on console-fra.rpki-client.org