Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Snp86p8FE-DE22XOX4JKHEg0S9Q.roa
File: Snp86p8FE-DE22XOX4JKHEg0S9Q.roa (raw, json)
Hash identifier: z6Stqn1edKl261/BVrUspeNEX7wGa3uM409lxajk7cc=
Subject key identifier: 4A:7A:7C:EA:9F:05:13:E0:C4:DB:65:CE:5F:82:4A:1C:48:34:4B:D4
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185738FDB4DBA90630D3EB5D5F1C741D20D
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Snp86p8FE-DE22XOX4JKHEg0S9Q.roa
Signing time: Mon 02 Jan 2023 17:38:05 +0000
ROA not before: Mon 02 Jan 2023 17:38:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 85.202.161.0/24 maxlen: 24
2a0b:b87:ffef::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 28 Feb 2023 10:44:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:db:4d:ba:90:63:0d:3e:b5:d5:f1:c7:41:d2:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a7a7cea9f0513e0c4db65ce5f824a1c48344bd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6e:cc:54:40:ea:9a:b4:a6:91:56:16:09:fe:
63:5c:76:77:a7:78:91:4b:a4:98:88:1a:9e:8b:f1:
23:bb:2b:85:b1:ab:05:fb:3c:46:bf:ba:14:67:a4:
a5:57:68:d3:73:9f:67:88:b0:df:c4:17:63:3f:2e:
fd:4d:c9:48:d4:03:8d:71:8f:bb:c8:ac:7c:d7:d9:
e7:42:92:bd:c8:29:d4:a0:12:2c:10:fb:3d:58:17:
7b:96:74:72:e4:59:6d:e1:72:18:9f:b9:19:b3:91:
9c:69:60:96:2f:6e:79:7f:e2:e9:be:f3:05:12:2b:
b7:5a:96:9a:b3:33:ba:a7:3a:2b:2b:e6:a3:58:fe:
49:e8:b3:c5:fd:24:95:cc:68:e4:ac:e7:a8:17:09:
dc:5f:9d:68:fd:19:dd:b8:af:7f:28:26:90:3d:f1:
19:74:98:05:1f:2e:f7:6d:0b:35:a8:60:d8:a0:a7:
dd:76:4a:d5:7d:b5:d6:74:3c:c1:6f:3a:3d:06:bd:
b6:63:8f:ef:14:30:31:e0:b3:43:33:ce:a2:64:9d:
92:22:92:24:41:e4:f8:c1:4b:32:2d:dd:aa:df:5f:
92:16:92:41:b7:f3:f8:11:ae:1f:77:ca:f1:d9:12:
60:11:f1:ba:3c:ab:0c:7c:c4:81:5c:a6:07:70:14:
24:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:7A:7C:EA:9F:05:13:E0:C4:DB:65:CE:5F:82:4A:1C:48:34:4B:D4
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Snp86p8FE-DE22XOX4JKHEg0S9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.161.0/24
IPv6:
2a0b:b87:ffef::/48
Signature Algorithm: sha256WithRSAEncryption
16:8d:0a:03:1d:f6:a3:b8:1e:91:26:60:c6:d0:02:86:4a:c9:
e4:60:65:eb:4e:8a:38:43:9f:9a:c1:34:52:c6:1a:76:1c:a6:
ed:67:b2:d3:4d:12:e1:fc:4b:33:a7:3d:4d:2c:96:d5:08:df:
d0:f9:c0:d9:10:c4:70:63:c2:ff:7c:ee:63:34:3c:13:15:03:
9e:e1:88:2f:c5:07:73:db:f5:2e:b1:28:dc:dc:78:3c:8f:28:
6a:f8:b3:62:b5:ec:7f:c0:45:c3:36:4c:db:01:15:b7:e0:1c:
dc:b2:1a:23:08:3b:44:8d:64:ef:29:97:c1:f9:53:5c:93:d8:
ba:ff:58:9d:fc:0c:36:64:b8:ff:32:24:f5:e6:99:1c:6b:e6:
1c:8b:82:4e:76:58:15:62:8e:1b:b8:b3:65:86:f0:9b:c7:69:
28:f2:65:bf:ad:f4:d1:38:6d:49:06:2d:73:19:16:11:b3:06:
e7:d6:cb:5d:5c:a2:76:9d:03:fb:9c:38:95:fb:e5:49:99:47:
b1:fd:15:6d:3a:1f:1b:25:b4:68:33:06:a0:ca:12:06:d8:e9:
21:e7:20:67:cb:a3:51:ed:b0:9d:b6:5b:47:05:dd:53:2e:96:
f6:6b:af:59:98:d6:1d:c1:df:49:ac:29:d6:66:41:c9:79:10:
a3:d9:cd:c4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVzj9tNupBjDT611fHHQdINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTdhN2NlYTlmMDUxM2UwYzRkYjY1Y2U1ZjgyNGExYzQ4MzQ0YmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvW7MVEDqmrSmkVYWCf5jXHZ3p3iR
S6SYiBqei/EjuyuFsasF+zxGv7oUZ6SlV2jTc59niLDfxBdjPy79TclI1AONcY+7
yKx819nnQpK9yCnUoBIsEPs9WBd7lnRy5Flt4XIYn7kZs5GcaWCWL255f+LpvvMF
Eiu3WpaaszO6pzorK+ajWP5J6LPF/SSVzGjkrOeoFwncX51o/RnduK9/KCaQPfEZ
dJgFHy73bQs1qGDYoKfddkrVfbXWdDzBbzo9Br22Y4/vFDAx4LNDM86iZJ2SIpIk
QeT4wUsyLd2q31+SFpJBt/P4Ea4fd8rx2RJgEfG6PKsMfMSBXKYHcBQkvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEp6fOqfBRPgxNtlzl+CShxINEvUMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvU25wODZwOEZFLURFMjJYT1g0SktIRWcwUzlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAVcqhMA8E
AgACMAkDBwAqCwuH/+8wDQYJKoZIhvcNAQELBQADggEBABaNCgMd9qO4HpEmYMbQ
AoZKyeRgZetOijhDn5rBNFLGGnYcpu1nstNNEuH8SzOnPU0sltUI39D5wNkQxHBj
wv987mM0PBMVA57hiC/FB3Pb9S6xKNzceDyPKGr4s2K17H/ARcM2TNsBFbfgHNyy
GiMIO0SNZO8pl8H5U1yT2Lr/WJ38DDZkuP8yJPXmmRxr5hyLgk52WBVijhu4s2WG
8JvHaSjyZb+t9NE4bUkGLXMZFhGzBufWy11conadA/ucOJX75UmZR7H9FW06Hxsl
tGgzBqDKEgbY6SHnIGfLo1HtsJ22W0cF3VMulvZrr1mY1h3B30msKdZmQcl5EKPZ
zcQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:39 2024 by rpki-client on console-ams.rpki-client.org