Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/r24AhEiFFInPaKWF1ayXCYZ_DTE.roa
File: r24AhEiFFInPaKWF1ayXCYZ_DTE.roa (raw, json)
Hash identifier: kZdM47HbKB60kEtTjPl0yr/vIFH0QjFuadyJO7tsvbw=
Subject key identifier: AF:6E:00:84:48:85:14:89:CF:68:A5:85:D5:AC:97:09:86:7F:0D:31
Certificate issuer: /CN=bef5252ccac3f6dc1426b553f2c1c7233acc894b
Certificate serial: 01856F26B146D06046ADBC5CDF6D9FED9FCC
Authority key identifier: BE:F5:25:2C:CA:C3:F6:DC:14:26:B5:53:F2:C1:C7:23:3A:CC:89:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vvUlLMrD9twUJrVT8sHHIzrMiUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/r24AhEiFFInPaKWF1ayXCYZ_DTE.roa
Signing time: Sun 01 Jan 2023 21:04:44 +0000
ROA not before: Sun 01 Jan 2023 21:04:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25248
IP address blocks: 85.207.0.0/16 maxlen: 16
84.244.64.0/18 maxlen: 18
82.99.128.0/18 maxlen: 18
212.158.128.0/19 maxlen: 19
2a02:a40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:b1:46:d0:60:46:ad:bc:5c:df:6d:9f:ed:9f:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bef5252ccac3f6dc1426b553f2c1c7233acc894b
Validity
Not Before: Jan 1 21:04:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af6e008448851489cf68a585d5ac9709867f0d31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2b:5a:c7:60:c7:f0:ad:bd:a8:9f:a4:8e:d0:
76:54:f3:81:15:b5:1b:fd:ea:26:3f:29:e8:a9:6a:
7d:92:74:b5:fe:f5:4c:77:c5:01:a3:c6:52:da:c9:
52:e3:42:26:76:85:7c:69:1b:5d:67:86:82:54:da:
a4:76:08:c8:0d:cb:0a:0e:ee:bf:6f:80:55:ca:c3:
bd:08:ad:4c:38:f7:57:c5:72:96:2a:7e:58:a0:f3:
b3:53:c9:fb:e7:d6:e0:e9:8c:a3:c2:ff:d9:a2:8a:
3f:c0:5f:54:96:34:a2:cc:0c:31:56:27:cd:5c:05:
8b:51:cd:d5:e9:2f:22:cf:c8:8a:ff:94:a6:96:52:
e6:72:55:a4:27:c1:e7:79:37:4c:4f:13:7d:df:12:
84:60:ed:a7:e8:c6:d1:76:3c:25:0e:56:d9:16:dd:
3f:29:45:51:32:84:c0:61:df:66:59:42:4a:3d:e5:
37:36:ff:91:89:e8:fd:62:e6:46:be:98:ac:31:c6:
9d:a6:f2:a6:1b:2a:18:cd:8a:f1:fb:40:33:2b:20:
fd:8b:f2:8c:97:f3:fb:c1:6f:33:3e:de:61:f9:8c:
1a:c6:86:80:fb:99:fe:27:4b:ea:74:cd:ce:66:e4:
df:83:10:5d:2a:7b:a3:21:32:92:a6:c5:bd:09:1b:
51:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:6E:00:84:48:85:14:89:CF:68:A5:85:D5:AC:97:09:86:7F:0D:31
X509v3 Authority Key Identifier:
keyid:BE:F5:25:2C:CA:C3:F6:DC:14:26:B5:53:F2:C1:C7:23:3A:CC:89:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vvUlLMrD9twUJrVT8sHHIzrMiUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/r24AhEiFFInPaKWF1ayXCYZ_DTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/vvUlLMrD9twUJrVT8sHHIzrMiUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.99.128.0/18
84.244.64.0/18
85.207.0.0/16
212.158.128.0/19
IPv6:
2a02:a40::/32
Signature Algorithm: sha256WithRSAEncryption
3a:85:ce:fd:e0:fb:85:ca:f2:cb:6e:74:28:c3:0e:5b:53:9b:
99:5d:97:c5:e9:81:83:bd:b4:70:18:33:00:f1:9b:cd:be:7f:
a6:84:b6:4d:99:df:b5:0b:29:9d:04:ad:73:fc:74:d4:90:b9:
be:84:a3:d4:42:ad:18:3b:d9:f8:b9:a1:91:95:ef:35:5a:ef:
ae:04:3b:ea:1e:64:ee:ed:52:aa:5a:d8:e6:4e:d8:7f:e3:47:
bc:24:8f:53:2c:4b:3d:30:d0:b2:b5:d1:9c:3a:02:ea:36:64:
22:57:ff:55:e5:64:aa:9b:05:e0:1d:85:61:39:a6:f5:b4:ea:
05:22:89:89:cf:6e:69:4e:88:70:b6:07:89:a6:b4:21:53:3a:
aa:6a:4c:7c:ea:ee:be:70:ad:4a:81:ad:4b:b8:76:21:1a:eb:
b6:1f:34:38:9d:9c:22:13:16:c3:ae:07:42:6c:13:53:f6:ca:
fb:8a:96:59:c3:7a:88:2b:38:4c:c3:67:72:57:d3:6a:19:86:
73:dc:08:c4:67:55:0c:27:ec:a2:29:ba:27:7a:d5:b0:77:38:
3e:4d:a3:28:76:c4:69:12:fa:e0:29:ad:e6:4f:ce:a9:5b:4f:
a8:f6:c6:c3:28:0e:2e:c5:93:23:bc:e7:c0:43:bc:3e:82:ed:
1b:e8:77:3e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVvJrFG0GBGrbxc322f7Z/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlZjUyNTJjY2FjM2Y2ZGMxNDI2YjU1M2YyYzFjNzIzM2Fj
Yzg5NGIwHhcNMjMwMTAxMjEwNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjZlMDA4NDQ4ODUxNDg5Y2Y2OGE1ODVkNWFjOTcwOTg2N2YwZDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwytax2DH8K29qJ+kjtB2VPOBFbUb
/eomPynoqWp9knS1/vVMd8UBo8ZS2slS40ImdoV8aRtdZ4aCVNqkdgjIDcsKDu6/
b4BVysO9CK1MOPdXxXKWKn5YoPOzU8n759bg6Yyjwv/Zooo/wF9UljSizAwxVifN
XAWLUc3V6S8iz8iK/5SmllLmclWkJ8HneTdMTxN93xKEYO2n6MbRdjwlDlbZFt0/
KUVRMoTAYd9mWUJKPeU3Nv+Riej9YuZGvpisMcadpvKmGyoYzYrx+0AzKyD9i/KM
l/P7wW8zPt5h+YwaxoaA+5n+J0vqdM3OZuTfgxBdKnujITKSpsW9CRtRbwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFK9uAIRIhRSJz2ilhdWslwmGfw0xMB8GA1UdIwQY
MBaAFL71JSzKw/bcFCa1U/LBxyM6zIlLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnZVbExNckQ5dHdVSnJWVDhzSEhJenJNaVVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9lN2ZjOTgtMTI4YS00NTNkLWJkZmIt
MTFlNWY2ZDEyZWYxLzEvcjI0QWhFaUZGSW5QYUtXRjFheVhDWVpfRFRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9lN2ZjOTgtMTI4YS00NTNkLWJkZmItMTFlNWY2ZDEyZWYx
LzEvdnZVbExNckQ5dHdVSnJWVDhzSEhJenJNaVVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQGUmOAAwQG
VPRAAwMAVc8DBAXUnoAwDQQCAAIwBwMFACoCCkAwDQYJKoZIhvcNAQELBQADggEB
ADqFzv3g+4XK8studCjDDltTm5ldl8XpgYO9tHAYMwDxm82+f6aEtk2Z37ULKZ0E
rXP8dNSQub6Eo9RCrRg72fi5oZGV7zVa764EO+oeZO7tUqpa2OZO2H/jR7wkj1Ms
Sz0w0LK10Zw6Auo2ZCJX/1XlZKqbBeAdhWE5pvW06gUiiYnPbmlOiHC2B4mmtCFT
OqpqTHzq7r5wrUqBrUu4diEa67YfNDidnCITFsOuB0JsE1P2yvuKllnDeogrOEzD
Z3JX02oZhnPcCMRnVQwn7KIpuid61bB3OD5Noyh2xGkS+uApreZPzqlbT6j2xsMo
Di7FkyO858BDvD6C7Rvodz4=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:31:56 2024 by rpki-client on console-ams.rpki-client.org