Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/754bd6-fd6a-4dc6-a927-769a0c5eea0d/1/untviCbO0maHpBA56V7JaKoW0QU.roa
File: untviCbO0maHpBA56V7JaKoW0QU.roa (raw, json)
Hash identifier: DRk19W2mHwcJFbQNmguq5MRQ2Ux1qVlpCFF0E11qkm8=
Subject key identifier: BA:7B:6F:88:26:CE:D2:66:87:A4:10:39:E9:5E:C9:68:AA:16:D1:05
Certificate issuer: /CN=3ec14cc607d1f0283848f9a815dbe675e2339a7e
Certificate serial: 01856EAFCD725794A4410AD10ECD8AA4AB9D
Authority key identifier: 3E:C1:4C:C6:07:D1:F0:28:38:48:F9:A8:15:DB:E6:75:E2:33:9A:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsFMxgfR8Cg4SPmoFdvmdeIzmn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/754bd6-fd6a-4dc6-a927-769a0c5eea0d/1/untviCbO0maHpBA56V7JaKoW0QU.roa
Signing time: Sun 01 Jan 2023 18:54:53 +0000
ROA not before: Sun 01 Jan 2023 18:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209327
IP address blocks: 85.209.116.0/22 maxlen: 22
2a09:94c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:cd:72:57:94:a4:41:0a:d1:0e:cd:8a:a4:ab:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec14cc607d1f0283848f9a815dbe675e2339a7e
Validity
Not Before: Jan 1 18:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba7b6f8826ced26687a41039e95ec968aa16d105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0c:07:d8:ec:88:0c:60:e4:bc:b0:8a:ee:19:
85:fa:10:e3:46:87:c4:0a:7b:a9:90:50:0b:30:0d:
0b:91:49:59:0f:c7:75:c7:ee:ee:56:b6:09:f7:97:
53:f9:62:11:e2:e9:91:ab:a3:cf:af:4c:43:89:6e:
68:ea:9f:3d:a0:bb:17:64:69:75:be:7e:63:b1:71:
f0:a3:23:f1:35:03:63:38:7a:72:a2:5b:5c:63:1a:
d8:c7:cb:d3:33:64:51:b4:2d:ae:6b:a2:7b:a2:fb:
c4:fd:99:c6:1e:d1:cd:54:e1:11:c2:06:a3:e9:50:
4b:ab:b5:71:2d:76:43:10:12:05:21:c4:19:4b:1d:
bd:8e:8b:08:11:e0:a9:d3:50:71:0e:70:02:42:0b:
a6:25:f9:d5:83:ba:af:8f:6f:bc:ea:7a:0b:d8:5f:
0a:63:3d:81:f6:5c:f6:6c:b7:8e:cc:5e:85:3e:4e:
24:32:58:36:06:12:7e:25:cb:88:e0:ac:f9:a9:7f:
54:82:85:02:3f:e9:45:43:4a:e7:a7:83:92:cb:92:
6f:4d:b4:aa:25:a7:a3:49:d2:58:e5:36:f1:8d:e3:
e0:00:7f:99:25:4a:ed:bb:75:ae:58:21:d8:1c:4f:
f8:d7:67:e3:56:97:8c:ba:c0:80:7e:56:5d:f3:a9:
25:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:7B:6F:88:26:CE:D2:66:87:A4:10:39:E9:5E:C9:68:AA:16:D1:05
X509v3 Authority Key Identifier:
keyid:3E:C1:4C:C6:07:D1:F0:28:38:48:F9:A8:15:DB:E6:75:E2:33:9A:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsFMxgfR8Cg4SPmoFdvmdeIzmn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/754bd6-fd6a-4dc6-a927-769a0c5eea0d/1/untviCbO0maHpBA56V7JaKoW0QU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/754bd6-fd6a-4dc6-a927-769a0c5eea0d/1/PsFMxgfR8Cg4SPmoFdvmdeIzmn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.116.0/22
IPv6:
2a09:94c0::/29
Signature Algorithm: sha256WithRSAEncryption
30:31:2f:ca:37:69:0b:49:a6:f8:4d:6b:df:78:38:f1:60:38:
13:c8:74:d0:9c:16:69:8e:df:0e:9c:9e:d8:94:1b:55:a9:1e:
29:ec:f4:24:89:ce:5c:ca:9d:03:65:73:c9:d8:af:bd:79:b5:
29:9b:d9:0b:2f:c3:06:5e:40:ca:94:2a:b0:a1:6d:b8:0e:2c:
c8:99:f0:59:bd:98:20:0a:81:8e:c8:a3:04:b5:77:43:22:8e:
82:41:f9:6f:a1:38:5b:76:f2:62:d0:06:b8:bd:90:d8:9d:22:
7e:11:aa:10:b3:be:45:23:a2:b3:97:07:b5:93:f5:a7:f4:88:
c9:31:bc:48:6f:46:16:09:25:67:ac:6b:23:45:cb:74:6f:0e:
b9:d0:51:03:b5:76:55:36:40:80:a7:4e:63:8c:6e:2d:37:09:
ca:17:85:3b:e9:b9:11:28:6f:7f:56:b1:3a:16:bb:be:bb:87:
0e:97:93:75:66:44:28:8b:41:28:5e:ec:24:cb:fd:e9:7c:5a:
9b:2b:21:46:0f:e3:40:14:24:2f:e1:ce:02:86:f3:a0:b1:57:
71:3d:57:bc:d8:f8:0a:1f:bd:d5:50:6b:06:3b:5f:75:92:87:
c0:8f:99:21:e1:13:0f:09:f1:b8:20:e3:ae:46:b9:84:0a:2a:
84:19:36:8e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVur81yV5SkQQrRDs2KpKudMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzE0Y2M2MDdkMWYwMjgzODQ4ZjlhODE1ZGJlNjc1ZTIz
MzlhN2UwHhcNMjMwMTAxMTg1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTdiNmY4ODI2Y2VkMjY2ODdhNDEwMzllOTVlYzk2OGFhMTZkMTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgwH2OyIDGDkvLCK7hmF+hDjRofE
CnupkFALMA0LkUlZD8d1x+7uVrYJ95dT+WIR4umRq6PPr0xDiW5o6p89oLsXZGl1
vn5jsXHwoyPxNQNjOHpyoltcYxrYx8vTM2RRtC2ua6J7ovvE/ZnGHtHNVOERwgaj
6VBLq7VxLXZDEBIFIcQZSx29josIEeCp01BxDnACQgumJfnVg7qvj2+86noL2F8K
Yz2B9lz2bLeOzF6FPk4kMlg2BhJ+JcuI4Kz5qX9UgoUCP+lFQ0rnp4OSy5JvTbSq
JaejSdJY5TbxjePgAH+ZJUrtu3WuWCHYHE/412fjVpeMusCAflZd86klIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLp7b4gmztJmh6QQOeleyWiqFtEFMB8GA1UdIwQY
MBaAFD7BTMYH0fAoOEj5qBXb5nXiM5p+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNGTXhnZlI4Q2c0U1Btb0Zkdm1kZUl6bW40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy83NTRiZDYtZmQ2YS00ZGM2LWE5Mjct
NzY5YTBjNWVlYTBkLzEvdW50dmlDYk8wbWFIcEJBNTZWN0phS29XMFFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy83NTRiZDYtZmQ2YS00ZGM2LWE5MjctNzY5YTBjNWVlYTBk
LzEvUHNGTXhnZlI4Q2c0U1Btb0Zkdm1kZUl6bW40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdF0MA0E
AgACMAcDBQMqCZTAMA0GCSqGSIb3DQEBCwUAA4IBAQAwMS/KN2kLSab4TWvfeDjx
YDgTyHTQnBZpjt8OnJ7YlBtVqR4p7PQkic5cyp0DZXPJ2K+9ebUpm9kLL8MGXkDK
lCqwoW24DizImfBZvZggCoGOyKMEtXdDIo6CQflvoThbdvJi0Aa4vZDYnSJ+EaoQ
s75FI6Kzlwe1k/Wn9IjJMbxIb0YWCSVnrGsjRct0bw650FEDtXZVNkCAp05jjG4t
NwnKF4U76bkRKG9/VrE6Fru+u4cOl5N1ZkQoi0EoXuwky/3pfFqbKyFGD+NAFCQv
4c4ChvOgsVdxPVe82PgKH73VUGsGO191kofAj5kh4RMPCfG4IOOuRrmECiqEGTaO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:13 2024 by rpki-client on console-ams.rpki-client.org