Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/akoxDb9wC45Ql2Km1AHnAfgerBk.roa
File: akoxDb9wC45Ql2Km1AHnAfgerBk.roa (raw, json)
Hash identifier: 7HH4KoqT/F/WFsG0ivf8maaEmUlH54ipqoliUQmsbyw=
Subject key identifier: 6A:4A:31:0D:BF:70:0B:8E:50:97:62:A6:D4:01:E7:01:F8:1E:AC:19
Certificate issuer: /CN=4b48cf146b4c73d274096d705708d24b729329f8
Certificate serial: 0186124271C199A67CE617A7D41C7C7125D1
Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/akoxDb9wC45Ql2Km1AHnAfgerBk.roa
Signing time: Thu 02 Feb 2023 13:13:09 +0000
ROA not before: Thu 02 Feb 2023 13:13:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205467
IP address blocks: 85.12.0.0/22 maxlen: 24
2a01:788:213::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 04 Dec 2023 10:54:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:12:42:71:c1:99:a6:7c:e6:17:a7:d4:1c:7c:71:25:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8
Validity
Not Before: Feb 2 13:13:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a4a310dbf700b8e509762a6d401e701f81eac19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:63:89:a2:e7:49:b5:75:e1:25:76:dd:1c:54:
35:4b:ca:d3:7c:3f:3f:40:31:ee:0d:f1:fd:4d:f5:
22:61:6d:53:88:66:43:8f:8a:2d:88:5e:4e:6e:ed:
fb:72:31:ec:00:10:f7:2e:e6:68:d9:7a:e5:42:cc:
17:9c:b2:1d:d9:50:92:09:f4:5d:4c:8d:2c:aa:cb:
5b:90:8a:1c:9b:33:9a:5a:db:1f:d9:9f:6b:35:d4:
39:b5:b9:79:28:f2:b3:b9:f1:df:3a:b7:08:71:4f:
5a:5d:33:97:a0:f0:14:55:0b:d4:e0:70:c9:56:76:
bf:3a:28:74:88:15:47:2f:93:a7:ab:ff:30:73:cd:
98:fe:45:be:93:d8:53:86:88:45:9b:8e:c7:98:75:
e4:6b:3c:1f:29:fc:a7:c8:18:c9:1a:ff:1e:fd:c4:
c1:4a:1d:25:91:0f:b7:ed:a9:a3:e8:c1:c0:6a:5a:
ae:0b:3b:74:f8:f9:dc:e1:92:2b:15:78:43:56:5b:
c2:3b:11:d2:62:de:11:80:42:67:67:57:89:3d:5b:
9f:6c:9f:b8:b4:8f:a8:a2:29:a6:d0:d8:eb:6e:43:
ef:09:da:e7:49:78:b2:84:b9:1c:b2:76:1e:4d:a7:
e2:ad:af:cd:50:7a:19:6e:c9:48:f2:bc:44:8b:5b:
e9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:4A:31:0D:BF:70:0B:8E:50:97:62:A6:D4:01:E7:01:F8:1E:AC:19
X509v3 Authority Key Identifier:
keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/akoxDb9wC45Ql2Km1AHnAfgerBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.12.0.0/22
IPv6:
2a01:788:213::/48
Signature Algorithm: sha256WithRSAEncryption
6d:9f:29:63:a3:81:90:77:e4:a4:30:92:49:0c:4d:5e:ae:0c:
10:1a:73:5e:35:93:41:dc:6f:25:46:76:45:45:d6:c5:16:43:
0b:68:02:2e:df:90:d4:bc:f8:50:c8:61:4d:f9:34:2a:0d:d4:
79:2b:49:57:d9:80:8e:cf:74:01:3d:83:52:f3:7d:c1:e1:29:
52:21:eb:e0:0f:4d:ea:f3:37:20:c0:4d:5d:7f:48:e4:aa:59:
b2:ed:65:a8:7a:e2:f6:88:37:5a:82:63:d5:6b:3c:18:37:e1:
73:4e:ca:35:63:60:fb:30:03:be:f8:96:33:13:83:e7:d6:99:
8e:30:ed:0d:4f:0c:6d:5c:f4:ad:d5:3a:22:36:88:85:48:d5:
58:c0:3c:4e:a6:8b:28:0b:f0:e2:38:ed:61:b9:99:63:27:07:
4c:e2:8a:45:3a:85:3d:f0:32:82:bb:d3:b8:64:96:ea:4d:69:
96:fd:16:98:eb:eb:03:17:34:e9:5f:7f:1b:cd:e7:8a:a8:85:
08:fb:c9:ae:d7:a2:e2:b1:27:ab:c3:e9:6f:cb:ef:04:5e:04:
70:b6:bd:a7:ae:05:dc:4c:dc:e2:42:a8:d3:75:f0:9c:7f:14:
07:31:26:75:99:d6:73:0a:b6:c3:ee:40:67:7c:45:51:a1:bd:
59:f3:9b:ea
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYSQnHBmaZ85hen1Bx8cSXRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDhjZjE0NmI0YzczZDI3NDA5NmQ3MDU3MDhkMjRiNzI5
MzI5ZjgwHhcNMjMwMjAyMTMxMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTRhMzEwZGJmNzAwYjhlNTA5NzYyYTZkNDAxZTcwMWY4MWVhYzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2OJoudJtXXhJXbdHFQ1S8rTfD8/
QDHuDfH9TfUiYW1TiGZDj4otiF5Obu37cjHsABD3LuZo2XrlQswXnLId2VCSCfRd
TI0sqstbkIocmzOaWtsf2Z9rNdQ5tbl5KPKzufHfOrcIcU9aXTOXoPAUVQvU4HDJ
Vna/Oih0iBVHL5Onq/8wc82Y/kW+k9hThohFm47HmHXkazwfKfynyBjJGv8e/cTB
Sh0lkQ+37amj6MHAalquCzt0+Pnc4ZIrFXhDVlvCOxHSYt4RgEJnZ1eJPVufbJ+4
tI+ooimm0NjrbkPvCdrnSXiyhLkcsnYeTafira/NUHoZbslI8rxEi1vpAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGpKMQ2/cAuOUJdiptQB5wH4HqwZMB8GA1UdIwQY
MBaAFEtIzxRrTHPSdAltcFcI0ktykyn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMt
NjRhNmEwNWI5OTA1LzEvYWtveERiOXdDNDVRbDJLbTFBSG5BZmdlckJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMtNjRhNmEwNWI5OTA1
LzEvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCVQwAMA8E
AgACMAkDBwAqAQeIAhMwDQYJKoZIhvcNAQELBQADggEBAG2fKWOjgZB35KQwkkkM
TV6uDBAac141k0HcbyVGdkVF1sUWQwtoAi7fkNS8+FDIYU35NCoN1HkrSVfZgI7P
dAE9g1LzfcHhKVIh6+APTerzNyDATV1/SOSqWbLtZah64vaIN1qCY9VrPBg34XNO
yjVjYPswA774ljMTg+fWmY4w7Q1PDG1c9K3VOiI2iIVI1VjAPE6miygL8OI47WG5
mWMnB0ziikU6hT3wMoK707hklupNaZb9Fpjr6wMXNOlffxvN54qohQj7ya7XouKx
J6vD6W/L7wReBHC2vaeuBdxM3OJCqNN18Jx/FAcxJnWZ1nMKtsPuQGd8RVGhvVnz
m+o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:48 2024 by rpki-client on console-fra.rpki-client.org