Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/Qo0iZbvcnMO0kHrSpF6-AVmDnPY.roa
File: Qo0iZbvcnMO0kHrSpF6-AVmDnPY.roa (raw, json)
Hash identifier: OaeNke2ZFzVr6zvP9idCMJ31sqWnEquFm+jV8NndNhE=
Subject key identifier: 42:8D:22:65:BB:DC:9C:C3:B4:90:7A:D2:A4:5E:BE:01:59:83:9C:F6
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 01869DBFFA3BEBBC27B766FCC5CADE17F846
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/Qo0iZbvcnMO0kHrSpF6-AVmDnPY.roa
Signing time: Wed 01 Mar 2023 15:17:29 +0000
ROA not before: Wed 01 Mar 2023 15:17:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 85.8.160.0/23 maxlen: 23
85.8.162.0/23 maxlen: 23
92.249.62.0/23 maxlen: 23
92.249.60.0/23 maxlen: 23
84.54.0.0/23 maxlen: 23
84.54.2.0/23 maxlen: 23
85.8.144.0/23 maxlen: 23
85.8.146.0/23 maxlen: 23
176.53.168.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 17 Apr 2023 22:44:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9d:bf:fa:3b:eb:bc:27:b7:66:fc:c5:ca:de:17:f8:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Mar 1 15:17:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=428d2265bbdc9cc3b4907ad2a45ebe0159839cf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:5b:7a:73:cd:72:0d:0f:be:18:ae:3d:d0:cd:
7f:24:87:00:e8:68:19:b7:d7:39:19:58:41:18:0c:
82:f0:0b:c8:26:4d:ca:c9:92:51:bc:17:e5:b7:3c:
f6:aa:64:5a:22:81:c7:f7:84:47:9a:06:68:bc:c5:
5d:3a:b5:91:11:df:bc:fb:6f:d0:ba:6b:44:31:99:
0c:f6:59:16:af:28:c5:15:1b:1b:52:a6:c6:a3:b8:
d7:92:01:a8:3e:d1:90:b2:15:e3:0b:85:a7:1e:db:
0e:0b:33:fc:c4:0d:d4:fb:62:bf:44:ac:f5:87:43:
cd:f0:12:05:b4:d2:4d:e1:88:56:c4:14:43:7a:25:
b4:a0:9c:b2:7a:a5:ea:55:b1:4a:49:63:e4:39:52:
b0:14:a1:15:14:22:1a:5d:a2:94:dd:b1:6b:58:c3:
fb:6a:23:f3:b8:bd:5b:a6:d3:a5:90:51:84:f8:61:
70:e6:6f:c1:a0:d0:c2:be:c1:09:60:03:99:96:47:
0e:cf:ca:1a:fc:5d:99:04:f2:f1:56:f6:e8:44:f2:
3b:ff:a2:d0:0f:81:7c:68:c4:61:d6:ae:5f:db:ea:
bd:72:e5:07:b3:e1:81:dc:59:ba:7a:f5:36:ba:63:
d7:51:f1:ea:ea:4f:8a:a7:88:d1:45:3c:f7:60:74:
4c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:8D:22:65:BB:DC:9C:C3:B4:90:7A:D2:A4:5E:BE:01:59:83:9C:F6
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/Qo0iZbvcnMO0kHrSpF6-AVmDnPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.0.0/22
85.8.144.0/22
85.8.160.0/22
92.249.60.0/22
176.53.168.0/22
Signature Algorithm: sha256WithRSAEncryption
39:b8:cc:09:1d:9d:50:18:cc:a5:e8:9f:64:46:4e:9b:88:79:
fa:d1:df:fa:16:17:f4:93:62:04:47:22:30:06:74:d0:1d:c0:
85:4e:dd:5a:f5:a1:32:51:55:79:f7:52:ba:d5:2f:fc:9c:70:
bd:b2:ee:3c:3b:81:ff:b2:27:59:ba:f3:06:61:5a:f2:fd:24:
25:77:60:22:ee:d6:0f:9d:03:f4:1d:ad:c4:eb:e5:27:1c:e1:
a8:ce:3b:a0:64:02:0d:b2:c7:a4:08:a1:81:a3:39:7b:1a:c6:
c6:76:46:76:64:5f:8f:96:af:7c:85:68:47:db:63:6a:12:5f:
b2:7b:33:77:e0:38:aa:7c:11:b4:14:a0:b4:ff:b4:a1:0c:f2:
e0:9b:09:9b:d6:d6:c8:fc:22:5c:c9:68:b8:7e:30:3d:a8:5b:
d3:26:e1:5d:79:12:43:d1:ac:ef:81:a3:bd:2e:9b:4b:30:33:
4e:35:9e:97:e6:ae:d3:2a:9d:20:6e:c2:04:75:0b:c5:e4:6d:
8b:96:ba:64:1a:a6:30:d4:d0:5a:32:03:ea:72:e3:47:95:70:
16:b6:e7:ee:6a:bf:11:08:77:82:c0:71:03:8f:c0:11:b6:f1:
c6:59:77:40:78:75:7f:6a:69:52:67:09:bd:bb:0d:8a:72:80:
78:e7:88:a4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYadv/o767wnt2b8xcreF/hGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwMzAxMTUxNzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjhkMjI2NWJiZGM5Y2MzYjQ5MDdhZDJhNDVlYmUwMTU5ODM5Y2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVt6c81yDQ++GK490M1/JIcA6GgZ
t9c5GVhBGAyC8AvIJk3KyZJRvBfltzz2qmRaIoHH94RHmgZovMVdOrWREd+8+2/Q
umtEMZkM9lkWryjFFRsbUqbGo7jXkgGoPtGQshXjC4WnHtsOCzP8xA3U+2K/RKz1
h0PN8BIFtNJN4YhWxBRDeiW0oJyyeqXqVbFKSWPkOVKwFKEVFCIaXaKU3bFrWMP7
aiPzuL1bptOlkFGE+GFw5m/BoNDCvsEJYAOZlkcOz8oa/F2ZBPLxVvboRPI7/6LQ
D4F8aMRh1q5f2+q9cuUHs+GB3Fm6evU2umPXUfHq6k+Kp4jRRTz3YHRMnwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEKNImW73JzDtJB60qRevgFZg5z2MB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvUW8waVpidmNuTU8wa0hyU3BGNi1BVm1EblBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCVDYAAwQC
VQiQAwQCVQigAwQCXPk8AwQCsDWoMA0GCSqGSIb3DQEBCwUAA4IBAQA5uMwJHZ1Q
GMyl6J9kRk6biHn60d/6Fhf0k2IERyIwBnTQHcCFTt1a9aEyUVV591K61S/8nHC9
su48O4H/sidZuvMGYVry/SQld2Ai7tYPnQP0Ha3E6+UnHOGozjugZAINssekCKGB
ozl7GsbGdkZ2ZF+Plq98hWhH22NqEl+yezN34DiqfBG0FKC0/7ShDPLgmwmb1tbI
/CJcyWi4fjA9qFvTJuFdeRJD0azvgaO9LptLMDNONZ6X5q7TKp0gbsIEdQvF5G2L
lrpkGqYw1NBaMgPqcuNHlXAWtufuar8RCHeCwHEDj8ARtvHGWXdAeHV/amlSZwm9
uw2KcoB454ik
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:49 2024 by rpki-client on console-ams.rpki-client.org