Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/2eIKpI6Ci0duoOh3FBPJqBGzZqs.roa
File: 2eIKpI6Ci0duoOh3FBPJqBGzZqs.roa (raw, json)
Hash identifier: 16Zls72wCoTpyQEib+2fKF5zBdYqedSEpqS986/XhaM=
Subject key identifier: D9:E2:0A:A4:8E:82:8B:47:6E:A0:E8:77:14:13:C9:A8:11:B3:66:AB
Certificate issuer: /CN=ce9135dfed0bb6335d19ddd6d7e99f48afbe3c01
Certificate serial: 018570C2C0E3551DDE67F57EE0039CC119E5
Authority key identifier: CE:91:35:DF:ED:0B:B6:33:5D:19:DD:D6:D7:E9:9F:48:AF:BE:3C:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zpE13-0LtjNdGd3W1-mfSK--PAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/2eIKpI6Ci0duoOh3FBPJqBGzZqs.roa
Signing time: Mon 02 Jan 2023 04:34:49 +0000
ROA not before: Mon 02 Jan 2023 04:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21233
IP address blocks: 85.113.85.0/24 maxlen: 24
85.113.80.0/24 maxlen: 24
85.113.81.0/24 maxlen: 24
85.113.82.0/24 maxlen: 24
85.113.83.0/24 maxlen: 24
85.113.89.0/24 maxlen: 24
2001:be7::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:c0:e3:55:1d:de:67:f5:7e:e0:03:9c:c1:19:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce9135dfed0bb6335d19ddd6d7e99f48afbe3c01
Validity
Not Before: Jan 2 04:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9e20aa48e828b476ea0e8771413c9a811b366ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:77:ff:bd:fd:23:41:0e:18:7e:8e:8d:0a:87:
02:df:ee:25:6e:00:bd:bf:82:a5:c4:e2:5b:9a:93:
cb:27:b9:71:3a:99:bd:5b:1e:99:f2:83:64:b0:19:
39:1b:c1:f2:04:9a:94:45:81:84:5f:a2:eb:ce:a5:
c0:9b:19:15:65:fd:02:be:e9:41:b5:bb:0f:ea:46:
ee:73:46:27:6c:a2:90:93:c9:06:49:a9:bf:ce:45:
66:52:d2:b6:46:46:60:b3:36:44:79:a8:1d:3b:ae:
a8:12:74:f0:7b:74:92:3d:1c:3e:6c:55:d3:3f:f2:
59:c9:1a:c0:26:6f:dc:d7:a1:1b:81:ca:21:3b:cb:
38:00:13:83:1c:8e:18:cc:9f:d4:30:70:11:08:7b:
d8:ae:d5:a9:3e:3d:07:6e:59:9f:e3:2c:6f:74:b2:
d3:2d:10:2f:63:e2:2a:92:62:c1:a9:0f:4d:57:85:
2a:81:8c:cc:b2:e1:02:b4:18:e7:4e:0a:54:f6:db:
84:7a:21:2b:ad:97:15:16:63:c6:49:f4:f4:ca:75:
d0:8b:81:6e:98:37:11:1c:b7:db:2f:da:db:b6:9b:
3b:31:00:38:09:44:95:0b:8c:ee:64:67:83:a3:77:
a2:47:19:e1:f3:f3:1a:8a:f0:30:7a:d8:1f:72:ba:
76:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E2:0A:A4:8E:82:8B:47:6E:A0:E8:77:14:13:C9:A8:11:B3:66:AB
X509v3 Authority Key Identifier:
keyid:CE:91:35:DF:ED:0B:B6:33:5D:19:DD:D6:D7:E9:9F:48:AF:BE:3C:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zpE13-0LtjNdGd3W1-mfSK--PAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/2eIKpI6Ci0duoOh3FBPJqBGzZqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/zpE13-0LtjNdGd3W1-mfSK--PAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.113.80.0/22
85.113.85.0/24
85.113.89.0/24
IPv6:
2001:be7::/32
Signature Algorithm: sha256WithRSAEncryption
a6:a1:51:a0:61:7c:92:cc:7e:da:10:6c:0e:d3:8e:99:86:d4:
79:6a:3e:86:a9:c3:c7:9a:2b:44:a4:57:de:38:da:ea:29:49:
a5:4b:e8:bf:10:6f:7d:a6:09:61:50:fa:9f:23:e3:84:a6:40:
c9:d9:06:a6:f6:12:bc:98:52:b4:fe:f7:00:81:1a:3c:1b:f7:
c7:98:bb:6e:51:2e:8a:a0:54:d4:ec:54:d0:e9:c6:9a:05:59:
ea:d1:ec:8c:b8:1f:20:0a:0d:df:cf:a8:9c:67:9f:07:c3:ba:
f2:2c:e8:97:24:b7:89:1d:6d:33:dc:2a:22:80:60:b0:1f:82:
48:f7:bc:47:e4:1b:b3:c2:03:b5:8d:3e:cb:2a:05:b5:cb:c3:
3d:f8:36:68:3b:98:37:29:c5:96:5d:de:91:fd:9a:fb:b9:80:
5e:27:f1:9d:0d:42:ed:0d:a2:33:e5:3e:0f:67:f9:be:ad:57:
d2:5e:ca:c4:6b:0f:e3:f7:f8:e0:ca:a5:25:8f:71:0c:ca:0e:
78:2b:4c:a0:fc:b2:04:47:2e:03:67:cf:98:de:0d:b7:7a:ee:
0e:7d:57:4b:98:1b:9a:4c:62:9b:92:88:44:1f:e3:39:23:43:
5d:91:06:74:ca:6e:1e:d8:0b:bd:79:be:12:e0:6d:dc:26:8c:
61:26:b3:cd
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVwwsDjVR3eZ/V+4AOcwRnlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOTEzNWRmZWQwYmI2MzM1ZDE5ZGRkNmQ3ZTk5ZjQ4YWZi
ZTNjMDEwHhcNMjMwMTAyMDQzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWUyMGFhNDhlODI4YjQ3NmVhMGU4NzcxNDEzYzlhODExYjM2NmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXf/vf0jQQ4Yfo6NCocC3+4lbgC9
v4KlxOJbmpPLJ7lxOpm9Wx6Z8oNksBk5G8HyBJqURYGEX6LrzqXAmxkVZf0CvulB
tbsP6kbuc0YnbKKQk8kGSam/zkVmUtK2RkZgszZEeagdO66oEnTwe3SSPRw+bFXT
P/JZyRrAJm/c16EbgcohO8s4ABODHI4YzJ/UMHARCHvYrtWpPj0Hblmf4yxvdLLT
LRAvY+IqkmLBqQ9NV4UqgYzMsuECtBjnTgpU9tuEeiErrZcVFmPGSfT0ynXQi4Fu
mDcRHLfbL9rbtps7MQA4CUSVC4zuZGeDo3eiRxnh8/MaivAwetgfcrp2KwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNniCqSOgotHbqDodxQTyagRs2arMB8GA1UdIwQY
MBaAFM6RNd/tC7YzXRnd1tfpn0ivvjwBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenBFMTMtMEx0ak5kR2QzVzEtbWZTSy0tUEFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zYzljM2MtZDYwOC00ZWEyLTlhMjgt
YzExZWM2ZWE4NmI4LzEvMmVJS3BJNkNpMGR1b09oM0ZCUEpxQkd6WnFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zYzljM2MtZDYwOC00ZWEyLTlhMjgtYzExZWM2ZWE4NmI4
LzEvenBFMTMtMEx0ak5kR2QzVzEtbWZTSy0tUEFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCVXFQAwQA
VXFVAwQAVXFZMA0EAgACMAcDBQAgAQvnMA0GCSqGSIb3DQEBCwUAA4IBAQCmoVGg
YXySzH7aEGwO046ZhtR5aj6GqcPHmitEpFfeONrqKUmlS+i/EG99pglhUPqfI+OE
pkDJ2Qam9hK8mFK0/vcAgRo8G/fHmLtuUS6KoFTU7FTQ6caaBVnq0eyMuB8gCg3f
z6icZ58Hw7ryLOiXJLeJHW0z3CoigGCwH4JI97xH5BuzwgO1jT7LKgW1y8M9+DZo
O5g3KcWWXd6R/Zr7uYBeJ/GdDULtDaIz5T4PZ/m+rVfSXsrEaw/j9/jgyqUlj3EM
yg54K0yg/LIERy4DZ8+Y3g23eu4OfVdLmBuaTGKbkohEH+M5I0NdkQZ0ym4e2Au9
eb4S4G3cJoxhJrPN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:05 2024 by rpki-client on console-fra.rpki-client.org