Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/h-y3IDkbXeNlpOjCF_g_aD5ngz0.roa
File: h-y3IDkbXeNlpOjCF_g_aD5ngz0.roa (raw, json)
Hash identifier: gwfjQPQZ18F2km76eujJKNXuxlhNT7g34iwiAxcHvDA=
Subject key identifier: 87:EC:B7:20:39:1B:5D:E3:65:A4:E8:C2:17:F8:3F:68:3E:67:83:3D
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0185CF2E52BD3ECFB4F91430E8220E9CBB35
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/h-y3IDkbXeNlpOjCF_g_aD5ngz0.roa
Signing time: Fri 20 Jan 2023 12:36:37 +0000
ROA not before: Fri 20 Jan 2023 12:36:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 85.204.78.0/24 maxlen: 24
93.113.202.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cf:2e:52:bd:3e:cf:b4:f9:14:30:e8:22:0e:9c:bb:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 20 12:36:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87ecb720391b5de365a4e8c217f83f683e67833d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:21:9c:e7:72:0a:da:3d:3f:b9:89:8d:d1:7c:
bf:72:2d:dc:11:77:d7:4c:02:31:f4:fd:55:ac:0e:
02:9f:90:ef:04:18:1a:3f:a7:24:4f:fc:2b:58:2a:
99:62:63:46:76:51:b8:26:4c:08:df:ec:62:7d:0d:
13:9f:57:07:ad:e0:aa:f5:0a:67:ba:ed:27:7c:43:
3b:05:b5:da:0c:96:af:1e:0c:52:e2:a5:ef:6d:dc:
e1:11:9b:d3:bc:e7:68:e3:39:de:07:2a:e2:d6:48:
11:52:ee:77:54:e7:8e:87:6c:c1:d9:cb:05:e7:fb:
c0:e2:76:32:bf:21:66:fd:30:1b:14:26:bd:3b:4a:
08:e3:a4:7d:29:aa:e3:aa:6f:1e:ec:d1:85:43:a7:
58:59:b7:29:47:4a:dd:6f:0e:23:06:b2:f5:9b:a4:
f6:56:ad:64:c3:0c:4d:ef:e1:d2:0a:07:4d:87:0f:
46:0a:ac:9b:64:33:11:57:14:07:5f:ba:aa:9b:82:
f4:da:13:e6:8d:3d:2f:6c:2c:03:de:21:8c:2d:7e:
ec:77:b2:4f:76:a6:d8:a1:39:32:a0:9e:04:34:0d:
ce:14:35:09:44:da:b2:1c:dd:92:64:1a:a6:db:cb:
4e:2a:1d:b6:a3:6b:42:87:93:31:e1:c6:d9:3e:fc:
35:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:EC:B7:20:39:1B:5D:E3:65:A4:E8:C2:17:F8:3F:68:3E:67:83:3D
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/h-y3IDkbXeNlpOjCF_g_aD5ngz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.78.0/24
93.113.202.0/24
Signature Algorithm: sha256WithRSAEncryption
66:bf:5c:45:b9:4e:a9:3e:0f:1d:b5:6e:4d:05:a0:ff:cf:f1:
1d:63:70:72:1b:f9:16:ad:a8:9e:4c:20:3e:96:bd:04:46:ae:
bb:a4:16:a0:a0:02:d7:b5:ab:b1:85:86:05:7f:cd:60:aa:04:
ed:cb:89:87:64:29:21:35:dc:4c:a4:27:97:a8:4c:bb:f5:3e:
db:af:66:4e:0b:5e:60:a3:fd:69:f9:6b:8a:5d:0a:3f:a1:5c:
a4:3e:cd:12:4b:fd:49:17:3e:2f:2a:a5:ba:b2:f1:b6:d1:5b:
32:14:b0:2f:46:c3:57:ad:c4:3f:a1:e1:99:90:cd:9a:5b:e5:
1b:ea:c7:4b:5e:cb:0d:7e:b3:27:db:42:02:07:ee:ae:2d:16:
1c:92:d8:ea:2c:15:1a:30:8e:42:b4:50:be:ad:ae:6c:b6:42:
0a:e7:46:fd:eb:c2:aa:4b:f9:8c:60:b7:bd:7c:9b:ae:64:49:
91:08:61:33:df:d9:a0:27:c7:eb:42:f0:02:09:e4:87:8e:2b:
cd:7b:40:2a:b0:30:86:80:10:a6:40:e9:f5:47:40:0e:03:8c:
9b:56:6f:38:a7:e9:9f:4a:37:02:ed:07:92:08:bb:45:85:d6:
38:27:de:4f:36:c6:ac:89:8c:0d:57:85:ad:12:2e:66:93:cc:
3d:17:4c:4d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXPLlK9Ps+0+RQw6CIOnLs1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwMTIwMTIzNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2VjYjcyMDM5MWI1ZGUzNjVhNGU4YzIxN2Y4M2Y2ODNlNjc4MzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyGc53IK2j0/uYmN0Xy/ci3cEXfX
TAIx9P1VrA4Cn5DvBBgaP6ckT/wrWCqZYmNGdlG4JkwI3+xifQ0Tn1cHreCq9Qpn
uu0nfEM7BbXaDJavHgxS4qXvbdzhEZvTvOdo4zneByri1kgRUu53VOeOh2zB2csF
5/vA4nYyvyFm/TAbFCa9O0oI46R9Karjqm8e7NGFQ6dYWbcpR0rdbw4jBrL1m6T2
Vq1kwwxN7+HSCgdNhw9GCqybZDMRVxQHX7qqm4L02hPmjT0vbCwD3iGMLX7sd7JP
dqbYoTkyoJ4ENA3OFDUJRNqyHN2SZBqm28tOKh22o2tCh5Mx4cbZPvw1TQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIfstyA5G13jZaTowhf4P2g+Z4M9MB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvaC15M0lEa2JYZU5scE9qQ0ZfZ19hRDVuZ3owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVcxOAwQA
XXHKMA0GCSqGSIb3DQEBCwUAA4IBAQBmv1xFuU6pPg8dtW5NBaD/z/EdY3ByG/kW
raieTCA+lr0ERq67pBagoALXtauxhYYFf81gqgTty4mHZCkhNdxMpCeXqEy79T7b
r2ZOC15go/1p+WuKXQo/oVykPs0SS/1JFz4vKqW6svG20VsyFLAvRsNXrcQ/oeGZ
kM2aW+Ub6sdLXssNfrMn20ICB+6uLRYcktjqLBUaMI5CtFC+ra5stkIK50b968Kq
S/mMYLe9fJuuZEmRCGEz39mgJ8frQvACCeSHjivNe0AqsDCGgBCmQOn1R0AOA4yb
Vm84p+mfSjcC7QeSCLtFhdY4J95PNsasiYwNV4WtEi5mk8w9F0xN
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:29 2024 by rpki-client on console-fra.rpki-client.org