Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/g67lLFVSg5DjhHF0d9bOGJ6PkG4.roa
File: g67lLFVSg5DjhHF0d9bOGJ6PkG4.roa (raw, json)
Hash identifier: YZhYxLphhZSretxsQ8mV7mplyWjCHTCJU9yp/HXuqUU=
Subject key identifier: 83:AE:E5:2C:55:52:83:90:E3:84:71:74:77:D6:CE:18:9E:8F:90:6E
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018C40D64C52525924909FB5DB338B88A100
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/g67lLFVSg5DjhHF0d9bOGJ6PkG4.roa
Signing time: Wed 06 Dec 2023 20:33:55 +0000
ROA not before: Wed 06 Dec 2023 20:33:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35728
IP address blocks: 85.140.44.0/24 maxlen: 24
85.140.44.0/22 maxlen: 22
85.140.45.0/24 maxlen: 24
85.140.47.0/24 maxlen: 24
85.140.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:40:d6:4c:52:52:59:24:90:9f:b5:db:33:8b:88:a1:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Dec 6 20:33:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83aee52c55528390e384717477d6ce189e8f906e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:77:0b:01:14:d2:d7:50:39:ec:f6:76:3c:9c:
a1:7e:02:f1:71:a5:2f:5a:71:65:ee:08:b5:59:26:
98:a7:16:ae:6a:cc:aa:58:13:77:2d:4c:15:df:be:
ca:e0:6a:bc:c5:2e:d0:bb:22:b2:cd:50:91:b8:29:
f6:1e:f3:23:e5:40:7b:5f:f0:e5:1e:5b:4e:f3:07:
28:ca:b5:0c:be:5e:9c:4f:01:45:74:18:94:d4:20:
95:ba:03:55:0d:d0:a1:03:ca:16:9f:f4:84:bb:26:
78:8b:07:20:f6:9e:73:9d:84:94:e2:8a:9a:e2:f6:
bb:1d:e9:2e:db:de:25:05:58:f4:d5:31:80:3d:f1:
70:e6:b5:56:14:6c:70:9f:1e:d3:59:29:81:e8:29:
3d:3a:8f:e0:c1:67:18:c6:58:50:18:0a:14:72:b3:
6e:8f:9d:20:ac:5c:35:32:cf:6b:16:0c:ec:49:6b:
a7:91:64:40:0d:20:20:d0:7e:76:62:e1:d1:b7:2b:
4a:0d:70:fd:31:11:3e:67:91:b0:85:1d:53:90:79:
34:db:30:c1:23:dc:10:e2:d2:da:77:7d:db:7f:13:
43:0b:36:a8:56:66:2c:a5:ad:21:ed:91:f5:68:18:
0d:63:2c:ca:5b:5b:b4:26:cf:08:14:35:91:e6:06:
6f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:AE:E5:2C:55:52:83:90:E3:84:71:74:77:D6:CE:18:9E:8F:90:6E
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/g67lLFVSg5DjhHF0d9bOGJ6PkG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.140.44.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:4c:67:b0:2f:6d:10:ae:1b:4a:d2:11:15:48:28:44:c2:38:
32:56:43:c1:88:d9:91:30:b2:f7:95:4d:79:ae:fb:fd:8f:de:
6c:eb:01:cd:b9:b3:0e:fb:c0:ac:04:af:fb:91:8c:61:3e:d6:
d0:77:e3:ef:0e:84:ed:b9:08:13:b4:57:f5:f0:69:d0:f9:94:
cd:ba:9d:93:d8:50:36:cc:6c:5e:69:18:ea:1e:7f:bb:a2:6f:
a1:96:98:ac:ac:c2:d8:05:ed:79:49:b7:a4:ec:57:7a:b5:9d:
16:c4:65:e1:82:d8:71:b4:2c:fb:d4:9a:2e:23:78:56:57:88:
36:56:10:fa:4d:f7:af:03:6b:3a:f9:5c:d0:53:32:83:ef:a6:
1d:95:70:93:47:5b:2c:00:61:8d:03:56:82:8f:6d:ce:87:d5:
e6:a4:84:04:e6:0d:65:e8:61:7b:99:4d:90:ab:6b:17:21:09:
2d:88:5e:0a:46:c3:32:14:68:2d:47:87:dc:c2:6d:9d:2d:83:
77:4e:a7:ec:fe:c9:8d:30:05:7e:7e:2d:98:72:78:2c:79:c6:
7d:bb:62:d3:e3:c9:3a:e9:48:69:eb:50:51:b9:e4:8c:5e:e5:
77:e1:df:0a:ea:2c:5e:fa:09:a8:f2:ad:67:9f:a8:a1:ed:ae:
b9:78:99:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxA1kxSUlkkkJ+12zOLiKEAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjMxMjA2MjAzMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2FlZTUyYzU1NTI4MzkwZTM4NDcxNzQ3N2Q2Y2UxODllOGY5MDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsncLARTS11A57PZ2PJyhfgLxcaUv
WnFl7gi1WSaYpxauasyqWBN3LUwV377K4Gq8xS7QuyKyzVCRuCn2HvMj5UB7X/Dl
HltO8wcoyrUMvl6cTwFFdBiU1CCVugNVDdChA8oWn/SEuyZ4iwcg9p5znYSU4oqa
4va7Heku294lBVj01TGAPfFw5rVWFGxwnx7TWSmB6Ck9Oo/gwWcYxlhQGAoUcrNu
j50grFw1Ms9rFgzsSWunkWRADSAg0H52YuHRtytKDXD9MRE+Z5GwhR1TkHk02zDB
I9wQ4tLad33bfxNDCzaoVmYspa0h7ZH1aBgNYyzKW1u0Js8IFDWR5gZvJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIOu5SxVUoOQ44RxdHfWzhiej5BuMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvZzY3bExGVlNnNURqaEhGMGQ5Yk9HSjZQa0c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVYwsMA0G
CSqGSIb3DQEBCwUAA4IBAQA9TGewL20QrhtK0hEVSChEwjgyVkPBiNmRMLL3lU15
rvv9j95s6wHNubMO+8CsBK/7kYxhPtbQd+PvDoTtuQgTtFf18GnQ+ZTNup2T2FA2
zGxeaRjqHn+7om+hlpisrMLYBe15Sbek7Fd6tZ0WxGXhgthxtCz71JouI3hWV4g2
VhD6TfevA2s6+VzQUzKD76YdlXCTR1ssAGGNA1aCj23Oh9XmpIQE5g1l6GF7mU2Q
q2sXIQktiF4KRsMyFGgtR4fcwm2dLYN3Tqfs/smNMAV+fi2YcngsecZ9u2LT48k6
6Uhp61BRueSMXuV34d8K6ixe+gmo8q1nn6ih7a65eJns
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:44 2024 by rpki-client on console-fra.rpki-client.org