Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/zWBfQIJvI1owtxbRRE1HlQZoFfE.roa
File: zWBfQIJvI1owtxbRRE1HlQZoFfE.roa (raw, json)
Hash identifier: E4jNBG+gyoNeK1ceoi/9pxGNc5/4AoSg558ITUUelu4=
Subject key identifier: CD:60:5F:40:82:6F:23:5A:30:B7:16:D1:44:4D:47:95:06:68:15:F1
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018C40D64CD2D044E06D50650434C91BB907
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/zWBfQIJvI1owtxbRRE1HlQZoFfE.roa
Signing time: Wed 06 Dec 2023 20:33:55 +0000
ROA not before: Wed 06 Dec 2023 20:33:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39001
IP address blocks: 85.140.32.0/21 maxlen: 21
85.140.64.0/21 maxlen: 21
85.140.80.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:40:d6:4c:d2:d0:44:e0:6d:50:65:04:34:c9:1b:b9:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Dec 6 20:33:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd605f40826f235a30b716d1444d4795066815f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:13:20:a1:38:15:63:78:18:95:c9:7c:1c:2c:
7e:4a:27:d3:d3:17:c6:e6:d3:66:7c:4f:06:4a:f9:
0b:12:f6:f8:c9:50:d1:00:8a:6f:bf:4a:01:0e:86:
79:66:30:41:f6:f7:16:d1:fc:a1:d7:c8:7b:e7:fd:
c3:0a:58:3e:4b:69:6a:62:03:6c:96:2c:c4:84:28:
02:b4:73:b0:73:c7:df:44:93:57:8b:d2:d2:a5:0f:
94:df:5c:2d:75:fe:f0:31:c4:c6:40:2f:01:ce:d8:
35:a0:66:95:ea:1c:3b:ed:fe:d6:f8:e3:a9:e5:bc:
cb:e1:d6:28:48:2b:cf:df:b9:e7:5c:b4:dd:03:05:
ec:cd:62:65:8a:3e:ae:5e:12:73:3d:4d:44:92:74:
93:06:56:d4:d2:27:0f:c4:c2:bf:c6:17:0f:d2:fc:
54:b4:2f:7d:13:6a:cd:0f:b0:a3:5f:16:f1:15:6a:
ff:d2:e0:fb:aa:78:d4:cc:d4:10:7d:da:c8:6d:34:
d2:a9:8a:62:0b:8c:ce:b7:be:92:5a:a6:a8:65:b6:
b8:c5:43:23:03:1a:30:59:ee:7d:9e:7a:88:7d:bd:
7c:ad:8c:00:a5:cf:aa:7b:36:52:50:3e:0a:6b:2b:
04:43:05:a6:eb:a4:de:01:8d:f1:71:b5:9c:0e:1a:
0f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:60:5F:40:82:6F:23:5A:30:B7:16:D1:44:4D:47:95:06:68:15:F1
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/zWBfQIJvI1owtxbRRE1HlQZoFfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.140.32.0/21
85.140.64.0/21
85.140.80.0/21
Signature Algorithm: sha256WithRSAEncryption
40:15:ee:09:3a:49:61:68:3d:6a:25:72:85:fb:5b:8b:09:1b:
21:96:dd:03:27:fa:08:d3:b6:15:4d:74:18:0d:8a:94:27:5d:
ea:cd:3f:95:b3:95:c0:0a:e8:ee:8f:2c:96:de:91:14:ac:cc:
a2:ea:49:ae:2f:01:f3:ea:9c:da:ef:fb:2d:67:88:4b:eb:b3:
4e:0d:75:02:35:77:8f:ad:53:ff:81:ad:24:41:bb:34:cf:c6:
98:04:fd:1e:dc:14:db:5e:a0:89:db:17:2e:03:f3:6e:a2:a4:
92:94:71:22:ae:ab:61:0e:47:6d:49:ac:45:df:86:e8:19:45:
b0:11:85:8a:88:a5:e7:f8:a6:35:86:a2:f4:53:47:1e:c1:02:
b1:b5:2c:86:2b:6c:5c:94:b0:7e:f7:ce:e4:8e:e5:f9:58:28:
3f:18:18:9d:6a:91:21:51:10:48:07:c6:7f:67:6e:e4:b8:83:
10:f2:62:c5:d9:8f:d9:32:7a:6a:f9:a5:50:61:0c:bd:bf:33:
c4:e6:0e:d4:70:11:86:b3:af:31:96:07:e4:47:21:a1:03:f3:
f3:9b:3b:2d:af:63:1a:52:02:e5:43:c3:e1:79:ce:b0:cf:2f:
96:3f:d1:0b:74:8d:f1:03:3e:37:ed:72:40:2f:d9:0d:10:6d:
e5:62:4a:2a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxA1kzS0ETgbVBlBDTJG7kHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjMxMjA2MjAzMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDYwNWY0MDgyNmYyMzVhMzBiNzE2ZDE0NDRkNDc5NTA2NjgxNWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihMgoTgVY3gYlcl8HCx+SifT0xfG
5tNmfE8GSvkLEvb4yVDRAIpvv0oBDoZ5ZjBB9vcW0fyh18h75/3DClg+S2lqYgNs
lizEhCgCtHOwc8ffRJNXi9LSpQ+U31wtdf7wMcTGQC8Bztg1oGaV6hw77f7W+OOp
5bzL4dYoSCvP37nnXLTdAwXszWJlij6uXhJzPU1EknSTBlbU0icPxMK/xhcP0vxU
tC99E2rND7CjXxbxFWr/0uD7qnjUzNQQfdrIbTTSqYpiC4zOt76SWqaoZba4xUMj
AxowWe59nnqIfb18rYwApc+qezZSUD4KaysEQwWm66TeAY3xcbWcDhoPRwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM1gX0CCbyNaMLcW0URNR5UGaBXxMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEveldCZlFJSnZJMW93dHhiUlJFMUhsUVpvRmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDVYwgAwQD
VYxAAwQDVYxQMA0GCSqGSIb3DQEBCwUAA4IBAQBAFe4JOklhaD1qJXKF+1uLCRsh
lt0DJ/oI07YVTXQYDYqUJ13qzT+Vs5XACujujyyW3pEUrMyi6kmuLwHz6pza7/st
Z4hL67NODXUCNXePrVP/ga0kQbs0z8aYBP0e3BTbXqCJ2xcuA/NuoqSSlHEirqth
DkdtSaxF34boGUWwEYWKiKXn+KY1hqL0U0cewQKxtSyGK2xclLB+987kjuX5WCg/
GBidapEhURBIB8Z/Z27kuIMQ8mLF2Y/ZMnpq+aVQYQy9vzPE5g7UcBGGs68xlgfk
RyGhA/Pzmzstr2MaUgLlQ8Phec6wzy+WP9ELdI3xAz437XJAL9kNEG3lYkoq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:45 2024 by rpki-client on console-fra.rpki-client.org