Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/iapIhNsrJ0rnFbp1XMQ6FLg0OCs.roa
File: iapIhNsrJ0rnFbp1XMQ6FLg0OCs.roa (raw, json)
Hash identifier: zg/9VvLKxE0djDOdHVXkOhibAW0GPIsB/FiEenSn15E=
Subject key identifier: 89:AA:48:84:DB:2B:27:4A:E7:15:BA:75:5C:C4:3A:14:B8:34:38:2B
Certificate issuer: /CN=399dc13619aaba7f222ceacb05f1bbac59bd3a9a
Certificate serial: 01856E2F7E3EE9E784D8E55DE24313EC99E6
Authority key identifier: 39:9D:C1:36:19:AA:BA:7F:22:2C:EA:CB:05:F1:BB:AC:59:BD:3A:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/iapIhNsrJ0rnFbp1XMQ6FLg0OCs.roa
Signing time: Sun 01 Jan 2023 16:34:44 +0000
ROA not before: Sun 01 Jan 2023 16:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15404
IP address blocks: 85.208.193.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:7e:3e:e9:e7:84:d8:e5:5d:e2:43:13:ec:99:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=399dc13619aaba7f222ceacb05f1bbac59bd3a9a
Validity
Not Before: Jan 1 16:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89aa4884db2b274ae715ba755cc43a14b834382b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d4:0a:0d:b3:0d:95:0b:11:74:ab:3f:7a:e4:
d9:a0:2c:01:7b:d1:e8:df:22:cb:22:0a:18:ec:83:
8f:b3:40:dd:d5:d7:1f:31:46:2d:e9:69:16:cd:b0:
db:43:3f:2c:10:5b:b6:de:4e:1e:fa:c2:92:c4:59:
f4:46:3e:79:4e:99:d7:18:ae:25:88:8a:ff:b6:6b:
e1:f2:de:4c:60:7f:70:e2:63:c2:04:bf:23:5a:41:
b1:58:f1:54:d0:f0:70:ec:33:88:61:70:45:46:f7:
fe:7f:78:36:98:06:1a:9a:65:85:bd:0e:71:8d:6a:
e1:b1:cd:c0:32:1c:9e:74:26:6e:e4:fe:6e:07:a9:
d7:e4:dd:a0:c3:f4:a0:01:f3:ac:06:38:8c:e6:99:
64:fd:1c:4d:e5:42:35:24:59:83:40:67:c6:8e:4d:
8a:6c:41:8e:d9:f5:4c:b2:6e:4b:01:80:78:ec:9f:
f8:7d:b8:84:95:5f:e4:3b:14:ac:c5:ca:32:7b:de:
cf:ff:b7:e1:d5:be:87:b7:5f:a2:91:4f:c5:db:33:
66:52:53:c1:3e:43:81:61:58:1b:16:9b:f3:03:56:
a0:a1:4a:06:3d:ed:39:6f:04:69:4c:e6:1d:d6:77:
fd:47:0c:e9:b8:ae:81:40:e1:71:61:13:74:b3:c9:
49:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:AA:48:84:DB:2B:27:4A:E7:15:BA:75:5C:C4:3A:14:B8:34:38:2B
X509v3 Authority Key Identifier:
keyid:39:9D:C1:36:19:AA:BA:7F:22:2C:EA:CB:05:F1:BB:AC:59:BD:3A:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZ3BNhmqun8iLOrLBfG7rFm9Opo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/iapIhNsrJ0rnFbp1XMQ6FLg0OCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/efa225-16dc-4f43-aae9-0032fdc5450b/1/OZ3BNhmqun8iLOrLBfG7rFm9Opo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.193.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:01:88:e0:7b:c1:ab:14:49:44:32:5e:1e:0c:8d:c7:e8:1d:
46:36:3a:bc:4b:4a:66:fd:41:fd:0f:06:dc:7f:51:c9:18:d1:
47:cf:72:2f:f9:c7:1d:f4:f5:6e:13:f3:3a:18:3f:77:5d:7f:
f4:5b:76:8c:e9:48:e7:ee:04:aa:0c:3e:ca:a4:ee:bd:f3:33:
bc:76:fa:ab:54:2b:42:0f:c5:38:83:ea:15:b2:09:37:b6:68:
aa:9a:de:3d:14:4d:6d:d4:0a:71:f3:36:f6:60:14:82:f8:30:
a0:fc:bb:28:7d:29:eb:fb:1b:ee:ae:0e:7e:70:5b:a8:4c:62:
46:86:0d:81:32:0d:66:60:30:ca:f8:56:de:ea:e9:a2:e3:d4:
78:2c:59:59:1a:ed:b6:8d:fa:b3:b3:02:b6:6a:9e:67:0f:47:
a6:8f:63:b6:3a:3b:54:ed:54:d1:79:ff:78:c4:f7:64:37:46:
74:bb:45:3e:d2:03:a0:15:7b:0a:dd:d0:1b:00:4a:b2:71:6b:
bf:ec:ed:a8:b8:06:5e:1e:e6:8f:88:59:b2:f5:04:c9:45:ef:
33:40:ca:e4:1a:e8:ab:64:d3:87:bd:40:99:91:7e:bc:a1:65:
d3:56:14:9c:f7:46:39:32:82:e2:ee:83:07:20:8a:b0:5a:ec:
8f:6f:1f:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuL34+6eeE2OVd4kMT7JnmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5OWRjMTM2MTlhYWJhN2YyMjJjZWFjYjA1ZjFiYmFjNTli
ZDNhOWEwHhcNMjMwMTAxMTYzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWFhNDg4NGRiMmIyNzRhZTcxNWJhNzU1Y2M0M2ExNGI4MzQzODJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNQKDbMNlQsRdKs/euTZoCwBe9Ho
3yLLIgoY7IOPs0Dd1dcfMUYt6WkWzbDbQz8sEFu23k4e+sKSxFn0Rj55TpnXGK4l
iIr/tmvh8t5MYH9w4mPCBL8jWkGxWPFU0PBw7DOIYXBFRvf+f3g2mAYammWFvQ5x
jWrhsc3AMhyedCZu5P5uB6nX5N2gw/SgAfOsBjiM5plk/RxN5UI1JFmDQGfGjk2K
bEGO2fVMsm5LAYB47J/4fbiElV/kOxSsxcoye97P/7fh1b6Ht1+ikU/F2zNmUlPB
PkOBYVgbFpvzA1agoUoGPe05bwRpTOYd1nf9RwzpuK6BQOFxYRN0s8lJkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFImqSITbKydK5xW6dVzEOhS4NDgrMB8GA1UdIwQY
MBaAFDmdwTYZqrp/IizqywXxu6xZvTqaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9lZmEyMjUtMTZkYy00ZjQzLWFhZTkt
MDAzMmZkYzU0NTBiLzEvaWFwSWhOc3JKMHJuRmJwMVhNUTZGTGcwT0NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9lZmEyMjUtMTZkYy00ZjQzLWFhZTktMDAzMmZkYzU0NTBi
LzEvT1ozQk5obXF1bjhpTE9yTEJmRzdyRm05T3BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdDBMA0G
CSqGSIb3DQEBCwUAA4IBAQA6AYjge8GrFElEMl4eDI3H6B1GNjq8S0pm/UH9Dwbc
f1HJGNFHz3Iv+ccd9PVuE/M6GD93XX/0W3aM6Ujn7gSqDD7KpO698zO8dvqrVCtC
D8U4g+oVsgk3tmiqmt49FE1t1Apx8zb2YBSC+DCg/LsofSnr+xvurg5+cFuoTGJG
hg2BMg1mYDDK+Fbe6umi49R4LFlZGu22jfqzswK2ap5nD0emj2O2OjtU7VTRef94
xPdkN0Z0u0U+0gOgFXsK3dAbAEqycWu/7O2ouAZeHuaPiFmy9QTJRe8zQMrkGuir
ZNOHvUCZkX68oWXTVhSc90Y5MoLi7oMHIIqwWuyPbx90
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:11 2024 by rpki-client on console-ams.rpki-client.org