Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/a01f82-9193-4199-95a8-83ae5d9c832f/1/iHMLJ_0G2ROupyqQHh7zmRk1n2k.roa
File: iHMLJ_0G2ROupyqQHh7zmRk1n2k.roa (raw, json)
Hash identifier: am69nwY2V0dpQ/ySbKHlAqsufxd4iHWtxvkUsuKnDSg=
Subject key identifier: 88:73:0B:27:FD:06:D9:13:AE:A7:2A:90:1E:1E:F3:99:19:35:9F:69
Certificate issuer: /CN=a59ac8323ebb6be20fae89d098ca24138f8c9005
Certificate serial: 01856D4A9FFCC3C9433E1782642CB72E1B3E
Authority key identifier: A5:9A:C8:32:3E:BB:6B:E2:0F:AE:89:D0:98:CA:24:13:8F:8C:90:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pZrIMj67a-IPronQmMokE4-MkAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/a01f82-9193-4199-95a8-83ae5d9c832f/1/iHMLJ_0G2ROupyqQHh7zmRk1n2k.roa
Signing time: Sun 01 Jan 2023 12:24:45 +0000
ROA not before: Sun 01 Jan 2023 12:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34663
IP address blocks: 85.159.96.0/21 maxlen: 21
185.94.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:9f:fc:c3:c9:43:3e:17:82:64:2c:b7:2e:1b:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a59ac8323ebb6be20fae89d098ca24138f8c9005
Validity
Not Before: Jan 1 12:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88730b27fd06d913aea72a901e1ef39919359f69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:88:74:74:25:19:0b:9c:dd:1c:a5:ce:db:a4:
94:16:a3:5f:53:cb:32:ac:23:b5:98:34:ec:b8:81:
d2:f0:46:38:9b:39:e9:71:70:de:9f:b4:b8:72:0c:
51:2b:e0:f1:b3:9f:f2:9c:ae:4e:55:44:79:74:00:
b9:b5:17:28:98:cb:7a:63:78:91:b3:81:8b:35:b8:
40:ca:59:d9:3b:7a:41:77:ca:3b:4d:ce:98:a8:78:
e1:c2:5e:08:e0:f6:22:61:5a:bf:5c:96:a5:44:90:
b4:88:eb:bd:80:c0:66:aa:35:31:c4:60:85:36:0e:
2d:20:63:0c:16:24:66:87:51:39:88:f5:b0:51:fd:
59:43:67:f6:60:69:2e:54:c3:b0:50:e6:e4:ab:a3:
26:1c:a2:57:e1:ac:16:d2:d8:aa:08:a4:2a:b3:a5:
f9:c0:d3:59:ee:c5:40:0d:c3:aa:6d:d0:19:5f:58:
dd:a3:91:dd:5c:76:41:33:cf:d6:69:e3:6a:16:f0:
ca:66:6c:36:fb:f0:b4:7c:9c:73:68:37:cf:26:58:
b7:1d:7d:de:31:73:84:d4:de:9f:86:4e:20:7f:ff:
3f:0e:57:bb:b1:6a:0d:e5:34:05:84:ba:e9:9c:60:
de:1f:dc:07:6f:ad:43:c8:08:d6:62:e4:01:47:68:
15:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:73:0B:27:FD:06:D9:13:AE:A7:2A:90:1E:1E:F3:99:19:35:9F:69
X509v3 Authority Key Identifier:
keyid:A5:9A:C8:32:3E:BB:6B:E2:0F:AE:89:D0:98:CA:24:13:8F:8C:90:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pZrIMj67a-IPronQmMokE4-MkAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a01f82-9193-4199-95a8-83ae5d9c832f/1/iHMLJ_0G2ROupyqQHh7zmRk1n2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a01f82-9193-4199-95a8-83ae5d9c832f/1/pZrIMj67a-IPronQmMokE4-MkAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.159.96.0/21
185.94.120.0/22
Signature Algorithm: sha256WithRSAEncryption
68:3c:35:79:f8:a5:df:2e:28:bd:6f:5b:ec:8f:ab:ba:6c:2c:
7f:06:dc:08:96:42:62:65:96:f9:eb:8f:dc:ea:a8:e2:4d:48:
68:4e:42:e5:d5:ba:d8:43:03:c4:ba:29:af:29:a5:6c:b8:53:
e0:31:5e:5b:01:39:9e:31:e2:20:2b:e5:55:c0:fe:e6:da:b4:
90:27:b4:7d:9d:01:1c:ce:88:3e:93:da:eb:a0:7a:c2:9b:19:
5b:62:ed:e0:b5:8d:9c:ce:27:66:5d:0b:95:34:a8:56:ba:20:
d5:bd:05:0e:3a:0c:1c:e1:e3:aa:0e:72:17:0c:44:a6:a2:4e:
c0:94:86:96:51:d1:5c:c4:fa:3e:94:4e:07:a6:fe:aa:a5:fb:
37:6d:4f:4f:a8:99:39:24:e3:49:57:bc:3e:00:c7:ed:f2:86:
b2:fa:1c:ed:4a:9f:60:3a:71:cd:06:f5:c2:eb:5d:00:a0:cb:
c1:43:64:a4:22:73:cf:7c:68:87:40:09:47:d6:26:1d:b8:4c:
a5:e1:aa:e3:70:f9:fb:1c:11:84:d7:a5:aa:a2:14:0b:fb:2b:
31:dd:84:5b:e4:77:c2:58:7d:6d:fb:d2:e9:01:44:cc:9e:77:
07:23:a7:11:b9:07:04:83:d6:ae:03:90:2a:19:a8:8c:66:b3:
c0:c9:49:5c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtSp/8w8lDPheCZCy3Lhs+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OWFjODMyM2ViYjZiZTIwZmFlODlkMDk4Y2EyNDEzOGY4
YzkwMDUwHhcNMjMwMTAxMTIyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODczMGIyN2ZkMDZkOTEzYWVhNzJhOTAxZTFlZjM5OTE5MzU5ZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyoh0dCUZC5zdHKXO26SUFqNfU8sy
rCO1mDTsuIHS8EY4mznpcXDen7S4cgxRK+Dxs5/ynK5OVUR5dAC5tRcomMt6Y3iR
s4GLNbhAylnZO3pBd8o7Tc6YqHjhwl4I4PYiYVq/XJalRJC0iOu9gMBmqjUxxGCF
Ng4tIGMMFiRmh1E5iPWwUf1ZQ2f2YGkuVMOwUObkq6MmHKJX4awW0tiqCKQqs6X5
wNNZ7sVADcOqbdAZX1jdo5HdXHZBM8/WaeNqFvDKZmw2+/C0fJxzaDfPJli3HX3e
MXOE1N6fhk4gf/8/Dle7sWoN5TQFhLrpnGDeH9wHb61DyAjWYuQBR2gVdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIhzCyf9BtkTrqcqkB4e85kZNZ9pMB8GA1UdIwQY
MBaAFKWayDI+u2viD66J0JjKJBOPjJAFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFpySU1qNjdhLUlQcm9uUW1Nb2tFNC1Na0FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9hMDFmODItOTE5My00MTk5LTk1YTgt
ODNhZTVkOWM4MzJmLzEvaUhNTEpfMEcyUk91cHlxUUhoN3ptUmsxbjJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9hMDFmODItOTE5My00MTk5LTk1YTgtODNhZTVkOWM4MzJm
LzEvcFpySU1qNjdhLUlQcm9uUW1Nb2tFNC1Na0FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDVZ9gAwQC
uV54MA0GCSqGSIb3DQEBCwUAA4IBAQBoPDV5+KXfLii9b1vsj6u6bCx/BtwIlkJi
ZZb564/c6qjiTUhoTkLl1brYQwPEuimvKaVsuFPgMV5bATmeMeIgK+VVwP7m2rSQ
J7R9nQEczog+k9rroHrCmxlbYu3gtY2czidmXQuVNKhWuiDVvQUOOgwc4eOqDnIX
DESmok7AlIaWUdFcxPo+lE4Hpv6qpfs3bU9PqJk5JONJV7w+AMft8oay+hztSp9g
OnHNBvXC610AoMvBQ2SkInPPfGiHQAlH1iYduEyl4arjcPn7HBGE16WqohQL+ysx
3YRb5HfCWH1t+9LpAUTMnncHI6cRuQcEg9auA5AqGaiMZrPAyUlc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:07 2024 by rpki-client on console-fra.rpki-client.org