Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/_ePGN4BT4zXq4rRfBeLnube74Eg.roa
File: _ePGN4BT4zXq4rRfBeLnube74Eg.roa (raw, json)
Hash identifier: 3k1Jj+3g9LDdOTuw+IFLid1jJXQoYaG609Ttsv+mhT8=
Subject key identifier: FD:E3:C6:37:80:53:E3:35:EA:E2:B4:5F:05:E2:E7:B9:B7:BB:E0:48
Certificate issuer: /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial: 018570E75706291B470467B79F1F81BBAB7B
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/_ePGN4BT4zXq4rRfBeLnube74Eg.roa
Signing time: Mon 02 Jan 2023 05:14:47 +0000
ROA not before: Mon 02 Jan 2023 05:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204390
IP address blocks: 88.119.212.0/22 maxlen: 22
85.206.56.0/22 maxlen: 22
85.206.17.0/24 maxlen: 24
85.206.124.0/24 maxlen: 24
85.206.125.0/24 maxlen: 24
85.206.120.0/22 maxlen: 22
212.59.26.0/24 maxlen: 24
85.206.126.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:57:06:29:1b:47:04:67:b7:9f:1f:81:bb:ab:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
Validity
Not Before: Jan 2 05:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fde3c6378053e335eae2b45f05e2e7b9b7bbe048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:8a:de:14:b7:22:56:e8:42:82:62:c1:62:f3:
24:6b:44:5d:f9:d4:58:a1:ea:2d:a5:da:ae:95:1b:
9e:fd:0b:8c:7c:2b:57:b5:de:c9:05:c4:6c:4a:0a:
04:d8:2e:bf:53:c4:e7:f7:fb:8f:0a:f7:7d:71:ae:
8b:6c:ed:b3:16:8f:13:65:c3:d8:e1:98:18:29:b2:
5d:9b:e4:e2:cb:a2:0a:c8:cc:76:cc:5f:f7:c7:09:
a0:b5:6c:71:51:bf:07:d6:1f:fe:c0:e9:b7:4d:33:
72:0b:7c:ae:da:75:8c:4f:8d:8a:73:0b:fb:87:0d:
55:83:e0:aa:29:72:62:e0:83:41:c5:11:6f:bd:28:
46:c6:e7:35:00:1e:a9:ec:b3:a7:2e:7a:33:42:9d:
73:f8:f6:85:9e:94:58:21:0e:17:cb:0e:e5:8e:43:
e8:6b:cd:62:78:1d:5c:71:a0:c2:96:22:22:6d:48:
5c:85:a6:12:7a:0e:75:3b:fb:c3:4c:9e:a6:31:0d:
b6:fd:29:cf:52:d3:7c:a9:d2:56:b0:d2:3b:64:21:
85:46:a8:d6:a1:94:22:5c:97:cf:94:e0:5d:79:ba:
e7:90:6d:b9:d2:22:0a:c1:2e:64:58:e5:65:5f:bb:
07:08:3b:fb:88:cc:6c:86:20:6a:48:c2:b6:7b:15:
68:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:E3:C6:37:80:53:E3:35:EA:E2:B4:5F:05:E2:E7:B9:B7:BB:E0:48
X509v3 Authority Key Identifier:
keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/_ePGN4BT4zXq4rRfBeLnube74Eg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.206.17.0/24
85.206.56.0/22
85.206.120.0-85.206.126.255
88.119.212.0/22
212.59.26.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:3f:4e:a5:db:d6:6c:76:84:da:48:72:4d:36:44:50:09:ca:
03:2f:f6:b8:46:7d:10:64:95:61:95:a2:59:18:ea:49:97:a0:
70:16:10:a7:36:c7:85:63:20:1f:11:86:ad:f1:c2:84:c6:4d:
f2:1e:07:af:2d:32:d7:dd:0f:bb:4c:97:a8:27:ae:02:3d:8a:
68:4e:cc:dd:a5:f4:3e:05:6b:a6:22:1e:af:47:1c:ad:7b:81:
29:9f:c8:4a:1b:a8:e7:6c:cb:58:5d:de:ac:fd:c9:92:16:51:
0c:4d:1c:94:96:ba:30:c1:31:6d:45:8f:5f:13:22:7c:bb:bf:
90:8b:33:eb:56:e1:ee:ce:d1:11:4c:fb:5e:69:fb:a7:7c:85:
91:f3:c0:ac:a6:db:4a:fd:ef:36:33:3c:d4:6a:bb:da:8d:14:
69:8f:9b:41:5d:93:f0:5d:b9:bb:f2:57:e1:7a:97:da:8c:ec:
9e:1d:6c:a1:dd:7e:20:90:b9:90:ef:16:f8:ea:e9:c6:4b:a5:
90:d3:4f:5e:f2:7c:84:09:a5:15:c7:4d:30:47:2a:b9:01:42:
41:1b:72:29:3a:89:1f:9e:ab:1e:21:ee:8c:81:e6:ff:9a:7e:
f5:6c:f5:57:2c:85:63:04:55:cf:50:6d:cb:25:39:4b:aa:d5:
91:66:2b:43
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVw51cGKRtHBGe3nx+Bu6t7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiOTg3MjQ0NjExYjUyMzA1MzY3NDRiNmE4OWYwNDRmMzJm
NDYyZWEwHhcNMjMwMTAyMDUxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGUzYzYzNzgwNTNlMzM1ZWFlMmI0NWYwNWUyZTdiOWI3YmJlMDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoreFLciVuhCgmLBYvMka0Rd+dRY
oeotpdqulRue/QuMfCtXtd7JBcRsSgoE2C6/U8Tn9/uPCvd9ca6LbO2zFo8TZcPY
4ZgYKbJdm+Tiy6IKyMx2zF/3xwmgtWxxUb8H1h/+wOm3TTNyC3yu2nWMT42Kcwv7
hw1Vg+CqKXJi4INBxRFvvShGxuc1AB6p7LOnLnozQp1z+PaFnpRYIQ4Xyw7ljkPo
a81ieB1ccaDCliIibUhchaYSeg51O/vDTJ6mMQ22/SnPUtN8qdJWsNI7ZCGFRqjW
oZQiXJfPlOBdebrnkG250iIKwS5kWOVlX7sHCDv7iMxshiBqSMK2exVoMQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFP3jxjeAU+M16uK0XwXi57m3u+BIMB8GA1UdIwQY
MBaAFPuYckRhG1IwU2dEtqifBE8y9GLqMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS01aHlSR0ViVWpCVFowUzJxSjhFVHpMMFl1by5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAw
LWJlNTgzMmQ1ZjdhYS8xL19lUEdONEJUNHpYcTRyUmZCZUxudWJlNzRFZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAwLWJlNTgzMmQ1Zjdh
YS8xLzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPwYIKwYBBQUHAQcBAf8EMDAuMCwEAgABMCYDBABVzhED
BAJVzjgwDAMEA1XOeAMEAFXOfgMEAlh31AMEANQ7GjANBgkqhkiG9w0BAQsFAAOC
AQEAHD9OpdvWbHaE2khyTTZEUAnKAy/2uEZ9EGSVYZWiWRjqSZegcBYQpzbHhWMg
HxGGrfHChMZN8h4Hry0y190Pu0yXqCeuAj2KaE7M3aX0PgVrpiIer0ccrXuBKZ/I
Shuo52zLWF3erP3JkhZRDE0clJa6MMExbUWPXxMifLu/kIsz61bh7s7REUz7Xmn7
p3yFkfPArKbbSv3vNjM81Gq72o0UaY+bQV2T8F25u/JX4XqX2ozsnh1sod1+IJC5
kO8W+OrpxkulkNNPXvJ8hAmlFcdNMEcquQFCQRtyKTqJH56rHiHujIHm/5p+9Wz1
VyyFYwRVz1BtyyU5S6rVkWYrQw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:29 2024 by rpki-client on console-fra.rpki-client.org