Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/a3a530-25aa-4023-9a80-4e347d551c3f/1/ahVMBadbriKUpMfD4HM5WeiPorY.roa
File: ahVMBadbriKUpMfD4HM5WeiPorY.roa (raw, json)
Hash identifier: 4nKGKr8Ai/Nsrc27Q2Z2A/Tr++6+li/hoZLmzQ6ShB4=
Subject key identifier: 6A:15:4C:05:A7:5B:AE:22:94:A4:C7:C3:E0:73:39:59:E8:8F:A2:B6
Certificate issuer: /CN=2254bcc03293e3ad0e19a7a3fd1b1cfbd34c0990
Certificate serial: 01856DAF5E0F015C0D7B4458AE354DD40B8D
Authority key identifier: 22:54:BC:C0:32:93:E3:AD:0E:19:A7:A3:FD:1B:1C:FB:D3:4C:09:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IlS8wDKT460OGaej_Rsc-9NMCZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/a3a530-25aa-4023-9a80-4e347d551c3f/1/ahVMBadbriKUpMfD4HM5WeiPorY.roa
Signing time: Sun 01 Jan 2023 14:14:47 +0000
ROA not before: Sun 01 Jan 2023 14:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209886
IP address blocks: 85.235.90.0/23 maxlen: 23
85.235.88.0/23 maxlen: 23
85.235.88.0/22 maxlen: 22
2a10:1ac0::/30 maxlen: 30
2a10:1ac4::/30 maxlen: 30
2a10:1ac0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:5e:0f:01:5c:0d:7b:44:58:ae:35:4d:d4:0b:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2254bcc03293e3ad0e19a7a3fd1b1cfbd34c0990
Validity
Not Before: Jan 1 14:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a154c05a75bae2294a4c7c3e0733959e88fa2b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5f:a7:6a:9a:93:40:e6:1e:9c:fa:8b:54:53:
cf:e7:14:5d:14:0e:7d:dd:11:d8:81:a5:38:14:59:
9a:7c:44:52:f7:d7:58:54:ef:03:3c:59:69:af:13:
d3:05:ac:f4:32:99:2d:d7:c7:19:9d:61:76:95:7d:
59:a6:d7:1c:f2:91:34:38:08:0c:d4:e1:ed:77:1a:
2b:f4:97:88:7e:15:bf:c8:dc:e4:32:be:7d:20:44:
26:52:75:65:6b:d8:bd:62:a9:6c:01:5f:9e:5f:88:
b4:a2:54:4a:52:22:a7:b1:88:7c:2f:38:c4:72:03:
ae:d5:5c:72:bc:f2:1b:d7:bb:76:91:90:45:fb:6a:
2d:2e:b7:f1:df:72:56:32:1e:b8:a1:0e:0e:d1:cd:
71:17:e1:0c:a9:04:f8:39:78:d3:5f:76:9b:e4:bc:
15:17:be:71:87:29:7e:f6:15:ef:b7:00:43:9d:2f:
e5:bc:0b:b8:04:bf:fc:95:a8:21:a7:af:65:eb:33:
70:27:78:4a:5f:1e:b5:e2:6d:6a:89:44:26:11:5a:
8b:38:ce:6b:0e:60:2c:67:eb:b6:eb:fd:6c:20:42:
98:3e:1d:6d:ed:ed:c2:1b:70:e2:41:6d:30:c8:3e:
8b:eb:7c:a4:9f:f9:f2:c7:3a:cd:bd:a4:c7:4b:d4:
ff:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:15:4C:05:A7:5B:AE:22:94:A4:C7:C3:E0:73:39:59:E8:8F:A2:B6
X509v3 Authority Key Identifier:
keyid:22:54:BC:C0:32:93:E3:AD:0E:19:A7:A3:FD:1B:1C:FB:D3:4C:09:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IlS8wDKT460OGaej_Rsc-9NMCZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a3a530-25aa-4023-9a80-4e347d551c3f/1/ahVMBadbriKUpMfD4HM5WeiPorY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a3a530-25aa-4023-9a80-4e347d551c3f/1/IlS8wDKT460OGaej_Rsc-9NMCZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.235.88.0/22
IPv6:
2a10:1ac0::/29
Signature Algorithm: sha256WithRSAEncryption
99:51:ed:ab:51:22:e1:7b:c4:ef:2e:79:91:b0:42:77:04:21:
b8:7e:e8:99:b5:54:9d:47:01:3d:9e:7b:d4:4e:4f:f9:18:0b:
bb:02:d6:90:21:aa:ec:c5:0b:30:85:be:3b:79:17:eb:5a:90:
49:83:07:fd:f2:53:e9:52:3b:f7:ac:6a:f0:c9:3a:46:cd:dd:
7c:e4:98:21:7f:e2:0c:d6:ba:bb:cc:44:57:d3:65:11:67:0b:
c1:64:a1:0a:d8:b9:26:ef:10:c1:cd:54:c1:83:fc:f6:d7:ea:
d5:48:ef:1d:0c:6a:68:6d:d0:f3:db:79:32:aa:b9:cf:05:a8:
b2:ad:3f:1d:e2:9d:25:6a:8d:62:9b:e8:b8:5f:a5:54:25:7b:
e7:2f:7e:d4:7c:43:90:9f:30:20:e6:d9:d5:4f:d9:20:5b:6a:
57:f0:8c:8e:57:b1:15:64:ed:43:3d:1c:c2:64:7d:2c:e0:63:
79:59:54:49:51:48:6d:f4:b6:6e:50:14:8c:32:b3:2b:59:84:
4d:44:93:47:5f:48:43:e1:5b:2a:73:a1:90:c4:59:00:db:11:
d1:44:55:62:2a:3f:44:6d:97:ee:b6:31:a8:32:6d:6c:32:de:
8e:71:12:e0:89:ab:5f:e5:d5:cb:27:0e:c3:1d:3b:f0:d4:c0:
2e:b7:48:ae
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtr14PAVwNe0RYrjVN1AuNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyNTRiY2MwMzI5M2UzYWQwZTE5YTdhM2ZkMWIxY2ZiZDM0
YzA5OTAwHhcNMjMwMTAxMTQxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTE1NGMwNWE3NWJhZTIyOTRhNGM3YzNlMDczMzk1OWU4OGZhMmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArF+napqTQOYenPqLVFPP5xRdFA59
3RHYgaU4FFmafERS99dYVO8DPFlprxPTBaz0Mpkt18cZnWF2lX1Zptcc8pE0OAgM
1OHtdxor9JeIfhW/yNzkMr59IEQmUnVla9i9YqlsAV+eX4i0olRKUiKnsYh8LzjE
cgOu1VxyvPIb17t2kZBF+2otLrfx33JWMh64oQ4O0c1xF+EMqQT4OXjTX3ab5LwV
F75xhyl+9hXvtwBDnS/lvAu4BL/8laghp69l6zNwJ3hKXx614m1qiUQmEVqLOM5r
DmAsZ+u26/1sIEKYPh1t7e3CG3DiQW0wyD6L63ykn/nyxzrNvaTHS9T/owIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGoVTAWnW64ilKTHw+BzOVnoj6K2MB8GA1UdIwQY
MBaAFCJUvMAyk+OtDhmno/0bHPvTTAmQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWxTOHdES1Q0NjBPR2Flal9Sc2MtOU5NQ1pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9hM2E1MzAtMjVhYS00MDIzLTlhODAt
NGUzNDdkNTUxYzNmLzEvYWhWTUJhZGJyaUtVcE1mRDRITTVXZWlQb3JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9hM2E1MzAtMjVhYS00MDIzLTlhODAtNGUzNDdkNTUxYzNm
LzEvSWxTOHdES1Q0NjBPR2Flal9Sc2MtOU5NQ1pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVetYMA0E
AgACMAcDBQMqEBrAMA0GCSqGSIb3DQEBCwUAA4IBAQCZUe2rUSLhe8TvLnmRsEJ3
BCG4fuiZtVSdRwE9nnvUTk/5GAu7AtaQIarsxQswhb47eRfrWpBJgwf98lPpUjv3
rGrwyTpGzd185Jghf+IM1rq7zERX02URZwvBZKEK2Lkm7xDBzVTBg/z21+rVSO8d
DGpobdDz23kyqrnPBaiyrT8d4p0lao1im+i4X6VUJXvnL37UfEOQnzAg5tnVT9kg
W2pX8IyOV7EVZO1DPRzCZH0s4GN5WVRJUUht9LZuUBSMMrMrWYRNRJNHX0hD4Vsq
c6GQxFkA2xHRRFViKj9EbZfutjGoMm1sMt6OcRLgiatf5dXLJw7DHTvw1MAut0iu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:13 2024 by rpki-client on console-ams.rpki-client.org