Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/185eb3-2ab2-45b5-aa33-015ea5019520/1/vGXDoxlDQEuUGA6XzWAaoxqMh1s.roa
File: vGXDoxlDQEuUGA6XzWAaoxqMh1s.roa (raw, json)
Hash identifier: zqYtvPNz3R3GJ3TtZlMJ1MzVEIsIBpTV0SNu32TM9OI=
Subject key identifier: BC:65:C3:A3:19:43:40:4B:94:18:0E:97:CD:60:1A:A3:1A:8C:87:5B
Certificate issuer: /CN=a8e4918fc7fdfb73bba8cf58d4cb5fe449cf83f6
Certificate serial: 018ECC849D310A290FD275666E6BF7E1219D
Authority key identifier: A8:E4:91:8F:C7:FD:FB:73:BB:A8:CF:58:D4:CB:5F:E4:49:CF:83:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qOSRj8f9-3O7qM9Y1Mtf5EnPg_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/185eb3-2ab2-45b5-aa33-015ea5019520/1/vGXDoxlDQEuUGA6XzWAaoxqMh1s.roa
Signing time: Thu 11 Apr 2024 09:37:06 +0000
ROA not before: Thu 11 Apr 2024 09:37:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29006
IP address blocks: 85.25.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Apr 2024 12:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cc:84:9d:31:0a:29:0f:d2:75:66:6e:6b:f7:e1:21:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8e4918fc7fdfb73bba8cf58d4cb5fe449cf83f6
Validity
Not Before: Apr 11 09:37:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc65c3a31943404b94180e97cd601aa31a8c875b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:05:94:d0:41:e4:49:fc:50:ac:76:b9:10:4e:
5d:fe:c5:92:b6:66:f8:e6:31:6a:b4:41:bb:2c:d6:
fb:80:a6:1e:43:85:f3:3d:52:db:de:74:10:01:1f:
4b:7e:53:72:67:98:b4:a5:c7:23:5e:5c:cd:ee:c7:
f4:87:48:fa:e6:b0:dd:80:fa:8a:b4:55:32:d5:c7:
35:a5:c2:58:82:8b:e4:e8:43:67:1f:f8:4e:24:82:
51:a6:32:17:74:b6:03:6c:dc:a1:06:65:6e:87:8b:
e1:fe:44:46:96:37:ed:70:82:11:56:7e:2f:3e:a8:
15:bb:f6:29:ff:31:06:55:b9:dd:94:ba:5b:5a:34:
98:73:33:b0:09:da:8f:49:c6:47:a0:71:9d:7f:ee:
86:31:77:a0:6b:45:c9:c7:e5:90:00:42:70:97:d6:
b1:d8:ab:e5:f4:5e:ea:eb:11:8a:dc:25:aa:71:c7:
2d:73:52:6b:7b:b2:25:4d:68:72:6f:e8:62:47:42:
d9:a9:6e:ae:ad:51:e5:36:8e:3e:a2:2a:49:3f:b4:
6e:02:9f:cc:bf:47:6e:d5:65:03:06:b9:0a:86:13:
9a:ed:6c:d5:83:71:6a:9a:3b:ca:e8:cc:39:59:30:
de:04:fb:07:66:e2:4f:87:c9:32:82:5a:3b:62:15:
e5:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:65:C3:A3:19:43:40:4B:94:18:0E:97:CD:60:1A:A3:1A:8C:87:5B
X509v3 Authority Key Identifier:
keyid:A8:E4:91:8F:C7:FD:FB:73:BB:A8:CF:58:D4:CB:5F:E4:49:CF:83:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qOSRj8f9-3O7qM9Y1Mtf5EnPg_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/185eb3-2ab2-45b5-aa33-015ea5019520/1/vGXDoxlDQEuUGA6XzWAaoxqMh1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/185eb3-2ab2-45b5-aa33-015ea5019520/1/qOSRj8f9-3O7qM9Y1Mtf5EnPg_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.25.68.0/24
Signature Algorithm: sha256WithRSAEncryption
15:66:48:b1:54:b2:4d:dd:a8:7b:e7:3d:ed:b9:d8:fe:2c:e2:
a5:e9:d3:a4:8e:a8:78:f3:be:1b:fd:3d:cc:7f:ca:a0:06:8a:
2e:80:83:cb:aa:7c:c8:b3:fc:61:3d:29:4b:8d:1d:b7:64:79:
8f:12:0e:c0:01:da:8a:a6:32:36:7f:f7:23:84:66:c7:0c:58:
12:e7:14:11:26:58:40:3c:01:94:eb:f1:99:4c:f6:6d:4f:05:
44:59:e6:a7:03:c5:ac:b2:04:bb:51:c3:8d:b1:e5:30:a9:e0:
a1:75:e6:37:df:0e:90:05:02:5b:b4:e6:5e:50:d8:09:64:fc:
60:fe:7d:d3:42:04:4c:f9:fe:ac:90:d6:63:21:4d:cd:eb:1b:
67:0f:53:d7:39:19:5c:0e:63:5f:a4:37:e8:75:33:68:11:03:
76:34:05:42:1b:0c:b7:80:a0:bb:f6:f4:c3:e7:69:be:16:e7:
27:85:90:6e:5b:31:5b:d9:49:39:6f:90:dd:72:d4:d6:11:ac:
9d:a7:62:a5:bd:68:93:01:05:bb:3a:c9:35:5b:7b:c0:7b:82:
8c:79:17:64:17:e8:56:16:21:0e:d3:16:25:65:14:d9:91:74:
f2:7a:07:f7:3d:d4:4a:67:69:44:8d:d7:27:a8:0f:ce:05:df:
7b:b3:20:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7MhJ0xCikP0nVmbmv34SGdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ZTQ5MThmYzdmZGZiNzNiYmE4Y2Y1OGQ0Y2I1ZmU0NDlj
ZjgzZjYwHhcNMjQwNDExMDkzNzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzY1YzNhMzE5NDM0MDRiOTQxODBlOTdjZDYwMWFhMzFhOGM4NzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgWU0EHkSfxQrHa5EE5d/sWStmb4
5jFqtEG7LNb7gKYeQ4XzPVLb3nQQAR9LflNyZ5i0pccjXlzN7sf0h0j65rDdgPqK
tFUy1cc1pcJYgovk6ENnH/hOJIJRpjIXdLYDbNyhBmVuh4vh/kRGljftcIIRVn4v
PqgVu/Yp/zEGVbndlLpbWjSYczOwCdqPScZHoHGdf+6GMXega0XJx+WQAEJwl9ax
2Kvl9F7q6xGK3CWqccctc1Jre7IlTWhyb+hiR0LZqW6urVHlNo4+oipJP7RuAp/M
v0du1WUDBrkKhhOa7WzVg3FqmjvK6Mw5WTDeBPsHZuJPh8kyglo7YhXlYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLxlw6MZQ0BLlBgOl81gGqMajIdbMB8GA1UdIwQY
MBaAFKjkkY/H/ftzu6jPWNTLX+RJz4P2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU9TUmo4ZjktM083cU05WTFNdGY1RW5QZ19ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8xODVlYjMtMmFiMi00NWI1LWFhMzMt
MDE1ZWE1MDE5NTIwLzEvdkdYRG94bERRRXVVR0E2WHpXQWFveHFNaDFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8xODVlYjMtMmFiMi00NWI1LWFhMzMtMDE1ZWE1MDE5NTIw
LzEvcU9TUmo4ZjktM083cU05WTFNdGY1RW5QZ19ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVRlEMA0G
CSqGSIb3DQEBCwUAA4IBAQAVZkixVLJN3ah75z3tudj+LOKl6dOkjqh4874b/T3M
f8qgBoougIPLqnzIs/xhPSlLjR23ZHmPEg7AAdqKpjI2f/cjhGbHDFgS5xQRJlhA
PAGU6/GZTPZtTwVEWeanA8WssgS7UcONseUwqeChdeY33w6QBQJbtOZeUNgJZPxg
/n3TQgRM+f6skNZjIU3N6xtnD1PXORlcDmNfpDfodTNoEQN2NAVCGwy3gKC79vTD
52m+FucnhZBuWzFb2Uk5b5DdctTWEaydp2KlvWiTAQW7Osk1W3vAe4KMeRdkF+hW
FiEO0xYlZRTZkXTyegf3PdRKZ2lEjdcnqA/OBd97syDl
-----END CERTIFICATE-----
Generated at Thu Apr 11 16:38:11 2024 by rpki-client on console-fra.rpki-client.org