Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/2d238e-b31c-4ea0-98cc-c4febc3d6e52/1/2LkYL1vHK4FxHJQC4OQVWt3Xc04.roa
File: 2LkYL1vHK4FxHJQC4OQVWt3Xc04.roa (raw, json)
Hash identifier: KqXzYw1rbD1PnZyzsj2js74xyFaAMIO4u492IG3Apy0=
Subject key identifier: D8:B9:18:2F:5B:C7:2B:81:71:1C:94:02:E0:E4:15:5A:DD:D7:73:4E
Certificate issuer: /CN=2b0e6a7bdb11c4ffd77718081510c91431178cdb
Certificate serial: 018CC725BC3A174E9225ABE239C5370B7FC4
Authority key identifier: 2B:0E:6A:7B:DB:11:C4:FF:D7:77:18:08:15:10:C9:14:31:17:8C:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kw5qe9sRxP_XdxgIFRDJFDEXjNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/2d238e-b31c-4ea0-98cc-c4febc3d6e52/1/2LkYL1vHK4FxHJQC4OQVWt3Xc04.roa
Signing time: Mon 01 Jan 2024 22:29:48 +0000
ROA not before: Mon 01 Jan 2024 22:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8943
IP address blocks: 85.119.80.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 31 Jan 2024 13:43:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:bc:3a:17:4e:92:25:ab:e2:39:c5:37:0b:7f:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b0e6a7bdb11c4ffd77718081510c91431178cdb
Validity
Not Before: Jan 1 22:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8b9182f5bc72b81711c9402e0e4155addd7734e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ba:46:da:e0:ad:8d:14:cb:9a:dd:c2:06:73:
80:a7:09:b2:94:cc:02:5c:bb:5b:cf:41:03:61:f4:
4c:25:a6:84:9c:24:2f:39:23:0a:8b:ed:87:8e:e0:
48:58:3a:4a:c1:0e:e5:bb:49:59:80:e1:de:22:ea:
de:68:9d:2f:6a:b5:ac:8f:ce:b1:73:e8:df:7b:be:
cc:10:2b:87:2e:74:4d:9d:b9:23:d8:26:d6:09:55:
cb:40:4a:04:19:8d:6a:bd:f6:cb:28:87:fa:a8:7f:
f4:05:a4:9b:ad:67:6d:11:2a:bf:2d:e4:38:8c:cc:
31:b6:d3:b3:93:e6:b6:09:97:42:86:5c:24:51:a5:
5c:a5:1c:76:26:c6:ed:c2:5b:59:31:82:a7:05:75:
48:ad:06:b5:de:75:7e:e1:1d:31:4c:f7:7c:19:23:
b2:d4:67:58:bd:04:f7:fa:03:6b:67:79:b3:65:cc:
72:35:f1:5e:49:24:25:d3:4c:37:98:b0:40:b5:74:
ba:34:e0:17:65:c2:a2:26:cf:80:45:96:9a:bd:62:
2c:ba:37:04:26:17:20:29:b3:f5:db:c8:ad:83:af:
b9:2f:36:f6:66:b4:b3:c5:8c:78:4e:7f:5f:c7:f8:
b6:24:1e:0a:02:7e:33:d6:65:38:13:28:7d:5b:70:
5c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B9:18:2F:5B:C7:2B:81:71:1C:94:02:E0:E4:15:5A:DD:D7:73:4E
X509v3 Authority Key Identifier:
keyid:2B:0E:6A:7B:DB:11:C4:FF:D7:77:18:08:15:10:C9:14:31:17:8C:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kw5qe9sRxP_XdxgIFRDJFDEXjNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/2d238e-b31c-4ea0-98cc-c4febc3d6e52/1/2LkYL1vHK4FxHJQC4OQVWt3Xc04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/2d238e-b31c-4ea0-98cc-c4febc3d6e52/1/Kw5qe9sRxP_XdxgIFRDJFDEXjNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.119.80.0/21
Signature Algorithm: sha256WithRSAEncryption
62:15:76:96:a5:36:00:0a:8f:44:c7:19:ce:1a:ea:0b:67:50:
0b:00:0c:92:b4:b5:78:b6:95:e2:76:de:2a:ba:45:9b:e7:92:
9e:39:85:12:21:e7:f2:37:0a:a9:bb:6a:51:07:40:d6:fb:2b:
0d:de:56:d2:1c:0d:35:fe:1c:73:51:1f:63:5a:5e:78:3c:51:
09:c8:77:4a:40:e8:0f:50:83:44:e0:fb:61:f3:33:82:53:98:
90:a2:50:3d:16:1b:66:36:45:84:bd:83:41:2d:42:8c:66:91:
e5:a9:e3:49:8c:ed:bb:7a:a2:ce:67:a3:c9:fb:d7:02:66:08:
0d:aa:33:b7:bc:a1:0a:d6:69:7c:7a:a7:86:b8:f6:aa:28:52:
37:99:09:63:4c:d1:ea:c3:1b:b9:d6:64:5c:0c:e7:01:04:f5:
6b:ae:a7:4f:90:74:81:54:3a:f3:bd:91:80:be:18:4a:f3:5e:
8b:7c:e5:5d:3a:b7:cb:0f:ea:2d:b7:a3:08:3f:b8:d8:eb:c6:
21:18:01:b9:2c:5f:ad:5f:a4:39:ea:cb:57:87:5d:36:16:f4:
ba:0d:69:5f:24:fc:55:5c:04:44:eb:56:e6:51:63:8b:83:26:
31:ff:d5:6b:ad:86:b0:d3:a0:e9:2a:ba:f1:6f:37:62:80:8b:
d6:8f:74:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJbw6F06SJaviOcU3C3/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMGU2YTdiZGIxMWM0ZmZkNzc3MTgwODE1MTBjOTE0MzEx
NzhjZGIwHhcNMjQwMTAxMjIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGI5MTgyZjViYzcyYjgxNzExYzk0MDJlMGU0MTU1YWRkZDc3MzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbpG2uCtjRTLmt3CBnOApwmylMwC
XLtbz0EDYfRMJaaEnCQvOSMKi+2HjuBIWDpKwQ7lu0lZgOHeIureaJ0varWsj86x
c+jfe77MECuHLnRNnbkj2CbWCVXLQEoEGY1qvfbLKIf6qH/0BaSbrWdtESq/LeQ4
jMwxttOzk+a2CZdChlwkUaVcpRx2JsbtwltZMYKnBXVIrQa13nV+4R0xTPd8GSOy
1GdYvQT3+gNrZ3mzZcxyNfFeSSQl00w3mLBAtXS6NOAXZcKiJs+ARZaavWIsujcE
JhcgKbP128itg6+5Lzb2ZrSzxYx4Tn9fx/i2JB4KAn4z1mU4Eyh9W3BcNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNi5GC9bxyuBcRyUAuDkFVrd13NOMB8GA1UdIwQY
MBaAFCsOanvbEcT/13cYCBUQyRQxF4zbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3c1cWU5c1J4UF9YZHhnSUZSREpGREVYak5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yZDIzOGUtYjMxYy00ZWEwLTk4Y2Mt
YzRmZWJjM2Q2ZTUyLzEvMkxrWUwxdkhLNEZ4SEpRQzRPUVZXdDNYYzA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yZDIzOGUtYjMxYy00ZWEwLTk4Y2MtYzRmZWJjM2Q2ZTUy
LzEvS3c1cWU5c1J4UF9YZHhnSUZSREpGREVYak5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVXdQMA0G
CSqGSIb3DQEBCwUAA4IBAQBiFXaWpTYACo9ExxnOGuoLZ1ALAAyStLV4tpXidt4q
ukWb55KeOYUSIefyNwqpu2pRB0DW+ysN3lbSHA01/hxzUR9jWl54PFEJyHdKQOgP
UINE4Pth8zOCU5iQolA9FhtmNkWEvYNBLUKMZpHlqeNJjO27eqLOZ6PJ+9cCZggN
qjO3vKEK1ml8eqeGuPaqKFI3mQljTNHqwxu51mRcDOcBBPVrrqdPkHSBVDrzvZGA
vhhK816LfOVdOrfLD+ott6MIP7jY68YhGAG5LF+tX6Q56stXh102FvS6DWlfJPxV
XARE61bmUWOLgyYx/9VrrYaw06DpKrrxbzdigIvWj3SR
-----END CERTIFICATE-----