Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/057780-52e8-4777-8a25-021c2e0735b1/1/wHDplUpQrp01AGh55YWIDwxLbj0.roa
File: wHDplUpQrp01AGh55YWIDwxLbj0.roa (raw, json)
Hash identifier: 0g633vh2muaPD/C0SPMy5f1Q5ZlNfjcKGof69LocC+U=
Subject key identifier: C0:70:E9:95:4A:50:AE:9D:35:00:68:79:E5:85:88:0F:0C:4B:6E:3D
Certificate issuer: /CN=1f688f9857d9e440c1058dc8959e49f8b3183f61
Certificate serial: 01856C53D45888C69A2E53B6E86A0AE62420
Authority key identifier: 1F:68:8F:98:57:D9:E4:40:C1:05:8D:C8:95:9E:49:F8:B3:18:3F:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2iPmFfZ5EDBBY3IlZ5J-LMYP2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/057780-52e8-4777-8a25-021c2e0735b1/1/wHDplUpQrp01AGh55YWIDwxLbj0.roa
Signing time: Sun 01 Jan 2023 07:55:11 +0000
ROA not before: Sun 01 Jan 2023 07:55:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205581
IP address blocks: 85.209.240.0/24 maxlen: 24
85.209.243.0/24 maxlen: 24
85.209.242.0/24 maxlen: 24
85.209.241.0/24 maxlen: 24
2a0e:b784::/32 maxlen: 32
2a0e:b782::/32 maxlen: 32
2a0e:b780::/32 maxlen: 32
2a0e:b786::/32 maxlen: 32
2a0e:b785::/32 maxlen: 32
2a0e:b783::/32 maxlen: 32
2a0e:b787::/32 maxlen: 32
2a0e:b781::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:d4:58:88:c6:9a:2e:53:b6:e8:6a:0a:e6:24:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f688f9857d9e440c1058dc8959e49f8b3183f61
Validity
Not Before: Jan 1 07:55:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c070e9954a50ae9d35006879e585880f0c4b6e3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f3:fd:ec:11:21:e1:4c:df:c2:53:51:c3:23:
11:67:90:6e:8d:0b:fb:a4:42:d5:f4:3f:0c:34:74:
96:cf:c5:53:59:9a:08:a4:bf:fe:2b:9a:75:91:b8:
ce:a7:99:a7:d5:a8:35:c3:ec:52:23:01:c6:d1:2b:
6a:4d:5e:d8:3d:b1:ca:1e:b7:3f:b2:6c:37:57:31:
94:53:a4:cd:fe:3f:c3:55:7f:b2:02:a6:10:79:ed:
77:6f:ab:fe:2e:14:64:05:6a:26:b2:6e:c6:7d:46:
2f:86:ee:ab:94:d2:15:80:e6:fe:1a:6b:08:91:9e:
db:49:61:7a:a2:50:16:07:b4:65:a8:80:91:95:5e:
c0:49:4e:8f:59:aa:4c:cb:10:19:91:e7:69:72:ff:
f6:b0:aa:b1:6e:5e:ed:98:60:35:1b:b2:d4:a2:8a:
99:4f:4a:5f:0c:2e:b3:a2:9b:c2:7f:f0:a1:59:1d:
5f:99:1c:07:be:f6:a0:ad:17:64:ec:30:02:39:59:
bc:30:0a:ea:55:40:e5:1a:d3:65:df:33:38:95:e3:
85:34:19:d0:bd:9d:d5:dc:62:d5:96:c7:67:21:a9:
d7:d6:2c:e5:29:19:56:24:89:ef:4e:a9:d3:01:1c:
75:7d:11:6c:0b:10:51:da:36:77:6b:d1:40:7f:a4:
2f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:70:E9:95:4A:50:AE:9D:35:00:68:79:E5:85:88:0F:0C:4B:6E:3D
X509v3 Authority Key Identifier:
keyid:1F:68:8F:98:57:D9:E4:40:C1:05:8D:C8:95:9E:49:F8:B3:18:3F:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2iPmFfZ5EDBBY3IlZ5J-LMYP2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/057780-52e8-4777-8a25-021c2e0735b1/1/wHDplUpQrp01AGh55YWIDwxLbj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/057780-52e8-4777-8a25-021c2e0735b1/1/H2iPmFfZ5EDBBY3IlZ5J-LMYP2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.240.0/22
IPv6:
2a0e:b780::/29
Signature Algorithm: sha256WithRSAEncryption
6e:70:55:46:2c:a6:d5:82:ca:c0:b8:41:8f:e3:c5:4c:70:ce:
91:82:cd:fd:b4:f8:57:92:12:43:8c:38:79:a6:cf:7d:67:f8:
b2:f3:3e:59:67:9f:af:fc:54:70:49:4d:1e:2f:c1:cf:c0:7a:
c9:6b:98:59:0e:33:fe:0d:8c:15:e5:9a:68:1b:22:d3:b8:02:
7d:b7:8d:f0:07:9c:90:02:30:24:b5:eb:e5:49:c9:1a:b3:43:
68:e1:84:43:03:bf:a9:05:8c:fc:fe:32:37:69:44:da:d9:a8:
7b:f1:2f:42:64:3e:42:89:24:bb:f4:bb:3d:4e:c1:99:a8:c2:
2c:06:6a:c6:88:61:8a:82:9f:77:00:18:8d:42:3e:cf:d6:c0:
a1:6e:ed:df:24:ba:9e:cb:00:da:9e:0f:5a:66:23:c3:eb:aa:
86:fe:80:73:68:24:0e:a9:f5:05:86:35:a0:de:60:d1:8d:a7:
8e:05:7b:f6:a5:44:9f:65:8c:13:fb:d4:75:ae:9f:d5:19:66:
73:bc:d3:86:84:f3:f9:ef:fe:eb:ea:aa:0a:41:8c:28:f3:c7:
f7:03:b1:ad:90:a9:02:a4:f3:0a:01:7e:85:50:2e:db:ff:2e:
d2:75:ff:75:11:78:8c:d2:e9:c4:98:2e:80:c6:af:c1:ae:ef:
28:42:7c:78
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsU9RYiMaaLlO26GoK5iQgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjg4Zjk4NTdkOWU0NDBjMTA1OGRjODk1OWU0OWY4YjMx
ODNmNjEwHhcNMjMwMTAxMDc1NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDcwZTk5NTRhNTBhZTlkMzUwMDY4NzllNTg1ODgwZjBjNGI2ZTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfP97BEh4UzfwlNRwyMRZ5BujQv7
pELV9D8MNHSWz8VTWZoIpL/+K5p1kbjOp5mn1ag1w+xSIwHG0StqTV7YPbHKHrc/
smw3VzGUU6TN/j/DVX+yAqYQee13b6v+LhRkBWomsm7GfUYvhu6rlNIVgOb+GmsI
kZ7bSWF6olAWB7RlqICRlV7ASU6PWapMyxAZkedpcv/2sKqxbl7tmGA1G7LUooqZ
T0pfDC6zopvCf/ChWR1fmRwHvvagrRdk7DACOVm8MArqVUDlGtNl3zM4leOFNBnQ
vZ3V3GLVlsdnIanX1izlKRlWJInvTqnTARx1fRFsCxBR2jZ3a9FAf6QvbQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMBw6ZVKUK6dNQBoeeWFiA8MS249MB8GA1UdIwQY
MBaAFB9oj5hX2eRAwQWNyJWeSfizGD9hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJpUG1GZlo1RURCQlkzSWxaNUotTE1ZUDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8wNTc3ODAtNTJlOC00Nzc3LThhMjUt
MDIxYzJlMDczNWIxLzEvd0hEcGxVcFFycDAxQUdoNTVZV0lEd3hMYmowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8wNTc3ODAtNTJlOC00Nzc3LThhMjUtMDIxYzJlMDczNWIx
LzEvSDJpUG1GZlo1RURCQlkzSWxaNUotTE1ZUDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdHwMA0E
AgACMAcDBQMqDreAMA0GCSqGSIb3DQEBCwUAA4IBAQBucFVGLKbVgsrAuEGP48VM
cM6Rgs39tPhXkhJDjDh5ps99Z/iy8z5ZZ5+v/FRwSU0eL8HPwHrJa5hZDjP+DYwV
5ZpoGyLTuAJ9t43wB5yQAjAktevlSckas0No4YRDA7+pBYz8/jI3aUTa2ah78S9C
ZD5CiSS79Ls9TsGZqMIsBmrGiGGKgp93ABiNQj7P1sChbu3fJLqeywDang9aZiPD
66qG/oBzaCQOqfUFhjWg3mDRjaeOBXv2pUSfZYwT+9R1rp/VGWZzvNOGhPP57/7r
6qoKQYwo88f3A7GtkKkCpPMKAX6FUC7b/y7Sdf91EXiM0unEmC6Axq/Bru8oQnx4
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:25 2024 by rpki-client on console-ams.rpki-client.org