Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/DKqgSnUx2d-y_xNr55iPg2fNGkk.roa
File: DKqgSnUx2d-y_xNr55iPg2fNGkk.roa (raw, json)
Hash identifier: 4MvJW+Bb54G3YseMfuYQOhuhPfbR7HNaUuzsNhP0Y9A=
Subject key identifier: 0C:AA:A0:4A:75:31:D9:DF:B2:FF:13:6B:E7:98:8F:83:67:CD:1A:49
Certificate issuer: /CN=fa3c481607619c835d09f2471d976d7cf74a0439
Certificate serial: 018AF48FB0359C2084A181299EA9B54D7769
Authority key identifier: FA:3C:48:16:07:61:9C:83:5D:09:F2:47:1D:97:6D:7C:F7:4A:04:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-jxIFgdhnINdCfJHHZdtfPdKBDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/DKqgSnUx2d-y_xNr55iPg2fNGkk.roa
Signing time: Tue 03 Oct 2023 08:02:51 +0000
ROA not before: Tue 03 Oct 2023 08:02:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34820
IP address blocks: 185.110.142.0/23 maxlen: 23
185.110.140.0/23 maxlen: 23
85.159.104.0/23 maxlen: 23
85.159.108.0/22 maxlen: 22
85.159.106.0/24 maxlen: 24
2a0c:2540::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f4:8f:b0:35:9c:20:84:a1:81:29:9e:a9:b5:4d:77:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa3c481607619c835d09f2471d976d7cf74a0439
Validity
Not Before: Oct 3 08:02:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0caaa04a7531d9dfb2ff136be7988f8367cd1a49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ed:4a:37:58:21:25:65:df:44:a5:ef:f7:96:
86:8a:3d:22:09:cc:7e:f4:7e:9d:a6:89:87:26:aa:
b1:0e:bf:17:a2:d2:67:92:5e:c7:e1:97:fa:93:5b:
ab:f1:3e:6e:54:8d:c2:5d:6c:e9:21:ab:a6:e4:e4:
42:0c:42:f7:7c:36:29:34:ae:54:6e:8e:06:14:43:
c8:09:74:14:fb:44:99:da:41:bd:dc:f5:84:d9:32:
b2:f7:65:86:98:fe:53:21:6e:d1:57:ea:bb:ab:6d:
b6:de:76:60:60:b0:e3:ea:88:83:b8:0e:3f:10:c8:
14:d7:36:4b:e3:e3:aa:56:85:c2:1d:2b:02:74:a2:
2d:81:6a:b1:e3:4d:71:91:fd:d4:4e:45:bf:d5:92:
d4:b4:58:36:e5:c8:b6:52:1a:b1:b7:f3:3b:72:33:
68:d5:4c:8f:8f:6a:5e:cb:01:d1:6e:96:3a:6f:31:
da:e9:28:5e:89:26:cc:08:92:46:c4:44:d4:ec:c8:
56:bd:e8:c6:cf:95:2d:3d:b3:54:66:46:03:5d:9a:
b7:56:1f:95:a9:6d:d7:86:51:12:5c:fc:e4:35:d8:
4c:88:70:9f:cc:80:a1:dd:aa:63:6a:4d:4a:75:8d:
5c:88:83:11:c6:5e:13:3f:af:8c:2d:cb:a5:01:92:
0f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:AA:A0:4A:75:31:D9:DF:B2:FF:13:6B:E7:98:8F:83:67:CD:1A:49
X509v3 Authority Key Identifier:
keyid:FA:3C:48:16:07:61:9C:83:5D:09:F2:47:1D:97:6D:7C:F7:4A:04:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-jxIFgdhnINdCfJHHZdtfPdKBDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/DKqgSnUx2d-y_xNr55iPg2fNGkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/1-jxIFgdhnINdCfJHHZdtfPdKBDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.159.104.0-85.159.106.255
85.159.108.0/22
185.110.140.0/22
IPv6:
2a0c:2540::/29
Signature Algorithm: sha256WithRSAEncryption
6b:b1:be:40:25:60:1c:09:08:a1:d2:88:87:dd:44:a3:1a:3b:
91:e5:a0:ee:c3:a5:23:5d:84:56:95:97:fa:ee:99:b3:21:59:
b1:c9:c8:0f:96:87:d7:6e:86:34:07:18:a0:a5:94:0c:8f:44:
dc:e0:db:ed:15:34:64:a5:8f:f0:fa:75:fd:c6:13:3d:be:92:
55:68:42:61:27:e5:6c:13:8e:c1:d7:21:d5:96:fb:c8:f4:93:
35:cb:94:73:bd:ec:39:38:53:55:b6:d0:ab:3b:e0:37:7b:9d:
0b:8c:76:c2:f6:d0:01:21:b6:72:9e:c7:9d:21:d6:60:42:7f:
78:bc:75:aa:6c:6f:de:58:41:4e:a5:f0:10:57:bc:76:24:86:
cb:fb:1f:62:65:26:a9:98:a2:99:71:49:86:82:f6:61:d1:03:
46:b0:bd:9e:d6:c1:36:6f:a8:71:f9:d4:f5:0b:6e:0c:7b:36:
85:b5:35:c9:f4:1a:b4:5d:ec:70:a1:30:80:2a:c0:1e:dd:91:
6c:28:55:fe:30:82:b6:60:61:77:45:32:a0:3e:a0:28:c9:50:
e1:9d:7c:1e:34:91:5f:ff:38:12:be:38:01:5a:2a:2e:2d:1c:
41:5c:d2:2c:a6:43:81:7c:d4:a2:14:05:72:7c:39:10:e5:86:
12:d3:65:39
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYr0j7A1nCCEoYEpnqm1TXdpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhM2M0ODE2MDc2MTljODM1ZDA5ZjI0NzFkOTc2ZDdjZjc0
YTA0MzkwHhcNMjMxMDAzMDgwMjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2FhYTA0YTc1MzFkOWRmYjJmZjEzNmJlNzk4OGY4MzY3Y2QxYTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnO1KN1ghJWXfRKXv95aGij0iCcx+
9H6dpomHJqqxDr8XotJnkl7H4Zf6k1ur8T5uVI3CXWzpIaum5ORCDEL3fDYpNK5U
bo4GFEPICXQU+0SZ2kG93PWE2TKy92WGmP5TIW7RV+q7q2223nZgYLDj6oiDuA4/
EMgU1zZL4+OqVoXCHSsCdKItgWqx401xkf3UTkW/1ZLUtFg25ci2Uhqxt/M7cjNo
1UyPj2peywHRbpY6bzHa6SheiSbMCJJGxETU7MhWvejGz5UtPbNUZkYDXZq3Vh+V
qW3XhlESXPzkNdhMiHCfzICh3apjak1KdY1ciIMRxl4TP6+MLculAZIPRQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFAyqoEp1Mdnfsv8Ta+eYj4NnzRpJMB8GA1UdIwQY
MBaAFPo8SBYHYZyDXQnyRx2XbXz3SgQ5MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1qeElGZ2RobklOZENmSkhIWmR0ZlBkS0JEay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTk4NDhiLWM0ZjgtNDZhYi04OTIz
LTEzMDQ0NTRiZjI5ZC8xL0RLcWdTblV4MmQteV94TnI1NWlQZzJmTkdray5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGYvOTk4NDhiLWM0ZjgtNDZhYi04OTIzLTEzMDQ0NTRiZjI5
ZC8xLzEtanhJRmdkaG5JTmRDZkpISFpkdGZQZEtCRGsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQgYIKwYBBQUHAQcBAf8EMzAxMCAEAgABMBowDAMEA1Wf
aAMEAFWfagMEAlWfbAMEArlujDANBAIAAjAHAwUDKgwlQDANBgkqhkiG9w0BAQsF
AAOCAQEAa7G+QCVgHAkIodKIh91Eoxo7keWg7sOlI12EVpWX+u6ZsyFZscnID5aH
126GNAcYoKWUDI9E3ODb7RU0ZKWP8Pp1/cYTPb6SVWhCYSflbBOOwdch1Zb7yPST
NcuUc73sOThTVbbQqzvgN3udC4x2wvbQASG2cp7HnSHWYEJ/eLx1qmxv3lhBTqXw
EFe8diSGy/sfYmUmqZiimXFJhoL2YdEDRrC9ntbBNm+ocfnU9QtuDHs2hbU1yfQa
tF3scKEwgCrAHt2RbChV/jCCtmBhd0UyoD6gKMlQ4Z18HjSRX/84Er44AVoqLi0c
QVzSLKZDgXzUohQFcnw5EOWGEtNlOQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:26 2024 by rpki-client on console-ams.rpki-client.org