Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/IzIyMfixPn3oYKErImyu4xltkyg.roa
File: IzIyMfixPn3oYKErImyu4xltkyg.roa (raw, json)
Hash identifier: vaPN0Amxlqvdn3OHDEiMZKtmZiTnVUWD5CMenvui/uY=
Subject key identifier: 23:32:32:31:F8:B1:3E:7D:E8:60:A1:2B:22:6C:AE:E3:19:6D:93:28
Certificate issuer: /CN=fa3c481607619c835d09f2471d976d7cf74a0439
Certificate serial: 018CC56F05C03236F0DEF2165805DEEC01FC
Authority key identifier: FA:3C:48:16:07:61:9C:83:5D:09:F2:47:1D:97:6D:7C:F7:4A:04:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-jxIFgdhnINdCfJHHZdtfPdKBDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/IzIyMfixPn3oYKErImyu4xltkyg.roa
Signing time: Mon 01 Jan 2024 14:30:36 +0000
ROA not before: Mon 01 Jan 2024 14:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34820
IP address blocks: 185.110.142.0/23 maxlen: 23
185.110.140.0/23 maxlen: 23
85.159.104.0/23 maxlen: 23
85.159.108.0/22 maxlen: 22
85.159.106.0/24 maxlen: 24
2a0c:2540::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 28 Jun 2024 08:08:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6f:05:c0:32:36:f0:de:f2:16:58:05:de:ec:01:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa3c481607619c835d09f2471d976d7cf74a0439
Validity
Not Before: Jan 1 14:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23323231f8b13e7de860a12b226caee3196d9328
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:81:00:f4:21:71:1f:27:8d:f4:17:a0:ac:48:
c8:00:5c:1a:ef:1d:6e:73:1b:1b:be:32:ab:9e:43:
c1:34:71:74:96:20:a7:6a:14:ac:75:29:df:9c:1e:
59:c9:fc:ed:4b:0d:5c:58:6e:f0:48:ee:c8:b5:47:
89:27:b8:da:3d:a9:ad:61:47:f9:42:92:ba:b7:1d:
67:58:8d:ef:fc:47:8e:82:d6:b7:f4:23:ec:f1:c2:
32:01:35:17:d6:17:6a:10:df:cd:11:e7:34:e4:6b:
93:b3:29:35:44:56:60:06:73:33:8a:a1:dc:6a:23:
84:7b:65:1b:b6:db:2d:b3:1c:33:52:3e:a5:fd:11:
ca:6a:fb:f4:29:16:2f:6f:1e:ed:d2:e5:87:b8:22:
c0:62:b6:4a:75:5e:86:ab:b5:5e:b2:c1:8c:18:a2:
5c:8c:91:ff:c1:8a:f6:f0:e3:97:c7:fe:fe:b3:9c:
d2:58:42:51:c7:ff:50:3a:ba:73:a1:21:84:23:25:
ce:ec:75:31:60:e1:d1:3b:db:10:6c:85:73:df:dc:
5d:6f:f5:10:4a:9d:e7:8c:b3:2d:a6:c1:96:e7:fc:
67:75:7f:9d:b7:8e:b9:f5:ef:da:17:3e:5f:4f:f2:
65:26:b9:13:ea:ea:2a:70:ad:d2:84:8a:63:e1:83:
da:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:32:32:31:F8:B1:3E:7D:E8:60:A1:2B:22:6C:AE:E3:19:6D:93:28
X509v3 Authority Key Identifier:
keyid:FA:3C:48:16:07:61:9C:83:5D:09:F2:47:1D:97:6D:7C:F7:4A:04:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-jxIFgdhnINdCfJHHZdtfPdKBDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/IzIyMfixPn3oYKErImyu4xltkyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/1-jxIFgdhnINdCfJHHZdtfPdKBDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.159.104.0-85.159.106.255
85.159.108.0/22
185.110.140.0/22
IPv6:
2a0c:2540::/29
Signature Algorithm: sha256WithRSAEncryption
ad:e9:ef:30:e8:9f:70:18:67:b7:5b:9d:f9:0d:77:08:19:e8:
69:8f:bd:5d:a8:7d:94:0b:d5:67:a4:eb:53:82:4e:3b:e4:73:
60:3d:34:ee:a4:be:d9:ac:28:7d:98:64:c2:c0:04:4e:f1:51:
75:f5:e5:94:71:67:7e:e6:d3:94:67:58:d4:91:92:12:15:24:
a8:e9:16:c8:65:c4:fa:88:3b:5f:48:cc:ea:5e:e0:d7:15:2a:
cc:1f:99:f5:c6:85:b0:4d:0c:72:e8:bd:da:e6:1d:42:93:7f:
3a:a8:a9:f5:18:f5:c1:09:75:82:77:53:82:f7:c3:94:be:09:
df:f5:e0:d2:fe:78:91:b4:54:da:d5:e1:51:00:7b:23:89:78:
b9:58:0b:a9:10:3e:cb:08:b7:9d:06:e2:29:c8:d2:ed:3d:98:
c4:77:b4:fd:25:a5:48:dc:ec:b7:51:14:e6:93:0e:5f:7f:61:
87:aa:33:5d:b8:74:40:51:24:b2:91:fe:d4:3e:08:b7:5e:d7:
00:0c:4f:8a:91:cf:ca:c8:47:dd:6d:63:2e:81:45:73:85:36:
e4:fb:11:3d:c2:19:07:a3:8d:16:b5:df:4d:bd:35:50:2a:2a:
15:1c:3e:1e:d3:f6:5a:c1:4b:7a:af:c8:5c:44:ee:e8:df:e4:
f6:dc:3d:f2
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYzFbwXAMjbw3vIWWAXe7AH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhM2M0ODE2MDc2MTljODM1ZDA5ZjI0NzFkOTc2ZDdjZjc0
YTA0MzkwHhcNMjQwMTAxMTQzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzMyMzIzMWY4YjEzZTdkZTg2MGExMmIyMjZjYWVlMzE5NmQ5MzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYEA9CFxHyeN9BegrEjIAFwa7x1u
cxsbvjKrnkPBNHF0liCnahSsdSnfnB5ZyfztSw1cWG7wSO7ItUeJJ7jaPamtYUf5
QpK6tx1nWI3v/EeOgta39CPs8cIyATUX1hdqEN/NEec05GuTsyk1RFZgBnMziqHc
aiOEe2UbttstsxwzUj6l/RHKavv0KRYvbx7t0uWHuCLAYrZKdV6Gq7VessGMGKJc
jJH/wYr28OOXx/7+s5zSWEJRx/9QOrpzoSGEIyXO7HUxYOHRO9sQbIVz39xdb/UQ
Sp3njLMtpsGW5/xndX+dt4659e/aFz5fT/JlJrkT6uoqcK3ShIpj4YPaAQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFCMyMjH4sT596GChKyJsruMZbZMoMB8GA1UdIwQY
MBaAFPo8SBYHYZyDXQnyRx2XbXz3SgQ5MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1qeElGZ2RobklOZENmSkhIWmR0ZlBkS0JEay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTk4NDhiLWM0ZjgtNDZhYi04OTIz
LTEzMDQ0NTRiZjI5ZC8xL0l6SXlNZml4UG4zb1lLRXJJbXl1NHhsdGt5Zy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGYvOTk4NDhiLWM0ZjgtNDZhYi04OTIzLTEzMDQ0NTRiZjI5
ZC8xLzEtanhJRmdkaG5JTmRDZkpISFpkdGZQZEtCRGsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQgYIKwYBBQUHAQcBAf8EMzAxMCAEAgABMBowDAMEA1Wf
aAMEAFWfagMEAlWfbAMEArlujDANBAIAAjAHAwUDKgwlQDANBgkqhkiG9w0BAQsF
AAOCAQEArenvMOifcBhnt1ud+Q13CBnoaY+9Xah9lAvVZ6TrU4JOO+RzYD007qS+
2awofZhkwsAETvFRdfXllHFnfubTlGdY1JGSEhUkqOkWyGXE+og7X0jM6l7g1xUq
zB+Z9caFsE0Mcui92uYdQpN/Oqip9Rj1wQl1gndTgvfDlL4J3/Xg0v54kbRU2tXh
UQB7I4l4uVgLqRA+ywi3nQbiKcjS7T2YxHe0/SWlSNzst1EU5pMOX39hh6ozXbh0
QFEkspH+1D4It17XAAxPipHPyshH3W1jLoFFc4U25PsRPcIZB6ONFrXfTb01UCoq
FRw+HtP2WsFLeq/IXETu6N/k9tw98g==
-----END CERTIFICATE-----
Generated at Fri Jun 28 12:08:51 2024 by rpki-client on console-ams.rpki-client.org