Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b38228-0875-491c-9d4f-d6a9a28284cf/1/9GzKNJdRsnzf96D7uF7DLuqMTig.roa
File: 9GzKNJdRsnzf96D7uF7DLuqMTig.roa (raw, json)
Hash identifier: k8/BMS1rVWjQD/LJlB9zj9CqrC2WeqshPe7nheGJ2PU=
Subject key identifier: F4:6C:CA:34:97:51:B2:7C:DF:F7:A0:FB:B8:5E:C3:2E:EA:8C:4E:28
Certificate issuer: /CN=85492f2a6910433c5bcd8269c440e8c1c7800d6b
Certificate serial: 018DAD800E663B6BB350D7A02C8C63E448DC
Authority key identifier: 85:49:2F:2A:69:10:43:3C:5B:CD:82:69:C4:40:E8:C1:C7:80:0D:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hUkvKmkQQzxbzYJpxEDowceADWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/b38228-0875-491c-9d4f-d6a9a28284cf/1/9GzKNJdRsnzf96D7uF7DLuqMTig.roa
Signing time: Thu 15 Feb 2024 16:01:07 +0000
ROA not before: Thu 15 Feb 2024 16:01:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 85.208.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Feb 2024 18:40:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ad:80:0e:66:3b:6b:b3:50:d7:a0:2c:8c:63:e4:48:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85492f2a6910433c5bcd8269c440e8c1c7800d6b
Validity
Not Before: Feb 15 16:01:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f46cca349751b27cdff7a0fbb85ec32eea8c4e28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9f:cd:33:7b:5b:21:5a:93:62:69:5d:49:5e:
e4:8a:0c:b0:49:6a:8a:82:e3:36:92:04:a7:c2:cd:
b3:fb:d7:f6:ac:b5:fd:c6:1d:8b:83:c3:0b:56:7b:
b8:c1:e9:36:98:71:07:a8:bd:07:17:7c:4f:32:1a:
96:79:e1:44:67:c6:33:ea:1c:28:ba:26:42:77:4c:
70:93:3d:ad:5f:18:2e:4a:a0:0b:1f:0b:0a:08:0c:
49:9c:e2:9d:f4:b3:9a:81:12:ea:ea:ff:1f:b3:61:
7e:f5:6b:4d:95:2c:a0:11:7a:a2:29:70:be:87:c0:
31:8c:54:e7:54:63:34:2d:51:c3:c1:5d:2a:00:ef:
c3:54:79:6c:b2:2e:38:f0:e7:f0:33:b3:9a:cb:89:
94:be:e1:b6:97:42:3a:cd:c5:a8:d2:b3:b7:a1:5c:
bc:c6:59:35:90:eb:51:40:ca:a4:10:9a:61:ef:b5:
30:4e:79:74:59:82:86:da:c2:00:eb:1c:30:59:5c:
fa:02:f7:8c:a2:9c:6f:26:59:25:57:d4:8e:cb:ec:
9f:6c:a3:9a:5a:62:9f:0f:a0:60:9a:30:f4:42:40:
56:6e:c8:34:81:e2:b3:ac:36:99:05:ad:ba:01:db:
b6:97:b5:a3:36:69:a8:08:67:9c:53:4a:28:bf:a1:
e9:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:6C:CA:34:97:51:B2:7C:DF:F7:A0:FB:B8:5E:C3:2E:EA:8C:4E:28
X509v3 Authority Key Identifier:
keyid:85:49:2F:2A:69:10:43:3C:5B:CD:82:69:C4:40:E8:C1:C7:80:0D:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUkvKmkQQzxbzYJpxEDowceADWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b38228-0875-491c-9d4f-d6a9a28284cf/1/9GzKNJdRsnzf96D7uF7DLuqMTig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b38228-0875-491c-9d4f-d6a9a28284cf/1/hUkvKmkQQzxbzYJpxEDowceADWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.251.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:1f:5e:9b:da:96:b5:ed:ca:cc:ae:85:80:ea:d0:b9:6b:e2:
46:a6:05:07:21:c5:30:32:01:1f:7c:5f:7a:92:e6:fe:23:4e:
13:b2:95:d8:45:a5:2c:95:07:10:62:44:a4:e5:fc:0b:15:5e:
e1:5e:26:5c:cf:f5:f6:61:14:7b:86:a6:84:90:8d:e9:82:b7:
38:5c:4a:4d:98:87:e5:ab:46:4c:ab:51:3c:c1:66:ca:dc:ff:
78:97:8c:f0:a5:3e:33:9b:90:43:89:a2:3f:08:0f:18:b2:58:
98:6f:37:7a:f0:a4:5b:b7:59:0d:8d:53:e7:e8:f5:ee:d8:d9:
95:c4:53:20:ef:0f:38:eb:b0:b2:70:80:c9:78:99:40:82:33:
94:af:5d:47:4b:55:9d:2d:ed:e9:58:68:2a:a3:da:7b:14:42:
fc:26:af:b1:0b:f2:40:c4:1a:05:b7:dc:78:de:6e:be:2b:56:
ee:cd:26:d0:03:f9:c7:69:e5:c6:68:81:6b:1d:76:26:cb:4a:
80:ac:43:54:2c:09:f0:e3:e9:2a:a3:10:80:3f:9d:13:8e:4c:
8b:c9:62:dc:cc:14:a4:54:09:48:07:dd:2d:73:c3:a8:df:3c:
43:79:fa:66:c1:58:64:8c:7b:35:1e:71:fd:0e:bd:74:26:5a:
ca:d5:d2:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2tgA5mO2uzUNegLIxj5EjcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NDkyZjJhNjkxMDQzM2M1YmNkODI2OWM0NDBlOGMxYzc4
MDBkNmIwHhcNMjQwMjE1MTYwMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDZjY2EzNDk3NTFiMjdjZGZmN2EwZmJiODVlYzMyZWVhOGM0ZTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlp/NM3tbIVqTYmldSV7kigywSWqK
guM2kgSnws2z+9f2rLX9xh2Lg8MLVnu4wek2mHEHqL0HF3xPMhqWeeFEZ8Yz6hwo
uiZCd0xwkz2tXxguSqALHwsKCAxJnOKd9LOagRLq6v8fs2F+9WtNlSygEXqiKXC+
h8AxjFTnVGM0LVHDwV0qAO/DVHlssi448OfwM7Oay4mUvuG2l0I6zcWo0rO3oVy8
xlk1kOtRQMqkEJph77UwTnl0WYKG2sIA6xwwWVz6AveMopxvJlklV9SOy+yfbKOa
WmKfD6BgmjD0QkBWbsg0geKzrDaZBa26Adu2l7WjNmmoCGecU0oov6HpfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPRsyjSXUbJ83/eg+7hewy7qjE4oMB8GA1UdIwQY
MBaAFIVJLyppEEM8W82CacRA6MHHgA1rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFVrdktta1FRenhiellKcHhFRG93Y2VBRFdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iMzgyMjgtMDg3NS00OTFjLTlkNGYt
ZDZhOWEyODI4NGNmLzEvOUd6S05KZFJzbnpmOTZEN3VGN0RMdXFNVGlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iMzgyMjgtMDg3NS00OTFjLTlkNGYtZDZhOWEyODI4NGNm
LzEvaFVrdktta1FRenhiellKcHhFRG93Y2VBRFdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdD7MA0G
CSqGSIb3DQEBCwUAA4IBAQAsH16b2pa17crMroWA6tC5a+JGpgUHIcUwMgEffF96
kub+I04TspXYRaUslQcQYkSk5fwLFV7hXiZcz/X2YRR7hqaEkI3pgrc4XEpNmIfl
q0ZMq1E8wWbK3P94l4zwpT4zm5BDiaI/CA8YsliYbzd68KRbt1kNjVPn6PXu2NmV
xFMg7w8467CycIDJeJlAgjOUr11HS1WdLe3pWGgqo9p7FEL8Jq+xC/JAxBoFt9x4
3m6+K1buzSbQA/nHaeXGaIFrHXYmy0qArENULAnw4+kqoxCAP50TjkyLyWLczBSk
VAlIB90tc8Oo3zxDefpmwVhkjHs1HnH9Dr10JlrK1dJK
-----END CERTIFICATE-----
Generated at Thu Feb 15 20:37:08 2024 by rpki-client on console-ams.rpki-client.org