Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b38228-0875-491c-9d4f-d6a9a28284cf/1/ghP_-5tOfAXqwKzUqm6BwQVa834.roa
File: ghP_-5tOfAXqwKzUqm6BwQVa834.roa (raw, json)
Hash identifier: a+Hqk/2j2Q4aHA2eDm6Pot4G4Af0udgake2lvGXbtOo=
Subject key identifier: 82:13:FF:FB:9B:4E:7C:05:EA:C0:AC:D4:AA:6E:81:C1:05:5A:F3:7E
Certificate issuer: /CN=85492f2a6910433c5bcd8269c440e8c1c7800d6b
Certificate serial: 018DAD800EF438F84177DCD3021D2276B615
Authority key identifier: 85:49:2F:2A:69:10:43:3C:5B:CD:82:69:C4:40:E8:C1:C7:80:0D:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hUkvKmkQQzxbzYJpxEDowceADWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/b38228-0875-491c-9d4f-d6a9a28284cf/1/ghP_-5tOfAXqwKzUqm6BwQVa834.roa
Signing time: Thu 15 Feb 2024 16:01:07 +0000
ROA not before: Thu 15 Feb 2024 16:01:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198435
IP address blocks: 85.208.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Feb 2024 18:41:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ad:80:0e:f4:38:f8:41:77:dc:d3:02:1d:22:76:b6:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85492f2a6910433c5bcd8269c440e8c1c7800d6b
Validity
Not Before: Feb 15 16:01:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8213fffb9b4e7c05eac0acd4aa6e81c1055af37e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:3b:9e:32:fd:7c:f8:65:59:15:63:ce:77:10:
d0:87:f9:93:ba:50:1e:7b:68:0c:da:00:5b:2a:21:
3f:99:08:79:5f:ca:7a:41:88:fe:ac:ca:2e:1e:b0:
73:c9:d6:69:3f:80:02:48:62:aa:d1:73:7b:58:68:
43:b2:4a:38:d1:c2:1e:13:a5:d7:41:bb:f2:b8:53:
37:6a:f4:3d:d3:bd:69:ec:3d:1e:78:3f:c7:51:e5:
80:94:92:d8:53:9d:45:33:3b:8e:c2:49:c1:0e:b4:
f1:1c:c0:94:00:28:21:2b:7b:42:d8:3d:8a:7a:0b:
bd:21:db:2a:eb:46:2f:d5:82:55:5e:24:a5:65:29:
e2:d9:1e:1b:c6:dc:fb:6b:c6:55:a3:08:92:32:43:
2c:90:c7:33:d8:fc:9e:4d:68:4a:26:88:70:2e:24:
b1:73:1c:f3:59:53:34:4b:9a:29:a2:8a:89:09:c3:
a8:23:e3:10:25:b5:37:70:7a:cd:bd:1e:b8:ce:a4:
04:96:7b:7c:22:b8:1b:10:15:36:91:08:16:59:f4:
70:a3:ab:83:e6:24:01:65:34:92:09:69:ad:46:bf:
f0:65:1b:c3:25:d1:a5:dd:9e:d7:09:58:46:c9:57:
e9:c3:57:46:a8:e1:d3:0c:e2:19:33:85:92:d2:e8:
6c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:13:FF:FB:9B:4E:7C:05:EA:C0:AC:D4:AA:6E:81:C1:05:5A:F3:7E
X509v3 Authority Key Identifier:
keyid:85:49:2F:2A:69:10:43:3C:5B:CD:82:69:C4:40:E8:C1:C7:80:0D:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUkvKmkQQzxbzYJpxEDowceADWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b38228-0875-491c-9d4f-d6a9a28284cf/1/ghP_-5tOfAXqwKzUqm6BwQVa834.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b38228-0875-491c-9d4f-d6a9a28284cf/1/hUkvKmkQQzxbzYJpxEDowceADWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.251.0/24
Signature Algorithm: sha256WithRSAEncryption
05:01:0c:04:b6:59:4b:f9:0f:d9:3c:bd:ef:6a:cb:48:ed:99:
b8:89:5e:6b:f4:6d:d0:64:8e:46:50:bb:a6:1a:50:29:4e:18:
57:f2:ef:21:06:72:61:dc:64:ec:a9:a0:30:c7:63:d2:e8:e2:
2a:af:48:6a:48:d4:25:3e:15:6b:e5:cf:66:cd:55:97:6b:5c:
15:99:8f:18:69:38:c9:13:e9:8e:2e:7c:c8:86:a9:6b:bb:a7:
0f:46:ab:f4:9f:83:95:f0:f9:82:a6:39:05:4b:75:4a:d3:b3:
bf:d2:e7:1b:ee:e3:6a:13:ae:8b:b6:1b:68:81:57:c3:5b:7d:
37:bb:b9:47:83:99:21:cb:3a:31:07:bd:dc:02:9c:cf:e3:06:
2c:6d:f5:bd:63:03:44:70:f6:6c:c8:1e:46:31:ea:22:50:30:
52:ba:95:d0:be:79:9f:86:0b:36:22:a5:df:e0:ef:cf:82:94:
48:36:8d:79:cb:df:70:bb:36:8b:bd:8d:d7:80:25:0c:98:13:
d7:ac:f0:aa:c6:a0:cf:52:b5:9c:fb:bf:f0:48:33:58:e4:57:
47:b2:60:45:fd:32:4d:fd:7f:fe:9f:fd:6c:73:16:fb:89:f2:
f2:94:92:5d:df:9e:bd:de:c7:bf:98:c4:96:36:b3:af:7c:fe:
0b:39:84:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2tgA70OPhBd9zTAh0idrYVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NDkyZjJhNjkxMDQzM2M1YmNkODI2OWM0NDBlOGMxYzc4
MDBkNmIwHhcNMjQwMjE1MTYwMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjEzZmZmYjliNGU3YzA1ZWFjMGFjZDRhYTZlODFjMTA1NWFmMzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jueMv18+GVZFWPOdxDQh/mTulAe
e2gM2gBbKiE/mQh5X8p6QYj+rMouHrBzydZpP4ACSGKq0XN7WGhDsko40cIeE6XX
QbvyuFM3avQ9071p7D0eeD/HUeWAlJLYU51FMzuOwknBDrTxHMCUACghK3tC2D2K
egu9Idsq60Yv1YJVXiSlZSni2R4bxtz7a8ZVowiSMkMskMcz2PyeTWhKJohwLiSx
cxzzWVM0S5opooqJCcOoI+MQJbU3cHrNvR64zqQElnt8IrgbEBU2kQgWWfRwo6uD
5iQBZTSSCWmtRr/wZRvDJdGl3Z7XCVhGyVfpw1dGqOHTDOIZM4WS0uhsWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIIT//ubTnwF6sCs1KpugcEFWvN+MB8GA1UdIwQY
MBaAFIVJLyppEEM8W82CacRA6MHHgA1rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFVrdktta1FRenhiellKcHhFRG93Y2VBRFdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iMzgyMjgtMDg3NS00OTFjLTlkNGYt
ZDZhOWEyODI4NGNmLzEvZ2hQXy01dE9mQVhxd0t6VXFtNkJ3UVZhODM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iMzgyMjgtMDg3NS00OTFjLTlkNGYtZDZhOWEyODI4NGNm
LzEvaFVrdktta1FRenhiellKcHhFRG93Y2VBRFdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdD7MA0G
CSqGSIb3DQEBCwUAA4IBAQAFAQwEtllL+Q/ZPL3vastI7Zm4iV5r9G3QZI5GULum
GlApThhX8u8hBnJh3GTsqaAwx2PS6OIqr0hqSNQlPhVr5c9mzVWXa1wVmY8YaTjJ
E+mOLnzIhqlru6cPRqv0n4OV8PmCpjkFS3VK07O/0ucb7uNqE66LthtogVfDW303
u7lHg5khyzoxB73cApzP4wYsbfW9YwNEcPZsyB5GMeoiUDBSupXQvnmfhgs2IqXf
4O/PgpRINo15y99wuzaLvY3XgCUMmBPXrPCqxqDPUrWc+7/wSDNY5FdHsmBF/TJN
/X/+n/1scxb7ifLylJJd35693se/mMSWNrOvfP4LOYQQ
-----END CERTIFICATE-----
Generated at Thu Feb 15 20:37:09 2024 by rpki-client on console-ams.rpki-client.org