Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/2cc283-9357-4c95-84d4-35cf770dc8b9/1/A4xP6adjphS7_FFtdAxP0oY5k7E.roa
File: A4xP6adjphS7_FFtdAxP0oY5k7E.roa (raw, json)
Hash identifier: hZnxg6aPD/cMdqeDB1T6HGMan+c/MSi9f8H0NlqVBIA=
Subject key identifier: 03:8C:4F:E9:A7:63:A6:14:BB:FC:51:6D:74:0C:4F:D2:86:39:93:B1
Certificate issuer: /CN=0c5e870d31ca7019951370cb221f18f1f09fa58a
Certificate serial: 01884072330E9F64B1DB4BEDA73F34DD084B
Authority key identifier: 0C:5E:87:0D:31:CA:70:19:95:13:70:CB:22:1F:18:F1:F0:9F:A5:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DF6HDTHKcBmVE3DLIh8Y8fCfpYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/2cc283-9357-4c95-84d4-35cf770dc8b9/1/A4xP6adjphS7_FFtdAxP0oY5k7E.roa
Signing time: Sun 21 May 2023 22:33:25 +0000
ROA not before: Sun 21 May 2023 22:33:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39825
IP address blocks: 85.159.144.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:40:72:33:0e:9f:64:b1:db:4b:ed:a7:3f:34:dd:08:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5e870d31ca7019951370cb221f18f1f09fa58a
Validity
Not Before: May 21 22:33:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=038c4fe9a763a614bbfc516d740c4fd2863993b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:24:a9:ab:be:81:09:36:0f:b0:49:e2:8d:70:
ad:ee:cb:23:cf:8a:3c:43:99:34:b4:d3:cc:41:61:
74:c4:e1:1f:59:29:30:17:91:79:3a:e0:c1:69:00:
c6:c7:bf:bc:a3:ec:8a:e4:3f:89:11:7b:a3:94:ce:
9f:2e:fc:1e:e7:d7:cf:eb:63:a8:3a:3f:17:54:ea:
dd:80:9b:cc:b8:db:e9:0f:82:40:26:30:36:0e:84:
87:d5:c3:f1:85:4d:1a:b3:be:e3:47:ed:98:d0:fe:
ad:2f:e0:e2:38:06:1b:a5:63:04:93:56:91:e9:83:
af:73:b8:a7:72:c4:52:75:e8:0f:f6:72:47:59:60:
4a:c3:c6:7c:67:dc:48:56:f0:13:5c:57:e7:b3:17:
57:80:6f:9f:0d:e2:35:bf:9d:b5:b3:2c:f3:45:b9:
f3:42:e2:ed:3e:eb:0a:3d:ba:81:fb:b9:ec:a5:d3:
8a:54:e6:b0:72:5a:81:f4:a2:3a:6d:30:55:e8:2b:
21:8f:61:73:da:3f:3b:2e:f3:2f:35:1e:97:95:9a:
33:8f:ba:2c:2f:61:70:d8:6d:c7:52:05:40:14:5a:
9e:ba:85:b3:e7:95:73:4b:34:c2:ec:5c:2d:19:aa:
78:bc:6b:af:c5:5f:96:49:64:ff:43:5b:8e:7e:d4:
29:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:8C:4F:E9:A7:63:A6:14:BB:FC:51:6D:74:0C:4F:D2:86:39:93:B1
X509v3 Authority Key Identifier:
keyid:0C:5E:87:0D:31:CA:70:19:95:13:70:CB:22:1F:18:F1:F0:9F:A5:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DF6HDTHKcBmVE3DLIh8Y8fCfpYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/2cc283-9357-4c95-84d4-35cf770dc8b9/1/A4xP6adjphS7_FFtdAxP0oY5k7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/2cc283-9357-4c95-84d4-35cf770dc8b9/1/DF6HDTHKcBmVE3DLIh8Y8fCfpYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.159.144.0/21
Signature Algorithm: sha256WithRSAEncryption
7a:01:51:25:86:ad:e1:4c:5c:b7:d3:a8:94:5d:93:c8:c6:8f:
3b:73:cd:4b:fc:f9:f7:62:1c:0b:84:fa:29:55:4a:11:8e:b2:
4a:bb:43:f0:93:39:35:04:3a:79:d2:0d:48:d0:ea:6a:4a:e1:
02:21:a7:7e:42:27:7a:6c:98:70:8c:85:1f:ac:b8:bb:dc:85:
d3:38:7e:45:ba:80:e8:63:0f:01:2d:8c:7f:2c:91:a6:6c:06:
fc:52:37:63:1b:48:24:3f:b2:c7:60:0c:1d:7c:ab:6a:cb:67:
b7:31:0d:39:64:ce:b6:66:cb:8f:05:5d:06:a2:87:32:fa:69:
e5:05:88:11:d9:d3:64:f1:83:14:e1:8e:f5:a7:db:c9:9a:a0:
3e:61:ca:c3:c6:3b:32:50:48:3a:88:a3:b9:f4:69:ef:1e:ac:
2f:ff:1e:3d:39:66:ff:92:fa:a2:e6:6b:44:b5:d3:f6:c6:06:
12:87:fc:1a:b3:61:c3:63:29:8b:0d:46:7a:1c:3a:0f:7b:ca:
3f:c0:4f:35:29:85:9d:3c:ad:91:6e:05:32:1f:7c:73:94:aa:
0e:41:eb:bb:75:82:11:1c:17:5a:4d:50:ef:bc:bb:3d:da:19:
8c:1c:05:e0:04:da:75:f7:17:a7:1f:9f:91:df:3b:a9:56:a7:
50:9c:2e:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhAcjMOn2Sx20vtpz803QhLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNWU4NzBkMzFjYTcwMTk5NTEzNzBjYjIyMWYxOGYxZjA5
ZmE1OGEwHhcNMjMwNTIxMjIzMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzhjNGZlOWE3NjNhNjE0YmJmYzUxNmQ3NDBjNGZkMjg2Mzk5M2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiSpq76BCTYPsEnijXCt7ssjz4o8
Q5k0tNPMQWF0xOEfWSkwF5F5OuDBaQDGx7+8o+yK5D+JEXujlM6fLvwe59fP62Oo
Oj8XVOrdgJvMuNvpD4JAJjA2DoSH1cPxhU0as77jR+2Y0P6tL+DiOAYbpWMEk1aR
6YOvc7incsRSdegP9nJHWWBKw8Z8Z9xIVvATXFfnsxdXgG+fDeI1v521syzzRbnz
QuLtPusKPbqB+7nspdOKVOawclqB9KI6bTBV6Cshj2Fz2j87LvMvNR6XlZozj7os
L2Fw2G3HUgVAFFqeuoWz55VzSzTC7FwtGap4vGuvxV+WSWT/Q1uOftQpoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAOMT+mnY6YUu/xRbXQMT9KGOZOxMB8GA1UdIwQY
MBaAFAxehw0xynAZlRNwyyIfGPHwn6WKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREY2SERUSEtjQm1WRTNETEloOFk4ZkNmcFlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8yY2MyODMtOTM1Ny00Yzk1LTg0ZDQt
MzVjZjc3MGRjOGI5LzEvQTR4UDZhZGpwaFM3X0ZGdGRBeFAwb1k1azdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8yY2MyODMtOTM1Ny00Yzk1LTg0ZDQtMzVjZjc3MGRjOGI5
LzEvREY2SERUSEtjQm1WRTNETEloOFk4ZkNmcFlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVZ+QMA0G
CSqGSIb3DQEBCwUAA4IBAQB6AVElhq3hTFy306iUXZPIxo87c81L/Pn3YhwLhPop
VUoRjrJKu0Pwkzk1BDp50g1I0OpqSuECIad+Qid6bJhwjIUfrLi73IXTOH5FuoDo
Yw8BLYx/LJGmbAb8UjdjG0gkP7LHYAwdfKtqy2e3MQ05ZM62ZsuPBV0Goocy+mnl
BYgR2dNk8YMU4Y71p9vJmqA+YcrDxjsyUEg6iKO59GnvHqwv/x49OWb/kvqi5mtE
tdP2xgYSh/was2HDYymLDUZ6HDoPe8o/wE81KYWdPK2RbgUyH3xzlKoOQeu7dYIR
HBdaTVDvvLs92hmMHAXgBNp19xenH5+R3zupVqdQnC5L
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:38 2024 by rpki-client on console-ams.rpki-client.org