Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/2cc283-9357-4c95-84d4-35cf770dc8b9/1/IaQ0QCBckd14-pyWjahScn3kXfU.roa
File: IaQ0QCBckd14-pyWjahScn3kXfU.roa (raw, json)
Hash identifier: Nd8Wtu0GSYZv0qRAviqn41YVxEfdTSBCmrKWNgGV/iY=
Subject key identifier: 21:A4:34:40:20:5C:91:DD:78:FA:9C:96:8D:A8:52:72:7D:E4:5D:F5
Certificate issuer: /CN=0c5e870d31ca7019951370cb221f18f1f09fa58a
Certificate serial: 01856CCAED71D1B55917436321612ED7C825
Authority key identifier: 0C:5E:87:0D:31:CA:70:19:95:13:70:CB:22:1F:18:F1:F0:9F:A5:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DF6HDTHKcBmVE3DLIh8Y8fCfpYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/2cc283-9357-4c95-84d4-35cf770dc8b9/1/IaQ0QCBckd14-pyWjahScn3kXfU.roa
Signing time: Sun 01 Jan 2023 10:05:16 +0000
ROA not before: Sun 01 Jan 2023 10:05:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39825
IP address blocks: 85.159.144.0/24 maxlen: 24
85.159.145.0/24 maxlen: 24
85.159.146.0/24 maxlen: 24
85.159.147.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:ed:71:d1:b5:59:17:43:63:21:61:2e:d7:c8:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5e870d31ca7019951370cb221f18f1f09fa58a
Validity
Not Before: Jan 1 10:05:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21a43440205c91dd78fa9c968da852727de45df5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1b:1d:f7:32:10:8e:15:cc:76:3f:03:74:99:
46:42:0e:8d:84:75:12:4c:5e:f6:35:e5:2d:81:6b:
63:60:bb:a3:a8:6e:bf:c9:b7:ba:8c:5f:8e:57:8b:
fc:71:7a:30:ba:9b:91:70:cd:0c:8f:fd:db:14:62:
2a:6f:44:59:8c:52:f8:d9:c3:ed:40:ed:83:4f:41:
5b:10:f1:28:06:36:c7:45:30:c3:d2:aa:de:24:ab:
bf:1d:58:62:71:70:65:97:c8:95:72:af:3f:d1:8f:
cb:52:df:f1:f6:bc:08:eb:31:ad:fb:3d:02:79:a3:
91:7f:2e:5f:27:e3:e7:2d:0c:aa:e9:c1:3f:b1:98:
21:cd:12:65:26:40:87:84:5c:4b:a6:15:ac:d0:70:
8c:ea:ed:6e:ab:1c:21:90:f3:61:13:4c:d5:81:4b:
9d:6b:ae:bd:0a:ca:b3:ae:c8:2a:51:5b:73:a2:c6:
1f:e0:88:a9:1d:62:7f:16:4e:5a:9a:1e:ce:9a:36:
83:7d:f8:8c:d6:47:f9:75:74:11:ac:d3:27:bd:77:
5e:04:0a:14:cb:67:be:b6:27:1a:6b:41:46:93:cb:
88:d4:3a:7d:75:4f:48:44:5f:ff:36:f4:16:70:3b:
de:11:b2:85:97:17:4a:72:da:57:c8:e8:55:c5:eb:
6b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:A4:34:40:20:5C:91:DD:78:FA:9C:96:8D:A8:52:72:7D:E4:5D:F5
X509v3 Authority Key Identifier:
keyid:0C:5E:87:0D:31:CA:70:19:95:13:70:CB:22:1F:18:F1:F0:9F:A5:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DF6HDTHKcBmVE3DLIh8Y8fCfpYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/2cc283-9357-4c95-84d4-35cf770dc8b9/1/IaQ0QCBckd14-pyWjahScn3kXfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/2cc283-9357-4c95-84d4-35cf770dc8b9/1/DF6HDTHKcBmVE3DLIh8Y8fCfpYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.159.144.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:ed:29:78:80:85:f3:b0:4b:ab:f4:7f:65:62:bd:0f:1c:6b:
b1:49:be:64:8a:cb:23:2a:a5:2a:36:ad:f6:70:16:2a:27:e3:
80:cf:6b:f9:12:3f:03:f3:b0:91:64:a6:21:b8:84:16:0a:aa:
22:07:19:95:e6:4f:42:17:1c:98:a6:e7:ca:e7:69:47:ef:ae:
fe:a8:3c:16:8c:58:71:5d:10:d7:f2:ca:76:d9:90:13:f1:11:
c6:a6:7e:64:18:84:89:d3:c2:bf:b5:dd:9c:99:c1:7b:6f:e3:
64:f7:58:75:4f:f1:64:34:71:a6:15:ed:e1:7b:72:b8:e5:f0:
6e:ec:ad:78:72:a2:65:05:54:88:66:a8:f3:54:f0:c5:49:31:
2c:46:98:60:43:a7:9a:03:5f:70:8e:0f:cf:4c:2a:c9:4b:c3:
8e:ec:9c:ab:28:e0:6c:4c:d6:8a:1c:56:29:7f:26:e6:78:4c:
b5:2c:13:bc:7f:cb:0e:b0:e3:3a:16:eb:24:7c:ca:7b:02:11:
58:f5:13:21:77:89:51:e0:54:ff:77:69:e4:0a:45:1c:c7:fc:
ce:74:12:4b:f4:9b:12:9d:c0:49:0d:fc:2a:de:a8:a8:22:35:
98:7d:6f:ea:c0:6c:0c:ce:17:cc:b6:78:a4:62:39:22:14:8c:
e1:a8:59:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsyu1x0bVZF0NjIWEu18glMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNWU4NzBkMzFjYTcwMTk5NTEzNzBjYjIyMWYxOGYxZjA5
ZmE1OGEwHhcNMjMwMTAxMTAwNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWE0MzQ0MDIwNWM5MWRkNzhmYTljOTY4ZGE4NTI3MjdkZTQ1ZGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBsd9zIQjhXMdj8DdJlGQg6NhHUS
TF72NeUtgWtjYLujqG6/ybe6jF+OV4v8cXowupuRcM0Mj/3bFGIqb0RZjFL42cPt
QO2DT0FbEPEoBjbHRTDD0qreJKu/HVhicXBll8iVcq8/0Y/LUt/x9rwI6zGt+z0C
eaORfy5fJ+PnLQyq6cE/sZghzRJlJkCHhFxLphWs0HCM6u1uqxwhkPNhE0zVgUud
a669CsqzrsgqUVtzosYf4IipHWJ/Fk5amh7OmjaDffiM1kf5dXQRrNMnvXdeBAoU
y2e+ticaa0FGk8uI1Dp9dU9IRF//NvQWcDveEbKFlxdKctpXyOhVxetr3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCGkNEAgXJHdePqclo2oUnJ95F31MB8GA1UdIwQY
MBaAFAxehw0xynAZlRNwyyIfGPHwn6WKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREY2SERUSEtjQm1WRTNETEloOFk4ZkNmcFlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8yY2MyODMtOTM1Ny00Yzk1LTg0ZDQt
MzVjZjc3MGRjOGI5LzEvSWFRMFFDQmNrZDE0LXB5V2phaFNjbjNrWGZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8yY2MyODMtOTM1Ny00Yzk1LTg0ZDQtMzVjZjc3MGRjOGI5
LzEvREY2SERUSEtjQm1WRTNETEloOFk4ZkNmcFlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVZ+QMA0G
CSqGSIb3DQEBCwUAA4IBAQCe7Sl4gIXzsEur9H9lYr0PHGuxSb5kissjKqUqNq32
cBYqJ+OAz2v5Ej8D87CRZKYhuIQWCqoiBxmV5k9CFxyYpufK52lH767+qDwWjFhx
XRDX8sp22ZAT8RHGpn5kGISJ08K/td2cmcF7b+Nk91h1T/FkNHGmFe3he3K45fBu
7K14cqJlBVSIZqjzVPDFSTEsRphgQ6eaA19wjg/PTCrJS8OO7JyrKOBsTNaKHFYp
fybmeEy1LBO8f8sOsOM6FuskfMp7AhFY9RMhd4lR4FT/d2nkCkUcx/zOdBJL9JsS
ncBJDfwq3qioIjWYfW/qwGwMzhfMtnikYjkiFIzhqFl7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:31 2023 by rpki-client on console-ams.rpki-client.org