Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/B5zuBQIK7mF_7MxAE_1q5OBO8ew.roa
File: B5zuBQIK7mF_7MxAE_1q5OBO8ew.roa (raw, json)
Hash identifier: YzzleCI1qQYC55qjwjZfXEKVgfaYeNddt/Z2h/JEcDI=
Subject key identifier: 07:9C:EE:05:02:0A:EE:61:7F:EC:CC:40:13:FD:6A:E4:E0:4E:F1:EC
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01856ED4D39054593C3F920199EF5AA9B762
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/B5zuBQIK7mF_7MxAE_1q5OBO8ew.roa
Signing time: Sun 01 Jan 2023 19:35:19 +0000
ROA not before: Sun 01 Jan 2023 19:35:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204741
IP address blocks: 85.209.74.0/24 maxlen: 24
85.209.75.0/24 maxlen: 24
85.209.72.0/22 maxlen: 22
85.209.73.0/24 maxlen: 24
85.209.72.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:d3:90:54:59:3c:3f:92:01:99:ef:5a:a9:b7:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 19:35:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=079cee05020aee617feccc4013fd6ae4e04ef1ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:d4:57:d8:06:3c:0c:3b:51:5f:e9:73:c5:ad:
63:fd:41:e2:14:27:df:cd:99:51:c9:28:62:d2:0c:
dc:ae:16:9c:4b:ec:58:2a:b0:65:dd:37:09:97:0e:
11:11:8e:49:ca:b8:8a:23:0c:35:6c:58:9c:f9:f8:
86:0a:e4:5e:9a:ff:1c:a1:35:40:26:ac:6a:02:39:
7f:25:c2:7e:ad:f3:86:db:1f:7b:fb:e9:7b:21:3d:
36:e0:5f:e9:94:a2:4c:be:9e:c0:ba:f1:0b:96:55:
74:ad:73:57:92:ab:c2:b0:9c:0d:b8:35:b1:03:4e:
ae:5e:ec:47:77:38:94:13:e2:f0:2f:16:ab:82:a2:
d2:d7:f2:42:2e:f0:92:5e:b1:fe:34:62:58:13:95:
4c:6a:e3:12:81:68:ac:dd:8c:9b:b2:69:f0:70:6b:
77:80:7c:b5:54:6d:53:92:9d:87:f6:89:43:d2:a8:
a3:b7:46:29:ab:e2:21:8a:bd:d5:a7:39:7f:be:4d:
de:4e:f7:1f:6f:05:bc:7b:c8:3c:a6:4e:57:40:87:
ab:2a:a6:cf:e9:21:42:67:e2:86:99:37:15:a6:d6:
d3:a5:05:70:85:df:2b:f0:b9:77:b9:ea:9d:53:00:
27:47:9d:49:d8:3a:87:8f:c3:5a:75:24:1c:29:b3:
6e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:9C:EE:05:02:0A:EE:61:7F:EC:CC:40:13:FD:6A:E4:E0:4E:F1:EC
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/B5zuBQIK7mF_7MxAE_1q5OBO8ew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.72.0/22
Signature Algorithm: sha256WithRSAEncryption
c1:4c:5c:6d:38:1c:39:11:48:a3:07:33:f7:89:f9:b9:76:2a:
cb:2d:32:60:12:a4:5d:9e:99:9a:b9:68:17:89:3e:b1:30:23:
d1:f1:f6:ec:f7:10:11:94:e2:fd:0c:33:de:7a:3c:5b:fc:11:
b0:aa:8a:66:32:26:e4:95:c7:e7:9b:f5:75:6e:90:ac:fe:40:
ba:83:a7:56:cf:9e:f3:ee:30:fd:b1:b8:2f:af:49:09:5c:a2:
d6:cc:0b:41:c0:4c:f6:5b:0f:21:e2:db:ca:26:58:6d:85:02:
46:87:b3:25:70:63:11:58:46:09:1a:4b:5e:40:42:d7:0c:52:
fc:3c:d8:d1:84:2d:db:44:82:6a:aa:c4:cb:17:c3:93:a3:46:
94:8a:98:a3:d1:fd:5c:b0:44:67:62:0a:ed:f0:9b:3f:26:0f:
df:6f:da:68:be:cf:65:49:db:d5:b2:de:fe:3e:cc:2e:ab:5c:
1e:df:d0:db:ab:16:13:2a:8c:71:91:ba:cf:64:ef:84:f8:b7:
21:7c:d9:e1:1e:3e:af:5c:31:8a:21:73:cf:83:ed:4d:6b:7b:
da:d2:79:15:e1:91:6c:37:3d:63:3e:0e:95:b4:ce:1b:84:a5:
11:59:64:0a:24:5c:d3:29:ce:52:9f:6a:a4:00:bf:35:bb:f4:
d0:13:be:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1NOQVFk8P5IBme9aqbdiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwMTAxMTkzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzljZWUwNTAyMGFlZTYxN2ZlY2NjNDAxM2ZkNmFlNGUwNGVmMWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+tRX2AY8DDtRX+lzxa1j/UHiFCff
zZlRyShi0gzcrhacS+xYKrBl3TcJlw4REY5JyriKIww1bFic+fiGCuRemv8coTVA
JqxqAjl/JcJ+rfOG2x97++l7IT024F/plKJMvp7AuvELllV0rXNXkqvCsJwNuDWx
A06uXuxHdziUE+LwLxargqLS1/JCLvCSXrH+NGJYE5VMauMSgWis3YybsmnwcGt3
gHy1VG1Tkp2H9olD0qijt0Ypq+Ihir3Vpzl/vk3eTvcfbwW8e8g8pk5XQIerKqbP
6SFCZ+KGmTcVptbTpQVwhd8r8Ll3ueqdUwAnR51J2DqHj8NadSQcKbNuswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAec7gUCCu5hf+zMQBP9auTgTvHsMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvQjV6dUJRSUs3bUZfN014QUVfMXE1T0JPOGV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVdFIMA0G
CSqGSIb3DQEBCwUAA4IBAQDBTFxtOBw5EUijBzP3ifm5dirLLTJgEqRdnpmauWgX
iT6xMCPR8fbs9xARlOL9DDPeejxb/BGwqopmMibklcfnm/V1bpCs/kC6g6dWz57z
7jD9sbgvr0kJXKLWzAtBwEz2Ww8h4tvKJlhthQJGh7MlcGMRWEYJGkteQELXDFL8
PNjRhC3bRIJqqsTLF8OTo0aUipij0f1csERnYgrt8Js/Jg/fb9povs9lSdvVst7+
Pswuq1we39DbqxYTKoxxkbrPZO+E+LchfNnhHj6vXDGKIXPPg+1Na3va0nkV4ZFs
Nz1jPg6VtM4bhKURWWQKJFzTKc5Sn2qkAL81u/TQE77q
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:47 2024 by rpki-client on console-fra.rpki-client.org