Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/lRtt_CyfzG3hb1VhpubN4_abLc8.roa
File: lRtt_CyfzG3hb1VhpubN4_abLc8.roa (raw, json)
Hash identifier: 5kRchQ5BMzWLPdezdYa7LnFlzeZa8KIxk2x77Ha3STM=
Subject key identifier: 95:1B:6D:FC:2C:9F:CC:6D:E1:6F:55:61:A6:E6:CD:E3:F6:9B:2D:CF
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018CC56E1710CDE35B46F228ADD5758EBA65
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/lRtt_CyfzG3hb1VhpubN4_abLc8.roa
Signing time: Mon 01 Jan 2024 14:29:35 +0000
ROA not before: Mon 01 Jan 2024 14:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204741
IP address blocks: 85.209.74.0/24 maxlen: 24
85.209.72.0/24 maxlen: 24
85.209.72.0/22 maxlen: 22
85.209.75.0/24 maxlen: 24
85.209.73.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jan 2024 12:40:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:17:10:cd:e3:5b:46:f2:28:ad:d5:75:8e:ba:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 14:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=951b6dfc2c9fcc6de16f5561a6e6cde3f69b2dcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1d:33:23:39:50:f9:41:53:86:f6:8b:e0:8c:
8f:79:f4:47:1c:4b:b6:3a:71:1c:68:b0:97:f3:cd:
e8:e6:f2:f1:1c:fc:51:b2:d4:a8:eb:69:1a:de:c8:
36:43:3b:94:b5:5e:c7:45:4e:ac:83:50:d2:f7:7d:
21:e0:36:6a:ab:0e:a3:b9:a8:93:72:7f:21:57:3d:
3b:a9:0d:78:c1:aa:87:f9:2c:76:be:94:83:77:05:
c0:21:ab:65:d8:17:51:24:de:63:10:93:d8:4f:e2:
e8:65:5c:11:28:da:89:48:15:b7:61:c0:74:23:89:
e6:96:a0:e9:49:05:93:95:8b:d5:ca:4f:f3:b2:46:
65:23:71:08:b3:2b:4c:56:00:ac:e8:8f:b1:9c:da:
e4:65:e7:bf:eb:53:24:fd:b4:04:a3:fa:08:7e:ee:
d5:b9:5b:6d:c9:fa:86:d1:9b:47:8c:8f:38:dc:73:
5d:61:ef:1f:47:ad:f1:5f:57:af:94:58:e2:2c:03:
85:2d:fd:db:e3:c8:f6:24:f5:81:40:3c:19:a0:60:
b4:10:d3:ca:c7:96:8c:24:6d:03:f8:bf:c0:f2:ec:
6b:5a:b5:ba:cc:0a:8d:3a:48:b6:32:f9:2d:b1:0b:
2c:ba:57:d1:10:d8:72:5c:f6:47:20:13:eb:cf:32:
e8:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:1B:6D:FC:2C:9F:CC:6D:E1:6F:55:61:A6:E6:CD:E3:F6:9B:2D:CF
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/lRtt_CyfzG3hb1VhpubN4_abLc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.72.0/22
Signature Algorithm: sha256WithRSAEncryption
94:a7:6e:c8:d9:94:d2:23:be:49:24:7c:4d:65:d1:f4:bc:0f:
1b:57:31:3b:ac:77:6a:07:2b:cd:91:0d:c3:4f:4c:a1:8b:6e:
ee:96:84:89:59:07:e8:c2:2a:e3:e6:6a:eb:15:35:e5:07:6f:
3c:09:3b:d7:b7:92:cc:23:10:0e:c9:40:6f:78:ba:63:af:14:
69:d4:6c:3c:fa:26:13:2b:cf:3e:3c:49:fd:56:c8:03:00:99:
63:87:60:ad:f8:04:16:8a:9f:30:b8:d9:a1:59:cf:09:57:55:
0a:dc:a5:a0:e3:ae:fb:08:c2:d6:6c:71:b3:dd:a4:fb:71:0c:
ee:39:17:e8:ac:7f:0a:55:ff:58:66:3d:cf:ff:91:0b:0e:70:
a4:6b:1c:72:80:2f:3b:4a:3d:28:9b:4d:5d:33:74:48:bf:e6:
3c:a3:21:68:08:ef:31:11:ea:17:cd:ed:bd:78:fa:29:0d:fd:
b5:43:81:00:a8:84:37:94:10:9a:01:a6:e0:b2:7d:bd:f2:46:
21:5c:45:7c:7b:91:02:26:27:0b:fb:c3:29:7a:c5:2a:26:60:
38:e9:e1:7e:76:fe:af:49:92:6a:24:63:8f:30:ba:20:d1:be:
e9:d4:b5:1a:5c:cf:5e:db:ee:b0:c7:41:08:13:85:5c:66:40:
a6:50:cc:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbhcQzeNbRvIordV1jrplMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMTAxMTQyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTFiNmRmYzJjOWZjYzZkZTE2ZjU1NjFhNmU2Y2RlM2Y2OWIyZGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkB0zIzlQ+UFThvaL4IyPefRHHEu2
OnEcaLCX883o5vLxHPxRstSo62ka3sg2QzuUtV7HRU6sg1DS930h4DZqqw6juaiT
cn8hVz07qQ14waqH+Sx2vpSDdwXAIatl2BdRJN5jEJPYT+LoZVwRKNqJSBW3YcB0
I4nmlqDpSQWTlYvVyk/zskZlI3EIsytMVgCs6I+xnNrkZee/61Mk/bQEo/oIfu7V
uVttyfqG0ZtHjI843HNdYe8fR63xX1evlFjiLAOFLf3b48j2JPWBQDwZoGC0ENPK
x5aMJG0D+L/A8uxrWrW6zAqNOki2MvktsQssulfRENhyXPZHIBPrzzLocQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJUbbfwsn8xt4W9VYabmzeP2my3PMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvbFJ0dF9DeWZ6RzNoYjFWaHB1Yk40X2FiTGM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVdFIMA0G
CSqGSIb3DQEBCwUAA4IBAQCUp27I2ZTSI75JJHxNZdH0vA8bVzE7rHdqByvNkQ3D
T0yhi27uloSJWQfowirj5mrrFTXlB288CTvXt5LMIxAOyUBveLpjrxRp1Gw8+iYT
K88+PEn9VsgDAJljh2Ct+AQWip8wuNmhWc8JV1UK3KWg4677CMLWbHGz3aT7cQzu
ORforH8KVf9YZj3P/5ELDnCkaxxygC87Sj0om01dM3RIv+Y8oyFoCO8xEeoXze29
ePopDf21Q4EAqIQ3lBCaAabgsn298kYhXEV8e5ECJicL+8MpesUqJmA46eF+dv6v
SZJqJGOPMLog0b7p1LUaXM9e2+6wx0EIE4VcZkCmUMwI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:35 2024 by rpki-client on console-ams.rpki-client.org