Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/a5e94c-08be-4fce-8ec9-18ece368266f/1/5He1XUPm8vWz8DVYss_4Xry9968.roa
File: 5He1XUPm8vWz8DVYss_4Xry9968.roa (raw, json)
Hash identifier: UDk3SIznWb6fdwNItk38DSk+07maRSqYMTxt6nTzjcw=
Subject key identifier: E4:77:B5:5D:43:E6:F2:F5:B3:F0:35:58:B2:CF:F8:5E:BC:BD:F7:AF
Certificate issuer: /CN=52c48e1bb672cda6846400e8bf8d6d696835d7bf
Certificate serial: 01889BE31A6EED580D96435C3A9370A716C0
Authority key identifier: 52:C4:8E:1B:B6:72:CD:A6:84:64:00:E8:BF:8D:6D:69:68:35:D7:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UsSOG7ZyzaaEZADov41taWg1178.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/a5e94c-08be-4fce-8ec9-18ece368266f/1/5He1XUPm8vWz8DVYss_4Xry9968.roa
Signing time: Thu 08 Jun 2023 16:42:11 +0000
ROA not before: Thu 08 Jun 2023 16:42:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209378
IP address blocks: 85.208.0.0/22 maxlen: 22
2a09:7f40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9b:e3:1a:6e:ed:58:0d:96:43:5c:3a:93:70:a7:16:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52c48e1bb672cda6846400e8bf8d6d696835d7bf
Validity
Not Before: Jun 8 16:42:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e477b55d43e6f2f5b3f03558b2cff85ebcbdf7af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:34:85:c4:14:3b:eb:ae:6a:71:cb:82:22:14:
79:e6:9d:f1:f8:24:7c:26:f2:a4:fb:11:cb:e1:bb:
83:a9:04:3d:d7:18:7e:b5:f8:8d:96:eb:98:e2:36:
1a:31:28:98:0a:cd:30:f7:b8:4a:03:2b:a9:f9:e3:
9b:a7:d9:2f:ce:a0:3c:ee:06:f6:91:6b:9e:49:bb:
1c:d0:ce:82:6b:e6:8a:b1:1a:d3:ad:23:dd:78:98:
f7:85:36:13:40:8a:19:be:bb:1e:6c:9a:68:9b:26:
08:9b:87:a2:cb:3d:a4:98:0f:e2:e8:59:a0:22:d8:
76:22:01:ed:a0:65:52:6f:8e:95:32:ed:f3:92:4a:
73:f1:16:56:2c:13:28:51:1f:e3:95:65:94:1a:7d:
11:11:d7:75:1c:ba:a0:95:fd:3c:56:a7:a4:e6:92:
d4:4b:b7:b0:ce:f1:89:ad:d3:60:97:a7:6f:d1:16:
44:19:d6:da:0c:b2:19:41:79:1b:4b:9a:85:69:b1:
67:49:52:1f:e0:dc:d6:01:d7:36:ed:78:47:2e:14:
3d:d2:e2:1d:df:05:80:9b:23:ba:e7:dd:f7:b0:67:
03:01:8d:b5:a0:a3:b3:4c:fb:4b:50:20:ab:ad:93:
f5:91:3a:e4:88:20:b9:27:20:75:a2:74:02:33:60:
2c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:77:B5:5D:43:E6:F2:F5:B3:F0:35:58:B2:CF:F8:5E:BC:BD:F7:AF
X509v3 Authority Key Identifier:
keyid:52:C4:8E:1B:B6:72:CD:A6:84:64:00:E8:BF:8D:6D:69:68:35:D7:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UsSOG7ZyzaaEZADov41taWg1178.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a5e94c-08be-4fce-8ec9-18ece368266f/1/5He1XUPm8vWz8DVYss_4Xry9968.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a5e94c-08be-4fce-8ec9-18ece368266f/1/UsSOG7ZyzaaEZADov41taWg1178.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.0.0/22
IPv6:
2a09:7f40::/29
Signature Algorithm: sha256WithRSAEncryption
12:93:22:fc:67:37:98:d2:c4:4b:fc:d2:6e:dd:78:2e:3d:6e:
04:96:a8:95:d9:7b:b3:cc:02:96:cd:7f:cf:98:34:7a:30:1d:
8a:9d:38:07:3a:06:48:7b:0b:26:f2:f0:ad:4d:59:4c:eb:8f:
3e:10:8c:89:a0:88:6d:9e:9a:6b:03:9e:53:a4:a1:42:9f:85:
83:a1:10:98:b1:c3:8c:32:b2:fc:4a:4a:aa:33:d1:27:2b:89:
65:4c:c5:42:29:98:9a:e2:c7:78:3e:8a:34:b5:be:3e:a7:0e:
8b:49:f7:20:b7:20:d6:ea:d6:e5:23:17:e2:3a:9e:90:b4:a1:
14:58:11:79:dd:54:be:68:22:45:e4:dd:83:71:79:ad:a8:76:
fa:f2:e0:18:a7:94:1e:d0:b6:39:80:a3:96:b9:e3:ef:2f:a4:
0b:d0:d5:22:b9:55:ba:d4:9e:25:57:0e:57:c3:02:3f:3b:86:
da:c4:27:36:96:08:53:73:10:85:a4:57:d9:60:ae:20:3e:f3:
9e:f0:56:ae:6a:9c:39:e7:52:fd:dd:60:d2:4d:d0:35:3e:77:
7a:aa:e6:1c:1f:d5:b6:18:83:c5:41:f2:ac:16:2d:91:20:5d:
b9:9c:27:9e:5e:dc:58:e8:3e:d3:25:b3:d6:38:cd:75:c9:c5:
20:8a:1b:2a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYib4xpu7VgNlkNcOpNwpxbAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYzQ4ZTFiYjY3MmNkYTY4NDY0MDBlOGJmOGQ2ZDY5Njgz
NWQ3YmYwHhcNMjMwNjA4MTY0MjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDc3YjU1ZDQzZTZmMmY1YjNmMDM1NThiMmNmZjg1ZWJjYmRmN2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDSFxBQ7665qccuCIhR55p3x+CR8
JvKk+xHL4buDqQQ91xh+tfiNluuY4jYaMSiYCs0w97hKAyup+eObp9kvzqA87gb2
kWueSbsc0M6Ca+aKsRrTrSPdeJj3hTYTQIoZvrsebJpomyYIm4eiyz2kmA/i6Fmg
Ith2IgHtoGVSb46VMu3zkkpz8RZWLBMoUR/jlWWUGn0REdd1HLqglf08Vqek5pLU
S7ewzvGJrdNgl6dv0RZEGdbaDLIZQXkbS5qFabFnSVIf4NzWAdc27XhHLhQ90uId
3wWAmyO65933sGcDAY21oKOzTPtLUCCrrZP1kTrkiCC5JyB1onQCM2AsJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOR3tV1D5vL1s/A1WLLP+F68vfevMB8GA1UdIwQY
MBaAFFLEjhu2cs2mhGQA6L+NbWloNde/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXNTT0c3Wnl6YWFFWkFEb3Y0MXRhV2cxMTc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hNWU5NGMtMDhiZS00ZmNlLThlYzkt
MThlY2UzNjgyNjZmLzEvNUhlMVhVUG04dld6OERWWXNzXzRYcnk5OTY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hNWU5NGMtMDhiZS00ZmNlLThlYzktMThlY2UzNjgyNjZm
LzEvVXNTT0c3Wnl6YWFFWkFEb3Y0MXRhV2cxMTc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdAAMA0E
AgACMAcDBQMqCX9AMA0GCSqGSIb3DQEBCwUAA4IBAQASkyL8ZzeY0sRL/NJu3Xgu
PW4ElqiV2XuzzAKWzX/PmDR6MB2KnTgHOgZIewsm8vCtTVlM648+EIyJoIhtnppr
A55TpKFCn4WDoRCYscOMMrL8SkqqM9EnK4llTMVCKZia4sd4Poo0tb4+pw6LSfcg
tyDW6tblIxfiOp6QtKEUWBF53VS+aCJF5N2DcXmtqHb68uAYp5Qe0LY5gKOWuePv
L6QL0NUiuVW61J4lVw5XwwI/O4baxCc2lghTcxCFpFfZYK4gPvOe8Fauapw551L9
3WDSTdA1Pnd6quYcH9W2GIPFQfKsFi2RIF25nCeeXtxY6D7TJbPWOM11ycUgihsq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:00 2024 by rpki-client on console-fra.rpki-client.org