Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/7dHXDFH3sokE0kIfy4IItFys4tY.roa
File: 7dHXDFH3sokE0kIfy4IItFys4tY.roa (raw, json)
Hash identifier: fFQ2rAvi+fsjon4rwQouQzIruepRJwAwtw5AUQLgvGk=
Subject key identifier: ED:D1:D7:0C:51:F7:B2:89:04:D2:42:1F:CB:82:08:B4:5C:AC:E2:D6
Certificate issuer: /CN=757f9fdea350a766bb98c604d3b9c27916732209
Certificate serial: 0185718C11E19114A24EA942A33F2D9872D6
Authority key identifier: 75:7F:9F:DE:A3:50:A7:66:BB:98:C6:04:D3:B9:C2:79:16:73:22:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dX-f3qNQp2a7mMYE07nCeRZzIgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/7dHXDFH3sokE0kIfy4IItFys4tY.roa
Signing time: Mon 02 Jan 2023 08:14:43 +0000
ROA not before: Mon 02 Jan 2023 08:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34403
IP address blocks: 85.158.98.0/24 maxlen: 24
85.158.96.0/22 maxlen: 22
85.158.96.0/24 maxlen: 24
85.158.97.0/24 maxlen: 24
85.158.99.0/24 maxlen: 24
85.158.100.0/24 maxlen: 24
85.158.101.0/24 maxlen: 24
85.158.102.0/24 maxlen: 24
85.158.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:11:e1:91:14:a2:4e:a9:42:a3:3f:2d:98:72:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=757f9fdea350a766bb98c604d3b9c27916732209
Validity
Not Before: Jan 2 08:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=edd1d70c51f7b28904d2421fcb8208b45cace2d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f3:76:4d:0a:e4:9e:33:ac:47:37:5d:3f:c6:
e1:5e:23:59:4e:d6:f6:dd:56:79:51:ee:dd:ad:d3:
53:ce:aa:7b:48:94:e8:1d:4a:2d:98:83:d1:ea:b5:
42:67:96:52:1c:a4:fd:bc:40:d9:97:51:a9:07:c2:
a3:d5:54:99:97:6e:2e:d1:4f:73:a7:f5:0b:b6:11:
b8:71:2e:ea:40:dd:e5:de:07:4f:f0:d8:61:8e:0a:
42:cf:e0:dd:fe:9a:26:32:1f:65:dc:d5:e4:84:2d:
97:1e:ba:3f:58:03:13:8b:e1:c7:20:2e:73:6d:87:
9f:e4:32:d9:9c:04:4d:70:d3:bb:60:6d:c4:e6:3a:
18:83:32:19:fc:64:ba:e4:20:87:0d:28:de:f1:f3:
98:7f:6c:81:4c:7a:cd:cd:69:f3:7b:42:23:da:40:
e3:4e:36:9e:75:8f:2d:bd:00:e3:0c:30:3a:28:1f:
71:32:ea:d0:49:71:d6:57:f2:f4:82:6a:d7:e4:74:
bb:ce:22:eb:7d:08:7c:25:5c:a1:49:85:fc:3a:51:
73:1f:5c:66:ce:1b:c2:92:0e:8f:1c:af:d5:46:9c:
85:3d:a6:2c:3b:70:e1:1a:ff:33:cf:a1:60:88:18:
24:86:5f:38:1b:5b:89:dd:02:8d:79:73:b0:65:43:
5d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:D1:D7:0C:51:F7:B2:89:04:D2:42:1F:CB:82:08:B4:5C:AC:E2:D6
X509v3 Authority Key Identifier:
keyid:75:7F:9F:DE:A3:50:A7:66:BB:98:C6:04:D3:B9:C2:79:16:73:22:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dX-f3qNQp2a7mMYE07nCeRZzIgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/7dHXDFH3sokE0kIfy4IItFys4tY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/dX-f3qNQp2a7mMYE07nCeRZzIgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.96.0/21
Signature Algorithm: sha256WithRSAEncryption
4a:8f:6f:6b:f4:a4:ea:31:b4:a1:22:76:3b:c2:4d:ee:ad:9a:
54:a2:65:fe:6f:aa:41:84:25:d5:5f:6a:aa:47:9f:60:75:e1:
b9:04:3d:ab:d4:4b:9e:37:14:aa:89:68:84:3c:f5:11:3f:7b:
2c:26:18:50:f9:6d:c5:cd:56:91:24:a0:14:15:4a:48:07:12:
84:d3:0b:e9:2e:99:c0:17:44:a8:ff:4f:4d:fa:32:08:b3:ff:
55:96:dc:54:c1:5e:5b:89:89:5c:16:b8:77:25:d5:05:16:75:
1e:37:93:82:16:16:74:d4:ec:f0:80:3e:4a:ec:cd:f3:6f:72:
29:5f:d3:8c:35:70:eb:14:f5:cd:99:62:cf:fe:f1:73:d8:a6:
ff:4a:69:c6:df:c7:f7:b6:08:a8:6e:11:6d:26:60:28:6b:d5:
4e:a5:6a:87:a7:55:24:b3:1d:2b:bc:80:e1:73:4a:8c:79:a6:
57:ae:7b:b3:8f:5f:4c:11:12:08:d7:73:c9:67:28:8a:41:c0:
6d:d1:a6:18:61:14:b8:ed:22:36:ec:83:3e:6d:d3:46:23:d4:
b4:2f:32:fa:63:13:8b:bb:5d:5a:0a:05:e9:68:20:ea:9c:89:
70:4d:e8:34:96:56:da:e1:f9:2c:b0:7e:c3:71:a0:dc:ef:92:
f1:67:0c:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxjBHhkRSiTqlCoz8tmHLWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1N2Y5ZmRlYTM1MGE3NjZiYjk4YzYwNGQzYjljMjc5MTY3
MzIyMDkwHhcNMjMwMTAyMDgxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGQxZDcwYzUxZjdiMjg5MDRkMjQyMWZjYjgyMDhiNDVjYWNlMmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fN2TQrknjOsRzddP8bhXiNZTtb2
3VZ5Ue7drdNTzqp7SJToHUotmIPR6rVCZ5ZSHKT9vEDZl1GpB8Kj1VSZl24u0U9z
p/ULthG4cS7qQN3l3gdP8NhhjgpCz+Dd/pomMh9l3NXkhC2XHro/WAMTi+HHIC5z
bYef5DLZnARNcNO7YG3E5joYgzIZ/GS65CCHDSje8fOYf2yBTHrNzWnze0Ij2kDj
TjaedY8tvQDjDDA6KB9xMurQSXHWV/L0gmrX5HS7ziLrfQh8JVyhSYX8OlFzH1xm
zhvCkg6PHK/VRpyFPaYsO3DhGv8zz6FgiBgkhl84G1uJ3QKNeXOwZUNdSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO3R1wxR97KJBNJCH8uCCLRcrOLWMB8GA1UdIwQY
MBaAFHV/n96jUKdmu5jGBNO5wnkWcyIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFgtZjNxTlFwMmE3bU1ZRTA3bkNlUlp6SWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi81YTNiNmItOWE2MS00NTU3LWEzZDYt
YzI1YWJhNmI1NWFmLzEvN2RIWERGSDNzb2tFMGtJZnk0SUl0RnlzNHRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi81YTNiNmItOWE2MS00NTU3LWEzZDYtYzI1YWJhNmI1NWFm
LzEvZFgtZjNxTlFwMmE3bU1ZRTA3bkNlUlp6SWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVZ5gMA0G
CSqGSIb3DQEBCwUAA4IBAQBKj29r9KTqMbShInY7wk3urZpUomX+b6pBhCXVX2qq
R59gdeG5BD2r1EueNxSqiWiEPPURP3ssJhhQ+W3FzVaRJKAUFUpIBxKE0wvpLpnA
F0So/09N+jIIs/9VltxUwV5biYlcFrh3JdUFFnUeN5OCFhZ01OzwgD5K7M3zb3Ip
X9OMNXDrFPXNmWLP/vFz2Kb/SmnG38f3tgiobhFtJmAoa9VOpWqHp1Uksx0rvIDh
c0qMeaZXrnuzj19MERII13PJZyiKQcBt0aYYYRS47SI27IM+bdNGI9S0LzL6YxOL
u11aCgXpaCDqnIlwTeg0llba4fkssH7DcaDc75LxZwyx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:02 2024 by rpki-client on console-fra.rpki-client.org