Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/n4VtCQrSuiS5weBsFLLJchvsDIM.roa
File: n4VtCQrSuiS5weBsFLLJchvsDIM.roa (raw, json)
Hash identifier: QTGP/2qvUgKOg9UAStf8zSSafCALJJbnf0YWw1ZFZUQ=
Subject key identifier: 9F:85:6D:09:0A:D2:BA:24:B9:C1:E0:6C:14:B2:C9:72:1B:EC:0C:83
Certificate issuer: /CN=757f9fdea350a766bb98c604d3b9c27916732209
Certificate serial: 0185718C10F5C3E85682D2A2775163C3CA9E
Authority key identifier: 75:7F:9F:DE:A3:50:A7:66:BB:98:C6:04:D3:B9:C2:79:16:73:22:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dX-f3qNQp2a7mMYE07nCeRZzIgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/n4VtCQrSuiS5weBsFLLJchvsDIM.roa
Signing time: Mon 02 Jan 2023 08:14:42 +0000
ROA not before: Mon 02 Jan 2023 08:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9121
IP address blocks: 85.158.96.0/24 maxlen: 24
85.158.97.0/24 maxlen: 24
85.158.98.0/24 maxlen: 24
85.158.102.0/24 maxlen: 24
85.158.103.0/24 maxlen: 24
85.158.99.0/24 maxlen: 24
85.158.100.0/24 maxlen: 24
85.158.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:10:f5:c3:e8:56:82:d2:a2:77:51:63:c3:ca:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=757f9fdea350a766bb98c604d3b9c27916732209
Validity
Not Before: Jan 2 08:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f856d090ad2ba24b9c1e06c14b2c9721bec0c83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:2d:99:14:a3:38:1b:62:90:00:f3:51:50:08:
3d:ec:8b:50:c5:65:10:21:74:04:f3:87:12:e9:86:
7e:77:80:8f:40:39:91:01:58:a8:3d:69:2d:33:d0:
f1:0b:4b:e4:bf:fe:d7:ff:b1:52:71:73:aa:83:e3:
e2:34:24:8a:75:a2:1d:68:46:c1:47:5f:21:48:18:
f6:40:3c:f1:d4:84:82:49:03:b8:60:3c:35:8e:11:
26:d7:ba:e8:ba:71:46:9e:00:9e:4a:c3:cd:2b:e7:
76:aa:93:77:53:be:54:73:e4:27:fc:7e:f5:4b:40:
2f:97:fd:44:9d:2a:18:27:2e:df:3e:c9:a6:86:40:
aa:ba:74:5e:07:29:d3:c1:5b:aa:72:45:bc:5e:ee:
17:98:c9:bb:44:d3:ec:da:99:c6:1f:f0:e3:0b:8a:
22:e8:51:ec:80:18:97:84:eb:29:73:97:fe:6f:d6:
3a:48:a3:27:d4:cc:66:77:fc:be:9e:ef:f8:84:b9:
18:c2:65:85:cd:e8:76:26:73:30:7f:8e:2f:16:19:
d6:8e:3d:6b:32:ba:58:bf:63:c6:93:fa:44:97:ef:
db:85:64:29:e7:8d:35:91:a9:86:5d:a3:7d:51:76:
9f:21:d2:e1:3d:7d:c1:d5:f0:dc:49:3b:c5:b8:02:
f5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:85:6D:09:0A:D2:BA:24:B9:C1:E0:6C:14:B2:C9:72:1B:EC:0C:83
X509v3 Authority Key Identifier:
keyid:75:7F:9F:DE:A3:50:A7:66:BB:98:C6:04:D3:B9:C2:79:16:73:22:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dX-f3qNQp2a7mMYE07nCeRZzIgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/n4VtCQrSuiS5weBsFLLJchvsDIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/dX-f3qNQp2a7mMYE07nCeRZzIgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.96.0/21
Signature Algorithm: sha256WithRSAEncryption
0f:bb:d2:bb:54:29:bc:ae:c7:34:f8:3f:d8:15:54:ce:0d:14:
60:54:05:12:d0:a1:be:c8:0b:16:ac:e9:18:9b:5f:e9:cf:14:
6b:11:98:c7:2b:d1:f6:08:f8:37:be:0a:a4:2b:df:38:1d:87:
4c:b7:bf:00:df:e3:4f:4b:85:a5:88:d4:4c:51:0e:76:23:70:
6b:c3:86:13:fa:0f:e9:b0:eb:51:8b:f0:39:69:96:21:7e:de:
87:18:41:b5:0f:d4:36:98:2e:81:28:43:50:0d:ae:12:b6:8a:
d2:60:cc:11:fd:b0:69:22:ee:20:ae:86:26:13:48:19:18:73:
73:02:df:48:6a:54:37:59:d4:81:a6:a7:95:75:a1:0a:d8:ac:
fa:56:f5:bd:76:e2:eb:79:11:5c:87:06:0f:cd:11:74:c3:e7:
44:79:42:b7:b8:00:99:50:ad:a9:36:ac:e2:cc:da:ad:e4:1d:
2a:9c:2f:62:7b:c6:f8:1a:ca:f8:10:4a:33:c1:aa:d7:13:eb:
9d:02:95:9c:1d:ec:b3:cc:b6:5b:ab:3b:12:fb:fa:b4:b5:5c:
23:20:f0:ee:a4:e5:31:4b:23:2e:ba:7f:f1:37:fd:7f:4d:de:
d7:ed:40:6e:fa:58:2d:8c:3c:05:b9:c3:21:3a:2a:c8:00:b8:
35:aa:b1:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxjBD1w+hWgtKid1Fjw8qeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1N2Y5ZmRlYTM1MGE3NjZiYjk4YzYwNGQzYjljMjc5MTY3
MzIyMDkwHhcNMjMwMTAyMDgxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Zjg1NmQwOTBhZDJiYTI0YjljMWUwNmMxNGIyYzk3MjFiZWMwYzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAii2ZFKM4G2KQAPNRUAg97ItQxWUQ
IXQE84cS6YZ+d4CPQDmRAVioPWktM9DxC0vkv/7X/7FScXOqg+PiNCSKdaIdaEbB
R18hSBj2QDzx1ISCSQO4YDw1jhEm17rounFGngCeSsPNK+d2qpN3U75Uc+Qn/H71
S0Avl/1EnSoYJy7fPsmmhkCqunReBynTwVuqckW8Xu4XmMm7RNPs2pnGH/DjC4oi
6FHsgBiXhOspc5f+b9Y6SKMn1Mxmd/y+nu/4hLkYwmWFzeh2JnMwf44vFhnWjj1r
MrpYv2PGk/pEl+/bhWQp5401kamGXaN9UXafIdLhPX3B1fDcSTvFuAL1/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ+FbQkK0rokucHgbBSyyXIb7AyDMB8GA1UdIwQY
MBaAFHV/n96jUKdmu5jGBNO5wnkWcyIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFgtZjNxTlFwMmE3bU1ZRTA3bkNlUlp6SWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi81YTNiNmItOWE2MS00NTU3LWEzZDYt
YzI1YWJhNmI1NWFmLzEvbjRWdENRclN1aVM1d2VCc0ZMTEpjaHZzRElNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi81YTNiNmItOWE2MS00NTU3LWEzZDYtYzI1YWJhNmI1NWFm
LzEvZFgtZjNxTlFwMmE3bU1ZRTA3bkNlUlp6SWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVZ5gMA0G
CSqGSIb3DQEBCwUAA4IBAQAPu9K7VCm8rsc0+D/YFVTODRRgVAUS0KG+yAsWrOkY
m1/pzxRrEZjHK9H2CPg3vgqkK984HYdMt78A3+NPS4WliNRMUQ52I3Brw4YT+g/p
sOtRi/A5aZYhft6HGEG1D9Q2mC6BKENQDa4StorSYMwR/bBpIu4groYmE0gZGHNz
At9IalQ3WdSBpqeVdaEK2Kz6VvW9duLreRFchwYPzRF0w+dEeUK3uACZUK2pNqzi
zNqt5B0qnC9ie8b4Gsr4EEozwarXE+udApWcHeyzzLZbqzsS+/q0tVwjIPDupOUx
SyMuun/xN/1/Td7X7UBu+lgtjDwFucMhOirIALg1qrGi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:35 2024 by rpki-client on console-ams.rpki-client.org