Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/O6OOQi6LM-OcGMZMFsXxNuz3bZ8.roa
File: O6OOQi6LM-OcGMZMFsXxNuz3bZ8.roa (raw, json)
Hash identifier: Ep0Mn8YMLD/eyg8n5W/Rt24eOZ7B1lXYQPV/C+3x554=
Subject key identifier: 3B:A3:8E:42:2E:8B:33:E3:9C:18:C6:4C:16:C5:F1:36:EC:F7:6D:9F
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 01856F9DD6280A39466493275FC45DA214D1
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/O6OOQi6LM-OcGMZMFsXxNuz3bZ8.roa
Signing time: Sun 01 Jan 2023 23:14:53 +0000
ROA not before: Sun 01 Jan 2023 23:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211996
IP address blocks: 85.153.135.0/24 maxlen: 24
85.153.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:d6:28:0a:39:46:64:93:27:5f:c4:5d:a2:14:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 23:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ba38e422e8b33e39c18c64c16c5f136ecf76d9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:da:d4:34:c5:a5:b9:f1:af:72:05:05:1c:0f:
1d:a4:59:ad:bd:f5:41:da:04:2e:7d:25:71:99:3b:
43:de:59:2d:4c:5b:4c:0f:95:5d:08:b2:5f:ff:2c:
82:28:1d:d8:fc:83:ec:39:4e:71:c5:4c:10:c0:55:
b5:1e:13:91:05:0f:06:2a:2a:c8:9e:fa:2c:cf:83:
7a:7c:9a:95:35:3f:e3:c9:ae:17:10:b3:60:72:9f:
58:0b:f4:c9:51:fb:1e:c4:51:22:38:b4:be:4f:cc:
fc:11:e7:66:aa:7e:0c:6e:89:9d:2b:87:9a:21:e6:
41:55:43:7c:aa:61:25:7b:db:65:96:26:92:7a:df:
b6:81:98:9c:0d:86:8b:3b:ed:fe:27:d2:4a:d2:89:
78:85:3c:36:76:45:03:46:88:e6:bf:2a:aa:68:ac:
8e:c0:4c:74:cb:73:13:86:40:b0:15:dc:98:de:46:
e6:ab:12:4d:f5:30:12:61:2f:6d:4b:d4:78:f6:94:
b7:dd:68:0a:5f:18:16:59:0d:c4:71:d2:36:ce:72:
09:ec:74:14:58:60:4d:ef:65:46:da:bb:48:a7:d3:
9c:66:c8:6b:6e:72:b3:d2:9b:dc:a9:89:9c:a3:38:
b8:35:20:1b:56:00:3f:b7:03:3c:83:e6:3b:c8:aa:
90:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:A3:8E:42:2E:8B:33:E3:9C:18:C6:4C:16:C5:F1:36:EC:F7:6D:9F
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/O6OOQi6LM-OcGMZMFsXxNuz3bZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.135.0/24
85.153.140.0/24
Signature Algorithm: sha256WithRSAEncryption
47:9e:54:ad:31:78:2a:c8:7e:39:c9:54:6b:5a:13:e0:0a:83:
ef:e1:5d:ca:a6:fe:0e:1f:76:a3:16:cb:01:35:c7:f4:5f:e0:
7f:e4:cd:57:9f:93:3d:51:1d:f2:7f:04:64:a0:55:1c:0d:64:
d7:a6:4c:bf:b8:de:f9:cf:ce:ba:a3:82:f5:bf:ec:81:ac:d6:
e0:6f:c3:86:32:3e:27:47:c8:5c:31:ee:2d:4e:b3:d7:79:ed:
6b:74:78:34:b3:0f:68:73:6a:fc:4f:f3:f0:51:db:5f:99:25:
3b:26:34:ca:ed:cd:8c:86:91:da:5e:26:63:f1:7e:78:34:27:
f4:20:b4:0d:d0:81:45:11:57:ea:7a:98:8a:e1:32:8e:f8:b3:
00:12:11:b0:bb:18:4e:10:8c:9d:48:7c:53:01:c3:25:f8:62:
91:1f:c3:fb:22:f2:2d:a9:fe:89:5b:2f:0e:77:a8:be:53:20:
01:85:30:c6:8f:46:30:52:9e:71:44:93:bc:0c:1b:38:a5:f0:
4a:4e:27:bc:44:55:40:43:ae:8a:a9:82:9a:40:fd:ec:9f:96:
6c:ab:cd:ec:c9:b4:eb:44:73:8a:09:7b:8a:6a:f9:15:99:c2:
03:7d:aa:08:b3:d8:d7:28:a5:49:26:7e:25:3d:fa:1c:1c:73:
c2:da:d6:62
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvndYoCjlGZJMnX8RdohTRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjMwMTAxMjMxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmEzOGU0MjJlOGIzM2UzOWMxOGM2NGMxNmM1ZjEzNmVjZjc2ZDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29rUNMWlufGvcgUFHA8dpFmtvfVB
2gQufSVxmTtD3lktTFtMD5VdCLJf/yyCKB3Y/IPsOU5xxUwQwFW1HhORBQ8GKirI
nvosz4N6fJqVNT/jya4XELNgcp9YC/TJUfsexFEiOLS+T8z8Eedmqn4MbomdK4ea
IeZBVUN8qmEle9tlliaSet+2gZicDYaLO+3+J9JK0ol4hTw2dkUDRojmvyqqaKyO
wEx0y3MThkCwFdyY3kbmqxJN9TASYS9tS9R49pS33WgKXxgWWQ3EcdI2znIJ7HQU
WGBN72VG2rtIp9OcZshrbnKz0pvcqYmcozi4NSAbVgA/twM8g+Y7yKqQNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDujjkIuizPjnBjGTBbF8Tbs922fMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvTzZPT1FpNkxNLU9jR01aTUZzWHhOdXozYlo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVZmHAwQA
VZmMMA0GCSqGSIb3DQEBCwUAA4IBAQBHnlStMXgqyH45yVRrWhPgCoPv4V3Kpv4O
H3ajFssBNcf0X+B/5M1Xn5M9UR3yfwRkoFUcDWTXpky/uN75z866o4L1v+yBrNbg
b8OGMj4nR8hcMe4tTrPXee1rdHg0sw9oc2r8T/PwUdtfmSU7JjTK7c2MhpHaXiZj
8X54NCf0ILQN0IFFEVfqepiK4TKO+LMAEhGwuxhOEIydSHxTAcMl+GKRH8P7IvIt
qf6JWy8Od6i+UyABhTDGj0YwUp5xRJO8DBs4pfBKTie8RFVAQ66KqYKaQP3sn5Zs
q83sybTrRHOKCXuKavkVmcIDfaoIs9jXKKVJJn4lPfocHHPC2tZi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:16 2024 by rpki-client on console-fra.rpki-client.org