Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/sBAltYgYL5perueWr5c3m3kC5Q8.roa
File: sBAltYgYL5perueWr5c3m3kC5Q8.roa (raw, json)
Hash identifier: 4iQerIKoxZrn5sinDqOT/gYRv9frGP+iq+vh9rriMPQ=
Subject key identifier: B0:10:25:B5:88:18:2F:9A:5E:AE:E7:96:AF:97:37:9B:79:02:E5:0F
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 01856F5DD5CF63D70300B0672C8F36B72371
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/sBAltYgYL5perueWr5c3m3kC5Q8.roa
Signing time: Sun 01 Jan 2023 22:04:58 +0000
ROA not before: Sun 01 Jan 2023 22:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6855
IP address blocks: 85.248.74.0/24 maxlen: 24
85.248.31.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:d5:cf:63:d7:03:00:b0:67:2c:8f:36:b7:23:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Jan 1 22:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b01025b588182f9a5eaee796af97379b7902e50f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a0:47:e6:c5:b1:9b:ca:4d:03:cf:02:af:e2:
1a:9e:a3:14:07:58:65:63:fb:66:0f:e7:81:42:50:
ed:f5:de:27:70:e9:a3:a0:83:2e:9a:a0:8f:fc:3b:
37:68:3d:e6:5a:97:b3:e0:27:6e:d3:f8:82:0d:de:
ce:51:e4:d3:6c:07:61:d0:40:18:45:ea:61:9d:2a:
4f:fc:62:4d:be:0d:78:50:fa:d6:a6:5d:b2:f3:3a:
21:cd:54:4a:32:2c:08:8d:c6:55:25:34:0e:cc:3e:
61:01:1b:15:6f:4c:46:46:5e:50:c9:f6:81:06:12:
08:dd:99:4e:c1:5e:ce:3b:6b:af:35:bc:81:dd:64:
ea:3f:2e:d1:56:d6:40:f4:cf:ca:42:a9:72:4e:04:
69:c8:23:3b:3d:fa:72:76:24:2e:a7:07:0a:a4:73:
61:6f:65:72:07:7c:69:d0:11:c8:52:38:d6:c5:06:
df:1a:94:22:68:cb:a8:ca:44:e9:06:cf:aa:d4:66:
2b:5f:93:3c:ae:57:da:67:82:9a:f1:b0:69:cd:2c:
17:ee:a8:19:05:ef:f2:52:dd:6f:a8:42:1a:85:8a:
91:04:3f:b2:08:12:22:7f:88:49:e2:2f:5e:d7:2d:
fa:32:f7:d2:ca:06:82:31:5a:1c:a7:5a:df:e8:67:
dc:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:10:25:B5:88:18:2F:9A:5E:AE:E7:96:AF:97:37:9B:79:02:E5:0F
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/sBAltYgYL5perueWr5c3m3kC5Q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.248.31.0/24
85.248.74.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:b8:1e:2e:de:f8:aa:49:f2:0b:48:1f:6c:ee:44:d6:c7:cb:
5f:1b:6f:ef:46:9d:25:02:fa:0f:2f:b8:27:41:3d:82:05:38:
a7:eb:ce:e9:15:94:b0:4e:cb:66:b4:7a:ed:ed:9e:fe:c6:75:
c1:8c:7a:e5:7d:80:28:2e:a8:15:1e:4b:ce:c3:47:40:e9:0b:
3a:5a:bf:5a:ad:d8:d4:02:d3:e5:8f:92:84:9e:16:e8:2c:90:
12:b1:34:38:ef:99:5f:fe:ae:08:ea:d8:bd:98:9c:4c:33:f8:
59:b2:01:bc:7d:43:01:dc:7b:13:46:5d:92:ee:4b:ce:1b:8a:
96:8a:b9:b7:99:44:37:98:bd:51:e0:51:f3:eb:1f:9d:29:dc:
4a:d8:cb:13:07:86:0b:d2:0d:d8:2e:22:17:e0:f9:47:6a:72:
f2:02:53:85:34:79:cb:d4:1f:64:9b:87:c1:99:ad:17:d1:a6:
ba:7a:e4:4a:eb:38:77:cd:ed:d3:bc:ca:ff:b7:92:45:a0:07:
f9:d6:e4:6e:46:83:7f:e3:8e:ff:89:86:45:ba:c5:f5:db:09:
ff:fb:7e:9c:de:47:0a:c3:10:52:4b:e2:d7:9b:d0:7c:5c:46:
11:74:24:ce:15:7a:ea:4c:9f:f8:ce:0d:56:27:7a:47:33:c1:
5a:64:3a:1c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvXdXPY9cDALBnLI82tyNxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Zjg4MTQwMWFiYWNjODhjOTQxZmRmNzQwZjFhYjE1MzZm
MDVkYmEwHhcNMjMwMTAxMjIwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDEwMjViNTg4MTgyZjlhNWVhZWU3OTZhZjk3Mzc5Yjc5MDJlNTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKBH5sWxm8pNA88Cr+IanqMUB1hl
Y/tmD+eBQlDt9d4ncOmjoIMumqCP/Ds3aD3mWpez4Cdu0/iCDd7OUeTTbAdh0EAY
RephnSpP/GJNvg14UPrWpl2y8zohzVRKMiwIjcZVJTQOzD5hARsVb0xGRl5QyfaB
BhII3ZlOwV7OO2uvNbyB3WTqPy7RVtZA9M/KQqlyTgRpyCM7PfpydiQupwcKpHNh
b2VyB3xp0BHIUjjWxQbfGpQiaMuoykTpBs+q1GYrX5M8rlfaZ4Ka8bBpzSwX7qgZ
Be/yUt1vqEIahYqRBD+yCBIif4hJ4i9e1y36MvfSygaCMVocp1rf6Gfc/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLAQJbWIGC+aXq7nlq+XN5t5AuUPMB8GA1UdIwQY
MBaAFOf4gUAausyIyUH990DxqxU28F26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmIt
ZTJmYmMzYTY4ODAwLzEvc0JBbHRZZ1lMNXBlcnVlV3I1YzNtM2tDNVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmItZTJmYmMzYTY4ODAw
LzEvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVfgfAwQA
VfhKMA0GCSqGSIb3DQEBCwUAA4IBAQC9uB4u3viqSfILSB9s7kTWx8tfG2/vRp0l
AvoPL7gnQT2CBTin687pFZSwTstmtHrt7Z7+xnXBjHrlfYAoLqgVHkvOw0dA6Qs6
Wr9ardjUAtPlj5KEnhboLJASsTQ475lf/q4I6ti9mJxMM/hZsgG8fUMB3HsTRl2S
7kvOG4qWirm3mUQ3mL1R4FHz6x+dKdxK2MsTB4YL0g3YLiIX4PlHanLyAlOFNHnL
1B9km4fBma0X0aa6euRK6zh3ze3TvMr/t5JFoAf51uRuRoN/447/iYZFusX12wn/
+36c3kcKwxBSS+LXm9B8XEYRdCTOFXrqTJ/4zg1WJ3pHM8FaZDoc
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:18 2024 by rpki-client on console-ams.rpki-client.org