Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/hwXOjNQoJ4vbeo7MJvPoalRf7T8.roa
File: hwXOjNQoJ4vbeo7MJvPoalRf7T8.roa (raw, json)
Hash identifier: ybix0pZRVQZBNh92mmHJ2UKIORSlpShjhEWpC0Rd7uU=
Subject key identifier: 87:05:CE:8C:D4:28:27:8B:DB:7A:8E:CC:26:F3:E8:6A:54:5F:ED:3F
Certificate issuer: /CN=64347465bc925c8e756ddfaa609eda02cc52d031
Certificate serial: 018C560693764BB545BD7DC18CF8678DF51B
Authority key identifier: 64:34:74:65:BC:92:5C:8E:75:6D:DF:AA:60:9E:DA:02:CC:52:D0:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/hwXOjNQoJ4vbeo7MJvPoalRf7T8.roa
Signing time: Sun 10 Dec 2023 23:18:40 +0000
ROA not before: Sun 10 Dec 2023 23:18:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216398
IP address blocks: 85.114.96.0/24 maxlen: 24
85.114.105.0/24 maxlen: 24
85.114.106.0/24 maxlen: 24
185.97.66.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:56:06:93:76:4b:b5:45:bd:7d:c1:8c:f8:67:8d:f5:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64347465bc925c8e756ddfaa609eda02cc52d031
Validity
Not Before: Dec 10 23:18:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8705ce8cd428278bdb7a8ecc26f3e86a545fed3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:1b:ca:d3:a4:f2:be:4c:c1:58:f8:22:0d:b6:
bd:6a:c8:91:46:f5:c9:4a:4f:f8:34:5b:e7:7e:17:
ad:31:1c:42:07:38:6b:c6:7a:01:d2:e1:24:ec:ef:
d6:25:2e:ef:16:9e:6a:25:29:dc:a2:e2:2a:52:f4:
47:24:2b:05:53:f3:72:df:c4:8e:f5:bb:95:96:c0:
44:75:8f:80:15:c0:8f:5f:bd:57:57:cc:4e:08:42:
ca:6f:be:76:0c:ec:ca:6d:d6:99:78:cd:5c:62:68:
39:96:68:04:3c:a2:8a:27:00:61:5b:de:3d:33:0c:
f3:ed:5e:af:06:73:3d:86:07:4e:a9:51:cf:9e:73:
45:6a:62:77:5f:61:53:74:74:9b:f5:2a:32:f6:24:
d4:9e:08:f3:83:77:64:97:67:5d:ff:8d:cc:38:36:
7e:00:81:2e:fa:22:4b:f8:3f:8b:4f:f4:84:77:5a:
45:e8:3e:8f:2a:2c:88:20:98:01:81:6f:02:f4:f1:
c9:48:2c:85:4a:57:14:6f:66:e2:88:38:37:12:6f:
3b:bd:35:85:b1:e3:4b:e3:4a:79:f3:19:c1:22:56:
bc:05:6d:e2:62:98:9c:92:82:03:f8:aa:01:ae:d8:
35:98:40:2f:2a:00:b6:b6:e0:34:10:f3:83:0c:b1:
95:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:05:CE:8C:D4:28:27:8B:DB:7A:8E:CC:26:F3:E8:6A:54:5F:ED:3F
X509v3 Authority Key Identifier:
keyid:64:34:74:65:BC:92:5C:8E:75:6D:DF:AA:60:9E:DA:02:CC:52:D0:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/hwXOjNQoJ4vbeo7MJvPoalRf7T8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.114.96.0/24
85.114.105.0-85.114.106.255
185.97.66.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:c4:96:6c:d4:b5:df:c0:65:48:93:15:ff:f0:68:70:b9:43:
c1:84:9c:05:73:01:31:c5:b5:7a:77:ef:2b:4f:8b:31:54:73:
e7:ea:08:3b:71:e3:aa:47:60:cc:ac:69:e1:f3:3c:8e:fe:44:
da:83:b5:c1:f5:7e:d9:c2:73:b6:11:24:86:14:2f:8c:a9:49:
26:88:57:e3:73:f3:3f:f2:5e:c2:19:be:24:43:3c:cb:50:ea:
d9:56:bc:ea:9a:4f:1e:10:bf:47:1b:4c:79:31:66:e3:20:39:
97:93:e7:ca:e1:b7:b1:89:28:98:98:79:d8:93:f4:15:01:03:
6d:83:6f:7e:c1:52:30:16:93:c2:2b:82:10:64:63:ab:35:ff:
bb:94:a5:30:b4:e9:bf:d8:cf:60:24:85:fb:26:28:30:56:f3:
08:e2:09:39:b7:44:1e:9b:f8:66:a0:3d:bb:96:8a:8f:68:db:
a4:d4:e2:1b:b1:9c:e8:73:34:4a:2f:d7:ea:89:56:48:97:bc:
e3:8e:e0:f6:03:69:a6:4f:d0:75:bb:b9:5d:13:b0:99:6e:b9:
a3:73:6d:3e:98:f6:fe:e2:6c:7d:a8:8b:99:db:01:d3:ee:9b:
e3:ba:e5:b2:32:96:7f:e4:7f:93:10:5e:fd:a2:9b:45:5e:6e:
1b:80:9f:7d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYxWBpN2S7VFvX3BjPhnjfUbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MzQ3NDY1YmM5MjVjOGU3NTZkZGZhYTYwOWVkYTAyY2M1
MmQwMzEwHhcNMjMxMjEwMjMxODQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzA1Y2U4Y2Q0MjgyNzhiZGI3YThlY2MyNmYzZTg2YTU0NWZlZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxvK06TyvkzBWPgiDba9asiRRvXJ
Sk/4NFvnfhetMRxCBzhrxnoB0uEk7O/WJS7vFp5qJSncouIqUvRHJCsFU/Ny38SO
9buVlsBEdY+AFcCPX71XV8xOCELKb752DOzKbdaZeM1cYmg5lmgEPKKKJwBhW949
Mwzz7V6vBnM9hgdOqVHPnnNFamJ3X2FTdHSb9Soy9iTUngjzg3dkl2dd/43MODZ+
AIEu+iJL+D+LT/SEd1pF6D6PKiyIIJgBgW8C9PHJSCyFSlcUb2biiDg3Em87vTWF
seNL40p58xnBIla8BW3iYpickoID+KoBrtg1mEAvKgC2tuA0EPODDLGV3wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIcFzozUKCeL23qOzCbz6GpUX+0/MB8GA1UdIwQY
MBaAFGQ0dGW8klyOdW3fqmCe2gLMUtAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkRSMFpieVNYSTUxYmQtcVlKN2FBc3hTMERFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMWZmN2ItYjc2Ni00N2M3LWJlMGQt
YzBhN2I3Mzc3ZWFiLzEvaHdYT2pOUW9KNHZiZW83TUp2UG9hbFJmN1Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMWZmN2ItYjc2Ni00N2M3LWJlMGQtYzBhN2I3Mzc3ZWFi
LzEvWkRSMFpieVNYSTUxYmQtcVlKN2FBc3hTMERFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAVXJgMAwD
BABVcmkDBABVcmoDBAG5YUIwDQYJKoZIhvcNAQELBQADggEBAFrElmzUtd/AZUiT
Ff/waHC5Q8GEnAVzATHFtXp37ytPizFUc+fqCDtx46pHYMysaeHzPI7+RNqDtcH1
ftnCc7YRJIYUL4ypSSaIV+Nz8z/yXsIZviRDPMtQ6tlWvOqaTx4Qv0cbTHkxZuMg
OZeT58rht7GJKJiYediT9BUBA22Db37BUjAWk8IrghBkY6s1/7uUpTC06b/Yz2Ak
hfsmKDBW8wjiCTm3RB6b+GagPbuWio9o26TU4huxnOhzNEov1+qJVkiXvOOO4PYD
aaZP0HW7uV0TsJluuaNzbT6Y9v7ibH2oi5nbAdPum+O65bIyln/kf5MQXv2im0Ve
bhuAn30=
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:33 2024 by rpki-client on console-ams.rpki-client.org