Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/c0a326-88e1-42b4-9d56-0921d1bbf349/1/n_0XEbFft7zt3bI9n7xq8EtiGaM.roa
File: n_0XEbFft7zt3bI9n7xq8EtiGaM.roa (raw, json)
Hash identifier: GL0xGStT+OxDNqftOSNMCMC0YWwWzC4wzY87RFIUCgE=
Subject key identifier: 9F:FD:17:11:B1:5F:B7:BC:ED:DD:B2:3D:9F:BC:6A:F0:4B:62:19:A3
Certificate issuer: /CN=1e02b2489f4713962d105112b25276eb81f1ac90
Certificate serial: 01857227D68EC8A1C44F57A933507A76A4AA
Authority key identifier: 1E:02:B2:48:9F:47:13:96:2D:10:51:12:B2:52:76:EB:81:F1:AC:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HgKySJ9HE5YtEFESslJ264HxrJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/c0a326-88e1-42b4-9d56-0921d1bbf349/1/n_0XEbFft7zt3bI9n7xq8EtiGaM.roa
Signing time: Mon 02 Jan 2023 11:04:51 +0000
ROA not before: Mon 02 Jan 2023 11:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56650
IP address blocks: 85.208.64.0/22 maxlen: 22
85.208.64.0/24 maxlen: 24
85.208.65.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:d6:8e:c8:a1:c4:4f:57:a9:33:50:7a:76:a4:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e02b2489f4713962d105112b25276eb81f1ac90
Validity
Not Before: Jan 2 11:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ffd1711b15fb7bcedddb23d9fbc6af04b6219a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b3:99:fa:ea:d2:70:d2:81:59:b5:72:89:57:
25:b0:7e:f4:93:7c:5c:b8:45:96:c3:e3:6e:a9:7d:
3e:ff:46:f2:2e:f8:75:57:df:5a:ca:a8:bb:8c:5a:
da:0e:3a:3f:81:2b:73:91:f8:d3:7a:32:39:05:7b:
5d:46:63:c5:4c:31:ea:aa:a4:34:90:43:53:8c:d0:
d8:74:e4:1f:f6:5a:42:55:18:db:01:27:0c:2b:65:
a5:03:c4:e3:e0:f0:21:6d:29:8a:b2:95:9e:16:e1:
e7:73:db:94:05:5a:de:3d:ae:56:5f:cd:33:62:53:
e8:94:98:96:2a:7e:06:73:36:9a:f4:42:22:d6:72:
50:7e:2b:30:30:78:a4:cc:d4:98:26:96:08:24:b1:
f9:f2:ad:6a:67:52:c4:e3:e1:8d:36:fc:e7:01:f4:
7c:c7:ca:81:22:6b:5a:f8:22:48:8c:48:d6:f6:ff:
bc:94:79:c5:9c:c9:25:48:db:39:a8:15:3b:72:c5:
71:7a:ad:28:5b:74:29:4a:1a:84:8b:c7:b6:63:ec:
2f:18:4e:eb:64:4b:f4:8e:45:bf:e6:ec:2f:d0:f9:
5a:cb:c1:2e:df:79:d0:b6:0c:85:82:f0:b6:8b:41:
32:7f:bf:6c:7e:40:5d:6a:00:3b:0c:7d:28:8a:1b:
cf:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:FD:17:11:B1:5F:B7:BC:ED:DD:B2:3D:9F:BC:6A:F0:4B:62:19:A3
X509v3 Authority Key Identifier:
keyid:1E:02:B2:48:9F:47:13:96:2D:10:51:12:B2:52:76:EB:81:F1:AC:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HgKySJ9HE5YtEFESslJ264HxrJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/c0a326-88e1-42b4-9d56-0921d1bbf349/1/n_0XEbFft7zt3bI9n7xq8EtiGaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/c0a326-88e1-42b4-9d56-0921d1bbf349/1/HgKySJ9HE5YtEFESslJ264HxrJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.64.0/22
Signature Algorithm: sha256WithRSAEncryption
10:a2:af:39:10:03:ce:7c:2a:b3:1c:bd:df:3c:a8:6e:f5:58:
4c:a1:7e:dd:5e:8f:66:c1:06:7e:57:83:80:66:61:2a:52:4a:
b5:2b:18:be:ed:ee:c4:18:0b:f1:24:3b:15:3f:cc:45:38:3b:
4a:4f:f4:21:df:b8:50:d0:34:c5:dc:9d:19:98:a0:51:a3:3f:
7a:10:76:ff:55:87:05:4f:9d:65:9a:9b:e4:98:63:49:c4:23:
c4:36:ae:f2:81:d2:d0:50:33:35:55:c8:0e:5f:0c:db:de:4c:
66:b4:6b:38:7a:c9:31:65:3c:3d:a9:c4:5b:7c:28:9e:0f:d5:
a5:e1:0f:ed:81:39:03:e8:0b:3b:76:f0:49:6a:70:b8:c8:4f:
51:8d:bf:50:ad:00:fd:95:fd:18:42:ca:f2:53:25:16:16:93:
f6:ff:69:3a:13:6e:1b:ee:8c:dc:37:0b:ca:5f:ef:60:d9:3c:
3d:c0:ff:d4:a5:48:11:5c:9b:d3:65:bb:94:78:f3:14:b3:92:
27:8f:54:f7:17:c9:d2:cf:9b:6f:53:ca:c2:c3:65:98:fb:69:
16:b8:22:f0:59:89:4d:5b:5e:b9:25:72:20:74:f4:69:ce:5c:
c2:db:78:83:85:df:4d:f3:5b:3a:d2:01:94:a5:68:b9:73:8b:
d7:ee:4b:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyJ9aOyKHET1epM1B6dqSqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMDJiMjQ4OWY0NzEzOTYyZDEwNTExMmIyNTI3NmViODFm
MWFjOTAwHhcNMjMwMTAyMTEwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmZkMTcxMWIxNWZiN2JjZWRkZGIyM2Q5ZmJjNmFmMDRiNjIxOWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLOZ+urScNKBWbVyiVclsH70k3xc
uEWWw+NuqX0+/0byLvh1V99ayqi7jFraDjo/gStzkfjTejI5BXtdRmPFTDHqqqQ0
kENTjNDYdOQf9lpCVRjbAScMK2WlA8Tj4PAhbSmKspWeFuHnc9uUBVrePa5WX80z
YlPolJiWKn4Gczaa9EIi1nJQfiswMHikzNSYJpYIJLH58q1qZ1LE4+GNNvznAfR8
x8qBImta+CJIjEjW9v+8lHnFnMklSNs5qBU7csVxeq0oW3QpShqEi8e2Y+wvGE7r
ZEv0jkW/5uwv0Play8Eu33nQtgyFgvC2i0Eyf79sfkBdagA7DH0oihvP9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ/9FxGxX7e87d2yPZ+8avBLYhmjMB8GA1UdIwQY
MBaAFB4CskifRxOWLRBRErJSduuB8ayQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGdLeVNKOUhFNVl0RUZFU3NsSjI2NEh4ckpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9jMGEzMjYtODhlMS00MmI0LTlkNTYt
MDkyMWQxYmJmMzQ5LzEvbl8wWEViRmZ0N3p0M2JJOW43eHE4RXRpR2FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9jMGEzMjYtODhlMS00MmI0LTlkNTYtMDkyMWQxYmJmMzQ5
LzEvSGdLeVNKOUhFNVl0RUZFU3NsSjI2NEh4ckpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVdBAMA0G
CSqGSIb3DQEBCwUAA4IBAQAQoq85EAPOfCqzHL3fPKhu9VhMoX7dXo9mwQZ+V4OA
ZmEqUkq1Kxi+7e7EGAvxJDsVP8xFODtKT/Qh37hQ0DTF3J0ZmKBRoz96EHb/VYcF
T51lmpvkmGNJxCPENq7ygdLQUDM1VcgOXwzb3kxmtGs4eskxZTw9qcRbfCieD9Wl
4Q/tgTkD6As7dvBJanC4yE9Rjb9QrQD9lf0YQsryUyUWFpP2/2k6E24b7ozcNwvK
X+9g2Tw9wP/UpUgRXJvTZbuUePMUs5Inj1T3F8nSz5tvU8rCw2WY+2kWuCLwWYlN
W165JXIgdPRpzlzC23iDhd9N81s60gGUpWi5c4vX7ksz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:23 2024 by rpki-client on console-fra.rpki-client.org