Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/ManQkm6AYf4-YIy0fy_jsAepJTk.roa
File: ManQkm6AYf4-YIy0fy_jsAepJTk.roa (raw, json)
Hash identifier: pVofAIL6+JRMEL/8yD/daOAQHQkHXok42Le0VaNCeo4=
Subject key identifier: 31:A9:D0:92:6E:80:61:FE:3E:60:8C:B4:7F:2F:E3:B0:07:A9:25:39
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018CC79535291F9CCF0EC1DD24399371B7D0
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/ManQkm6AYf4-YIy0fy_jsAepJTk.roa
Signing time: Tue 02 Jan 2024 00:31:33 +0000
ROA not before: Tue 02 Jan 2024 00:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207023
IP address blocks: 85.255.112.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 11 Apr 2024 16:39:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:35:29:1f:9c:cf:0e:c1:dd:24:39:93:71:b7:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Jan 2 00:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31a9d0926e8061fe3e608cb47f2fe3b007a92539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3e:a3:05:c4:04:7d:23:90:87:03:dd:17:c3:
57:84:4e:78:77:46:4d:be:39:99:3e:13:63:23:7e:
55:0b:f2:e2:95:fa:3f:fe:5a:b8:7a:62:0d:23:ea:
a9:9f:a5:6d:f4:7e:a2:d3:3b:0b:c7:86:c0:10:27:
7f:e9:bf:bd:7a:9b:bf:47:cf:ed:d9:e7:dd:db:4a:
83:f8:49:e0:c3:52:66:f9:54:52:c4:34:8c:36:01:
ce:9b:83:4d:03:f3:63:6c:53:71:6d:8d:68:7b:21:
e6:99:39:00:35:93:e0:c8:fd:1e:08:2e:26:c5:77:
86:45:cc:07:89:ff:ae:42:46:57:dc:8f:6d:8e:a8:
61:16:29:50:5e:d4:21:6c:3f:6e:f4:f9:27:8e:c1:
30:71:64:87:ee:ff:49:57:a5:cd:84:c4:0b:f4:d5:
ce:0f:f0:d6:35:6c:57:1c:db:ff:e0:3a:19:87:dd:
b9:fd:0c:fc:4d:a5:17:c9:89:8a:26:5d:4c:23:a2:
12:fb:0d:3b:e5:74:37:3b:ad:12:73:1a:6b:a1:99:
d9:43:f7:54:f2:56:bd:bb:33:6e:2a:05:a0:dc:05:
20:f6:da:22:af:dd:e6:6c:ca:a1:50:bd:05:7b:7f:
2a:c4:0a:4f:84:33:60:11:2d:b6:c7:e0:27:c5:b9:
c7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:A9:D0:92:6E:80:61:FE:3E:60:8C:B4:7F:2F:E3:B0:07:A9:25:39
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/ManQkm6AYf4-YIy0fy_jsAepJTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.112.0/21
Signature Algorithm: sha256WithRSAEncryption
70:9f:6f:44:5b:dc:fc:f1:87:67:37:2a:09:c3:4c:74:41:82:
ff:c4:86:f0:e2:96:7b:07:a9:97:58:46:42:d0:d7:44:a3:96:
2d:44:3d:b7:0c:d2:1f:7d:ec:6d:2a:4c:c2:7a:7f:fb:0f:e1:
fe:92:31:40:58:f1:b3:2d:02:a6:6c:36:bf:33:f8:d4:74:ee:
f1:b9:50:0a:52:b6:9d:0e:9e:c9:d9:2a:ec:06:c2:20:06:ed:
04:4e:9f:56:cc:ab:27:c1:2d:f0:53:8f:d3:8c:b6:cb:b3:0d:
aa:ae:b8:53:94:a1:2e:66:5f:81:91:8e:a5:21:d0:d5:fa:28:
9d:cf:69:4b:d5:54:3f:22:57:b4:a7:eb:84:43:da:01:50:da:
72:30:b2:02:0a:9d:18:de:08:e0:dc:cf:a8:33:72:79:a0:b3:
34:93:37:59:63:5f:12:02:92:35:b7:50:92:ca:f9:d3:08:7d:
d9:61:27:b9:54:dc:24:47:69:a5:3e:10:49:a2:2f:91:65:6f:
07:19:f4:45:4e:e2:ba:88:92:c8:70:52:9d:05:f4:4a:32:31:
92:26:15:d3:b8:5f:39:b7:91:6a:5a:b4:cc:3b:7f:d7:21:81:
8b:c9:95:a9:c1:df:2d:cf:b0:47:e1:d3:bf:99:7a:69:09:62:
22:72:26:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlTUpH5zPDsHdJDmTcbfQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjQwMTAyMDAzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWE5ZDA5MjZlODA2MWZlM2U2MDhjYjQ3ZjJmZTNiMDA3YTkyNTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkD6jBcQEfSOQhwPdF8NXhE54d0ZN
vjmZPhNjI35VC/Lilfo//lq4emINI+qpn6Vt9H6i0zsLx4bAECd/6b+9epu/R8/t
2efd20qD+Engw1Jm+VRSxDSMNgHOm4NNA/NjbFNxbY1oeyHmmTkANZPgyP0eCC4m
xXeGRcwHif+uQkZX3I9tjqhhFilQXtQhbD9u9PknjsEwcWSH7v9JV6XNhMQL9NXO
D/DWNWxXHNv/4DoZh925/Qz8TaUXyYmKJl1MI6IS+w075XQ3O60ScxproZnZQ/dU
8la9uzNuKgWg3AUg9toir93mbMqhUL0Fe38qxApPhDNgES22x+AnxbnHBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDGp0JJugGH+PmCMtH8v47AHqSU5MB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvTWFuUWttNkFZZjQtWUl5MGZ5X2pzQWVwSlRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVf9wMA0G
CSqGSIb3DQEBCwUAA4IBAQBwn29EW9z88YdnNyoJw0x0QYL/xIbw4pZ7B6mXWEZC
0NdEo5YtRD23DNIffextKkzCen/7D+H+kjFAWPGzLQKmbDa/M/jUdO7xuVAKUrad
Dp7J2SrsBsIgBu0ETp9WzKsnwS3wU4/TjLbLsw2qrrhTlKEuZl+BkY6lIdDV+iid
z2lL1VQ/Ile0p+uEQ9oBUNpyMLICCp0Y3gjg3M+oM3J5oLM0kzdZY18SApI1t1CS
yvnTCH3ZYSe5VNwkR2mlPhBJoi+RZW8HGfRFTuK6iJLIcFKdBfRKMjGSJhXTuF85
t5FqWrTMO3/XIYGLyZWpwd8tz7BH4dO/mXppCWIiciYg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:29 2024 by rpki-client on console-ams.rpki-client.org