Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/hc7zogxeTFBRueIeSWDgp88tur8.roa
File: hc7zogxeTFBRueIeSWDgp88tur8.roa (raw, json)
Hash identifier: 5/+B5XQ5WrF8THL7hy+Ig5NgtOMwEfGkisT34Lc7BRE=
Subject key identifier: 85:CE:F3:A2:0C:5E:4C:50:51:B9:E2:1E:49:60:E0:A7:CF:2D:BA:BF
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018A3C836859C3A719E38B20B714E5CBF0FE
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/hc7zogxeTFBRueIeSWDgp88tur8.roa
Signing time: Mon 28 Aug 2023 14:19:19 +0000
ROA not before: Mon 28 Aug 2023 14:19:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205993
IP address blocks: 85.255.120.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 15 Nov 2023 14:08:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:83:68:59:c3:a7:19:e3:8b:20:b7:14:e5:cb:f0:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Aug 28 14:19:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85cef3a20c5e4c5051b9e21e4960e0a7cf2dbabf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a1:9d:25:cb:e2:ca:a4:89:1e:39:79:46:b9:
e3:91:1d:64:19:9f:32:30:e8:c9:1f:20:91:d1:76:
d6:ba:1c:11:37:8c:5e:a0:6b:83:3d:a8:8c:bd:77:
74:6f:b2:23:dd:49:e9:ad:6d:13:c3:08:88:c2:0f:
fb:18:de:de:14:6f:d8:9d:7b:55:96:33:46:75:f2:
2a:ab:a6:96:4c:a2:b3:a0:b9:0e:07:cb:68:b8:d4:
49:c4:dd:cc:2e:6f:b2:c4:c0:be:b8:bf:15:4c:8a:
0e:7a:8e:5e:5f:b1:5a:e7:7c:4e:e4:f8:85:78:f6:
cc:a8:04:9c:c5:1b:e4:f1:c5:25:f8:c4:11:45:83:
e2:36:91:a8:06:7a:55:4e:28:ae:f6:51:df:a6:5d:
2f:2b:bb:56:c3:f2:4b:7b:0c:30:5b:b5:f1:f2:5a:
10:d6:98:64:26:ec:57:08:87:be:38:0c:b3:71:2c:
ac:9c:93:95:c2:1a:47:f0:ff:1b:e3:80:69:0f:25:
57:2c:4e:75:ed:b1:45:76:9c:c1:d1:01:19:48:92:
64:50:2b:53:1f:1e:c3:d4:d8:a0:53:f3:4d:e1:4b:
a7:f8:ce:9e:2c:2f:3f:04:e3:0c:0b:d9:f8:22:10:
d0:ba:88:42:60:a6:e7:2d:e8:6e:f3:56:45:84:12:
d8:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:CE:F3:A2:0C:5E:4C:50:51:B9:E2:1E:49:60:E0:A7:CF:2D:BA:BF
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/hc7zogxeTFBRueIeSWDgp88tur8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.120.0/21
Signature Algorithm: sha256WithRSAEncryption
60:c9:a8:17:03:5c:d1:2d:41:e2:41:9f:2a:69:0a:db:fc:ce:
bb:89:df:3b:24:ac:eb:ba:fe:d6:0d:f9:80:f2:44:1d:dc:8d:
e4:3d:61:d1:4a:09:ed:9c:6c:6e:1a:c1:1c:e5:75:df:fa:c3:
a9:a5:2a:8f:d4:7c:2b:10:a3:c1:98:17:f0:05:73:29:e7:02:
15:34:02:4d:74:e8:89:19:50:70:76:96:76:55:b2:41:b1:a7:
2a:95:db:92:27:d6:8a:95:71:11:7e:77:73:2d:9f:fa:83:0e:
65:13:53:82:12:75:6a:ff:19:8a:ec:dc:4b:db:57:fc:e7:ef:
93:61:ad:53:40:01:4f:85:91:28:58:be:f8:5d:0e:76:dc:3c:
77:71:51:23:22:eb:7a:38:9a:34:c3:2a:d7:ca:bb:8f:c3:c9:
e6:cf:60:41:f7:53:ff:0e:db:21:52:8f:61:e3:25:3d:4e:23:
97:c8:87:cc:4e:9f:83:61:a1:4d:82:1c:ba:0d:86:07:7b:b9:
2a:47:8e:8a:46:ff:7d:ee:10:3d:90:34:7e:8b:3e:f0:a3:8c:
d1:73:50:67:ee:97:be:30:99:a9:c2:ed:cc:04:1a:fc:4b:32:
f2:b4:c5:e4:ef:9a:68:e3:85:60:ed:d8:65:67:03:a7:07:49:
57:96:e4:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYo8g2hZw6cZ44sgtxTly/D+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMwODI4MTQxOTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWNlZjNhMjBjNWU0YzUwNTFiOWUyMWU0OTYwZTBhN2NmMmRiYWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKGdJcviyqSJHjl5RrnjkR1kGZ8y
MOjJHyCR0XbWuhwRN4xeoGuDPaiMvXd0b7Ij3UnprW0TwwiIwg/7GN7eFG/YnXtV
ljNGdfIqq6aWTKKzoLkOB8touNRJxN3MLm+yxMC+uL8VTIoOeo5eX7Fa53xO5PiF
ePbMqAScxRvk8cUl+MQRRYPiNpGoBnpVTiiu9lHfpl0vK7tWw/JLewwwW7Xx8loQ
1phkJuxXCIe+OAyzcSysnJOVwhpH8P8b44BpDyVXLE517bFFdpzB0QEZSJJkUCtT
Hx7D1NigU/NN4Uun+M6eLC8/BOMMC9n4IhDQuohCYKbnLehu81ZFhBLYvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIXO86IMXkxQUbniHklg4KfPLbq/MB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvaGM3em9neGVURkJSdWVJZVNXRGdwODh0dXI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVf94MA0G
CSqGSIb3DQEBCwUAA4IBAQBgyagXA1zRLUHiQZ8qaQrb/M67id87JKzruv7WDfmA
8kQd3I3kPWHRSgntnGxuGsEc5XXf+sOppSqP1HwrEKPBmBfwBXMp5wIVNAJNdOiJ
GVBwdpZ2VbJBsacqlduSJ9aKlXERfndzLZ/6gw5lE1OCEnVq/xmK7NxL21f85++T
Ya1TQAFPhZEoWL74XQ523Dx3cVEjIut6OJo0wyrXyruPw8nmz2BB91P/DtshUo9h
4yU9TiOXyIfMTp+DYaFNghy6DYYHe7kqR46KRv997hA9kDR+iz7wo4zRc1Bn7pe+
MJmpwu3MBBr8SzLytMXk75po44Vg7dhlZwOnB0lXluTo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:07 2024 by rpki-client on console-fra.rpki-client.org