Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/07eac7-4d52-46d9-ba44-8945860d5238/1/2Ymdgb5y9OTAh_6L87tXtKzSxPQ.roa
File: 2Ymdgb5y9OTAh_6L87tXtKzSxPQ.roa (raw, json)
Hash identifier: 8Gbc0BnaJgl+oIrpffomC3AdmyqQNYT5wP4FBePW3eA=
Subject key identifier: D9:89:9D:81:BE:72:F4:E4:C0:87:FE:8B:F3:BB:57:B4:AC:D2:C4:F4
Certificate issuer: /CN=44ceb61e71a619f2314e9d9846ec67bc88a1244c
Certificate serial: 018A113472B6388730667D51AE56AFC6BD33
Authority key identifier: 44:CE:B6:1E:71:A6:19:F2:31:4E:9D:98:46:EC:67:BC:88:A1:24:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RM62HnGmGfIxTp2YRuxnvIihJEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/07eac7-4d52-46d9-ba44-8945860d5238/1/2Ymdgb5y9OTAh_6L87tXtKzSxPQ.roa
Signing time: Sun 20 Aug 2023 04:29:24 +0000
ROA not before: Sun 20 Aug 2023 04:29:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211510
IP address blocks: 85.193.191.0/24 maxlen: 24
85.193.190.0/24 maxlen: 24
185.54.211.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:11:34:72:b6:38:87:30:66:7d:51:ae:56:af:c6:bd:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44ceb61e71a619f2314e9d9846ec67bc88a1244c
Validity
Not Before: Aug 20 04:29:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9899d81be72f4e4c087fe8bf3bb57b4acd2c4f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:fa:0f:17:c4:6b:b0:c1:54:4e:5e:f3:b8:eb:
8d:e3:8d:b4:a3:ab:3e:a2:8c:c4:28:4c:f8:bb:b3:
77:2b:96:4a:09:b6:ba:0c:f1:c6:07:35:bd:f5:02:
9a:2a:c4:e6:d8:6d:81:37:7f:31:90:9e:69:17:20:
47:24:13:dc:f2:e8:ba:ca:52:c9:67:ed:ed:fd:f4:
68:d7:be:82:22:90:71:a9:1c:6f:cd:ce:41:d4:e6:
b9:ba:60:c9:80:c9:2b:ad:2a:d4:41:67:35:36:5c:
7c:a5:4a:cd:a5:a1:c8:10:6b:dc:3e:78:62:03:bc:
6d:bc:6e:cf:fd:0c:80:38:45:81:5f:23:78:cb:ad:
1a:3f:88:b3:1c:48:97:fc:e6:3e:ab:e2:e5:1d:f9:
c6:77:09:6d:1b:67:44:34:ca:6c:43:18:50:e5:f8:
b0:8a:5b:9b:06:53:cd:a4:b3:54:fd:2d:14:e3:b2:
3e:f6:93:6d:66:4f:53:d7:d4:70:39:29:80:90:4f:
e7:2f:5f:a4:d3:e8:a5:52:72:f0:ca:72:f6:86:12:
9e:14:c0:95:4a:e6:62:4d:c7:44:83:de:a0:a7:91:
b6:07:10:c2:89:df:d7:41:22:f7:8b:a7:58:55:f1:
54:8f:96:99:a4:42:75:98:9b:65:81:83:9c:6d:13:
9b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:89:9D:81:BE:72:F4:E4:C0:87:FE:8B:F3:BB:57:B4:AC:D2:C4:F4
X509v3 Authority Key Identifier:
keyid:44:CE:B6:1E:71:A6:19:F2:31:4E:9D:98:46:EC:67:BC:88:A1:24:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RM62HnGmGfIxTp2YRuxnvIihJEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/07eac7-4d52-46d9-ba44-8945860d5238/1/2Ymdgb5y9OTAh_6L87tXtKzSxPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/07eac7-4d52-46d9-ba44-8945860d5238/1/RM62HnGmGfIxTp2YRuxnvIihJEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.193.190.0/23
185.54.211.0/24
Signature Algorithm: sha256WithRSAEncryption
02:11:59:8b:6d:4b:4d:30:6d:d8:bf:92:cd:55:0a:ea:ae:1c:
2f:90:2a:6c:3f:3b:69:3b:29:f3:a5:92:23:76:c3:25:7c:0f:
4b:59:c0:73:c3:06:8e:74:9b:0d:f7:8b:c9:38:c9:be:15:2e:
54:51:fa:b8:56:f2:6b:de:c6:82:ba:1e:e5:fa:7f:41:4f:3e:
45:a2:75:b7:9c:29:0f:76:4c:0f:69:88:1a:0a:be:1b:2b:f9:
f0:22:3d:d2:9b:5c:10:7e:d0:73:69:be:e1:33:42:80:7d:9b:
b7:5e:f0:b9:87:f5:d6:55:31:0f:dc:cb:23:e4:81:ec:ef:0d:
2c:22:11:e5:66:a5:4b:18:94:50:17:ab:01:a0:f4:97:cd:e2:
c7:8e:e7:60:77:5a:ec:4e:5a:0a:01:42:3e:75:7e:ff:48:ee:
7f:56:ef:c6:9e:d2:4a:d7:22:e6:8e:b5:fb:38:d8:8b:af:4c:
c5:7c:46:8a:34:69:e2:73:8f:60:91:53:c3:1d:51:5e:61:a8:
3d:35:87:3b:26:48:5a:76:73:53:96:1c:f1:77:e6:ab:b8:b8:
84:b0:ac:1c:4d:63:f6:8e:83:ee:63:81:91:c3:a9:36:53:f4:
27:b8:87:c9:74:8d:72:ed:9f:90:c8:34:72:bf:bc:61:7c:0a:
be:cf:0e:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYoRNHK2OIcwZn1Rrlavxr0zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0Y2ViNjFlNzFhNjE5ZjIzMTRlOWQ5ODQ2ZWM2N2JjODhh
MTI0NGMwHhcNMjMwODIwMDQyOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTg5OWQ4MWJlNzJmNGU0YzA4N2ZlOGJmM2JiNTdiNGFjZDJjNGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPoPF8RrsMFUTl7zuOuN4420o6s+
oozEKEz4u7N3K5ZKCba6DPHGBzW99QKaKsTm2G2BN38xkJ5pFyBHJBPc8ui6ylLJ
Z+3t/fRo176CIpBxqRxvzc5B1Oa5umDJgMkrrSrUQWc1Nlx8pUrNpaHIEGvcPnhi
A7xtvG7P/QyAOEWBXyN4y60aP4izHEiX/OY+q+LlHfnGdwltG2dENMpsQxhQ5fiw
ilubBlPNpLNU/S0U47I+9pNtZk9T19RwOSmAkE/nL1+k0+ilUnLwynL2hhKeFMCV
SuZiTcdEg96gp5G2BxDCid/XQSL3i6dYVfFUj5aZpEJ1mJtlgYOcbROb0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNmJnYG+cvTkwIf+i/O7V7Ss0sT0MB8GA1UdIwQY
MBaAFETOth5xphnyMU6dmEbsZ7yIoSRMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk02MkhuR21HZkl4VHAyWVJ1eG52SWloSkV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8wN2VhYzctNGQ1Mi00NmQ5LWJhNDQt
ODk0NTg2MGQ1MjM4LzEvMlltZGdiNXk5T1RBaF82TDg3dFh0S3pTeFBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8wN2VhYzctNGQ1Mi00NmQ5LWJhNDQtODk0NTg2MGQ1MjM4
LzEvUk02MkhuR21HZkl4VHAyWVJ1eG52SWloSkV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVcG+AwQA
uTbTMA0GCSqGSIb3DQEBCwUAA4IBAQACEVmLbUtNMG3Yv5LNVQrqrhwvkCpsPztp
OynzpZIjdsMlfA9LWcBzwwaOdJsN94vJOMm+FS5UUfq4VvJr3saCuh7l+n9BTz5F
onW3nCkPdkwPaYgaCr4bK/nwIj3Sm1wQftBzab7hM0KAfZu3XvC5h/XWVTEP3Msj
5IHs7w0sIhHlZqVLGJRQF6sBoPSXzeLHjudgd1rsTloKAUI+dX7/SO5/Vu/GntJK
1yLmjrX7ONiLr0zFfEaKNGnic49gkVPDHVFeYag9NYc7JkhadnNTlhzxd+aruLiE
sKwcTWP2joPuY4GRw6k2U/QnuIfJdI1y7Z+QyDRyv7xhfAq+zw6C
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:58 2024 by rpki-client on console-fra.rpki-client.org