Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/4hdGnPCqY2Z0e4pFyspVe6PCfIY.roa
File: 4hdGnPCqY2Z0e4pFyspVe6PCfIY.roa (raw, json)
Hash identifier: Vq4M39M+MFwgkV3vWdSAOK3CW+1Vv52ElZtP7dkmPVg=
Subject key identifier: E2:17:46:9C:F0:AA:63:66:74:7B:8A:45:CA:CA:55:7B:A3:C2:7C:86
Certificate issuer: /CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Certificate serial: 018EC20E5F3F911CCD6CC4F38957F4B1CD79
Authority key identifier: 4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/4hdGnPCqY2Z0e4pFyspVe6PCfIY.roa
Signing time: Tue 09 Apr 2024 08:51:45 +0000
ROA not before: Tue 09 Apr 2024 08:51:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 85.234.106.0/24 maxlen: 24
85.234.107.0/24 maxlen: 24
185.154.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Apr 2024 13:55:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c2:0e:5f:3f:91:1c:cd:6c:c4:f3:89:57:f4:b1:cd:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Validity
Not Before: Apr 9 08:51:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e217469cf0aa6366747b8a45caca557ba3c27c86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:19:0d:a8:78:89:c9:e5:1c:c5:e1:af:72:9c:
14:90:21:f5:f0:09:0c:ea:0c:54:c6:f1:64:4e:3d:
b0:e5:56:01:9f:1e:cd:21:1a:21:90:51:ab:fe:d6:
90:28:79:7d:9f:d5:38:97:4b:1b:a8:5c:f2:41:a1:
79:4d:b5:fb:cb:27:06:37:d8:2b:04:4b:86:1f:eb:
39:05:59:9e:5c:9f:7d:a3:d1:2a:ca:49:52:4e:5c:
03:8c:bd:e2:63:07:87:25:a9:0e:f4:3a:1b:1e:a0:
4f:b1:f7:69:a2:1d:c5:73:ca:c0:fa:9b:b3:99:9b:
ea:ef:f4:df:35:47:14:26:37:ae:00:d3:11:b7:aa:
c0:78:b8:89:fa:1c:b2:bf:1b:78:fe:23:77:a4:e0:
b6:d4:2f:17:9c:23:b5:14:78:e8:f6:21:30:d4:b5:
6f:1a:cd:29:77:aa:f0:2f:b4:db:62:ee:00:f5:f8:
ae:c1:d7:75:d3:bb:a1:65:90:fe:40:7d:53:19:94:
2c:02:54:c4:41:71:1e:52:a4:66:30:17:12:af:54:
60:d5:c6:6b:17:11:dc:ac:37:73:bd:a6:74:41:17:
c8:cb:72:21:dd:fb:6d:81:11:b5:5d:77:cb:c1:12:
06:fe:f9:63:a7:f6:10:d3:c4:a6:50:6b:25:0d:ce:
2e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:17:46:9C:F0:AA:63:66:74:7B:8A:45:CA:CA:55:7B:A3:C2:7C:86
X509v3 Authority Key Identifier:
keyid:4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/4hdGnPCqY2Z0e4pFyspVe6PCfIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.106.0/23
185.154.195.0/24
Signature Algorithm: sha256WithRSAEncryption
32:5f:18:0a:88:03:07:ee:d4:8e:70:f5:5e:01:d3:ac:4a:fc:
06:da:55:81:3e:21:ab:aa:37:3e:8c:0f:0f:2b:24:2c:9c:33:
5e:f9:72:8a:9d:9b:d9:cc:f0:fc:b4:8c:69:34:69:d6:73:b1:
08:38:e0:55:38:85:db:7b:73:88:da:45:84:22:55:3f:6a:94:
2f:7a:b0:18:a4:18:0a:d5:e0:06:4f:aa:a4:5c:51:03:92:55:
e6:69:1a:5b:06:54:48:c7:1a:9d:36:9f:31:e9:1a:0b:32:16:
98:0b:d2:8d:d2:ef:a7:66:46:5e:b5:38:c3:44:96:84:72:dd:
d8:65:a1:8d:27:3b:b1:62:32:ae:7a:ef:a0:1b:9e:30:3c:82:
62:f8:88:9c:ea:d3:8d:7e:b0:83:8a:d0:6e:70:f2:19:f1:bf:
d2:7e:75:d1:3a:72:ca:6a:76:5d:58:11:2f:fb:77:e0:42:5b:
ec:a7:72:12:eb:81:df:2c:c1:e1:32:96:12:f6:61:11:c9:29:
85:db:ea:05:81:00:14:d0:fa:d5:b1:d7:24:0d:d2:52:5c:95:
b7:56:ce:7e:4f:d4:3d:b1:06:ad:8c:dc:00:1a:e2:77:ca:5a:
05:74:7b:a7:57:f1:a5:b8:d7:ca:4c:a4:38:22:ff:b8:76:36:
4d:94:56:8b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7CDl8/kRzNbMTziVf0sc15MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMmI4OWMzYzU3YTNlMjk2YWE0MDYxZTk2Mjg0MGJlN2Fl
OGYwMTgwHhcNMjQwNDA5MDg1MTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjE3NDY5Y2YwYWE2MzY2NzQ3YjhhNDVjYWNhNTU3YmEzYzI3Yzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphkNqHiJyeUcxeGvcpwUkCH18AkM
6gxUxvFkTj2w5VYBnx7NIRohkFGr/taQKHl9n9U4l0sbqFzyQaF5TbX7yycGN9gr
BEuGH+s5BVmeXJ99o9EqyklSTlwDjL3iYweHJakO9DobHqBPsfdpoh3Fc8rA+puz
mZvq7/TfNUcUJjeuANMRt6rAeLiJ+hyyvxt4/iN3pOC21C8XnCO1FHjo9iEw1LVv
Gs0pd6rwL7TbYu4A9fiuwdd107uhZZD+QH1TGZQsAlTEQXEeUqRmMBcSr1Rg1cZr
FxHcrDdzvaZ0QRfIy3Ih3fttgRG1XXfLwRIG/vljp/YQ08SmUGslDc4uHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOIXRpzwqmNmdHuKRcrKVXujwnyGMB8GA1UdIwQY
MBaAFEwricPFej4paqQGHpYoQL566PAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQt
MTEyOGU1Y2U2YTViLzEvNGhkR25QQ3FZMlowZTRwRnlzcFZlNlBDZklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQtMTEyOGU1Y2U2YTVi
LzEvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVepqAwQA
uZrDMA0GCSqGSIb3DQEBCwUAA4IBAQAyXxgKiAMH7tSOcPVeAdOsSvwG2lWBPiGr
qjc+jA8PKyQsnDNe+XKKnZvZzPD8tIxpNGnWc7EIOOBVOIXbe3OI2kWEIlU/apQv
erAYpBgK1eAGT6qkXFEDklXmaRpbBlRIxxqdNp8x6RoLMhaYC9KN0u+nZkZetTjD
RJaEct3YZaGNJzuxYjKueu+gG54wPIJi+Iic6tONfrCDitBucPIZ8b/SfnXROnLK
anZdWBEv+3fgQlvsp3IS64HfLMHhMpYS9mERySmF2+oFgQAU0PrVsdckDdJSXJW3
Vs5+T9Q9sQatjNwAGuJ3yloFdHunV/GluNfKTKQ4Iv+4djZNlFaL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:38 2024 by rpki-client on console-fra.rpki-client.org