Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/RwjYX_QF5_Ri_ZAIEfqCSqm7Gno.roa
File: RwjYX_QF5_Ri_ZAIEfqCSqm7Gno.roa (raw, json)
Hash identifier: +G70TzULonFYgkxjrLyB3nrBdH9b1gCQ257egYT9kA0=
Subject key identifier: 47:08:D8:5F:F4:05:E7:F4:62:FD:90:08:11:FA:82:4A:A9:BB:1A:7A
Certificate issuer: /CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Certificate serial: 018572CCB5FF633159BFFF6542B9F545EC27
Authority key identifier: 4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/RwjYX_QF5_Ri_ZAIEfqCSqm7Gno.roa
Signing time: Mon 02 Jan 2023 14:04:56 +0000
ROA not before: Mon 02 Jan 2023 14:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202806
IP address blocks: 85.234.102.0/23 maxlen: 24
85.234.114.0/23 maxlen: 24
2a0a:6f40:2::/47 maxlen: 48
2a0a:6f40:4::/47 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:b5:ff:63:31:59:bf:ff:65:42:b9:f5:45:ec:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Validity
Not Before: Jan 2 14:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4708d85ff405e7f462fd900811fa824aa9bb1a7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:77:66:ff:05:1d:bd:86:53:c2:a0:f3:50:8c:
a2:d2:4f:e4:8f:d6:16:2f:84:74:56:c7:44:fb:d5:
67:e0:4e:07:9c:2a:86:29:f5:bd:43:45:2e:1c:d9:
11:3d:48:05:65:8f:9a:35:12:69:b8:6b:06:49:f8:
e5:1f:6b:5f:97:93:12:39:d5:e4:e2:01:4f:16:39:
b7:34:d1:ef:d9:6f:ec:4d:50:b4:c6:a8:a3:0f:a6:
7a:d9:53:81:b0:b5:1f:af:6d:28:d3:2b:c9:95:de:
7d:10:9b:bf:59:5e:ec:bb:23:ea:78:0d:6f:0e:ef:
69:48:1c:ed:81:90:51:e9:ad:56:6e:74:ee:a0:81:
ea:27:8d:f6:8e:2c:4d:ff:a7:71:d8:cb:e0:39:d9:
9d:59:ea:09:ef:07:e6:bb:da:8d:eb:e0:7c:58:8e:
98:3f:d3:7e:99:c2:3f:09:2e:a6:24:50:d2:d9:f8:
4f:27:b1:97:a1:f6:5a:20:78:6a:39:af:8d:78:32:
d8:6b:6c:94:ab:bc:13:15:fb:49:e1:91:eb:1a:55:
c2:e9:ae:3a:7c:90:a6:83:3c:d3:09:e2:e4:88:b4:
e2:0a:fc:de:ed:03:a4:19:c0:75:9e:80:da:64:a8:
13:e5:e6:4e:7a:2c:5b:ae:3d:e4:e8:89:28:42:83:
69:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:08:D8:5F:F4:05:E7:F4:62:FD:90:08:11:FA:82:4A:A9:BB:1A:7A
X509v3 Authority Key Identifier:
keyid:4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/RwjYX_QF5_Ri_ZAIEfqCSqm7Gno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.102.0/23
85.234.114.0/23
IPv6:
2a0a:6f40:2::-2a0a:6f40:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1c:8c:a3:f3:08:f6:6b:d4:f8:d2:b0:25:93:4e:3e:95:20:23:
73:e4:71:69:b3:d2:6a:04:9c:da:bd:f1:c2:2a:fe:39:a1:8e:
bc:e3:be:3f:1b:81:57:12:c4:1f:48:89:6e:f4:34:51:e8:8a:
a5:f2:78:87:19:ac:7d:28:eb:10:09:85:8d:f4:2a:3d:49:81:
1f:fc:20:c8:df:b6:1e:e6:3c:fd:4c:bb:d2:28:30:2f:08:17:
69:9f:9f:86:ec:41:0f:65:c4:c5:a9:28:8c:a3:be:aa:a5:08:
c9:b6:f8:99:3f:5c:31:0f:47:11:d2:4b:25:e8:21:b1:93:2f:
09:74:68:1a:df:34:71:11:4f:5f:43:1a:dd:84:a2:21:6d:48:
aa:9a:b9:8d:a9:33:b4:ee:ea:03:c9:48:78:5e:ea:10:ef:b2:
f0:9d:0f:4b:e1:4f:6e:6f:82:45:c7:5e:e0:ce:4d:89:88:ca:
04:94:0b:f8:8b:17:95:c7:f7:58:72:4e:68:69:2e:17:b9:80:
9e:2c:cc:a1:0b:5d:c7:a1:a3:15:0b:9e:75:94:e6:38:53:8a:
53:8c:c3:c6:1b:dd:fb:81:37:c3:f1:86:69:73:66:ef:78:6d:
9b:ea:f2:e8:44:43:e8:24:3f:2b:cb:48:fa:fe:f1:54:45:d4:
e7:0a:c0:73
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVyzLX/YzFZv/9lQrn1RewnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMmI4OWMzYzU3YTNlMjk2YWE0MDYxZTk2Mjg0MGJlN2Fl
OGYwMTgwHhcNMjMwMTAyMTQwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzA4ZDg1ZmY0MDVlN2Y0NjJmZDkwMDgxMWZhODI0YWE5YmIxYTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Xdm/wUdvYZTwqDzUIyi0k/kj9YW
L4R0VsdE+9Vn4E4HnCqGKfW9Q0UuHNkRPUgFZY+aNRJpuGsGSfjlH2tfl5MSOdXk
4gFPFjm3NNHv2W/sTVC0xqijD6Z62VOBsLUfr20o0yvJld59EJu/WV7suyPqeA1v
Du9pSBztgZBR6a1WbnTuoIHqJ432jixN/6dx2MvgOdmdWeoJ7wfmu9qN6+B8WI6Y
P9N+mcI/CS6mJFDS2fhPJ7GXofZaIHhqOa+NeDLYa2yUq7wTFftJ4ZHrGlXC6a46
fJCmgzzTCeLkiLTiCvze7QOkGcB1noDaZKgT5eZOeixbrj3k6IkoQoNpUwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFEcI2F/0Bef0Yv2QCBH6gkqpuxp6MB8GA1UdIwQY
MBaAFEwricPFej4paqQGHpYoQL566PAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQt
MTEyOGU1Y2U2YTViLzEvUndqWVhfUUY1X1JpX1pBSUVmcUNTcW03R25vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQtMTEyOGU1Y2U2YTVi
LzEvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDASBAIAATAMAwQBVepmAwQB
VepyMBoEAgACMBQwEgMHASoKb0AAAgMHASoKb0AABDANBgkqhkiG9w0BAQsFAAOC
AQEAHIyj8wj2a9T40rAlk04+lSAjc+RxabPSagSc2r3xwir+OaGOvOO+PxuBVxLE
H0iJbvQ0UeiKpfJ4hxmsfSjrEAmFjfQqPUmBH/wgyN+2HuY8/Uy70igwLwgXaZ+f
huxBD2XExakojKO+qqUIybb4mT9cMQ9HEdJLJeghsZMvCXRoGt80cRFPX0Ma3YSi
IW1Iqpq5jakztO7qA8lIeF7qEO+y8J0PS+FPbm+CRcde4M5NiYjKBJQL+IsXlcf3
WHJOaGkuF7mAnizMoQtdx6GjFQuedZTmOFOKU4zDxhvd+4E3w/GGaXNm73htm+ry
6ERD6CQ/K8tI+v7xVEXU5wrAcw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:38 2024 by rpki-client on console-fra.rpki-client.org