Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/U6iKOM2gpz64cqJCt5mwOfRooxM.roa
File: U6iKOM2gpz64cqJCt5mwOfRooxM.roa (raw, json)
Hash identifier: W2lgNHCrRlLuhUhU2NIGeGr1eGqbV0poMJe5rOjZMqI=
Subject key identifier: 53:A8:8A:38:CD:A0:A7:3E:B8:72:A2:42:B7:99:B0:39:F4:68:A3:13
Certificate issuer: /CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Certificate serial: 018EC20E600E2A83C69F8B1F385BAAAB843E
Authority key identifier: 4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/U6iKOM2gpz64cqJCt5mwOfRooxM.roa
Signing time: Tue 09 Apr 2024 08:51:45 +0000
ROA not before: Tue 09 Apr 2024 08:51:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25381
IP address blocks: 85.234.108.0/24 maxlen: 24
85.234.109.0/24 maxlen: 24
85.234.110.0/24 maxlen: 24
185.154.192.0/24 maxlen: 24
185.154.193.0/24 maxlen: 24
185.154.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Apr 2024 13:55:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c2:0e:60:0e:2a:83:c6:9f:8b:1f:38:5b:aa:ab:84:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Validity
Not Before: Apr 9 08:51:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53a88a38cda0a73eb872a242b799b039f468a313
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:db:23:2b:9c:30:37:13:29:fc:ec:ea:8e:84:
96:e6:79:e8:65:8a:d6:a7:1a:15:d3:de:b0:ed:b9:
02:c7:48:4a:10:c6:45:ca:bc:17:6e:e1:5e:66:47:
84:a0:fc:a6:ee:5c:e6:23:7a:9f:f9:d8:08:48:f1:
6e:c6:71:38:c1:9b:fd:df:81:b9:39:c5:7a:3a:82:
08:71:98:81:d8:98:a9:9f:d4:94:ba:93:89:69:b7:
d6:71:47:71:76:22:af:75:1c:61:48:a4:47:e1:39:
20:be:ce:bc:15:29:7a:f3:e9:87:0d:71:3e:b1:2f:
d0:0b:94:a7:6b:1d:92:23:6e:fe:2a:de:8d:4c:c0:
47:d9:50:84:98:0d:fd:07:1d:e2:60:e6:03:1b:ed:
55:40:20:fc:fb:38:84:c2:f8:1a:01:ed:a1:54:87:
8d:ad:ca:0e:9a:5d:0a:8c:d1:14:6a:24:4d:12:de:
5a:d6:5b:99:ee:5b:ca:6d:8d:22:f0:48:d3:3f:b5:
d2:96:a3:bb:1a:d2:d9:b7:6d:21:da:23:2a:63:b0:
60:bf:99:52:62:76:db:96:48:a7:26:6f:d2:f7:b6:
7c:02:2e:77:2a:06:ed:bd:6e:c7:21:a9:26:7f:6c:
70:e6:79:03:73:76:67:ec:21:22:7d:3b:88:a1:4b:
ce:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A8:8A:38:CD:A0:A7:3E:B8:72:A2:42:B7:99:B0:39:F4:68:A3:13
X509v3 Authority Key Identifier:
keyid:4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/U6iKOM2gpz64cqJCt5mwOfRooxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.108.0-85.234.110.255
185.154.192.0-185.154.194.255
Signature Algorithm: sha256WithRSAEncryption
2a:a4:a7:7f:e1:ab:46:85:88:7f:2a:92:79:ef:ff:90:fb:af:
11:03:2e:fe:f1:9e:f7:c6:2b:26:02:e4:0b:6f:ab:cd:a0:1b:
bb:18:0f:c2:0c:1c:ec:10:20:90:8c:b2:c3:bf:04:6c:24:e2:
02:e1:88:45:94:2d:05:ef:ca:3f:51:29:d8:2e:32:9e:bb:64:
7c:ca:ad:e7:64:98:72:37:2f:5d:e8:86:74:a5:0a:e5:78:0c:
14:39:ce:fb:79:a6:6b:0d:13:e4:3a:34:43:eb:37:31:73:5e:
1a:0c:19:41:83:10:e8:4c:16:f8:98:66:ac:ab:bc:5b:e8:99:
47:c6:c6:1c:fc:13:17:fc:e6:78:ed:fb:7d:db:c8:39:99:01:
f2:8f:6a:8b:95:3f:47:84:0b:2d:b8:da:7d:68:65:87:33:ca:
55:72:32:65:2e:18:19:14:36:d9:ae:dd:77:1f:6b:c7:ab:51:
5e:25:df:ca:3c:62:10:49:c8:2a:87:7e:16:13:06:c5:c9:b6:
e7:82:7f:b3:99:c0:05:ce:a1:6a:23:16:ee:5e:4a:de:83:50:
76:a1:72:c5:0a:a2:67:db:c4:8a:88:17:26:44:7f:4d:8c:8b:
e4:ac:42:a0:50:c9:e4:a1:4d:d2:62:aa:c3:53:b7:c7:29:ee:
e3:36:5e:a5
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY7CDmAOKoPGn4sfOFuqq4Q+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMmI4OWMzYzU3YTNlMjk2YWE0MDYxZTk2Mjg0MGJlN2Fl
OGYwMTgwHhcNMjQwNDA5MDg1MTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2E4OGEzOGNkYTBhNzNlYjg3MmEyNDJiNzk5YjAzOWY0NjhhMzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9sjK5wwNxMp/OzqjoSW5nnoZYrW
pxoV096w7bkCx0hKEMZFyrwXbuFeZkeEoPym7lzmI3qf+dgISPFuxnE4wZv934G5
OcV6OoIIcZiB2Jipn9SUupOJabfWcUdxdiKvdRxhSKRH4Tkgvs68FSl68+mHDXE+
sS/QC5Snax2SI27+Kt6NTMBH2VCEmA39Bx3iYOYDG+1VQCD8+ziEwvgaAe2hVIeN
rcoOml0KjNEUaiRNEt5a1luZ7lvKbY0i8EjTP7XSlqO7GtLZt20h2iMqY7Bgv5lS
YnbblkinJm/S97Z8Ai53KgbtvW7HIakmf2xw5nkDc3Zn7CEifTuIoUvOIQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFFOoijjNoKc+uHKiQreZsDn0aKMTMB8GA1UdIwQY
MBaAFEwricPFej4paqQGHpYoQL566PAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQt
MTEyOGU1Y2U2YTViLzEvVTZpS09NMmdwejY0Y3FKQ3Q1bXdPZlJvb3hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQtMTEyOGU1Y2U2YTVi
LzEvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAJV6mwD
BABV6m4wDAMEBrmawAMEALmawjANBgkqhkiG9w0BAQsFAAOCAQEAKqSnf+GrRoWI
fyqSee//kPuvEQMu/vGe98YrJgLkC2+rzaAbuxgPwgwc7BAgkIyyw78EbCTiAuGI
RZQtBe/KP1Ep2C4ynrtkfMqt52SYcjcvXeiGdKUK5XgMFDnO+3mmaw0T5Do0Q+s3
MXNeGgwZQYMQ6EwW+JhmrKu8W+iZR8bGHPwTF/zmeO37fdvIOZkB8o9qi5U/R4QL
LbjafWhlhzPKVXIyZS4YGRQ22a7ddx9rx6tRXiXfyjxiEEnIKod+FhMGxcm254J/
s5nABc6haiMW7l5K3oNQdqFyxQqiZ9vEiogXJkR/TYyL5KxCoFDJ5KFN0mKqw1O3
xynu4zZepQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:38 2024 by rpki-client on console-fra.rpki-client.org