Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/_a7NqwnLbJTmasTxcrSvbHj9Agw.roa
File: _a7NqwnLbJTmasTxcrSvbHj9Agw.roa (raw, json)
Hash identifier: yPIxcw+fvwvGHTJ3R2IRxxJKuNLYszow+1kJGvesBRI=
Subject key identifier: FD:AE:CD:AB:09:CB:6C:94:E6:6A:C4:F1:72:B4:AF:6C:78:FD:02:0C
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 018CC79469B0BF16B1607811D2CF10FD4B89
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/_a7NqwnLbJTmasTxcrSvbHj9Agw.roa
Signing time: Tue 02 Jan 2024 00:30:41 +0000
ROA not before: Tue 02 Jan 2024 00:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31365
IP address blocks: 85.153.33.0/24 maxlen: 24
85.153.43.0/24 maxlen: 24
85.153.58.0/24 maxlen: 24
85.153.1.0/24 maxlen: 24
85.153.3.0/24 maxlen: 24
85.153.2.0/24 maxlen: 24
85.153.5.0/24 maxlen: 24
85.153.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Mar 2024 13:13:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:69:b0:bf:16:b1:60:78:11:d2:cf:10:fd:4b:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Jan 2 00:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdaecdab09cb6c94e66ac4f172b4af6c78fd020c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2c:e4:e3:a8:9a:98:c9:6a:0b:95:c7:1c:19:
e1:2c:3d:c9:0a:aa:c4:83:89:f7:0a:b9:77:04:6a:
50:d0:8b:45:97:b0:1b:18:dc:76:fc:84:4c:64:79:
39:c1:48:0b:fc:58:67:ee:14:bc:76:b5:30:51:f8:
bd:fa:cf:16:11:b5:ca:63:b7:48:21:37:19:41:01:
d0:0d:55:7d:ec:b4:cf:e5:6a:3e:04:8c:e1:87:4d:
19:cc:51:94:06:01:7d:38:9b:5f:79:c6:8b:51:da:
7e:2c:af:85:f6:87:cf:07:71:a6:d6:66:98:9d:74:
90:62:75:d8:6e:56:65:9e:66:6a:3c:e5:c5:02:bd:
ab:fe:1e:2b:fd:20:ca:85:1b:e1:56:33:2e:d0:d2:
83:49:60:b1:67:19:3f:45:3a:c1:a2:1d:89:b9:aa:
8e:33:f9:04:d2:8a:8a:39:7e:a3:f8:de:6f:50:de:
d8:f0:b3:d9:b6:e9:3d:bc:fc:73:91:b0:9a:34:3a:
d3:de:c5:e5:3b:da:54:7b:ee:2d:c2:5e:39:cd:04:
5f:56:4b:da:b3:11:13:27:cb:8b:eb:ad:d2:4c:c1:
fb:d0:0e:04:24:fe:e6:45:4e:67:ec:71:19:60:cb:
49:9a:5d:09:bf:1a:f9:2e:ca:41:bb:e5:c2:fd:47:
d4:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:AE:CD:AB:09:CB:6C:94:E6:6A:C4:F1:72:B4:AF:6C:78:FD:02:0C
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/_a7NqwnLbJTmasTxcrSvbHj9Agw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.1.0-85.153.3.255
85.153.5.0/24
85.153.10.0/24
85.153.33.0/24
85.153.43.0/24
85.153.58.0/24
Signature Algorithm: sha256WithRSAEncryption
04:d8:1b:31:b9:b9:86:cd:bc:01:c6:8c:cb:b5:0e:17:c2:a7:
02:3e:8c:94:61:93:51:9c:d4:0d:bd:3b:41:07:2c:57:b8:a0:
bd:bb:f3:4f:07:98:36:9a:52:a3:37:31:71:48:b5:b1:e2:42:
71:e0:d6:52:12:4f:4a:e7:58:dc:b9:7e:af:6f:d7:8f:9b:2f:
4e:ce:2a:2c:30:54:ab:64:53:48:84:6a:b6:1c:2f:a9:cc:d1:
d1:b6:c7:a3:a0:71:9f:02:53:4c:f4:c5:84:19:9d:e9:b8:a4:
c3:d9:5b:dd:dc:fe:b7:bf:a2:4f:09:72:8b:d8:7b:71:2c:c7:
e9:b3:e0:cd:c2:7b:48:ea:1b:15:66:9c:8f:bf:92:23:63:67:
a1:ee:b9:13:c0:df:6c:9d:aa:74:e0:53:6b:2c:f8:92:30:17:
72:2b:ed:12:0f:07:a5:66:6d:92:9b:84:2c:e6:6d:86:2a:be:
0d:aa:8f:4e:a4:87:81:7c:18:2f:73:5a:18:6d:8c:71:d8:52:
b2:b2:38:fa:d5:0c:e6:e1:1e:59:23:74:16:4d:ba:9e:d4:75:
7e:63:3c:15:d3:4e:c4:18:32:60:f5:04:cb:b0:07:33:48:0c:
74:2c:94:ee:9c:8c:5a:44:25:34:dc:05:e2:be:e5:15:4e:68:
b8:07:ff:38
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzHlGmwvxaxYHgR0s8Q/UuJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjQwMTAyMDAzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGFlY2RhYjA5Y2I2Yzk0ZTY2YWM0ZjE3MmI0YWY2Yzc4ZmQwMjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCzk46iamMlqC5XHHBnhLD3JCqrE
g4n3Crl3BGpQ0ItFl7AbGNx2/IRMZHk5wUgL/Fhn7hS8drUwUfi9+s8WEbXKY7dI
ITcZQQHQDVV97LTP5Wo+BIzhh00ZzFGUBgF9OJtfecaLUdp+LK+F9ofPB3Gm1maY
nXSQYnXYblZlnmZqPOXFAr2r/h4r/SDKhRvhVjMu0NKDSWCxZxk/RTrBoh2JuaqO
M/kE0oqKOX6j+N5vUN7Y8LPZtuk9vPxzkbCaNDrT3sXlO9pUe+4twl45zQRfVkva
sxETJ8uL663STMH70A4EJP7mRU5n7HEZYMtJml0Jvxr5LspBu+XC/UfUHwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFP2uzasJy2yU5mrE8XK0r2x4/QIMMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvX2E3TnF3bkxiSlRtYXNUeGNyU3ZiSGo5QWd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBABVmQED
BAJVmQADBABVmQUDBABVmQoDBABVmSEDBABVmSsDBABVmTowDQYJKoZIhvcNAQEL
BQADggEBAATYGzG5uYbNvAHGjMu1DhfCpwI+jJRhk1Gc1A29O0EHLFe4oL27808H
mDaaUqM3MXFItbHiQnHg1lIST0rnWNy5fq9v14+bL07OKiwwVKtkU0iEarYcL6nM
0dG2x6OgcZ8CU0z0xYQZnem4pMPZW93c/re/ok8JcovYe3Esx+mz4M3Ce0jqGxVm
nI+/kiNjZ6HuuRPA32ydqnTgU2ss+JIwF3Ir7RIPB6VmbZKbhCzmbYYqvg2qj06k
h4F8GC9zWhhtjHHYUrKyOPrVDObhHlkjdBZNup7UdX5jPBXTTsQYMmD1BMuwBzNI
DHQslO6cjFpEJTTcBeK+5RVOaLgH/zg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:43 2024 by rpki-client on console-fra.rpki-client.org