Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/fKA3JUEISyJEG0LCxp0ehnQJnlA.roa
File: fKA3JUEISyJEG0LCxp0ehnQJnlA.roa (raw, json)
Hash identifier: LclZ286gK2DidI/A2reCtxT5romNkK5GpKztssRWbjE=
Subject key identifier: 7C:A0:37:25:41:08:4B:22:44:1B:42:C2:C6:9D:1E:86:74:09:9E:50
Certificate issuer: /CN=4b6d7ea41033837f08c28c4742984b82b8f443df
Certificate serial: 01856C0A28739806636EE398FD48DAA49E9A
Authority key identifier: 4B:6D:7E:A4:10:33:83:7F:08:C2:8C:47:42:98:4B:82:B8:F4:43:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S21-pBAzg38IwoxHQphLgrj0Q98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/fKA3JUEISyJEG0LCxp0ehnQJnlA.roa
Signing time: Sun 01 Jan 2023 06:34:43 +0000
ROA not before: Sun 01 Jan 2023 06:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50563
IP address blocks: 85.209.182.0/23 maxlen: 23
85.209.182.0/24 maxlen: 24
85.209.180.0/24 maxlen: 24
85.209.180.0/23 maxlen: 23
85.209.183.0/24 maxlen: 24
85.209.180.0/22 maxlen: 22
85.209.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:28:73:98:06:63:6e:e3:98:fd:48:da:a4:9e:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b6d7ea41033837f08c28c4742984b82b8f443df
Validity
Not Before: Jan 1 06:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ca0372541084b22441b42c2c69d1e8674099e50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1f:96:09:41:5e:c0:e7:06:c9:7b:85:d4:0f:
cc:ed:53:ac:98:77:f1:d1:8b:6d:1f:26:98:75:76:
57:0e:f2:d3:cb:12:75:2c:57:f9:77:b4:6d:9b:c2:
f7:5a:32:93:74:4e:b3:e9:44:fe:33:12:9f:f1:76:
ac:bc:8b:90:da:b0:5b:b0:e6:3e:6e:0a:43:5e:77:
81:5a:3d:16:f4:13:d8:93:63:16:89:98:74:65:dd:
25:34:ed:76:83:34:c7:2b:7a:6d:7e:9f:1a:ad:8a:
f9:ad:9d:d9:e0:fe:fd:58:45:35:06:c6:06:0d:fb:
1a:a6:1d:8c:ad:38:39:27:e6:07:7d:5d:91:26:7e:
21:36:21:36:b5:c7:94:55:e3:73:64:fa:0d:3e:cd:
62:7c:af:4b:45:12:19:fb:4f:c4:bf:7e:28:cb:b5:
f9:c2:1c:c4:c3:67:fb:a9:75:51:7b:03:34:d3:b4:
c3:5a:fc:7a:0f:51:02:81:1b:a2:55:e7:b2:44:0d:
58:33:70:9d:ed:2b:d4:33:f7:91:c8:b3:e6:46:db:
96:43:4e:04:13:ad:a9:6c:9e:8b:dd:87:c3:3b:23:
96:db:ad:45:0a:7a:f4:7e:e0:ef:fc:06:8b:11:25:
45:3e:05:25:48:06:31:0e:e5:d3:52:54:28:1b:8e:
b8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:A0:37:25:41:08:4B:22:44:1B:42:C2:C6:9D:1E:86:74:09:9E:50
X509v3 Authority Key Identifier:
keyid:4B:6D:7E:A4:10:33:83:7F:08:C2:8C:47:42:98:4B:82:B8:F4:43:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S21-pBAzg38IwoxHQphLgrj0Q98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/fKA3JUEISyJEG0LCxp0ehnQJnlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/S21-pBAzg38IwoxHQphLgrj0Q98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.180.0/22
Signature Algorithm: sha256WithRSAEncryption
45:12:dd:5f:7e:82:8e:98:5c:1d:5c:fa:c0:11:f6:38:c5:9a:
5c:cc:05:61:93:2c:14:b9:0e:ab:73:1d:47:33:85:bd:56:38:
31:93:cd:4a:39:e7:74:31:ae:bd:e5:95:ef:85:f6:f6:ff:03:
62:cb:bc:1c:8b:db:05:c7:6b:5b:a2:d1:d9:af:59:a1:c8:9f:
1b:b4:9b:fb:a2:54:d8:86:06:23:3e:91:21:86:01:df:97:35:
7b:2f:e9:29:ca:55:4e:87:56:b9:18:ce:5f:75:43:fc:70:a1:
06:e4:d5:91:a3:11:c7:bd:9b:c1:e6:e6:09:61:f7:ae:2b:d6:
89:28:bd:5d:5d:5c:90:48:96:7b:3f:61:bf:c2:dd:10:56:e5:
08:cc:c6:d6:71:9f:de:43:39:e5:b7:58:7a:2e:df:9f:0f:aa:
95:a2:d5:61:5d:69:c1:e1:27:26:05:d3:f3:08:c7:90:c1:1c:
dc:3f:43:8e:47:21:f9:1b:51:91:c8:a3:d1:a7:38:67:db:db:
d8:61:ba:db:0f:cf:c4:9c:c5:ce:fb:47:6f:7c:28:61:79:3c:
86:26:e4:9a:9c:e6:3c:c3:36:cd:d7:46:fa:53:c5:22:2e:52:
ce:49:fd:93:c6:a2:4a:9e:fb:10:05:c2:5b:53:21:6f:2e:e3:
92:63:e3:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsCihzmAZjbuOY/UjapJ6aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNmQ3ZWE0MTAzMzgzN2YwOGMyOGM0NzQyOTg0YjgyYjhm
NDQzZGYwHhcNMjMwMTAxMDYzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2EwMzcyNTQxMDg0YjIyNDQxYjQyYzJjNjlkMWU4Njc0MDk5ZTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAox+WCUFewOcGyXuF1A/M7VOsmHfx
0YttHyaYdXZXDvLTyxJ1LFf5d7Rtm8L3WjKTdE6z6UT+MxKf8XasvIuQ2rBbsOY+
bgpDXneBWj0W9BPYk2MWiZh0Zd0lNO12gzTHK3ptfp8arYr5rZ3Z4P79WEU1BsYG
Dfsaph2MrTg5J+YHfV2RJn4hNiE2tceUVeNzZPoNPs1ifK9LRRIZ+0/Ev34oy7X5
whzEw2f7qXVRewM007TDWvx6D1ECgRuiVeeyRA1YM3Cd7SvUM/eRyLPmRtuWQ04E
E62pbJ6L3YfDOyOW261FCnr0fuDv/AaLESVFPgUlSAYxDuXTUlQoG4640QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHygNyVBCEsiRBtCwsadHoZ0CZ5QMB8GA1UdIwQY
MBaAFEttfqQQM4N/CMKMR0KYS4K49EPfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzIxLXBCQXpnMzhJd294SFFwaExncmowUTk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8xZDA2ODEtZmUyMC00N2EzLTk0ZGYt
NWVlODcyMWMxY2ZjLzEvZktBM0pVRUlTeUpFRzBMQ3hwMGVoblFKbmxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8xZDA2ODEtZmUyMC00N2EzLTk0ZGYtNWVlODcyMWMxY2Zj
LzEvUzIxLXBCQXpnMzhJd294SFFwaExncmowUTk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVdG0MA0G
CSqGSIb3DQEBCwUAA4IBAQBFEt1ffoKOmFwdXPrAEfY4xZpczAVhkywUuQ6rcx1H
M4W9Vjgxk81KOed0Ma695ZXvhfb2/wNiy7wci9sFx2tbotHZr1mhyJ8btJv7olTY
hgYjPpEhhgHflzV7L+kpylVOh1a5GM5fdUP8cKEG5NWRoxHHvZvB5uYJYfeuK9aJ
KL1dXVyQSJZ7P2G/wt0QVuUIzMbWcZ/eQznlt1h6Lt+fD6qVotVhXWnB4ScmBdPz
CMeQwRzcP0OORyH5G1GRyKPRpzhn29vYYbrbD8/EnMXO+0dvfChheTyGJuSanOY8
wzbN10b6U8UiLlLOSf2TxqJKnvsQBcJbUyFvLuOSY+M/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:08 2024 by rpki-client on console-fra.rpki-client.org