Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/72488a-035d-4931-8dfb-4c86cbe03610/1/26PlL71R1dRjVV4M4-ghLZEsnoU.roa
File: 26PlL71R1dRjVV4M4-ghLZEsnoU.roa (raw, json)
Hash identifier: IJPvkTXuzpLh1P03/PI0c98jtNF5ol5pbIpJegqthWk=
Subject key identifier: DB:A3:E5:2F:BD:51:D5:D4:63:55:5E:0C:E3:E8:21:2D:91:2C:9E:85
Certificate issuer: /CN=674a61a8a9c97c03cdebe05f82558e51dbf90821
Certificate serial: 01856F9DF3F9251EB604AEB11B6342D727F3
Authority key identifier: 67:4A:61:A8:A9:C9:7C:03:CD:EB:E0:5F:82:55:8E:51:DB:F9:08:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0phqKnJfAPN6-BfglWOUdv5CCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/72488a-035d-4931-8dfb-4c86cbe03610/1/26PlL71R1dRjVV4M4-ghLZEsnoU.roa
Signing time: Sun 01 Jan 2023 23:15:00 +0000
ROA not before: Sun 01 Jan 2023 23:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208035
IP address blocks: 85.202.196.0/24 maxlen: 24
85.202.196.0/22 maxlen: 24
85.202.197.0/24 maxlen: 24
85.202.198.0/24 maxlen: 24
85.202.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:f3:f9:25:1e:b6:04:ae:b1:1b:63:42:d7:27:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=674a61a8a9c97c03cdebe05f82558e51dbf90821
Validity
Not Before: Jan 1 23:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dba3e52fbd51d5d463555e0ce3e8212d912c9e85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:cc:be:1b:88:61:73:01:19:3c:13:27:eb:5e:
c6:d1:87:d3:00:fd:25:79:5f:cb:58:3b:17:14:4e:
8d:61:79:35:fd:3c:a9:82:65:ca:22:16:aa:5c:26:
cf:c8:42:4f:89:3d:45:1e:19:cc:ab:c3:10:b9:50:
39:f1:aa:a6:0b:ef:e6:72:50:4c:4f:13:68:41:39:
e9:5b:bf:ac:00:e1:ad:bb:70:b6:39:2a:87:59:49:
d0:68:47:0a:5f:ef:18:6b:c3:56:60:58:9e:81:cf:
49:1c:ea:cc:ac:e2:5f:f6:1d:0c:a7:a2:b7:2a:11:
6f:01:a2:d0:51:79:2d:c2:ff:cf:81:9c:2b:74:4e:
74:ee:7d:f9:bb:e2:d9:7f:10:9b:51:2e:26:2e:20:
d0:bd:67:2e:ec:71:76:bb:2f:93:ba:a8:80:d7:f0:
2d:e3:1d:d9:fd:21:8e:af:40:c9:81:ad:be:9d:88:
6c:c0:93:60:64:f7:ee:66:e7:d0:9b:46:1c:cf:c8:
f5:a0:87:19:64:4a:67:e7:0c:c9:c3:4d:5c:42:bc:
16:c2:34:fa:90:6c:9d:34:64:68:8b:5f:bd:17:e3:
bc:41:d8:35:b9:44:62:f9:c7:44:2d:95:eb:3b:5b:
15:c0:8d:ef:69:80:9b:a0:58:27:4b:5d:54:fd:71:
d0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:A3:E5:2F:BD:51:D5:D4:63:55:5E:0C:E3:E8:21:2D:91:2C:9E:85
X509v3 Authority Key Identifier:
keyid:67:4A:61:A8:A9:C9:7C:03:CD:EB:E0:5F:82:55:8E:51:DB:F9:08:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0phqKnJfAPN6-BfglWOUdv5CCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/72488a-035d-4931-8dfb-4c86cbe03610/1/26PlL71R1dRjVV4M4-ghLZEsnoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/72488a-035d-4931-8dfb-4c86cbe03610/1/Z0phqKnJfAPN6-BfglWOUdv5CCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.196.0/22
Signature Algorithm: sha256WithRSAEncryption
14:81:f5:0d:06:f8:4d:78:b4:fd:c6:3c:cf:79:d2:cb:6e:5a:
d2:5a:83:4e:59:3a:70:89:5b:eb:69:e7:26:7c:12:27:b3:35:
27:a1:44:78:e5:06:46:1e:d3:f5:4d:41:ce:2a:41:aa:a6:03:
9c:b8:32:c7:63:2b:c3:92:78:e7:b0:aa:68:97:38:30:04:26:
11:0b:57:4c:68:0b:10:33:14:4e:99:03:ff:a3:d7:e6:e7:af:
c8:b1:6a:13:c1:dc:f9:e8:a7:d1:f9:db:bc:0a:3a:e7:f0:6b:
25:e7:32:d4:36:12:e0:5e:2c:55:d6:56:b1:0d:aa:bd:da:50:
c3:28:93:7b:65:e3:00:ed:72:11:1e:40:e0:4e:47:0a:df:47:
1b:76:4f:6b:ff:b7:dd:48:44:78:c3:ff:30:91:7f:e5:d8:ac:
f3:43:8e:ec:71:56:8a:17:f5:3c:6b:b1:e4:b4:b1:3d:ab:0e:
74:ba:72:ab:08:28:db:f9:67:1a:81:40:ac:06:72:74:88:5f:
01:49:69:fb:a4:ee:bf:33:c4:d6:eb:5e:81:2e:24:f6:66:d2:
27:a2:51:89:eb:15:56:b0:ba:8e:20:28:e0:13:62:68:b2:ad:
7d:30:15:72:5d:5c:b7:c6:e8:87:99:aa:a7:07:2e:8d:a9:07:
cc:36:2f:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvnfP5JR62BK6xG2NC1yfzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NGE2MWE4YTljOTdjMDNjZGViZTA1ZjgyNTU4ZTUxZGJm
OTA4MjEwHhcNMjMwMTAxMjMxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmEzZTUyZmJkNTFkNWQ0NjM1NTVlMGNlM2U4MjEyZDkxMmM5ZTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsy+G4hhcwEZPBMn617G0YfTAP0l
eV/LWDsXFE6NYXk1/TypgmXKIhaqXCbPyEJPiT1FHhnMq8MQuVA58aqmC+/mclBM
TxNoQTnpW7+sAOGtu3C2OSqHWUnQaEcKX+8Ya8NWYFiegc9JHOrMrOJf9h0Mp6K3
KhFvAaLQUXktwv/PgZwrdE507n35u+LZfxCbUS4mLiDQvWcu7HF2uy+TuqiA1/At
4x3Z/SGOr0DJga2+nYhswJNgZPfuZufQm0Ycz8j1oIcZZEpn5wzJw01cQrwWwjT6
kGydNGRoi1+9F+O8Qdg1uURi+cdELZXrO1sVwI3vaYCboFgnS11U/XHQ3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNuj5S+9UdXUY1VeDOPoIS2RLJ6FMB8GA1UdIwQY
MBaAFGdKYaipyXwDzevgX4JVjlHb+QghMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBwaHFLbkpmQVBONi1CZmdsV09VZHY1Q0NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi83MjQ4OGEtMDM1ZC00OTMxLThkZmIt
NGM4NmNiZTAzNjEwLzEvMjZQbEw3MVIxZFJqVlY0TTQtZ2hMWkVzbm9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi83MjQ4OGEtMDM1ZC00OTMxLThkZmItNGM4NmNiZTAzNjEw
LzEvWjBwaHFLbkpmQVBONi1CZmdsV09VZHY1Q0NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVcrEMA0G
CSqGSIb3DQEBCwUAA4IBAQAUgfUNBvhNeLT9xjzPedLLblrSWoNOWTpwiVvraecm
fBInszUnoUR45QZGHtP1TUHOKkGqpgOcuDLHYyvDknjnsKpolzgwBCYRC1dMaAsQ
MxROmQP/o9fm56/IsWoTwdz56KfR+du8Cjrn8Gsl5zLUNhLgXixV1laxDaq92lDD
KJN7ZeMA7XIRHkDgTkcK30cbdk9r/7fdSER4w/8wkX/l2KzzQ47scVaKF/U8a7Hk
tLE9qw50unKrCCjb+WcagUCsBnJ0iF8BSWn7pO6/M8TW616BLiT2ZtInolGJ6xVW
sLqOICjgE2Josq19MBVyXVy3xuiHmaqnBy6NqQfMNi9t
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:07 2024 by rpki-client on console-ams.rpki-client.org