Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/9QCQCI7D_-reirzUmrJCiOkhfiA.roa
File: 9QCQCI7D_-reirzUmrJCiOkhfiA.roa (raw, json)
Hash identifier: fa3FxIj34jdBvnlx7o0+iyXMIvcNrYLQIuclpsUU2xc=
Subject key identifier: F5:00:90:08:8E:C3:FF:EA:DE:8A:BC:D4:9A:B2:42:88:E9:21:7E:20
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 01856D0AEBDE337CF46A0027EFD9C1DF2D38
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/9QCQCI7D_-reirzUmrJCiOkhfiA.roa
Signing time: Sun 01 Jan 2023 11:15:10 +0000
ROA not before: Sun 01 Jan 2023 11:15:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51783
IP address blocks: 85.143.168.0/22 maxlen: 22
85.143.188.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:eb:de:33:7c:f4:6a:00:27:ef:d9:c1:df:2d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 11:15:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f50090088ec3ffeade8abcd49ab24288e9217e20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4c:d7:df:1f:04:6a:f1:23:31:bf:ec:d1:60:
ca:76:6e:d6:bb:29:f2:8a:e1:6f:75:2b:6a:50:74:
ae:fb:a8:d5:ea:56:40:d9:37:7e:1a:44:93:b5:9c:
b0:4d:1d:89:9f:2d:5b:fa:81:4d:fc:ad:9c:36:0e:
b4:6c:20:5c:d0:75:f4:a5:63:39:9c:37:73:57:fe:
b6:5c:9d:5d:89:4c:d0:53:7c:dc:f7:e6:b8:d8:5d:
60:f2:65:d5:bb:7b:30:6f:a1:f6:f1:e1:06:c1:77:
45:9b:d8:3a:7a:f8:91:f5:3b:4f:6b:84:3a:69:64:
d5:6e:fb:a2:d2:8f:58:4a:5e:5a:98:14:bd:e4:ab:
2b:eb:c9:b9:6a:9a:ce:97:58:5e:b6:c6:60:ab:71:
4b:9a:0a:32:9b:c6:7f:88:86:69:c7:d6:d4:1f:24:
1f:70:80:66:83:77:96:c6:52:93:09:0f:c0:37:85:
ea:0a:37:59:b5:57:a3:d7:a1:ba:3a:cd:8b:0e:ff:
a9:3a:be:8f:12:29:c1:20:ec:a0:e9:14:d3:6b:6a:
4b:57:6e:36:62:fc:6d:49:38:bf:6d:8f:ed:ff:eb:
7f:3a:62:ce:8e:c6:f2:76:19:bb:47:3c:72:57:a5:
f8:2e:ad:04:96:8a:d4:42:10:78:82:b7:f9:2f:fe:
87:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:00:90:08:8E:C3:FF:EA:DE:8A:BC:D4:9A:B2:42:88:E9:21:7E:20
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/9QCQCI7D_-reirzUmrJCiOkhfiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.143.168.0/22
85.143.188.0/23
Signature Algorithm: sha256WithRSAEncryption
46:bd:10:ab:41:9a:1b:88:db:6d:f4:bc:61:b1:db:65:c5:6c:
16:51:f9:f7:a2:78:f7:bc:cb:eb:89:2a:60:df:dc:1e:ab:94:
2e:94:bc:8c:00:8b:a3:43:f4:58:92:92:21:05:32:b3:04:99:
65:6f:8d:f7:cb:92:50:27:bc:9d:1a:c2:fe:f1:54:af:02:8f:
e7:fb:0d:4e:a2:55:3a:1d:b0:95:3f:f1:33:02:0a:34:58:5e:
ca:2e:a4:15:e6:0f:cc:d7:4d:60:f4:5f:45:52:10:fb:24:9f:
c9:cb:39:38:72:28:51:87:64:c5:9c:0b:92:40:5c:37:e4:3a:
95:f7:7c:2f:9e:f9:89:ca:d3:39:f8:23:73:63:b3:45:c7:ba:
22:fa:cd:89:64:43:7f:b9:14:b2:1a:eb:11:65:90:41:5a:92:
b0:79:03:6d:1c:fe:70:4b:87:79:ac:fc:04:13:60:f5:25:76:
dd:3b:37:07:3a:fb:6f:1e:b0:ea:23:7e:09:ab:87:3b:da:04:
44:9f:44:0e:5e:c2:80:87:29:9e:ba:c8:d8:29:80:0e:c1:e7:
07:dc:e6:d8:10:ea:1e:71:8b:96:5f:c5:8b:16:e4:f9:eb:1f:
1a:44:7f:cd:fa:f7:08:b3:12:8b:2c:30:9e:77:22:f9:d9:4a:
c6:36:de:44
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtCuveM3z0agAn79nB3y04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjMwMTAxMTExNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTAwOTAwODhlYzNmZmVhZGU4YWJjZDQ5YWIyNDI4OGU5MjE3ZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0zX3x8EavEjMb/s0WDKdm7Wuyny
iuFvdStqUHSu+6jV6lZA2Td+GkSTtZywTR2Jny1b+oFN/K2cNg60bCBc0HX0pWM5
nDdzV/62XJ1diUzQU3zc9+a42F1g8mXVu3swb6H28eEGwXdFm9g6eviR9TtPa4Q6
aWTVbvui0o9YSl5amBS95Ksr68m5aprOl1hetsZgq3FLmgoym8Z/iIZpx9bUHyQf
cIBmg3eWxlKTCQ/AN4XqCjdZtVej16G6Os2LDv+pOr6PEinBIOyg6RTTa2pLV242
YvxtSTi/bY/t/+t/OmLOjsbydhm7RzxyV6X4Lq0ElorUQhB4grf5L/6HyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPUAkAiOw//q3oq81JqyQojpIX4gMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvOVFDUUNJN0RfLXJlaXJ6VW1ySkNpT2toZmlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVY+oAwQB
VY+8MA0GCSqGSIb3DQEBCwUAA4IBAQBGvRCrQZobiNtt9LxhsdtlxWwWUfn3onj3
vMvriSpg39weq5QulLyMAIujQ/RYkpIhBTKzBJllb433y5JQJ7ydGsL+8VSvAo/n
+w1OolU6HbCVP/EzAgo0WF7KLqQV5g/M101g9F9FUhD7JJ/Jyzk4cihRh2TFnAuS
QFw35DqV93wvnvmJytM5+CNzY7NFx7oi+s2JZEN/uRSyGusRZZBBWpKweQNtHP5w
S4d5rPwEE2D1JXbdOzcHOvtvHrDqI34Jq4c72gREn0QOXsKAhymeusjYKYAOwecH
3ObYEOoecYuWX8WLFuT56x8aRH/N+vcIsxKLLDCedyL52UrGNt5E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:46 2024 by rpki-client on console-fra.rpki-client.org