Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/BdzdbBPhxCJ6Oay5Eo2HvSvH0CY.roa
File: BdzdbBPhxCJ6Oay5Eo2HvSvH0CY.roa (raw, json)
Hash identifier: 1b2CPKhTEBhkuDK3k0spQZ3UMOV/O99L62dUzSQ0VKI=
Subject key identifier: 05:DC:DD:6C:13:E1:C4:22:7A:39:AC:B9:12:8D:87:BD:2B:C7:D0:26
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 01856D0AE65EAF1ADF5A96498D2CFA1FDBE1
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/BdzdbBPhxCJ6Oay5Eo2HvSvH0CY.roa
Signing time: Sun 01 Jan 2023 11:15:08 +0000
ROA not before: Sun 01 Jan 2023 11:15:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8941
IP address blocks: 85.143.23.0/24 maxlen: 24
85.143.22.0/24 maxlen: 24
85.143.21.0/24 maxlen: 24
85.143.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:e6:5e:af:1a:df:5a:96:49:8d:2c:fa:1f:db:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 11:15:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05dcdd6c13e1c4227a39acb9128d87bd2bc7d026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:f2:4a:3a:2f:8a:10:4d:7e:8b:75:8c:53:03:
19:bc:c2:33:da:26:42:11:69:67:c0:c2:80:9e:40:
91:22:25:32:4f:0f:8e:4d:ba:5f:7e:fa:f7:be:61:
04:75:45:0f:16:b6:7a:26:b9:8a:20:15:60:04:a3:
9d:7e:dd:23:6a:57:7e:46:4a:e3:fb:46:60:a2:e4:
59:f9:3f:21:74:57:72:52:59:1b:3d:18:97:39:d1:
0b:65:7e:b6:6f:31:89:39:73:1a:c1:79:ab:b8:78:
cb:97:aa:c9:07:5b:34:bb:9c:69:cf:10:51:b2:5b:
9b:f5:46:26:b2:5f:ba:65:80:ec:1e:74:e5:4c:fa:
d6:97:1d:84:06:0b:89:02:bb:d8:fc:05:af:97:aa:
46:49:01:c0:fd:85:f5:3d:57:8d:43:73:74:6e:49:
c6:58:0e:73:2c:c6:75:3c:96:c3:87:66:6b:44:d5:
5f:33:9c:de:93:48:91:f3:a1:46:32:fd:cf:65:4f:
ee:ce:27:9f:83:d1:56:64:d6:80:77:b1:15:2a:2d:
e6:01:59:7d:95:ea:5e:91:33:05:79:f4:75:fa:4d:
61:c0:c2:aa:19:a3:39:e6:70:50:8f:e9:cf:70:f2:
83:5e:3d:23:33:e1:10:dd:da:fe:e6:4b:89:21:b6:
bc:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:DC:DD:6C:13:E1:C4:22:7A:39:AC:B9:12:8D:87:BD:2B:C7:D0:26
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/BdzdbBPhxCJ6Oay5Eo2HvSvH0CY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.143.20.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:7e:07:18:a4:39:9e:4a:83:3d:68:cf:40:2b:4e:73:6c:26:
94:76:ad:d3:de:0a:76:ae:c9:5c:9c:39:08:02:87:cd:96:9d:
62:0d:af:06:7f:f2:50:07:74:b0:7a:38:91:28:fc:17:a3:5e:
02:fa:4f:12:09:6c:08:c9:f1:63:92:bd:d1:76:ff:0a:c4:5f:
7a:d9:59:e0:2d:e2:67:e0:f8:8e:da:20:46:fe:01:a8:3b:a7:
15:94:6b:64:17:46:00:f8:b0:6e:cb:79:b1:41:58:90:05:45:
1e:11:75:70:b6:64:0a:85:08:ff:a1:17:86:ec:cf:1f:00:88:
94:7d:7f:03:1a:3f:7b:b6:e9:3d:ca:86:12:10:3b:5a:d0:bb:
44:d4:1b:a5:40:32:43:1b:a4:c8:58:56:76:ea:04:8b:01:61:
5d:ec:eb:f0:f3:72:c8:66:81:db:48:15:22:92:c2:79:17:2f:
48:ee:a7:c4:0f:41:bb:53:ab:b9:8b:d1:3f:c4:57:9a:79:d0:
04:7a:0f:c1:d6:bd:87:1e:17:e6:4f:1a:71:19:30:a3:8c:f8:
91:06:2e:cc:0e:04:dd:19:e1:d0:cb:b5:b3:3e:f1:d5:6d:56:
2e:0b:cd:60:8b:49:85:0d:e6:28:52:50:db:1d:01:69:46:8e:
80:61:6d:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCuZerxrfWpZJjSz6H9vhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjMwMTAxMTExNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWRjZGQ2YzEzZTFjNDIyN2EzOWFjYjkxMjhkODdiZDJiYzdkMDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5PJKOi+KEE1+i3WMUwMZvMIz2iZC
EWlnwMKAnkCRIiUyTw+OTbpffvr3vmEEdUUPFrZ6JrmKIBVgBKOdft0jald+Rkrj
+0ZgouRZ+T8hdFdyUlkbPRiXOdELZX62bzGJOXMawXmruHjLl6rJB1s0u5xpzxBR
slub9UYmsl+6ZYDsHnTlTPrWlx2EBguJArvY/AWvl6pGSQHA/YX1PVeNQ3N0bknG
WA5zLMZ1PJbDh2ZrRNVfM5zek0iR86FGMv3PZU/uziefg9FWZNaAd7EVKi3mAVl9
lepekTMFefR1+k1hwMKqGaM55nBQj+nPcPKDXj0jM+EQ3dr+5kuJIba84wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAXc3WwT4cQiejmsuRKNh70rx9AmMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvQmR6ZGJCUGh4Q0o2T2F5NUVvMkh2U3ZIMENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVY8UMA0G
CSqGSIb3DQEBCwUAA4IBAQA7fgcYpDmeSoM9aM9AK05zbCaUdq3T3gp2rslcnDkI
AofNlp1iDa8Gf/JQB3SwejiRKPwXo14C+k8SCWwIyfFjkr3Rdv8KxF962VngLeJn
4PiO2iBG/gGoO6cVlGtkF0YA+LBuy3mxQViQBUUeEXVwtmQKhQj/oReG7M8fAIiU
fX8DGj97tuk9yoYSEDta0LtE1BulQDJDG6TIWFZ26gSLAWFd7Ovw83LIZoHbSBUi
ksJ5Fy9I7qfED0G7U6u5i9E/xFeaedAEeg/B1r2HHhfmTxpxGTCjjPiRBi7MDgTd
GeHQy7WzPvHVbVYuC81gi0mFDeYoUlDbHQFpRo6AYW0L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:46 2024 by rpki-client on console-fra.rpki-client.org