Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/C1PM0ylk3CCPU1fxQM9dTPQVDwI.roa
File: C1PM0ylk3CCPU1fxQM9dTPQVDwI.roa (raw, json)
Hash identifier: QVOwvFyQrhnCrNkDir57QwKxLMlUizHwmQUS3Qem66c=
Subject key identifier: 0B:53:CC:D3:29:64:DC:20:8F:53:57:F1:40:CF:5D:4C:F4:15:0F:02
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018BDC5AEE427BDFADBEDA6FE7550536EA8D
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/C1PM0ylk3CCPU1fxQM9dTPQVDwI.roa
Signing time: Fri 17 Nov 2023 08:17:08 +0000
ROA not before: Fri 17 Nov 2023 08:17:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198685
IP address blocks: 85.142.148.0/23 maxlen: 23
85.142.149.0/24 maxlen: 24
85.142.148.0/24 maxlen: 24
85.143.18.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 28 Dec 2023 09:52:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dc:5a:ee:42:7b:df:ad:be:da:6f:e7:55:05:36:ea:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Nov 17 08:17:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b53ccd32964dc208f5357f140cf5d4cf4150f02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:5e:69:87:da:78:92:fe:95:e2:49:d0:f4:a9:
88:47:99:a6:a9:87:a9:c5:81:32:e9:37:2d:28:45:
45:15:7a:51:7d:72:a5:d4:49:62:7a:44:b4:d1:d5:
9b:99:24:cb:9a:36:97:f6:d2:91:5e:53:b5:80:9e:
8e:ad:ec:a3:55:34:3f:77:39:c5:99:65:47:7e:05:
f3:fd:08:ff:46:de:31:01:da:20:dd:c3:d7:9b:c2:
25:f2:57:63:98:8b:0a:a2:15:17:48:62:f8:f6:8f:
83:ca:b2:11:22:a9:cd:08:35:c6:b0:d4:e5:4b:b7:
55:fd:58:c8:06:c3:8e:1d:b2:a0:04:8d:de:f4:8e:
ef:ac:de:97:1c:cf:a4:35:70:2a:a8:f5:6c:10:22:
54:de:ed:11:d2:53:5b:47:7f:f8:52:78:e9:7d:19:
e7:30:36:41:7b:a5:e0:b1:3b:02:23:f0:8d:0b:ac:
e6:5f:a5:ab:51:d5:2a:23:e7:3d:ee:91:51:4c:f6:
77:0d:c6:4c:00:11:82:f2:63:b9:3f:47:3f:8e:7a:
ce:92:7e:35:a0:fc:ac:8c:d3:7d:4d:55:84:62:b4:
ae:9a:7a:32:4a:2f:7d:3b:39:d6:5f:be:68:0e:d1:
67:94:0c:ea:d3:d2:70:4c:55:a9:9a:57:3d:d7:71:
c4:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:53:CC:D3:29:64:DC:20:8F:53:57:F1:40:CF:5D:4C:F4:15:0F:02
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/C1PM0ylk3CCPU1fxQM9dTPQVDwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.142.148.0/23
85.143.18.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:d5:22:ae:0c:e4:c3:28:2f:90:7a:35:6b:b2:a8:73:df:1f:
a6:19:c9:76:52:96:b9:89:84:ce:c3:e6:8e:cb:36:a9:08:86:
cf:9e:49:d9:85:7c:64:75:de:6e:78:b3:dd:c4:49:15:5c:c6:
30:c9:f4:4c:87:61:c2:a0:b6:d4:b4:e5:1a:9f:97:fa:8f:22:
83:1a:9b:5f:d8:2e:19:d5:71:1a:11:d5:cd:d4:b9:85:77:79:
69:63:ad:eb:48:d5:58:0e:2e:83:82:ac:50:73:b1:70:f9:c3:
e3:ec:2c:25:34:31:67:3a:c2:15:28:4a:1e:f9:8b:3d:f1:dc:
bb:07:02:63:e4:30:09:91:e9:d5:0a:c5:ae:00:d4:6c:e0:a8:
96:1a:e6:cb:7e:db:af:43:5e:2c:12:a1:cd:cf:5a:a4:42:e1:
1b:4f:7f:0c:27:c0:e8:21:dd:39:44:fd:cb:73:4d:e4:9d:36:
82:5c:02:56:1b:97:95:e6:d8:bc:62:2a:68:16:dd:40:53:b0:
d1:89:76:17:71:7f:86:c5:a3:bd:fc:dc:43:86:fc:8e:f8:b6:
27:d3:4d:6c:7c:c0:7b:b6:2c:e3:77:8f:c8:f1:b8:e1:e3:4c:
29:8d:67:1c:bd:fa:0c:20:9f:9d:d6:5d:8e:5a:3d:21:f9:26:
61:40:8d:2e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvcWu5Ce9+tvtpv51UFNuqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjMxMTE3MDgxNzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjUzY2NkMzI5NjRkYzIwOGY1MzU3ZjE0MGNmNWQ0Y2Y0MTUwZjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAll5ph9p4kv6V4knQ9KmIR5mmqYep
xYEy6TctKEVFFXpRfXKl1EliekS00dWbmSTLmjaX9tKRXlO1gJ6OreyjVTQ/dznF
mWVHfgXz/Qj/Rt4xAdog3cPXm8Il8ldjmIsKohUXSGL49o+DyrIRIqnNCDXGsNTl
S7dV/VjIBsOOHbKgBI3e9I7vrN6XHM+kNXAqqPVsECJU3u0R0lNbR3/4UnjpfRnn
MDZBe6XgsTsCI/CNC6zmX6WrUdUqI+c97pFRTPZ3DcZMABGC8mO5P0c/jnrOkn41
oPysjNN9TVWEYrSumnoySi99OznWX75oDtFnlAzq09JwTFWpmlc913HEVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAtTzNMpZNwgj1NX8UDPXUz0FQ8CMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvQzFQTTB5bGszQ0NQVTFmeFFNOWRUUFFWRHdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVY6UAwQB
VY8SMA0GCSqGSIb3DQEBCwUAA4IBAQBc1SKuDOTDKC+QejVrsqhz3x+mGcl2Upa5
iYTOw+aOyzapCIbPnknZhXxkdd5ueLPdxEkVXMYwyfRMh2HCoLbUtOUan5f6jyKD
Gptf2C4Z1XEaEdXN1LmFd3lpY63rSNVYDi6DgqxQc7Fw+cPj7CwlNDFnOsIVKEoe
+Ys98dy7BwJj5DAJkenVCsWuANRs4KiWGubLftuvQ14sEqHNz1qkQuEbT38MJ8Do
Id05RP3Lc03knTaCXAJWG5eV5ti8YipoFt1AU7DRiXYXcX+GxaO9/NxDhvyO+LYn
001sfMB7tizjd4/I8bjh40wpjWccvfoMIJ+d1l2OWj0h+SZhQI0u
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:46 2024 by rpki-client on console-fra.rpki-client.org