Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/FVENjhtnXXhf9mdpCIffzvEyc9s.roa
File: FVENjhtnXXhf9mdpCIffzvEyc9s.roa (raw, json)
Hash identifier: tkwJaszBn4DBcOyel9oaxuqMs0MencqN/xHB/Rk3plI=
Subject key identifier: 15:51:0D:8E:1B:67:5D:78:5F:F6:67:69:08:87:DF:CE:F1:32:73:DB
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 01856D0AF0B14AD191F373B85EBD10A16973
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/FVENjhtnXXhf9mdpCIffzvEyc9s.roa
Signing time: Sun 01 Jan 2023 11:15:11 +0000
ROA not before: Sun 01 Jan 2023 11:15:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198685
IP address blocks: 85.142.148.0/23 maxlen: 23
85.142.149.0/24 maxlen: 24
85.142.148.0/24 maxlen: 24
85.143.18.0/23 maxlen: 23
2001:b08:26::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 17 Nov 2023 08:17:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:f0:b1:4a:d1:91:f3:73:b8:5e:bd:10:a1:69:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 11:15:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15510d8e1b675d785ff667690887dfcef13273db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bf:51:56:82:26:5a:1a:a3:17:3a:50:ea:e5:
eb:c6:70:a0:fa:b2:9e:07:aa:2b:15:41:ae:da:fa:
19:ec:c9:55:0f:c7:7a:03:59:28:9b:d4:66:d5:0a:
a8:ad:bf:5e:e9:25:35:4d:40:f4:be:70:6f:2b:65:
c6:72:3e:83:a6:12:e8:fe:b6:c8:e0:fa:cd:e4:48:
c5:b4:d6:ca:d2:44:88:fa:05:ec:c7:5f:45:63:db:
36:be:28:95:b8:08:57:f4:7f:c7:bb:97:c0:96:87:
7e:82:28:a5:77:f9:7e:ba:c3:cd:a9:04:34:7c:d7:
e7:33:7c:f6:b0:b3:01:4a:cb:09:7b:dc:44:49:e4:
00:4a:7d:3e:70:58:49:98:f4:fd:5a:0a:75:4c:c6:
14:ec:42:93:a6:cd:72:e9:33:44:34:ba:ce:c6:08:
a1:10:fd:84:6c:d0:f4:83:af:45:5c:93:42:2a:b5:
ae:b1:af:11:a3:b6:29:d2:15:c5:0c:7b:22:92:98:
f9:6b:a8:f0:19:ad:68:5a:91:60:71:b2:9d:a9:8f:
37:ef:c2:64:63:c3:06:75:83:85:63:11:fc:09:cc:
ee:19:f2:dc:60:db:d8:81:28:e5:40:77:02:a7:a7:
ab:75:ab:56:36:d3:bd:c2:b4:02:8c:e5:c1:1f:8c:
69:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:51:0D:8E:1B:67:5D:78:5F:F6:67:69:08:87:DF:CE:F1:32:73:DB
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/FVENjhtnXXhf9mdpCIffzvEyc9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.142.148.0/23
85.143.18.0/23
IPv6:
2001:b08:26::/48
Signature Algorithm: sha256WithRSAEncryption
20:27:0f:c9:47:3d:1f:30:b8:a5:6e:86:b0:52:94:f1:99:6a:
e4:6c:48:e7:bd:02:4b:4f:54:16:aa:97:77:c8:24:62:95:53:
be:03:67:58:f7:d8:57:5e:4e:63:83:6d:49:14:fb:d7:76:13:
f2:64:04:f6:2f:4f:64:9d:5c:6a:eb:69:ec:01:27:f4:ca:ad:
4c:b8:38:95:e5:b3:88:6d:a8:f9:86:5d:5e:28:51:e8:de:a2:
f6:08:97:52:20:8f:17:ee:6a:2d:26:82:17:73:da:90:a8:08:
23:af:6f:c8:d8:d7:4f:b8:39:53:71:96:1f:ec:a9:06:81:21:
e8:19:b3:c8:c9:40:94:06:01:2f:2f:7d:9e:93:79:c8:1b:c9:
41:3d:2c:d7:ac:dc:ef:b3:24:58:60:8d:21:30:36:44:50:cc:
86:fb:56:8a:99:9a:25:16:0a:ac:ab:03:1d:57:a4:ba:f7:f4:
a8:43:1d:44:2b:45:20:08:73:85:87:42:33:58:0d:de:52:88:
f6:51:f6:25:47:e6:ff:a3:38:53:90:b1:16:ad:0d:59:4b:d6:
f6:db:20:9a:1a:3a:5f:87:e7:3b:c2:b4:4d:84:2a:d0:7a:9f:
9b:47:f7:a8:6c:ee:32:09:49:80:0d:5e:12:52:ba:99:98:72:
2f:d6:37:d5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVtCvCxStGR83O4Xr0QoWlzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjMwMTAxMTExNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTUxMGQ4ZTFiNjc1ZDc4NWZmNjY3NjkwODg3ZGZjZWYxMzI3M2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuL9RVoImWhqjFzpQ6uXrxnCg+rKe
B6orFUGu2voZ7MlVD8d6A1kom9Rm1Qqorb9e6SU1TUD0vnBvK2XGcj6DphLo/rbI
4PrN5EjFtNbK0kSI+gXsx19FY9s2viiVuAhX9H/Hu5fAlod+giild/l+usPNqQQ0
fNfnM3z2sLMBSssJe9xESeQASn0+cFhJmPT9Wgp1TMYU7EKTps1y6TNENLrOxgih
EP2EbND0g69FXJNCKrWusa8Ro7Yp0hXFDHsikpj5a6jwGa1oWpFgcbKdqY8378Jk
Y8MGdYOFYxH8CczuGfLcYNvYgSjlQHcCp6erdatWNtO9wrQCjOXBH4xpiQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBVRDY4bZ114X/ZnaQiH387xMnPbMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvRlZFTmpodG5YWGhmOW1kcENJZmZ6dkV5YzlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBVY6UAwQB
VY8SMA8EAgACMAkDBwAgAQsIACYwDQYJKoZIhvcNAQELBQADggEBACAnD8lHPR8w
uKVuhrBSlPGZauRsSOe9AktPVBaql3fIJGKVU74DZ1j32FdeTmODbUkU+9d2E/Jk
BPYvT2SdXGrraewBJ/TKrUy4OJXls4htqPmGXV4oUejeovYIl1Igjxfuai0mghdz
2pCoCCOvb8jY10+4OVNxlh/sqQaBIegZs8jJQJQGAS8vfZ6TecgbyUE9LNes3O+z
JFhgjSEwNkRQzIb7VoqZmiUWCqyrAx1XpLr39KhDHUQrRSAIc4WHQjNYDd5SiPZR
9iVH5v+jOFOQsRatDVlL1vbbIJoaOl+H5zvCtE2EKtB6n5tH96hs7jIJSYANXhJS
upmYci/WN9U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:01 2024 by rpki-client on console-ams.rpki-client.org