Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/Gzz3FAhiKMoA1-CuodKTJWF17Vo.roa
File: Gzz3FAhiKMoA1-CuodKTJWF17Vo.roa (raw, json)
Hash identifier: cCOMiA1mrUFdk3v4HOu7/sNI3PCaMpVKvGVK3P5AoMs=
Subject key identifier: 1B:3C:F7:14:08:62:28:CA:00:D7:E0:AE:A1:D2:93:25:61:75:ED:5A
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018A89F4B4EABCB3DA1985B2F64FD5B568A3
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/Gzz3FAhiKMoA1-CuodKTJWF17Vo.roa
Signing time: Tue 12 Sep 2023 15:13:50 +0000
ROA not before: Tue 12 Sep 2023 15:13:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49505
IP address blocks: 85.142.242.0/24 maxlen: 24
85.143.40.0/21 maxlen: 24
85.143.48.0/20 maxlen: 24
85.142.212.0/22 maxlen: 24
85.142.240.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:89:f4:b4:ea:bc:b3:da:19:85:b2:f6:4f:d5:b5:68:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Sep 12 15:13:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b3cf714086228ca00d7e0aea1d293256175ed5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ce:4a:b6:76:3b:c2:0c:8a:27:e5:c7:da:3e:
20:c9:05:34:24:64:3b:d2:29:66:eb:a3:c5:c1:48:
5c:28:66:2b:b1:14:ec:ff:55:cc:b9:41:a3:82:cc:
ae:9b:c8:ae:13:c1:4c:32:fb:db:f2:7e:fc:35:5c:
af:05:ff:c6:9e:d5:0d:6d:97:0a:14:e6:fe:84:8b:
46:eb:3c:d0:87:a6:df:d7:87:da:4e:e8:de:81:ec:
7f:07:37:71:7f:71:31:04:e2:49:0d:b0:5b:e0:1b:
d2:cd:39:f9:d3:e9:23:fa:64:30:33:6c:35:6c:1c:
2f:ae:07:e4:8a:bc:e9:03:4f:55:7e:e2:cf:fa:2e:
64:35:16:56:1f:10:bc:91:e3:81:d5:7f:8b:e5:b8:
90:95:45:4f:cd:7c:c8:1f:02:1b:03:e7:fe:df:7d:
fc:07:0a:b5:45:09:6c:ad:fc:98:b2:b1:83:99:f0:
ea:2d:52:4b:85:a6:bf:bc:66:0f:ba:25:f6:02:92:
5c:bb:cd:d2:8e:28:83:17:ca:f2:6f:f1:00:f4:c2:
cb:ca:50:63:3b:40:a9:75:da:f6:c7:fd:74:94:15:
22:5b:7f:93:60:5d:04:ba:3c:ed:3b:98:5c:e6:d8:
17:37:44:7d:be:40:2f:f1:5a:89:d6:a0:7a:4c:59:
25:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:3C:F7:14:08:62:28:CA:00:D7:E0:AE:A1:D2:93:25:61:75:ED:5A
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/Gzz3FAhiKMoA1-CuodKTJWF17Vo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.142.212.0/22
85.142.240.0-85.142.242.255
85.143.40.0-85.143.63.255
Signature Algorithm: sha256WithRSAEncryption
52:57:4d:53:fd:fa:a4:30:36:d1:4d:b6:13:76:65:aa:b3:d6:
e0:86:69:91:43:c9:d4:e4:c4:33:7f:d8:07:85:2b:59:e8:88:
53:89:e6:f5:b3:f0:4f:27:37:ac:a0:67:69:b2:a3:73:38:aa:
6a:f2:51:4b:6d:ee:66:c0:04:1d:24:1b:40:f0:83:d8:9e:73:
26:34:e8:c9:08:97:17:57:83:25:ce:a7:32:a9:61:ce:bd:bc:
8c:1e:f3:4c:12:7b:9e:6a:62:4d:a2:75:37:04:89:87:9b:9c:
92:0b:f5:af:89:3a:69:96:fc:50:dc:b7:02:68:35:42:12:5e:
4f:78:da:0b:c6:9d:a9:58:77:44:4d:c1:e8:96:40:76:37:bb:
08:da:bd:ea:17:9d:e9:ff:a3:e3:2e:ff:e0:8c:aa:b1:4e:52:
5c:24:73:f7:04:55:c4:42:eb:9b:ec:65:95:19:10:55:0e:b7:
cb:f6:91:6a:e8:cc:3f:f5:92:43:17:e2:69:1c:14:2d:6f:7c:
79:b2:14:3f:78:84:72:9f:84:db:99:64:07:f5:07:cc:ea:3e:
8c:ab:fe:c7:c5:2f:32:c0:af:50:ff:d6:8f:99:6b:54:cc:eb:
0a:e1:d7:f8:fe:7d:90:d4:ed:63:9a:d0:4a:65:d1:47:0d:1b:
e5:d6:59:67
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYqJ9LTqvLPaGYWy9k/VtWijMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjMwOTEyMTUxMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjNjZjcxNDA4NjIyOGNhMDBkN2UwYWVhMWQyOTMyNTYxNzVlZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnc5KtnY7wgyKJ+XH2j4gyQU0JGQ7
0ilm66PFwUhcKGYrsRTs/1XMuUGjgsyum8iuE8FMMvvb8n78NVyvBf/GntUNbZcK
FOb+hItG6zzQh6bf14faTujegex/Bzdxf3ExBOJJDbBb4BvSzTn50+kj+mQwM2w1
bBwvrgfkirzpA09VfuLP+i5kNRZWHxC8keOB1X+L5biQlUVPzXzIHwIbA+f+3338
Bwq1RQlsrfyYsrGDmfDqLVJLhaa/vGYPuiX2ApJcu83SjiiDF8ryb/EA9MLLylBj
O0Cpddr2x/10lBUiW3+TYF0EujztO5hc5tgXN0R9vkAv8VqJ1qB6TFklNQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBs89xQIYijKANfgrqHSkyVhde1aMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvR3p6M0ZBaGlLTW9BMS1DdW9kS1RKV0YxN1ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQCVY7UMAwD
BARVjvADBABVjvIwDAMEA1WPKAMEBlWPADANBgkqhkiG9w0BAQsFAAOCAQEAUldN
U/36pDA20U22E3ZlqrPW4IZpkUPJ1OTEM3/YB4UrWeiIU4nm9bPwTyc3rKBnabKj
cziqavJRS23uZsAEHSQbQPCD2J5zJjToyQiXF1eDJc6nMqlhzr28jB7zTBJ7nmpi
TaJ1NwSJh5uckgv1r4k6aZb8UNy3Amg1QhJeT3jaC8adqVh3RE3B6JZAdje7CNq9
6hed6f+j4y7/4IyqsU5SXCRz9wRVxELrm+xllRkQVQ63y/aRaujMP/WSQxfiaRwU
LW98ebIUP3iEcp+E25lkB/UHzOo+jKv+x8UvMsCvUP/Wj5lrVMzrCuHX+P59kNTt
Y5rQSmXRRw0b5dZZZw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:01 2024 by rpki-client on console-ams.rpki-client.org