Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/g8p7bJZkOHhMqmqqkHl2UICEZ04.roa
File: g8p7bJZkOHhMqmqqkHl2UICEZ04.roa (raw, json)
Hash identifier: Q9N5Dm9W+xdlpwh9NnPs4wjI7PH1wZ1XORCQZIFMB2I=
Subject key identifier: 83:CA:7B:6C:96:64:38:78:4C:AA:6A:AA:90:79:76:50:80:84:67:4E
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018F438CE000FBECF06384EE1189CD1D8629
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/g8p7bJZkOHhMqmqqkHl2UICEZ04.roa
Signing time: Sat 04 May 2024 12:20:56 +0000
ROA not before: Sat 04 May 2024 12:20:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 85.142.0.0/21 maxlen: 24
85.142.40.0/21 maxlen: 24
85.142.48.0/22 maxlen: 24
85.142.64.0/22 maxlen: 24
85.142.72.0/21 maxlen: 24
85.142.80.0/20 maxlen: 24
85.142.96.0/22 maxlen: 24
85.142.100.0/23 maxlen: 24
85.142.112.0/22 maxlen: 24
85.142.128.0/20 maxlen: 24
85.142.212.0/22 maxlen: 24
85.142.240.0/23 maxlen: 24
85.142.242.0/24 maxlen: 24
85.142.244.0/23 maxlen: 24
85.142.246.0/24 maxlen: 24
85.143.40.0/21 maxlen: 24
85.143.48.0/20 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 May 2024 12:26:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:43:8c:e0:00:fb:ec:f0:63:84:ee:11:89:cd:1d:86:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: May 4 12:20:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83ca7b6c966438784caa6aaa907976508084674e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:54:af:65:27:e9:e2:37:30:f3:98:cc:41:a9:
bf:16:a3:f7:af:ab:6b:47:f6:ad:fd:d8:74:46:f9:
79:41:ec:85:9e:aa:4f:ef:e9:91:0a:f0:84:96:95:
b6:a1:94:67:91:a6:f0:b1:06:1e:9a:c3:42:5c:27:
e8:c7:e1:ff:17:b9:6f:6f:4b:63:76:d6:12:62:90:
06:8d:c2:16:ef:4a:c6:be:ea:be:02:07:63:d3:9c:
ca:c7:a7:41:3b:99:f1:cd:82:e5:3f:d9:6d:26:c4:
fb:c1:64:28:42:47:1e:f6:bb:a1:9f:d8:00:15:51:
e4:6e:65:7b:a1:c5:d8:83:65:90:9f:ab:d1:f7:45:
de:61:4a:cf:8a:9b:bf:88:4a:ae:fb:5e:33:dc:fc:
32:53:62:3b:3b:fb:7e:a4:79:c7:3d:d1:ff:de:71:
f1:c4:7b:22:e4:8d:5a:0d:43:ea:99:24:5f:be:9b:
07:30:d3:c5:1f:da:57:eb:92:5c:08:8e:c7:15:31:
ff:3e:68:27:5c:4b:7f:16:f0:be:7e:7b:19:f3:33:
e4:ce:27:f8:70:09:96:08:c4:20:4c:83:40:ac:b9:
7b:24:ed:34:0a:53:d8:6a:2d:49:f1:34:00:3f:cc:
42:9f:d4:07:08:6a:4a:db:8b:75:70:8b:a6:94:7a:
16:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:CA:7B:6C:96:64:38:78:4C:AA:6A:AA:90:79:76:50:80:84:67:4E
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/g8p7bJZkOHhMqmqqkHl2UICEZ04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.142.0.0/21
85.142.40.0-85.142.51.255
85.142.64.0/22
85.142.72.0-85.142.101.255
85.142.112.0/22
85.142.128.0/20
85.142.212.0/22
85.142.240.0-85.142.242.255
85.142.244.0-85.142.246.255
85.143.40.0-85.143.63.255
Signature Algorithm: sha256WithRSAEncryption
40:f0:84:6b:a8:f8:c7:97:42:ff:eb:7e:81:58:7e:59:9b:61:
b0:6f:5a:2f:5f:58:d3:17:0b:a0:85:89:78:5d:2f:c3:9c:89:
d1:18:2a:c5:7b:11:70:a6:12:b0:e6:1d:86:60:30:e9:18:28:
54:ab:d6:ab:97:1f:d7:1a:88:bf:e6:41:12:c5:8c:a9:b4:65:
ad:e1:53:fc:33:2c:24:f7:44:17:c8:15:2c:76:aa:03:8e:65:
03:5c:15:ca:7d:7f:bb:d1:2a:78:09:b4:1e:1c:1a:09:f9:f0:
7e:05:a4:14:f0:08:11:84:99:ec:17:3c:f4:0f:ab:9e:5d:74:
ba:86:32:fa:52:82:0c:5f:c3:7d:4a:4e:b4:ce:b8:b7:8a:16:
84:91:6a:b9:fd:ed:7c:32:e0:3c:47:b6:13:4c:eb:d5:a1:e4:
c8:76:8e:13:1d:a5:71:8a:58:81:af:d3:e7:45:47:bb:83:0f:
46:28:39:49:58:db:91:18:60:6d:8c:d3:75:b2:67:bd:c2:59:
3e:2e:1e:96:09:c4:cd:19:6c:0d:5c:f0:8d:7f:80:25:ae:49:
ec:4a:a1:3a:d3:30:5a:8c:d8:d1:5a:43:47:b1:98:62:10:7f:
b4:c8:f3:9e:da:be:c4:6b:e8:a1:df:53:9b:2f:06:c6:f1:34:
fc:04:f4:fe
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAY9DjOAA++zwY4TuEYnNHYYpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQwNTA0MTIyMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2NhN2I2Yzk2NjQzODc4NGNhYTZhYWE5MDc5NzY1MDgwODQ2NzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1SvZSfp4jcw85jMQam/FqP3r6tr
R/at/dh0Rvl5QeyFnqpP7+mRCvCElpW2oZRnkabwsQYemsNCXCfox+H/F7lvb0tj
dtYSYpAGjcIW70rGvuq+Agdj05zKx6dBO5nxzYLlP9ltJsT7wWQoQkce9ruhn9gA
FVHkbmV7ocXYg2WQn6vR90XeYUrPipu/iEqu+14z3PwyU2I7O/t+pHnHPdH/3nHx
xHsi5I1aDUPqmSRfvpsHMNPFH9pX65JcCI7HFTH/PmgnXEt/FvC+fnsZ8zPkzif4
cAmWCMQgTINArLl7JO00ClPYai1J8TQAP8xCn9QHCGpK24t1cIumlHoWaQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFIPKe2yWZDh4TKpqqpB5dlCAhGdOMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvZzhwN2JKWmtPSGhNcW1xcWtIbDJVSUNFWjA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQDVY4AMAwD
BANVjigDBAJVjjADBAJVjkAwDAMEA1WOSAMEAVWOZAMEAlWOcAMEBFWOgAMEAlWO
1DAMAwQEVY7wAwQAVY7yMAwDBAJVjvQDBABVjvYwDAMEA1WPKAMEBlWPADANBgkq
hkiG9w0BAQsFAAOCAQEAQPCEa6j4x5dC/+t+gVh+WZthsG9aL19Y0xcLoIWJeF0v
w5yJ0RgqxXsRcKYSsOYdhmAw6RgoVKvWq5cf1xqIv+ZBEsWMqbRlreFT/DMsJPdE
F8gVLHaqA45lA1wVyn1/u9EqeAm0HhwaCfnwfgWkFPAIEYSZ7Bc89A+rnl10uoYy
+lKCDF/DfUpOtM64t4oWhJFquf3tfDLgPEe2E0zr1aHkyHaOEx2lcYpYga/T50VH
u4MPRig5SVjbkRhgbYzTdbJnvcJZPi4elgnEzRlsDVzwjX+AJa5J7EqhOtMwWozY
0VpDR7GYYhB/tMjzntq+xGvood9Tmy8GxvE0/AT0/g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:46 2024 by rpki-client on console-fra.rpki-client.org