Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/iGvcQm0Gcw6X4aVSjc8hwyomnCw.roa
File: iGvcQm0Gcw6X4aVSjc8hwyomnCw.roa (raw, json)
Hash identifier: M61s/PRcvAzJW19MGHj3HTh6o4nYxjjswcrQrKjyN64=
Subject key identifier: 88:6B:DC:42:6D:06:73:0E:97:E1:A5:52:8D:CF:21:C3:2A:26:9C:2C
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 01856D0AF19AA37383EBF8F26DC9ED03510D
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/iGvcQm0Gcw6X4aVSjc8hwyomnCw.roa
Signing time: Sun 01 Jan 2023 11:15:11 +0000
ROA not before: Sun 01 Jan 2023 11:15:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201848
IP address blocks: 85.143.208.0/20 maxlen: 20
85.143.172.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:f1:9a:a3:73:83:eb:f8:f2:6d:c9:ed:03:51:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 11:15:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=886bdc426d06730e97e1a5528dcf21c32a269c2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:40:57:82:b9:75:af:ca:76:52:2e:94:bf:88:
87:65:05:aa:24:a3:07:b8:c1:1f:de:93:dc:7b:7b:
65:d0:f7:ee:6d:67:57:23:b1:fb:82:e8:82:16:d9:
ae:cb:e5:eb:50:81:c3:95:58:d2:b5:16:5c:b4:00:
40:e8:ba:e4:46:5f:d7:8f:ce:58:f4:f2:1c:84:7d:
6c:cc:95:c7:40:85:d8:71:9f:8f:08:05:19:dd:a9:
fa:9c:60:80:9c:33:36:4a:6e:c6:c9:9d:af:61:55:
5c:b9:e1:4b:fa:5e:ac:d7:23:07:2b:db:97:ef:f0:
04:26:d0:b7:54:6e:ab:e8:52:4a:eb:29:7e:a1:59:
1b:99:47:e3:b3:f2:7e:80:50:c4:13:0a:d7:5c:44:
d4:4f:d5:b0:93:69:70:8f:c7:d2:6b:92:4f:1e:04:
a1:c4:5d:e9:f0:0e:9e:a9:17:7c:ae:a6:4b:28:05:
a7:3a:97:7f:6a:fa:60:d9:d0:95:e6:32:9d:f4:ac:
f4:f1:3d:27:8e:46:90:18:2a:27:57:ae:f4:7b:4c:
23:c5:4a:74:3b:c9:d7:24:9c:16:30:0b:98:13:af:
2b:e6:e1:3a:68:c1:83:ae:6f:08:ab:39:aa:a5:3e:
89:74:b8:48:4d:46:b3:56:2f:0c:83:82:2d:9e:4f:
43:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:6B:DC:42:6D:06:73:0E:97:E1:A5:52:8D:CF:21:C3:2A:26:9C:2C
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/iGvcQm0Gcw6X4aVSjc8hwyomnCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.143.172.0/22
85.143.208.0/20
Signature Algorithm: sha256WithRSAEncryption
1d:d0:82:fc:1e:85:1f:63:fc:f4:49:56:b0:4d:cb:86:98:de:
28:8c:1a:cf:a0:64:0a:86:4a:bc:04:94:80:b8:ca:be:60:11:
6f:8d:50:54:85:e5:5f:bb:e7:7c:41:1d:11:d7:30:a7:b3:6d:
b2:72:ff:3e:7b:d8:2e:67:4e:86:bf:45:72:87:9b:da:cf:9d:
08:7c:9d:64:26:4a:49:7e:f2:c8:19:68:53:e3:49:97:de:5e:
29:a3:1f:94:0c:8b:42:1c:84:6b:07:dd:e3:41:94:4c:a2:fc:
32:9b:5f:73:a4:e3:23:83:31:e2:47:23:8d:ef:dc:d0:9d:64:
14:c8:93:45:3e:9e:23:8b:c9:bb:7e:48:67:14:e1:ed:a4:fe:
75:d3:31:80:dc:0f:83:1d:cc:60:cb:e1:8c:40:6e:52:37:ce:
21:3e:6f:b0:62:d5:94:07:1e:c4:2a:75:cc:5e:db:c8:29:08:
50:e0:53:cd:86:a7:f2:a3:a9:a4:e6:07:49:4c:9b:c0:4a:2f:
14:03:60:48:90:e5:27:a1:a3:bb:90:6d:f8:28:22:96:3e:cb:
2b:0e:49:4a:f4:7c:29:3a:f6:7b:54:ea:31:62:05:ff:e2:ea:
62:a1:5a:8d:7d:2f:44:e9:66:86:7c:d6:86:f1:1b:2e:d9:1c:
42:7b:64:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtCvGao3OD6/jybcntA1ENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjMwMTAxMTExNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODZiZGM0MjZkMDY3MzBlOTdlMWE1NTI4ZGNmMjFjMzJhMjY5YzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEBXgrl1r8p2Ui6Uv4iHZQWqJKMH
uMEf3pPce3tl0PfubWdXI7H7guiCFtmuy+XrUIHDlVjStRZctABA6LrkRl/Xj85Y
9PIchH1szJXHQIXYcZ+PCAUZ3an6nGCAnDM2Sm7GyZ2vYVVcueFL+l6s1yMHK9uX
7/AEJtC3VG6r6FJK6yl+oVkbmUfjs/J+gFDEEwrXXETUT9Wwk2lwj8fSa5JPHgSh
xF3p8A6eqRd8rqZLKAWnOpd/avpg2dCV5jKd9Kz08T0njkaQGConV670e0wjxUp0
O8nXJJwWMAuYE68r5uE6aMGDrm8IqzmqpT6JdLhITUazVi8Mg4Itnk9DTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIhr3EJtBnMOl+GlUo3PIcMqJpwsMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvaUd2Y1FtMEdjdzZYNGFWU2pjOGh3eW9tbkN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVY+sAwQE
VY/QMA0GCSqGSIb3DQEBCwUAA4IBAQAd0IL8HoUfY/z0SVawTcuGmN4ojBrPoGQK
hkq8BJSAuMq+YBFvjVBUheVfu+d8QR0R1zCns22ycv8+e9guZ06Gv0Vyh5vaz50I
fJ1kJkpJfvLIGWhT40mX3l4pox+UDItCHIRrB93jQZRMovwym19zpOMjgzHiRyON
79zQnWQUyJNFPp4ji8m7fkhnFOHtpP510zGA3A+DHcxgy+GMQG5SN84hPm+wYtWU
Bx7EKnXMXtvIKQhQ4FPNhqfyo6mk5gdJTJvASi8UA2BIkOUnoaO7kG34KCKWPssr
DklK9HwpOvZ7VOoxYgX/4upioVqNfS9E6WaGfNaG8Rsu2RxCe2RD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:01 2024 by rpki-client on console-ams.rpki-client.org