Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/i_11T-ldrvMKAC5XoVYBTE0uGiE.roa
File: i_11T-ldrvMKAC5XoVYBTE0uGiE.roa (raw, json)
Hash identifier: h0O4uHRYDiYRjmVpKjDI3E5lY3ZlABxRVMTZBAA6A1o=
Subject key identifier: 8B:FD:75:4F:E9:5D:AE:F3:0A:00:2E:57:A1:56:01:4C:4D:2E:1A:21
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018CC72772B4C5D73B22FD628AEF9298AF48
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/i_11T-ldrvMKAC5XoVYBTE0uGiE.roa
Signing time: Mon 01 Jan 2024 22:31:40 +0000
ROA not before: Mon 01 Jan 2024 22:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8941
IP address blocks: 85.143.23.0/24 maxlen: 24
85.143.22.0/24 maxlen: 24
85.143.21.0/24 maxlen: 24
85.143.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 Apr 2024 15:11:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:72:b4:c5:d7:3b:22:fd:62:8a:ef:92:98:af:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 22:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8bfd754fe95daef30a002e57a156014c4d2e1a21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:7f:e5:95:a7:84:e0:e4:8c:4e:ef:ee:f7:f1:
62:b3:15:e6:43:31:ec:1d:04:f2:48:c5:a1:3b:49:
ea:b3:6a:e0:d0:b8:91:0d:de:34:0e:75:0d:55:ad:
49:1a:5b:d2:5c:da:fa:ba:4a:d5:e0:4e:8d:32:85:
7b:81:67:dd:0d:d0:12:0b:08:9f:28:e3:12:ec:9c:
0d:78:b2:99:b0:bf:db:ef:0e:4f:34:e2:39:b6:05:
d0:b8:b0:22:13:a4:22:93:a1:6b:0d:a8:5b:9e:b2:
b6:d8:59:d5:01:5f:b2:b5:cf:11:58:bb:cd:c9:c9:
ee:50:db:0b:b4:73:2c:b8:32:2d:72:6e:9c:57:12:
8b:b8:4c:07:6f:c8:eb:8d:f3:1c:cd:21:0f:60:24:
1a:9b:5c:4a:f3:d5:1f:bf:24:9e:5b:ef:c7:cf:f0:
bb:f2:8d:d0:25:48:9c:8e:24:61:b0:e8:d2:97:fa:
da:e9:a4:5f:6a:96:41:2a:04:c1:69:e5:ce:59:ad:
07:84:8d:39:60:a3:99:ec:ad:d1:c7:d7:3b:dc:8e:
42:fe:e7:aa:e0:9d:23:59:6c:01:be:f5:3c:98:79:
ff:3a:16:ee:bc:ea:38:0f:e7:01:b2:c7:eb:95:2b:
00:f0:35:27:1f:56:13:b8:53:39:2e:26:1d:c7:30:
e6:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:FD:75:4F:E9:5D:AE:F3:0A:00:2E:57:A1:56:01:4C:4D:2E:1A:21
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/i_11T-ldrvMKAC5XoVYBTE0uGiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.143.20.0/22
Signature Algorithm: sha256WithRSAEncryption
84:91:26:ef:06:40:26:13:1c:4f:c6:c5:e1:82:02:99:c9:0d:
f7:de:8e:87:ea:7f:a8:46:e7:63:aa:0b:be:21:88:bd:93:06:
bf:14:bd:6f:91:06:63:8b:6e:a3:24:5a:0e:84:4b:16:5d:01:
3a:47:b3:28:8e:81:92:78:70:97:3e:17:49:7f:02:eb:4e:53:
0e:50:da:f9:2f:6e:a7:ff:4e:ca:af:c2:03:96:52:24:4e:8d:
5b:e8:1e:78:9e:44:53:06:48:d6:93:a9:c7:a9:87:5c:6b:b9:
14:38:a5:fa:67:7f:24:38:74:12:fa:42:c2:bb:79:4c:27:f2:
07:d9:c4:8f:63:5c:8c:05:43:e4:8b:ff:e1:26:d3:33:35:4c:
87:2d:fa:94:e6:e5:da:f2:8b:f7:f5:86:b6:9d:1f:9c:cf:ee:
07:98:04:95:e5:9f:5e:57:87:c6:69:4d:7c:71:70:a3:48:5b:
cd:9b:9d:67:de:ad:76:78:0f:47:6f:0f:f3:d9:01:9d:71:8c:
ea:9e:89:68:7c:53:ac:84:6f:6d:d3:74:68:fd:bc:2f:de:f1:
30:11:ff:fc:e8:f1:45:ce:4a:e2:ef:4d:ad:7c:0e:be:38:86:
c1:18:65:e5:76:0a:4a:cc:1e:e7:29:d2:63:1b:de:41:36:b6:
25:9b:ca:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ3K0xdc7Iv1iiu+SmK9IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQwMTAxMjIzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmZkNzU0ZmU5NWRhZWYzMGEwMDJlNTdhMTU2MDE0YzRkMmUxYTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiH/llaeE4OSMTu/u9/FisxXmQzHs
HQTySMWhO0nqs2rg0LiRDd40DnUNVa1JGlvSXNr6ukrV4E6NMoV7gWfdDdASCwif
KOMS7JwNeLKZsL/b7w5PNOI5tgXQuLAiE6Qik6FrDahbnrK22FnVAV+ytc8RWLvN
ycnuUNsLtHMsuDItcm6cVxKLuEwHb8jrjfMczSEPYCQam1xK89UfvySeW+/Hz/C7
8o3QJUicjiRhsOjSl/ra6aRfapZBKgTBaeXOWa0HhI05YKOZ7K3Rx9c73I5C/ueq
4J0jWWwBvvU8mHn/OhbuvOo4D+cBssfrlSsA8DUnH1YTuFM5LiYdxzDmuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIv9dU/pXa7zCgAuV6FWAUxNLhohMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvaV8xMVQtbGRydk1LQUM1WG9WWUJURTB1R2lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVY8UMA0G
CSqGSIb3DQEBCwUAA4IBAQCEkSbvBkAmExxPxsXhggKZyQ333o6H6n+oRudjqgu+
IYi9kwa/FL1vkQZji26jJFoOhEsWXQE6R7MojoGSeHCXPhdJfwLrTlMOUNr5L26n
/07Kr8IDllIkTo1b6B54nkRTBkjWk6nHqYdca7kUOKX6Z38kOHQS+kLCu3lMJ/IH
2cSPY1yMBUPki//hJtMzNUyHLfqU5uXa8ov39Ya2nR+cz+4HmASV5Z9eV4fGaU18
cXCjSFvNm51n3q12eA9Hbw/z2QGdcYzqnolofFOshG9t03Ro/bwv3vEwEf/86PFF
zkri702tfA6+OIbBGGXldgpKzB7nKdJjG95BNrYlm8pA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:01 2024 by rpki-client on console-ams.rpki-client.org