Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/kA5gdLnJPP-rOVXmGcAmMvE-3DA.roa
File: kA5gdLnJPP-rOVXmGcAmMvE-3DA.roa (raw, json)
Hash identifier: r1BDl4ftRbp3bgjx0SM8ns5bO3UJlUyFDhCWBY/gff4=
Subject key identifier: 90:0E:60:74:B9:C9:3C:FF:AB:39:55:E6:19:C0:26:32:F1:3E:DC:30
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018CC7277607D53401267FD8CD91B800F1E2
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/kA5gdLnJPP-rOVXmGcAmMvE-3DA.roa
Signing time: Mon 01 Jan 2024 22:31:41 +0000
ROA not before: Mon 01 Jan 2024 22:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 85.142.243.0/24 maxlen: 24
85.142.192.0/20 maxlen: 24
85.142.216.0/21 maxlen: 24
85.142.224.0/20 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 Apr 2024 14:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:76:07:d5:34:01:26:7f:d8:cd:91:b8:00:f1:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 22:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=900e6074b9c93cffab3955e619c02632f13edc30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:59:dd:d2:74:56:0b:5b:7d:46:e4:57:f4:a4:
81:92:09:89:af:ed:50:c3:bf:8d:3a:d1:ab:37:27:
92:82:a9:5a:99:78:86:72:b0:8c:8d:8c:ae:63:db:
66:d0:6a:0e:ef:81:de:8e:66:4d:94:96:52:31:7d:
9c:55:c3:62:29:ef:f5:83:84:00:fb:b3:3c:41:7b:
5c:1f:18:7e:c5:df:b0:70:2c:e2:13:cf:cc:5a:59:
a0:90:a0:0e:cd:b1:b0:54:50:bc:bc:2d:92:7a:c2:
33:c8:58:ad:1c:db:10:98:ba:14:9a:2f:eb:c2:d4:
be:c3:26:ac:00:e4:76:f8:b7:be:71:3e:4a:53:ee:
e3:88:e7:a5:b3:86:7d:b0:be:06:fe:e9:0e:f0:f9:
e0:3b:f4:88:03:f9:79:67:e9:b8:01:06:14:b1:0c:
a6:c8:4c:cf:0e:ad:4d:59:b4:2a:c5:02:e0:58:78:
75:38:a8:b0:99:71:c7:29:49:b3:b5:10:7c:7c:68:
cd:a4:2e:1f:db:b5:4d:e0:a1:de:f2:ea:72:ed:cc:
3d:fa:fe:d8:22:04:03:80:b9:bc:c9:d0:39:d4:25:
ec:29:b7:d9:1a:e1:17:a0:03:e2:01:9c:f4:ba:f5:
de:91:3a:a3:b6:af:83:e9:d3:b2:19:99:9c:29:27:
c1:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:0E:60:74:B9:C9:3C:FF:AB:39:55:E6:19:C0:26:32:F1:3E:DC:30
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/kA5gdLnJPP-rOVXmGcAmMvE-3DA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.142.192.0/20
85.142.216.0-85.142.239.255
85.142.243.0/24
Signature Algorithm: sha256WithRSAEncryption
23:1f:e3:6b:a5:fb:d5:af:f5:9d:b0:00:66:c7:1b:1e:f7:fc:
2a:1e:bc:7b:25:8d:62:d6:4a:9f:5c:b0:31:b4:6f:74:11:b0:
25:75:62:b4:67:10:21:1c:2c:81:50:7b:99:67:11:bb:33:41:
d4:19:d0:b2:cf:7a:37:b5:0d:d2:4b:21:5b:1d:6e:6a:69:53:
2e:39:b1:2c:d6:35:ea:50:7d:f9:df:58:ff:e5:ec:77:91:23:
dc:50:98:ac:a1:7e:7e:a0:9c:bf:21:f0:01:99:da:a1:81:1a:
c5:a8:b6:5f:bc:9f:71:5b:47:4b:71:83:36:74:d2:73:03:88:
32:28:19:37:a8:0f:c8:8b:3b:cb:be:b8:c2:21:3b:2f:ee:c1:
cd:3c:68:c7:62:10:8c:75:8d:fc:6d:9b:9e:77:95:0e:3d:af:
18:3c:7b:13:68:53:1d:d9:3a:ba:70:94:a0:64:57:05:d1:80:
b1:7d:e6:a4:83:a7:ab:15:76:22:2b:60:47:09:90:ae:13:61:
da:12:cb:a5:49:f9:12:4d:01:97:3e:a9:66:e4:2c:d4:99:01:
bc:75:24:2c:a5:b9:a4:73:3a:2f:fd:d1:fb:0d:44:7e:bf:43:
c4:21:c5:8a:3e:d8:99:59:2a:7b:f5:72:b1:e7:a2:f5:7f:9b:
96:14:98:94
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzHJ3YH1TQBJn/YzZG4APHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQwMTAxMjIzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDBlNjA3NGI5YzkzY2ZmYWIzOTU1ZTYxOWMwMjYzMmYxM2VkYzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolnd0nRWC1t9RuRX9KSBkgmJr+1Q
w7+NOtGrNyeSgqlamXiGcrCMjYyuY9tm0GoO74HejmZNlJZSMX2cVcNiKe/1g4QA
+7M8QXtcHxh+xd+wcCziE8/MWlmgkKAOzbGwVFC8vC2SesIzyFitHNsQmLoUmi/r
wtS+wyasAOR2+Le+cT5KU+7jiOels4Z9sL4G/ukO8PngO/SIA/l5Z+m4AQYUsQym
yEzPDq1NWbQqxQLgWHh1OKiwmXHHKUmztRB8fGjNpC4f27VN4KHe8upy7cw9+v7Y
IgQDgLm8ydA51CXsKbfZGuEXoAPiAZz0uvXekTqjtq+D6dOyGZmcKSfBiQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJAOYHS5yTz/qzlV5hnAJjLxPtwwMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEva0E1Z2RMbkpQUC1yT1ZYbUdjQW1NdkUtM0RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQEVY7AMAwD
BANVjtgDBARVjuADBABVjvMwDQYJKoZIhvcNAQELBQADggEBACMf42ul+9Wv9Z2w
AGbHGx73/CoevHsljWLWSp9csDG0b3QRsCV1YrRnECEcLIFQe5lnEbszQdQZ0LLP
eje1DdJLIVsdbmppUy45sSzWNepQffnfWP/l7HeRI9xQmKyhfn6gnL8h8AGZ2qGB
GsWotl+8n3FbR0txgzZ00nMDiDIoGTeoD8iLO8u+uMIhOy/uwc08aMdiEIx1jfxt
m553lQ49rxg8exNoUx3ZOrpwlKBkVwXRgLF95qSDp6sVdiIrYEcJkK4TYdoSy6VJ
+RJNAZc+qWbkLNSZAbx1JCyluaRzOi/90fsNRH6/Q8QhxYo+2JlZKnv1crHnovV/
m5YUmJQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:01 2024 by rpki-client on console-ams.rpki-client.org