Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/lSAEOpjnKNGDjiFfE_f7VKDkPWc.roa
File: lSAEOpjnKNGDjiFfE_f7VKDkPWc.roa (raw, json)
Hash identifier: 4J7J/41DF4WXatbkmvw7/eTf/8C1AYLFKrAjU6Q5Pe0=
Subject key identifier: 95:20:04:3A:98:E7:28:D1:83:8E:21:5F:13:F7:FB:54:A0:E4:3D:67
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018A89F688FCFB7A9FC7CCF526668365CC64
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/lSAEOpjnKNGDjiFfE_f7VKDkPWc.roa
Signing time: Tue 12 Sep 2023 15:15:50 +0000
ROA not before: Tue 12 Sep 2023 15:15:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 85.142.243.0/24 maxlen: 24
85.142.192.0/20 maxlen: 24
85.142.216.0/21 maxlen: 24
85.142.224.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:89:f6:88:fc:fb:7a:9f:c7:cc:f5:26:66:83:65:cc:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Sep 12 15:15:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9520043a98e728d1838e215f13f7fb54a0e43d67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:fd:9f:9b:ea:a9:df:8e:2a:53:f6:34:19:da:
8e:50:61:2a:ad:3b:98:f0:7a:0e:fc:08:1a:01:59:
31:4f:4b:6d:8f:33:92:bd:55:39:d8:52:08:b6:03:
d1:50:ba:a9:7e:af:2c:17:4d:d8:f2:bd:1e:1c:c5:
be:e1:04:df:64:ac:e1:d0:5e:b2:ee:ce:39:06:7f:
fe:8f:2f:47:78:78:93:bf:3e:a0:66:78:d4:b2:aa:
a5:ae:e7:07:a8:b7:b7:0b:31:24:85:f9:11:5d:35:
bf:2d:ba:bf:16:0b:1a:c5:8a:c4:8d:13:85:fb:1d:
a9:e9:2e:f8:78:8e:39:2c:8d:f9:ef:73:9c:29:e5:
9e:53:b7:7e:4a:d2:43:b6:91:07:30:76:e3:00:d4:
14:63:76:29:93:78:47:a3:11:8a:8c:70:6d:b0:70:
a3:15:74:59:04:7f:f0:2a:4c:bf:4f:ba:a5:9a:c8:
9f:98:e2:fb:65:b6:ae:34:b1:16:9f:4b:40:a5:28:
19:8a:b5:6f:0f:95:02:63:10:62:72:98:2a:90:63:
99:8b:33:b5:22:eb:16:dd:f9:1c:b7:ad:91:0f:d1:
4e:4f:f7:f7:0a:cf:ba:1b:4f:14:e8:a3:9c:13:af:
27:09:ba:5c:d1:86:6c:a0:81:f5:77:3a:32:79:68:
2c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:20:04:3A:98:E7:28:D1:83:8E:21:5F:13:F7:FB:54:A0:E4:3D:67
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/lSAEOpjnKNGDjiFfE_f7VKDkPWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.142.192.0/20
85.142.216.0-85.142.239.255
85.142.243.0/24
Signature Algorithm: sha256WithRSAEncryption
88:2f:ca:3a:fa:cd:ce:2a:0a:0e:39:b4:f3:10:e6:0c:a3:cf:
a5:72:6e:ae:43:e7:fc:66:86:7d:83:ee:4b:fa:9c:2c:31:76:
3d:a3:f7:fc:b9:60:5e:ba:0f:2c:cb:e5:35:04:e4:dc:40:90:
d2:a5:44:65:83:de:79:cc:10:1d:29:49:f0:91:b7:53:ec:2b:
6f:70:6e:67:95:f6:41:a3:14:78:ab:3f:d2:44:e1:ea:54:a1:
48:43:e7:b8:c7:62:d4:2a:cb:28:74:4e:c6:76:d4:2b:0c:ea:
74:8d:05:b5:a6:b0:a0:56:d5:fd:c0:bb:fb:73:9d:a9:c6:81:
ef:68:a0:e7:f0:f4:bd:17:c3:65:d1:d7:14:d3:e1:21:f5:c0:
41:b3:74:fd:c3:79:61:78:9d:20:c9:76:71:c1:45:2a:20:82:
19:05:1a:db:92:35:49:05:90:3b:b3:cd:b5:12:64:f1:10:0e:
73:52:17:b7:64:df:33:8c:e1:fa:c8:d2:4c:92:cb:39:65:5e:
fd:7c:41:44:bc:b2:b5:50:20:00:70:6a:cd:ea:14:31:70:13:
c7:aa:85:2f:f6:1a:14:24:ff:1c:13:69:06:d2:07:41:ee:ad:
54:48:23:12:71:3b:26:ad:0b:8a:8d:50:a5:b8:80:72:4e:49:
1c:7f:45:e7
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYqJ9oj8+3qfx8z1JmaDZcxkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjMwOTEyMTUxNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTIwMDQzYTk4ZTcyOGQxODM4ZTIxNWYxM2Y3ZmI1NGEwZTQzZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjf2fm+qp344qU/Y0GdqOUGEqrTuY
8HoO/AgaAVkxT0ttjzOSvVU52FIItgPRULqpfq8sF03Y8r0eHMW+4QTfZKzh0F6y
7s45Bn/+jy9HeHiTvz6gZnjUsqqlrucHqLe3CzEkhfkRXTW/Lbq/FgsaxYrEjROF
+x2p6S74eI45LI3573OcKeWeU7d+StJDtpEHMHbjANQUY3Ypk3hHoxGKjHBtsHCj
FXRZBH/wKky/T7qlmsifmOL7ZbauNLEWn0tApSgZirVvD5UCYxBicpgqkGOZizO1
IusW3fkct62RD9FOT/f3Cs+6G08U6KOcE68nCbpc0YZsoIH1dzoyeWgskQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJUgBDqY5yjRg44hXxP3+1Sg5D1nMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvbFNBRU9wam5LTkdEamlGZkVfZjdWS0RrUFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQEVY7AMAwD
BANVjtgDBARVjuADBABVjvMwDQYJKoZIhvcNAQELBQADggEBAIgvyjr6zc4qCg45
tPMQ5gyjz6Vybq5D5/xmhn2D7kv6nCwxdj2j9/y5YF66DyzL5TUE5NxAkNKlRGWD
3nnMEB0pSfCRt1PsK29wbmeV9kGjFHirP9JE4epUoUhD57jHYtQqyyh0TsZ21CsM
6nSNBbWmsKBW1f3Au/tznanGge9ooOfw9L0Xw2XR1xTT4SH1wEGzdP3DeWF4nSDJ
dnHBRSogghkFGtuSNUkFkDuzzbUSZPEQDnNSF7dk3zOM4frI0kySyzllXv18QUS8
srVQIABwas3qFDFwE8eqhS/2GhQk/xwTaQbSB0HurVRIIxJxOyatC4qNUKW4gHJO
SRx/Rec=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:01 2024 by rpki-client on console-ams.rpki-client.org