Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/nKFpgiZf31SPyOO_thfYAusGRf4.roa
File: nKFpgiZf31SPyOO_thfYAusGRf4.roa (raw, json)
Hash identifier: wb6XvM7xOv0fyTMiNL/xyF4ChOYnmO2fbazw3Z0Ra3I=
Subject key identifier: 9C:A1:69:82:26:5F:DF:54:8F:C8:E3:BF:B6:17:D8:02:EB:06:45:FE
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 019306F07295ED96886354A8F6C0954448DD
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/nKFpgiZf31SPyOO_thfYAusGRf4.roa
Signing time: Thu 07 Nov 2024 14:04:01 +0000
ROA not before: Thu 07 Nov 2024 14:04:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 85.142.192.0/22 maxlen: 24
85.142.216.0/21 maxlen: 24
85.142.224.0/20 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 15:37:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:06:f0:72:95:ed:96:88:63:54:a8:f6:c0:95:44:48:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Nov 7 14:04:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ca16982265fdf548fc8e3bfb617d802eb0645fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:cd:4f:26:e3:6e:41:74:d9:f6:01:6c:cf:9e:
73:d8:94:56:22:98:e2:21:e8:bc:55:02:94:ae:3a:
95:0f:c1:13:13:09:cb:ed:16:15:44:64:ff:37:ea:
14:cf:bb:db:6c:9b:07:0b:95:ab:52:36:14:96:78:
c9:15:44:d1:99:0f:b4:cf:a1:a5:dd:da:b7:79:43:
eb:5b:f0:a6:2d:e2:15:f1:6f:35:ae:f6:a1:cc:f9:
22:7f:09:44:9f:a9:c6:39:c3:f3:a5:70:2c:d6:56:
7c:29:f6:2d:03:fe:12:9f:1c:82:be:9d:f1:b7:05:
41:14:d6:a9:a0:70:d6:a0:d0:00:d6:25:5c:73:55:
e3:4a:41:dd:a3:67:92:85:ce:77:2b:c5:7a:d1:29:
7f:3b:33:00:38:ad:d7:be:1b:76:76:9e:78:ed:62:
97:b2:57:09:a8:15:38:cd:81:ad:b2:2f:ed:70:9a:
98:e3:ff:94:5b:be:26:a3:3b:16:80:cd:6f:60:1e:
2f:ec:78:e0:f1:eb:56:92:88:c7:dd:54:4f:f5:25:
b7:c1:15:85:76:02:d9:6f:13:fa:62:07:ff:79:e5:
b5:7f:71:65:0e:15:3f:61:45:0c:9a:4c:9c:e0:81:
d6:ca:9d:bf:a9:b5:22:bf:a1:fe:b7:5f:8f:f6:c5:
26:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A1:69:82:26:5F:DF:54:8F:C8:E3:BF:B6:17:D8:02:EB:06:45:FE
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/nKFpgiZf31SPyOO_thfYAusGRf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.142.192.0/22
85.142.216.0-85.142.239.255
Signature Algorithm: sha256WithRSAEncryption
36:dd:89:a5:43:0d:3e:f2:3a:95:dc:56:ac:a9:97:ba:b5:79:
6b:92:d2:23:2d:64:e3:41:70:31:50:87:b3:a8:9c:cf:27:2b:
7f:f9:b5:76:bd:96:19:0f:47:c1:5d:34:c8:4b:f3:28:be:a1:
18:09:27:82:19:73:2c:fd:f5:fd:2f:49:af:19:2d:48:69:ca:
cb:4c:79:e7:06:85:e3:ad:1d:d0:3f:76:99:82:1e:97:34:5c:
6d:f2:62:49:16:65:26:83:e9:a3:c6:7b:6d:81:d0:6d:d7:94:
de:98:65:b8:e2:bd:d9:01:65:bc:0a:38:45:5c:c0:75:b0:48:
15:f3:aa:25:c0:2d:8f:c0:13:fe:5f:9c:b5:71:93:1b:90:96:
86:1b:07:72:b9:e1:e3:ab:a8:40:b0:76:5b:4f:a1:bd:fb:3f:
63:ac:9d:6d:4b:07:30:79:db:6e:39:78:b4:eb:9a:29:e8:c8:
7d:83:72:1c:49:d4:f3:05:36:33:bd:15:f0:8b:e3:dd:39:b1:
1f:57:77:89:13:61:db:bd:b3:87:85:d9:fc:89:a1:51:1c:75:
ef:92:c1:28:ed:2b:70:81:42:d8:d4:5a:2b:59:1f:7b:09:32:
a2:aa:eb:bc:48:a7:fc:33:26:f8:f6:77:7c:b0:0e:35:9d:dd:
46:4e:a4:83
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZMG8HKV7ZaIY1So9sCVREjdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQxMTA3MTQwNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2ExNjk4MjI2NWZkZjU0OGZjOGUzYmZiNjE3ZDgwMmViMDY0NWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7s1PJuNuQXTZ9gFsz55z2JRWIpji
Iei8VQKUrjqVD8ETEwnL7RYVRGT/N+oUz7vbbJsHC5WrUjYUlnjJFUTRmQ+0z6Gl
3dq3eUPrW/CmLeIV8W81rvahzPkifwlEn6nGOcPzpXAs1lZ8KfYtA/4SnxyCvp3x
twVBFNapoHDWoNAA1iVcc1XjSkHdo2eShc53K8V60Sl/OzMAOK3Xvht2dp547WKX
slcJqBU4zYGtsi/tcJqY4/+UW74mozsWgM1vYB4v7Hjg8etWkojH3VRP9SW3wRWF
dgLZbxP6Ygf/eeW1f3FlDhU/YUUMmkyc4IHWyp2/qbUiv6H+t1+P9sUmywIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJyhaYImX99Uj8jjv7YX2ALrBkX+MB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvbktGcGdpWmYzMVNQeU9PX3RoZllBdXNHUmY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCVY7AMAwD
BANVjtgDBARVjuAwDQYJKoZIhvcNAQELBQADggEBADbdiaVDDT7yOpXcVqypl7q1
eWuS0iMtZONBcDFQh7OonM8nK3/5tXa9lhkPR8FdNMhL8yi+oRgJJ4IZcyz99f0v
Sa8ZLUhpystMeecGheOtHdA/dpmCHpc0XG3yYkkWZSaD6aPGe22B0G3XlN6YZbji
vdkBZbwKOEVcwHWwSBXzqiXALY/AE/5fnLVxkxuQloYbB3K54eOrqECwdltPob37
P2OsnW1LBzB52245eLTrminoyH2DchxJ1PMFNjO9FfCL4905sR9Xd4kTYdu9s4eF
2fyJoVEcde+SwSjtK3CBQtjUWitZH3sJMqKq67xIp/wzJvj2d3ywDjWd3UZOpIM=
Generated at Thu Nov 7 20:13:12 2024 by rpki-client on console-fra.rpki-client.org