Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/xjYnBBdHpulvH05Y16gBSK0rUMY.roa
File: xjYnBBdHpulvH05Y16gBSK0rUMY.roa (raw, json)
Hash identifier: 0nbRmO5ZlA/1IvsqsVPtCmypiy0D+3FaMcnu4sZgiIA=
Subject key identifier: C6:36:27:04:17:47:A6:E9:6F:1F:4E:58:D7:A8:01:48:AD:2B:50:C6
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 01856D0AECAAEAE92AE688840D2F04C1ED72
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/xjYnBBdHpulvH05Y16gBSK0rUMY.roa
Signing time: Sun 01 Jan 2023 11:15:10 +0000
ROA not before: Sun 01 Jan 2023 11:15:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57010
IP address blocks: 85.143.251.0/24 maxlen: 24
85.143.198.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:ec:aa:ea:e9:2a:e6:88:84:0d:2f:04:c1:ed:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 11:15:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c63627041747a6e96f1f4e58d7a80148ad2b50c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:23:41:e3:f8:95:44:7b:6f:71:9c:3c:5e:e4:
4b:5c:a4:55:27:cc:2e:3d:17:77:a2:a2:b9:6a:93:
ee:07:c7:b7:80:b7:b1:e7:17:87:78:c3:56:b5:c5:
15:3a:92:84:9e:63:f2:55:39:94:d0:81:0e:87:42:
13:fb:a8:5d:05:c7:4a:77:a5:97:69:23:22:33:3b:
3e:ab:48:09:5d:96:cd:2d:66:af:62:42:45:04:94:
4e:ab:8e:99:24:2f:1b:10:14:70:6f:80:0b:85:15:
ac:f8:2d:3d:3a:7b:13:25:d6:16:39:11:b3:9b:67:
95:74:2b:e8:31:36:29:fd:a5:dd:9a:30:36:5a:c7:
29:48:bb:0e:2a:6d:35:e4:00:81:03:12:94:d4:81:
ce:a4:59:0e:00:dd:09:e6:1b:b6:79:92:66:8b:be:
e5:82:87:6d:c0:c0:6e:67:fe:75:2c:c4:0e:31:69:
73:03:dc:49:e0:37:b8:29:0f:a4:1d:07:89:4b:06:
2a:48:84:94:4c:c9:98:55:af:ab:46:81:2c:38:c6:
1d:04:9c:8c:36:22:34:c2:3f:b0:5b:ab:c1:34:1e:
25:cd:c9:c1:34:d2:2a:58:5a:54:ed:1b:30:24:ac:
0e:32:5e:72:09:5e:49:79:6e:14:0a:68:70:59:96:
e5:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:36:27:04:17:47:A6:E9:6F:1F:4E:58:D7:A8:01:48:AD:2B:50:C6
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/xjYnBBdHpulvH05Y16gBSK0rUMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.143.198.0/23
85.143.251.0/24
Signature Algorithm: sha256WithRSAEncryption
51:d5:34:3b:0d:cd:9e:ae:46:7e:6b:2f:c1:df:1b:aa:b2:8a:
7f:04:9a:1d:21:aa:ba:9c:87:0b:99:4d:a7:fc:c4:68:4b:01:
f0:17:bc:e9:0f:cb:6b:d2:f1:59:39:3b:dd:6c:12:40:6e:ec:
fd:ab:0b:74:8e:66:06:b5:56:19:11:f0:66:bf:9b:04:8b:b0:
c8:d4:91:78:91:d9:c1:7c:fc:d6:cc:f6:43:01:03:f7:d7:ca:
33:dc:08:25:1e:38:27:2c:a4:d4:1f:93:97:eb:f8:4a:b3:89:
43:37:7b:e8:21:c1:d1:e4:27:9d:bb:2d:ef:bf:fd:41:be:bf:
a5:80:97:ec:1e:94:35:88:93:3b:f4:b2:fe:ea:3f:73:a9:a1:
35:65:2e:2e:66:55:48:3a:4f:8e:ea:9d:ab:ab:f0:26:c1:da:
37:0f:e4:52:da:9b:8d:ac:49:97:03:0d:20:b5:d0:b7:a4:67:
49:7a:1f:c8:be:69:6b:55:a6:f3:da:16:69:a3:c5:86:df:73:
34:9d:92:b1:c4:23:16:f7:7a:54:7c:68:13:71:8e:fc:ea:48:
14:d5:06:da:69:be:52:38:d3:86:9b:40:8d:54:25:b8:95:ea:
9b:66:01:8f:4f:91:77:ea:77:76:a9:80:f2:60:bc:35:cd:ad:
33:97:8f:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtCuyq6ukq5oiEDS8Ewe1yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjMwMTAxMTExNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjM2MjcwNDE3NDdhNmU5NmYxZjRlNThkN2E4MDE0OGFkMmI1MGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1iNB4/iVRHtvcZw8XuRLXKRVJ8wu
PRd3oqK5apPuB8e3gLex5xeHeMNWtcUVOpKEnmPyVTmU0IEOh0IT+6hdBcdKd6WX
aSMiMzs+q0gJXZbNLWavYkJFBJROq46ZJC8bEBRwb4ALhRWs+C09OnsTJdYWORGz
m2eVdCvoMTYp/aXdmjA2WscpSLsOKm015ACBAxKU1IHOpFkOAN0J5hu2eZJmi77l
godtwMBuZ/51LMQOMWlzA9xJ4De4KQ+kHQeJSwYqSISUTMmYVa+rRoEsOMYdBJyM
NiI0wj+wW6vBNB4lzcnBNNIqWFpU7RswJKwOMl5yCV5JeW4UCmhwWZblqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMY2JwQXR6bpbx9OWNeoAUitK1DGMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEveGpZbkJCZEhwdWx2SDA1WTE2Z0JTSzByVU1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVY/GAwQA
VY/7MA0GCSqGSIb3DQEBCwUAA4IBAQBR1TQ7Dc2erkZ+ay/B3xuqsop/BJodIaq6
nIcLmU2n/MRoSwHwF7zpD8tr0vFZOTvdbBJAbuz9qwt0jmYGtVYZEfBmv5sEi7DI
1JF4kdnBfPzWzPZDAQP318oz3AglHjgnLKTUH5OX6/hKs4lDN3voIcHR5Ceduy3v
v/1Bvr+lgJfsHpQ1iJM79LL+6j9zqaE1ZS4uZlVIOk+O6p2rq/Amwdo3D+RS2puN
rEmXAw0gtdC3pGdJeh/IvmlrVabz2hZpo8WG33M0nZKxxCMW93pUfGgTcY786kgU
1Qbaab5SONOGm0CNVCW4leqbZgGPT5F36nd2qYDyYLw1za0zl49y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:46 2024 by rpki-client on console-fra.rpki-client.org