Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/yJfWvAyus3liheSO3Fe254l8zUY.roa
File: yJfWvAyus3liheSO3Fe254l8zUY.roa (raw, json)
Hash identifier: zemJ5/fC8lnGT3ccxhOSn36a0HboOxhwohHQ/UN7Bs8=
Subject key identifier: C8:97:D6:BC:0C:AE:B3:79:62:85:E4:8E:DC:57:B6:E7:89:7C:CD:46
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018A2D674E29DDF91E61936A4F7B073C2045
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/yJfWvAyus3liheSO3Fe254l8zUY.roa
Signing time: Fri 25 Aug 2023 15:54:19 +0000
ROA not before: Fri 25 Aug 2023 15:54:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49505
IP address blocks: 85.142.242.0/24 maxlen: 24
85.143.40.0/21 maxlen: 21
85.142.212.0/22 maxlen: 22
85.142.240.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 05 Sep 2023 13:45:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2d:67:4e:29:dd:f9:1e:61:93:6a:4f:7b:07:3c:20:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Aug 25 15:54:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c897d6bc0caeb3796285e48edc57b6e7897ccd46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:23:33:54:dc:52:8a:84:ee:fa:57:5e:f0:df:
38:f0:50:e4:40:71:0d:f7:7c:8e:65:52:ad:17:7e:
43:f7:ae:fd:2d:52:dd:bc:98:08:01:22:3b:37:f0:
ef:67:25:4a:62:f4:f7:92:3e:5f:bf:59:86:46:7b:
0b:ad:78:b3:10:34:52:bb:43:63:8f:d0:0d:d0:c7:
80:ce:bc:26:46:71:6a:e3:f0:2a:0a:e8:07:e0:86:
2b:15:6c:65:f5:98:37:2e:cd:da:49:1c:98:5f:bd:
49:56:91:f9:60:21:02:08:71:ca:d2:3f:df:15:2e:
78:b8:51:d4:30:dd:96:2c:c9:43:a6:aa:a8:c6:be:
a4:41:2b:fe:ac:14:9e:31:b9:c5:dc:e0:c2:a9:25:
82:fc:89:c3:b7:62:4d:18:30:60:30:e3:ff:d8:5d:
d0:55:ea:c1:45:cf:33:e3:f3:85:98:c1:62:88:7c:
99:28:04:e0:e1:84:f0:7e:1d:4b:78:84:b7:f1:f3:
ff:fd:16:47:4a:7c:67:fd:95:1c:19:f9:1c:76:c5:
46:be:c4:84:2f:0b:af:3f:35:f0:33:92:78:33:73:
47:47:aa:0b:d7:d0:aa:4e:4b:33:90:a1:bc:6e:ca:
ba:af:fa:1f:a5:8e:46:4d:dd:20:85:37:24:57:41:
85:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:97:D6:BC:0C:AE:B3:79:62:85:E4:8E:DC:57:B6:E7:89:7C:CD:46
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/yJfWvAyus3liheSO3Fe254l8zUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.142.212.0/22
85.142.240.0-85.142.242.255
85.143.40.0/21
Signature Algorithm: sha256WithRSAEncryption
4d:87:91:2e:92:15:62:7b:af:55:53:46:1f:f0:37:87:27:be:
30:5e:5b:d5:f3:6b:7f:60:9e:f7:48:8c:3a:8e:66:9c:c2:ef:
cf:16:dc:99:e9:43:f2:c2:bc:52:ca:e0:8a:2e:e3:dc:8c:60:
8c:5b:36:63:f6:41:b5:22:b8:e1:ce:e2:3d:3a:7d:8f:6f:38:
52:8f:cf:8f:d6:0b:41:2c:6d:44:2d:44:1b:e8:80:27:a3:bc:
7b:5c:79:42:ec:6f:8d:c5:df:57:36:db:04:d7:5f:3b:81:81:
a8:08:a7:51:e0:56:47:f7:e8:99:35:4d:c0:2e:5d:7f:dc:b8:
c4:ba:68:1e:58:d0:be:29:2a:93:55:d0:46:19:b5:de:b7:d1:
de:62:0e:1d:f1:54:2b:19:13:c2:b6:89:e1:a6:b2:b2:89:d9:
5e:55:42:f7:75:3a:e0:19:c4:d1:42:68:52:50:a9:d8:9d:a5:
7e:ff:ee:28:6e:53:c1:ad:f7:26:b7:e5:11:af:1b:e7:95:ef:
2f:c9:9a:b0:ce:21:65:4f:f3:27:8e:87:03:07:45:62:c9:a5:
2c:42:92:ce:8c:af:c4:4f:9e:81:cf:03:52:31:ff:5c:3f:7c:
f6:5f:f8:73:cb:ba:f9:3e:0a:a4:01:51:7f:ec:0a:07:82:51:
43:b2:0c:ee
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYotZ04p3fkeYZNqT3sHPCBFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjMwODI1MTU1NDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODk3ZDZiYzBjYWViMzc5NjI4NWU0OGVkYzU3YjZlNzg5N2NjZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5iMzVNxSioTu+lde8N848FDkQHEN
93yOZVKtF35D9679LVLdvJgIASI7N/DvZyVKYvT3kj5fv1mGRnsLrXizEDRSu0Nj
j9AN0MeAzrwmRnFq4/AqCugH4IYrFWxl9Zg3Ls3aSRyYX71JVpH5YCECCHHK0j/f
FS54uFHUMN2WLMlDpqqoxr6kQSv+rBSeMbnF3ODCqSWC/InDt2JNGDBgMOP/2F3Q
VerBRc8z4/OFmMFiiHyZKATg4YTwfh1LeIS38fP//RZHSnxn/ZUcGfkcdsVGvsSE
LwuvPzXwM5J4M3NHR6oL19CqTkszkKG8bsq6r/ofpY5GTd0ghTckV0GFEwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMiX1rwMrrN5YoXkjtxXtueJfM1GMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEveUpmV3ZBeXVzM2xpaGVTTzNGZTI1NGw4elVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCVY7UMAwD
BARVjvADBABVjvIDBANVjygwDQYJKoZIhvcNAQELBQADggEBAE2HkS6SFWJ7r1VT
Rh/wN4cnvjBeW9Xza39gnvdIjDqOZpzC788W3JnpQ/LCvFLK4Iou49yMYIxbNmP2
QbUiuOHO4j06fY9vOFKPz4/WC0EsbUQtRBvogCejvHtceULsb43F31c22wTXXzuB
gagIp1HgVkf36Jk1TcAuXX/cuMS6aB5Y0L4pKpNV0EYZtd630d5iDh3xVCsZE8K2
ieGmsrKJ2V5VQvd1OuAZxNFCaFJQqdidpX7/7ihuU8Gt9ya35RGvG+eV7y/JmrDO
IWVP8yeOhwMHRWLJpSxCks6Mr8RPnoHPA1Ix/1w/fPZf+HPLuvk+CqQBUX/sCgeC
UUOyDO4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:46 2024 by rpki-client on console-fra.rpki-client.org