Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/yeR-UbE-A3rKNVQqoGGD5WoyJKg.roa
File: yeR-UbE-A3rKNVQqoGGD5WoyJKg.roa (raw, json)
Hash identifier: D3fT8x45VSTnG9UwHn6/5aMyQFPKE6CklFniphRg0tg=
Subject key identifier: C9:E4:7E:51:B1:3E:03:7A:CA:35:54:2A:A0:61:83:E5:6A:32:24:A8
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018DA22666CF4F1026A3790E92EACD7786B1
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/yeR-UbE-A3rKNVQqoGGD5WoyJKg.roa
Signing time: Tue 13 Feb 2024 11:07:22 +0000
ROA not before: Tue 13 Feb 2024 11:07:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50340
IP address blocks: 85.142.144.0/22 maxlen: 24
85.143.52.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 Apr 2024 14:41:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a2:26:66:cf:4f:10:26:a3:79:0e:92:ea:cd:77:86:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Feb 13 11:07:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9e47e51b13e037aca35542aa06183e56a3224a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:dc:25:e1:5e:44:eb:b6:7b:a2:d9:f9:35:47:
42:c9:fb:f8:35:45:fe:b4:60:fc:8a:4b:52:da:2a:
86:13:26:ac:8c:b0:00:7c:a3:a6:78:a0:6d:ed:3a:
40:bc:65:84:de:a2:b4:f5:b2:23:43:a5:2b:3e:12:
fc:13:40:77:31:ec:20:ef:1f:c7:52:4a:dc:d2:7e:
53:d4:c8:fe:2f:84:99:57:3b:c7:47:84:14:ea:c1:
27:11:95:08:3d:64:44:ba:6d:06:9c:cd:49:bf:dc:
35:b8:2b:b2:44:c5:49:e9:c4:31:a7:1f:59:e9:fe:
3f:c0:1d:97:28:18:bc:17:f3:93:0f:33:95:f3:b3:
15:fd:1a:cc:18:dc:ff:17:f6:28:a1:d7:04:be:c0:
24:f4:b9:83:2d:32:b0:f1:47:f8:3a:bf:9d:be:10:
99:6b:2d:27:3f:7a:24:09:45:cd:c7:03:88:a5:4d:
e1:7b:a0:fc:9b:80:68:da:b0:37:f7:89:52:fe:5e:
ba:77:48:cb:68:2d:51:a9:9b:34:79:3c:fd:9f:c6:
fc:ee:c9:5d:f7:16:c8:83:db:fb:7a:d0:7c:25:9f:
37:5c:bc:27:64:d3:00:cc:08:a9:8f:59:2d:3a:29:
6d:9b:18:c8:e8:2c:1b:fa:3b:d9:79:75:8d:f9:9d:
f6:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:E4:7E:51:B1:3E:03:7A:CA:35:54:2A:A0:61:83:E5:6A:32:24:A8
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/yeR-UbE-A3rKNVQqoGGD5WoyJKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.142.144.0/22
85.143.52.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:7f:50:54:de:7f:2c:f1:ad:7f:69:3e:38:85:16:96:23:37:
4d:fa:d7:c5:de:0a:22:1b:40:ca:48:70:fb:64:b2:b3:3d:56:
bc:6a:dc:91:5a:c1:d8:ca:aa:9a:bc:6b:3d:2d:f6:5c:05:84:
bb:81:37:f1:b9:c8:e3:93:12:88:96:c4:01:14:83:29:74:27:
a2:f4:e1:93:82:bf:44:05:15:9e:df:3c:5d:bb:b3:b7:8f:9d:
71:da:53:2f:cb:e4:a9:ee:02:8d:aa:c5:7e:80:fd:6a:69:f3:
54:df:cf:bd:ab:41:b7:5b:82:e4:a9:58:56:06:04:b5:83:93:
b8:47:07:64:9b:73:fe:dd:a5:85:d2:41:9f:01:65:5b:71:3e:
c8:07:09:6d:81:72:bf:68:36:31:57:5b:19:37:f5:1e:89:89:
51:3b:15:18:d7:29:c0:58:87:db:36:e5:9d:be:e7:8c:cf:20:
69:cd:11:27:13:55:90:18:66:63:ac:2a:37:c4:d5:5f:8e:99:
40:90:01:f8:71:2d:20:51:ed:1c:48:e1:95:b5:9d:73:fc:ef:
24:d1:ea:2e:99:4f:a3:e1:0b:57:4a:1e:ec:67:d5:66:3b:e7:
ba:03:c8:e6:57:83:07:2d:75:7d:c3:39:92:96:31:44:94:8b:
88:3c:71:fc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2iJmbPTxAmo3kOkurNd4axMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQwMjEzMTEwNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWU0N2U1MWIxM2UwMzdhY2EzNTU0MmFhMDYxODNlNTZhMzIyNGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutwl4V5E67Z7otn5NUdCyfv4NUX+
tGD8iktS2iqGEyasjLAAfKOmeKBt7TpAvGWE3qK09bIjQ6UrPhL8E0B3Mewg7x/H
Ukrc0n5T1Mj+L4SZVzvHR4QU6sEnEZUIPWREum0GnM1Jv9w1uCuyRMVJ6cQxpx9Z
6f4/wB2XKBi8F/OTDzOV87MV/RrMGNz/F/YoodcEvsAk9LmDLTKw8Uf4Or+dvhCZ
ay0nP3okCUXNxwOIpU3he6D8m4Bo2rA394lS/l66d0jLaC1RqZs0eTz9n8b87sld
9xbIg9v7etB8JZ83XLwnZNMAzAipj1ktOiltmxjI6Cwb+jvZeXWN+Z32dwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMnkflGxPgN6yjVUKqBhg+VqMiSoMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEveWVSLVViRS1BM3JLTlZRcW9HR0Q1V295SktnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVY6QAwQC
VY80MA0GCSqGSIb3DQEBCwUAA4IBAQBrf1BU3n8s8a1/aT44hRaWIzdN+tfF3goi
G0DKSHD7ZLKzPVa8atyRWsHYyqqavGs9LfZcBYS7gTfxucjjkxKIlsQBFIMpdCei
9OGTgr9EBRWe3zxdu7O3j51x2lMvy+Sp7gKNqsV+gP1qafNU38+9q0G3W4LkqVhW
BgS1g5O4Rwdkm3P+3aWF0kGfAWVbcT7IBwltgXK/aDYxV1sZN/UeiYlROxUY1ynA
WIfbNuWdvueMzyBpzREnE1WQGGZjrCo3xNVfjplAkAH4cS0gUe0cSOGVtZ1z/O8k
0eoumU+j4QtXSh7sZ9VmO+e6A8jmV4MHLXV9wzmSljFElIuIPHH8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:01 2024 by rpki-client on console-ams.rpki-client.org