Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/zJcyBCM3sS0mvNVIos8SAO2-HSE.roa
File: zJcyBCM3sS0mvNVIos8SAO2-HSE.roa (raw, json)
Hash identifier: 71W4com2qN7tSyDL25D2gI4m1VWsKOLfNBDD057AslU=
Subject key identifier: CC:97:32:04:23:37:B1:2D:26:BC:D5:48:A2:CF:12:00:ED:BE:1D:21
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018A2D674DDE4B92A57DE44F20C44CD51CD7
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/zJcyBCM3sS0mvNVIos8SAO2-HSE.roa
Signing time: Fri 25 Aug 2023 15:54:19 +0000
ROA not before: Fri 25 Aug 2023 15:54:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 85.142.243.0/24 maxlen: 24
85.142.192.0/20 maxlen: 20
85.143.48.0/20 maxlen: 20
85.142.216.0/21 maxlen: 21
85.142.224.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 05 Sep 2023 13:45:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2d:67:4d:de:4b:92:a5:7d:e4:4f:20:c4:4c:d5:1c:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Aug 25 15:54:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc9732042337b12d26bcd548a2cf1200edbe1d21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:25:ce:f2:3a:2f:94:96:c5:45:83:3f:ee:1c:
f4:3f:d7:d5:d6:b1:e7:bc:de:c0:92:65:3d:91:20:
55:d1:30:32:ca:6c:c1:74:dc:e8:e6:fd:a0:9f:2f:
db:71:75:33:4f:7f:63:12:17:7b:8f:72:60:1a:4e:
52:aa:3d:19:9f:f3:16:a1:d4:fa:80:ae:d5:38:81:
ed:1b:d6:41:8c:28:fa:3c:a0:be:b1:5d:e2:a6:f3:
71:d7:f8:de:8d:1d:3b:0d:db:a1:7d:83:b5:a4:95:
c2:1f:f9:2b:9a:cb:ab:43:9c:ac:e9:5e:ce:ca:9c:
34:ad:c1:b2:b5:e8:67:b7:89:73:4e:d1:11:f7:fc:
5a:37:14:53:3d:a5:ea:2c:6c:16:6b:7b:7d:3b:9e:
86:bb:ed:14:3b:04:61:39:44:e3:6d:96:13:6a:fd:
3a:55:d6:bf:e4:fc:81:f7:cd:72:7a:45:43:cd:c5:
78:9a:da:ab:a5:c4:45:de:d0:ee:70:e5:f5:a0:a3:
b6:a7:b7:26:78:ba:72:3e:42:5f:6d:5a:cd:38:d1:
65:f2:78:f3:ff:c3:7b:52:b7:36:c7:a6:a7:b3:60:
b0:2b:ed:bd:78:5d:34:c9:61:87:f8:77:01:66:d7:
3b:b1:68:f6:f7:5a:0f:99:db:c4:b6:7e:2d:20:cb:
67:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:97:32:04:23:37:B1:2D:26:BC:D5:48:A2:CF:12:00:ED:BE:1D:21
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/zJcyBCM3sS0mvNVIos8SAO2-HSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.142.192.0/20
85.142.216.0-85.142.239.255
85.142.243.0/24
85.143.48.0/20
Signature Algorithm: sha256WithRSAEncryption
89:5c:c0:5c:ed:f9:2c:a5:45:08:8d:2c:37:00:43:20:e4:36:
68:9d:ca:d1:17:e5:36:6a:a6:ee:ba:ab:8a:6e:8d:ee:58:0c:
26:0f:53:e2:68:54:9d:ea:a2:6c:e2:d5:ee:af:bb:15:14:53:
fe:d4:34:3a:57:97:6a:a5:c5:79:da:78:b7:a1:07:50:28:72:
6e:91:e6:25:0c:e0:83:1d:72:19:da:bf:c2:76:06:0f:c7:42:
72:23:7e:8d:2b:4a:08:1e:40:38:34:81:6e:c3:58:dc:ff:66:
20:d4:ba:b8:2a:5b:f6:f3:17:bc:3e:55:99:4d:81:d9:4e:01:
b5:00:e9:9f:2b:4d:5c:b6:ef:b1:05:cb:f0:a7:28:66:ce:7a:
bd:18:23:67:1b:17:14:a8:74:36:60:d2:f0:e6:62:67:ab:c7:
8d:ca:63:a3:2c:91:28:9a:ea:33:1c:c9:66:04:50:7f:b1:70:
f3:d6:2b:77:1a:aa:e2:25:68:37:84:f2:83:5f:6e:76:6a:e7:
5f:b9:b6:5b:ee:82:bc:0a:1b:e9:ab:f6:4c:e7:14:62:a6:0a:
01:ae:9b:b8:25:31:2e:0d:88:08:79:4a:a4:b6:c0:0a:ad:e5:
04:81:6a:fc:63:67:0b:e2:b1:12:11:ac:02:52:af:6f:36:c3:
1e:9e:bb:96
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYotZ03eS5KlfeRPIMRM1RzXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjMwODI1MTU1NDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzk3MzIwNDIzMzdiMTJkMjZiY2Q1NDhhMmNmMTIwMGVkYmUxZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6yXO8jovlJbFRYM/7hz0P9fV1rHn
vN7AkmU9kSBV0TAyymzBdNzo5v2gny/bcXUzT39jEhd7j3JgGk5Sqj0Zn/MWodT6
gK7VOIHtG9ZBjCj6PKC+sV3ipvNx1/jejR07DduhfYO1pJXCH/krmsurQ5ys6V7O
ypw0rcGytehnt4lzTtER9/xaNxRTPaXqLGwWa3t9O56Gu+0UOwRhOUTjbZYTav06
Vda/5PyB981yekVDzcV4mtqrpcRF3tDucOX1oKO2p7cmeLpyPkJfbVrNONFl8njz
/8N7Urc2x6ans2CwK+29eF00yWGH+HcBZtc7sWj291oPmdvEtn4tIMtn8QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMyXMgQjN7EtJrzVSKLPEgDtvh0hMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvekpjeUJDTTNzUzBtdk5WSW9zOFNBTzItSFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQEVY7AMAwD
BANVjtgDBARVjuADBABVjvMDBARVjzAwDQYJKoZIhvcNAQELBQADggEBAIlcwFzt
+SylRQiNLDcAQyDkNmidytEX5TZqpu66q4puje5YDCYPU+JoVJ3qomzi1e6vuxUU
U/7UNDpXl2qlxXnaeLehB1Aocm6R5iUM4IMdchnav8J2Bg/HQnIjfo0rSggeQDg0
gW7DWNz/ZiDUurgqW/bzF7w+VZlNgdlOAbUA6Z8rTVy277EFy/CnKGbOer0YI2cb
FxSodDZg0vDmYmerx43KY6MskSia6jMcyWYEUH+xcPPWK3caquIlaDeE8oNfbnZq
51+5tlvugrwKG+mr9kznFGKmCgGum7glMS4NiAh5SqS2wAqt5QSBavxjZwvisRIR
rAJSr282wx6eu5Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:46 2024 by rpki-client on console-fra.rpki-client.org