Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/1-VAYc_n9Ou2QAB3YKEMxs8bFXuc.roa
File: 1-VAYc_n9Ou2QAB3YKEMxs8bFXuc.roa (raw, json)
Hash identifier: z8h5uLgbTm+0rlB+rNOEAARlnUyLTLGZSZgN14W5U6s=
Subject key identifier: F9:50:18:73:F9:FD:3A:ED:90:00:1D:D8:28:43:31:B3:C6:C5:5E:E7
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 018B13F964A5099D2F3382B1E5E3A2FA5A95
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/1-VAYc_n9Ou2QAB3YKEMxs8bFXuc.roa
Signing time: Mon 09 Oct 2023 10:26:33 +0000
ROA not before: Mon 09 Oct 2023 10:26:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 85.28.61.0/24 maxlen: 24
85.28.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:13:f9:64:a5:09:9d:2f:33:82:b1:e5:e3:a2:fa:5a:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: Oct 9 10:26:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9501873f9fd3aed90001dd8284331b3c6c55ee7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:c5:86:4d:70:82:b8:f1:cb:0b:b5:d2:5a:c3:
64:64:a5:16:2c:1c:d9:9d:7a:7e:b0:1d:1b:b7:12:
d0:e6:ea:e6:bb:77:d7:f9:5d:3f:cf:3f:96:9e:e1:
18:61:07:c7:b3:a5:fc:e0:71:52:14:93:6a:51:1b:
f7:3c:bb:75:04:46:c0:cd:ed:5a:ae:4a:1a:f1:44:
03:11:8e:37:48:49:fd:e0:eb:51:14:11:40:ce:f3:
ff:37:d8:77:70:70:84:ef:07:7f:cf:63:65:69:1d:
79:88:56:b8:a6:a5:ee:b9:0a:ad:43:26:b8:91:d5:
41:c1:1c:74:c0:34:c4:2f:a3:92:16:56:4a:23:6b:
f9:4a:ab:7c:71:71:ed:a4:32:fa:7c:09:2c:12:30:
66:66:b9:e2:06:bf:14:7d:10:66:5c:68:ab:c4:7d:
9b:2c:df:b9:b2:c5:81:9b:6c:97:a1:31:13:3d:05:
a5:30:dd:16:64:bb:64:f0:67:4b:62:b3:7a:ea:74:
67:07:33:83:d7:10:23:f9:70:23:93:4c:16:dd:ed:
51:02:aa:d7:52:a4:0d:97:06:bf:3b:fe:54:4a:ed:
0d:7d:73:98:bd:8a:b8:be:5a:34:a2:63:2c:cd:a9:
77:90:4b:41:a8:90:a3:47:7e:85:ab:6a:b2:43:9e:
df:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:50:18:73:F9:FD:3A:ED:90:00:1D:D8:28:43:31:B3:C6:C5:5E:E7
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/1-VAYc_n9Ou2QAB3YKEMxs8bFXuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.28.61.0/24
85.28.63.0/24
Signature Algorithm: sha256WithRSAEncryption
63:79:d4:e3:95:26:ea:77:b6:5b:4c:9c:07:5c:57:c4:7a:16:
b2:39:e0:73:5d:38:19:a8:8f:d8:83:86:f9:fb:83:d5:3d:43:
6a:21:b5:48:cd:06:ec:f6:0e:e7:97:c5:71:a6:4b:b5:2f:79:
9e:74:d4:91:1a:ae:d0:c5:8b:8f:0f:f3:98:d0:88:9f:4a:6b:
b2:c7:7c:39:f2:4d:52:62:f7:4c:ba:f6:89:41:17:9a:e1:08:
cc:ec:9d:a6:0e:1e:fd:9b:72:64:22:4f:21:c3:e1:f1:00:ab:
27:c0:f5:40:46:f6:6c:fa:83:c1:54:56:a3:e1:eb:31:63:02:
27:bf:17:c0:e4:b3:1f:a3:78:2a:0b:a7:7e:63:e5:62:a6:28:
91:02:45:8e:54:c6:f1:36:af:99:81:1c:d8:53:25:77:3a:38:
2b:13:d9:60:c8:e5:48:73:85:06:4b:bb:34:df:0d:2f:7a:d5:
24:1d:db:87:01:69:a4:84:ca:80:d4:b0:d4:cb:85:e0:b6:dd:
1b:80:94:7b:c6:c3:8c:65:b5:01:60:53:ed:1e:58:f8:23:a8:
eb:a0:04:73:87:de:c0:22:2f:d5:8b:e5:61:ab:b2:1b:fc:02:
83:c6:db:1f:a1:06:3a:8c:2c:10:99:0b:fd:87:49:1c:29:05:
64:fe:47:f8
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYsT+WSlCZ0vM4Kx5eOi+lqVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2
NTg4MWEwHhcNMjMxMDA5MTAyNjMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTUwMTg3M2Y5ZmQzYWVkOTAwMDFkZDgyODQzMzFiM2M2YzU1ZWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8WGTXCCuPHLC7XSWsNkZKUWLBzZ
nXp+sB0btxLQ5urmu3fX+V0/zz+WnuEYYQfHs6X84HFSFJNqURv3PLt1BEbAze1a
rkoa8UQDEY43SEn94OtRFBFAzvP/N9h3cHCE7wd/z2NlaR15iFa4pqXuuQqtQya4
kdVBwRx0wDTEL6OSFlZKI2v5Sqt8cXHtpDL6fAksEjBmZrniBr8UfRBmXGirxH2b
LN+5ssWBm2yXoTETPQWlMN0WZLtk8GdLYrN66nRnBzOD1xAj+XAjk0wW3e1RAqrX
UqQNlwa/O/5USu0NfXOYvYq4vlo0omMszal3kEtBqJCjR36Fq2qyQ57fVQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPlQGHP5/TrtkAAd2ChDMbPGxV7nMB8GA1UdIwQY
MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct
ZmViYjY0YjVlMTY0LzEvMS1WQVljX245T3UyUUFCM1lLRU14czhiRlh1Yy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjYvNTM2MGU3LWYwMmEtNDczNy05OWM3LWZlYmI2NGI1ZTE2
NC8xL0l2TkVwajNMY09pUVY5NjQ0bllkeEZGbGlCby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFUcPQME
AFUcPzANBgkqhkiG9w0BAQsFAAOCAQEAY3nU45Um6ne2W0ycB1xXxHoWsjngc104
GaiP2IOG+fuD1T1DaiG1SM0G7PYO55fFcaZLtS95nnTUkRqu0MWLjw/zmNCIn0pr
ssd8OfJNUmL3TLr2iUEXmuEIzOydpg4e/ZtyZCJPIcPh8QCrJ8D1QEb2bPqDwVRW
o+HrMWMCJ78XwOSzH6N4KgunfmPlYqYokQJFjlTG8TavmYEc2FMldzo4KxPZYMjl
SHOFBku7NN8NL3rVJB3bhwFppITKgNSw1MuF4LbdG4CUe8bDjGW1AWBT7R5Y+COo
66AEc4fewCIv1YvlYauyG/wCg8bbH6EGOowsEJkL/YdJHCkFZP5H+A==
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:31 2024 by rpki-client on console-ams.rpki-client.org