Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/RGcOxOJjdOTQFd5YeTv3dhihzU8.roa
File: RGcOxOJjdOTQFd5YeTv3dhihzU8.roa (raw, json)
Hash identifier: rnEVSLfZ3047FwHYSJUdss8UDX57rdFnvchnEJ1vXcA=
Subject key identifier: 44:67:0E:C4:E2:63:74:E4:D0:15:DE:58:79:3B:F7:76:18:A1:CD:4F
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 0185A56DA7418B23CD1769D8BAB0491DF5A7
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/RGcOxOJjdOTQFd5YeTv3dhihzU8.roa
Signing time: Thu 12 Jan 2023 10:01:44 +0000
ROA not before: Thu 12 Jan 2023 10:01:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 85.28.63.0/24 maxlen: 24
85.28.61.0/24 maxlen: 24
109.238.205.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:6d:a7:41:8b:23:cd:17:69:d8:ba:b0:49:1d:f5:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: Jan 12 10:01:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44670ec4e26374e4d015de58793bf77618a1cd4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fe:f9:24:ea:ca:e2:33:8d:69:bf:b7:2b:66:
e9:d7:93:d6:57:f3:7d:b3:27:5b:05:83:50:88:bf:
eb:42:a2:72:8d:42:f9:03:fe:f0:68:93:bd:d9:63:
22:56:85:c8:11:eb:27:a0:78:93:f7:0e:d3:e9:68:
7a:2e:46:02:e8:0d:b0:ec:96:6a:53:df:5f:03:5b:
49:29:ba:0a:36:91:dd:1e:90:6b:fa:d1:15:9c:fc:
ae:50:13:bf:ee:c8:b1:44:bb:46:dc:c3:2b:5f:14:
e0:39:f4:7e:25:12:75:3f:0e:ed:3c:e4:e9:6f:5c:
11:72:63:a2:4a:2a:8b:1e:83:04:02:43:f4:2e:06:
cb:e5:87:40:e4:eb:77:1e:51:37:63:c8:31:ce:fe:
e5:40:1f:30:12:1a:25:21:37:bb:16:73:58:7e:61:
5d:b0:58:92:a6:e8:4e:23:af:ff:60:84:63:8d:a6:
41:19:a4:15:79:fa:c0:87:39:5f:e1:56:38:d9:00:
38:30:c6:2c:e8:94:3b:f6:26:d6:f5:1c:bd:ef:fe:
47:02:45:1d:0c:63:a6:d0:a2:bf:a9:fa:61:06:db:
c5:33:85:4d:1f:31:23:fa:4e:8e:77:c5:ea:06:82:
d9:fa:e6:50:93:9d:24:b5:fc:2d:a5:f2:a1:20:74:
ae:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:67:0E:C4:E2:63:74:E4:D0:15:DE:58:79:3B:F7:76:18:A1:CD:4F
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/RGcOxOJjdOTQFd5YeTv3dhihzU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.28.61.0/24
85.28.63.0/24
109.238.205.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:70:69:3b:87:05:06:17:33:9c:5a:f4:36:67:46:13:a8:21:
ec:ab:2a:65:72:d1:21:53:97:9e:2f:91:51:12:ca:3c:17:a8:
2f:1e:ae:91:81:dc:63:47:7d:2e:b7:be:89:cd:31:b4:4b:e7:
14:ba:dc:e1:7f:70:d7:e6:ce:7f:1f:5f:77:f9:9a:b6:74:a1:
4a:fb:5d:68:62:88:52:ac:ba:19:10:18:bb:08:5d:46:ad:a0:
35:31:83:49:46:12:9b:03:03:be:ad:e5:a2:ff:d2:c9:b6:1b:
da:c4:38:26:20:87:bd:19:dc:72:c9:c6:c3:3d:32:11:3f:d8:
07:d6:47:e4:43:3b:55:bb:e4:44:0c:c3:e4:a9:c0:fc:99:4a:
df:c3:f0:06:8c:58:08:a1:b9:a0:eb:78:de:87:3a:46:fd:2e:
f9:e5:5e:cc:64:9a:a6:95:cd:bc:13:43:46:02:86:ec:fe:8f:
36:fd:33:bd:d5:9c:90:d2:c8:93:75:68:46:72:ad:eb:c6:9a:
02:98:0b:0d:5a:b3:fb:d7:21:05:49:ab:5b:e7:75:4a:aa:30:
56:63:f8:f8:4d:7e:0c:e6:6a:c2:50:2e:09:a9:50:60:9a:cb:
c0:2e:7a:d6:e0:99:4b:13:5b:64:ea:1e:ba:16:f2:75:bb:4a:
16:39:47:20
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYWlbadBiyPNF2nYurBJHfWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2
NTg4MWEwHhcNMjMwMTEyMTAwMTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDY3MGVjNGUyNjM3NGU0ZDAxNWRlNTg3OTNiZjc3NjE4YTFjZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnv75JOrK4jONab+3K2bp15PWV/N9
sydbBYNQiL/rQqJyjUL5A/7waJO92WMiVoXIEesnoHiT9w7T6Wh6LkYC6A2w7JZq
U99fA1tJKboKNpHdHpBr+tEVnPyuUBO/7sixRLtG3MMrXxTgOfR+JRJ1Pw7tPOTp
b1wRcmOiSiqLHoMEAkP0LgbL5YdA5Ot3HlE3Y8gxzv7lQB8wEholITe7FnNYfmFd
sFiSpuhOI6//YIRjjaZBGaQVefrAhzlf4VY42QA4MMYs6JQ79ibW9Ry97/5HAkUd
DGOm0KK/qfphBtvFM4VNHzEj+k6Od8XqBoLZ+uZQk50ktfwtpfKhIHSuBQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFERnDsTiY3Tk0BXeWHk793YYoc1PMB8GA1UdIwQY
MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct
ZmViYjY0YjVlMTY0LzEvUkdjT3hPSmpkT1RRRmQ1WWVUdjNkaGloelU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0
LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVRw9AwQA
VRw/AwQAbe7NMA0GCSqGSIb3DQEBCwUAA4IBAQBLcGk7hwUGFzOcWvQ2Z0YTqCHs
qyplctEhU5eeL5FREso8F6gvHq6RgdxjR30ut76JzTG0S+cUutzhf3DX5s5/H193
+Zq2dKFK+11oYohSrLoZEBi7CF1GraA1MYNJRhKbAwO+reWi/9LJthvaxDgmIIe9
GdxyycbDPTIRP9gH1kfkQztVu+REDMPkqcD8mUrfw/AGjFgIobmg63jehzpG/S75
5V7MZJqmlc28E0NGAobs/o82/TO91ZyQ0siTdWhGcq3rxpoCmAsNWrP71yEFSatb
53VKqjBWY/j4TX4M5mrCUC4JqVBgmsvALnrW4JlLE1tk6h66FvJ1u0oWOUcg
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:32 2023 by rpki-client on console-ams.rpki-client.org