Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/aDWPSkUBgKtuR8SY3mQZXPAac1k.roa
File: aDWPSkUBgKtuR8SY3mQZXPAac1k.roa (raw, json)
Hash identifier: CPu2oGfbACeHe+o2O/utirR8IQqAYjLZ/HH+di6Jy10=
Subject key identifier: 68:35:8F:4A:45:01:80:AB:6E:47:C4:98:DE:64:19:5C:F0:1A:73:59
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 01856FF9640C19E5AD651A55119C3EE87A52
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/aDWPSkUBgKtuR8SY3mQZXPAac1k.roa
Signing time: Mon 02 Jan 2023 00:54:53 +0000
ROA not before: Mon 02 Jan 2023 00:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 85.28.63.0/24 maxlen: 24
85.28.61.0/24 maxlen: 24
109.238.204.0/24 maxlen: 24
109.238.205.0/24 maxlen: 24
109.238.206.0/24 maxlen: 24
109.238.201.0/24 maxlen: 24
109.238.202.0/24 maxlen: 24
109.238.203.0/24 maxlen: 24
109.238.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Jan 2023 10:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:64:0c:19:e5:ad:65:1a:55:11:9c:3e:e8:7a:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: Jan 2 00:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68358f4a450180ab6e47c498de64195cf01a7359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:cb:80:a7:64:c5:a5:c6:81:ac:66:96:92:0f:
77:63:2d:e7:82:88:b9:88:4c:ec:bc:8e:f4:3b:42:
f8:78:9c:7c:97:a5:15:d4:c1:70:ee:06:01:48:fc:
04:d9:29:9d:b5:7b:68:e0:e3:2e:8a:cb:ae:8f:38:
44:87:cf:e4:a2:12:da:9b:62:4f:38:35:2f:6d:66:
0e:f2:68:7d:4a:6c:c3:f5:7e:da:3b:c2:cb:cf:ea:
28:af:83:ee:ca:2f:06:2a:cb:d8:04:c8:86:90:89:
84:1a:63:b1:a8:5d:13:dc:cd:20:0a:aa:df:be:70:
92:a1:e5:1b:04:f3:58:cd:08:eb:ff:e9:73:cd:b8:
59:7e:33:c2:a9:b4:7d:45:3c:5c:df:9b:97:4f:0e:
1f:96:56:f0:ec:ec:f4:bd:97:03:0e:6a:c3:67:8e:
56:40:de:0a:f5:9f:a7:66:b8:71:d5:40:42:d6:bb:
5f:42:03:79:86:87:6c:61:07:bc:ed:e5:f0:8a:de:
29:30:13:99:45:a3:2b:45:cc:44:33:68:6c:43:1b:
5e:19:33:b3:a8:aa:5d:37:2e:26:e8:83:e9:0b:2d:
3a:4f:f6:4d:38:09:b6:82:ec:82:c6:e3:3b:54:66:
fc:ba:1a:f1:9c:c2:be:37:5a:17:08:dc:59:bf:57:
b3:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:35:8F:4A:45:01:80:AB:6E:47:C4:98:DE:64:19:5C:F0:1A:73:59
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/aDWPSkUBgKtuR8SY3mQZXPAac1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.28.61.0/24
85.28.63.0/24
109.238.201.0-109.238.207.255
Signature Algorithm: sha256WithRSAEncryption
a9:ef:a5:45:fc:f2:4a:3f:26:96:fb:ad:d4:53:62:23:09:3a:
f4:38:91:61:53:82:0d:0b:74:7c:45:78:1f:b0:97:ed:99:0f:
af:bb:a0:ad:ef:70:86:99:1b:cf:fd:d9:bc:c3:d4:a8:4f:1e:
fc:ed:8d:ad:a4:5c:a4:ce:08:9f:9e:d6:b2:66:1f:e6:44:b9:
43:7f:db:98:df:9a:82:1b:0c:4f:83:19:3b:1f:93:13:01:82:
00:9b:c8:89:fc:79:14:ab:50:5e:3d:69:cc:d7:9f:13:f2:38:
53:b6:3b:a3:cf:4a:76:36:22:6b:94:99:1a:41:01:d8:88:44:
7c:55:41:38:9f:7f:e6:d2:90:d8:5a:02:aa:db:4a:2a:5c:a6:
7b:04:48:62:16:78:57:24:d0:7f:5d:0d:2e:f2:b4:ab:6d:6b:
46:d1:d8:fd:c3:5c:53:18:2d:96:b5:47:c8:49:78:6d:5a:ee:
67:e9:5c:fe:d0:79:18:d0:19:c6:ab:26:10:fe:0f:5e:ed:63:
bc:41:f5:6c:80:fa:27:9d:04:43:f3:82:0e:73:3c:aa:55:98:
86:08:19:78:80:38:2a:04:7b:af:25:f0:8e:45:b1:13:d6:b5:
8c:3b:00:17:eb:b2:74:a1:4b:70:75:e3:cc:a5:75:bd:87:21:
35:59:b8:8b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVv+WQMGeWtZRpVEZw+6HpSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2
NTg4MWEwHhcNMjMwMTAyMDA1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODM1OGY0YTQ1MDE4MGFiNmU0N2M0OThkZTY0MTk1Y2YwMWE3MzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8uAp2TFpcaBrGaWkg93Yy3ngoi5
iEzsvI70O0L4eJx8l6UV1MFw7gYBSPwE2SmdtXto4OMuisuujzhEh8/kohLam2JP
ODUvbWYO8mh9SmzD9X7aO8LLz+oor4Puyi8GKsvYBMiGkImEGmOxqF0T3M0gCqrf
vnCSoeUbBPNYzQjr/+lzzbhZfjPCqbR9RTxc35uXTw4fllbw7Oz0vZcDDmrDZ45W
QN4K9Z+nZrhx1UBC1rtfQgN5hodsYQe87eXwit4pMBOZRaMrRcxEM2hsQxteGTOz
qKpdNy4m6IPpCy06T/ZNOAm2guyCxuM7VGb8uhrxnMK+N1oXCNxZv1ezFQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGg1j0pFAYCrbkfEmN5kGVzwGnNZMB8GA1UdIwQY
MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct
ZmViYjY0YjVlMTY0LzEvYURXUFNrVUJnS3R1UjhTWTNtUVpYUEFhYzFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0
LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAVRw9AwQA
VRw/MAwDBABt7skDBARt7sAwDQYJKoZIhvcNAQELBQADggEBAKnvpUX88ko/Jpb7
rdRTYiMJOvQ4kWFTgg0LdHxFeB+wl+2ZD6+7oK3vcIaZG8/92bzD1KhPHvztja2k
XKTOCJ+e1rJmH+ZEuUN/25jfmoIbDE+DGTsfkxMBggCbyIn8eRSrUF49aczXnxPy
OFO2O6PPSnY2ImuUmRpBAdiIRHxVQTiff+bSkNhaAqrbSipcpnsESGIWeFck0H9d
DS7ytKtta0bR2P3DXFMYLZa1R8hJeG1a7mfpXP7QeRjQGcarJhD+D17tY7xB9WyA
+iedBEPzgg5zPKpVmIYIGXiAOCoEe68l8I5FsRPWtYw7ABfrsnShS3B148yldb2H
ITVZuIs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:55 2024 by rpki-client on console-fra.rpki-client.org