Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/lKzD9JgDg-z4zYF5cG59DWsoOpQ.roa
File: lKzD9JgDg-z4zYF5cG59DWsoOpQ.roa (raw, json)
Hash identifier: AWCV9+PQ8+dgRXNTtRSZk3oIU1MX+mxxUHMg/gqvp+I=
Subject key identifier: 94:AC:C3:F4:98:03:83:EC:F8:CD:81:79:70:6E:7D:0D:6B:28:3A:94
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 01856FF967B036DBC9B24DA0730473AF5674
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/lKzD9JgDg-z4zYF5cG59DWsoOpQ.roa
Signing time: Mon 02 Jan 2023 00:54:54 +0000
ROA not before: Mon 02 Jan 2023 00:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213296
IP address blocks: 85.28.48.0/22 maxlen: 22
85.28.56.0/22 maxlen: 22
85.28.54.0/23 maxlen: 23
85.28.52.0/23 maxlen: 23
85.28.52.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:67:b0:36:db:c9:b2:4d:a0:73:04:73:af:56:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: Jan 2 00:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94acc3f4980383ecf8cd8179706e7d0d6b283a94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:69:30:fd:78:e0:29:84:69:9c:9b:da:55:66:
03:99:f1:da:ac:87:df:c9:7d:28:85:79:26:ce:c4:
b7:27:07:a4:7a:a9:f5:27:cf:91:35:46:72:ce:ad:
72:60:c5:b7:9d:2f:70:da:ab:55:70:51:04:c3:2f:
04:e3:50:f3:f9:c6:2b:14:75:b8:ef:12:36:a7:32:
66:25:98:04:b7:74:c5:4a:11:93:c3:66:f7:8c:7e:
ae:92:8c:dd:8c:a7:09:fb:0b:cd:4c:97:86:64:51:
0f:1b:f1:78:35:68:97:52:07:39:80:5f:eb:88:67:
d6:0b:07:62:00:fd:05:0d:b4:1a:f0:fa:67:43:da:
7c:83:76:85:25:c3:81:3f:91:d8:be:55:aa:6d:6e:
8c:a3:aa:3a:7d:c9:ad:a0:c1:d8:e3:3a:7c:c8:16:
0d:3d:6c:e0:f9:be:5e:48:0a:96:fd:41:d7:5d:43:
18:78:a5:d5:e6:b9:3b:d8:96:15:3a:94:5b:64:c2:
76:54:24:27:b0:c0:38:c4:d3:01:0b:ca:ba:9e:80:
a0:79:ba:73:e3:65:5f:d5:94:a8:4e:24:cd:a8:09:
98:d9:b8:9c:84:93:65:a4:09:0b:83:cb:cc:5a:35:
e4:7a:9d:ad:25:ca:cd:6e:8e:ab:4e:32:fd:8d:b6:
90:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:AC:C3:F4:98:03:83:EC:F8:CD:81:79:70:6E:7D:0D:6B:28:3A:94
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/lKzD9JgDg-z4zYF5cG59DWsoOpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.28.48.0-85.28.59.255
Signature Algorithm: sha256WithRSAEncryption
38:a4:6c:2a:c9:e1:57:d2:3e:40:f7:8a:17:26:52:10:f2:40:
9c:df:44:d2:b2:44:5b:f7:31:76:62:80:33:07:ac:f3:79:5a:
98:97:7e:e0:4e:0f:af:e9:5a:56:e8:12:a9:25:a8:36:39:e3:
8d:41:61:01:90:98:c9:af:ea:84:f0:74:87:6f:13:b0:07:3c:
2a:66:54:0e:f6:5a:5c:86:60:20:b2:28:89:eb:0a:a6:b2:e8:
d4:a7:a8:92:f3:37:a2:09:46:47:12:b8:05:01:07:79:4b:15:
65:c4:06:e4:5b:7c:78:7c:74:f9:18:c4:5f:b2:82:9c:09:e2:
98:02:8d:38:f4:5b:4b:57:93:a7:c1:a4:66:88:92:63:64:f7:
b7:08:3b:2d:42:d1:a9:34:d1:5e:70:a3:f6:3b:a4:bc:fd:fe:
e7:39:b3:13:27:5a:95:b9:fa:b4:3c:e8:56:99:eb:ae:1d:da:
d5:f9:b0:68:a7:f6:e4:23:bd:30:35:e9:6e:d5:40:aa:dd:52:
2e:cb:78:23:03:f6:37:5a:dc:1a:4b:1a:9c:f7:5b:b1:b4:76:
29:5e:1a:5a:70:77:b1:fa:48:c9:1c:cc:15:42:a4:5e:77:89:
1e:75:61:21:c5:79:b0:5c:4e:85:33:6f:6e:a1:d2:15:ff:95:
3a:2a:3b:ff
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVv+WewNtvJsk2gcwRzr1Z0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2
NTg4MWEwHhcNMjMwMTAyMDA1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGFjYzNmNDk4MDM4M2VjZjhjZDgxNzk3MDZlN2QwZDZiMjgzYTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmkw/XjgKYRpnJvaVWYDmfHarIff
yX0ohXkmzsS3Jwekeqn1J8+RNUZyzq1yYMW3nS9w2qtVcFEEwy8E41Dz+cYrFHW4
7xI2pzJmJZgEt3TFShGTw2b3jH6ukozdjKcJ+wvNTJeGZFEPG/F4NWiXUgc5gF/r
iGfWCwdiAP0FDbQa8PpnQ9p8g3aFJcOBP5HYvlWqbW6Mo6o6fcmtoMHY4zp8yBYN
PWzg+b5eSAqW/UHXXUMYeKXV5rk72JYVOpRbZMJ2VCQnsMA4xNMBC8q6noCgebpz
42Vf1ZSoTiTNqAmY2bichJNlpAkLg8vMWjXkep2tJcrNbo6rTjL9jbaQxwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJSsw/SYA4Ps+M2BeXBufQ1rKDqUMB8GA1UdIwQY
MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct
ZmViYjY0YjVlMTY0LzEvbEt6RDlKZ0RnLXo0ellGNWNHNTlEV3NvT3BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0
LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBARVHDAD
BAJVHDgwDQYJKoZIhvcNAQELBQADggEBADikbCrJ4VfSPkD3ihcmUhDyQJzfRNKy
RFv3MXZigDMHrPN5WpiXfuBOD6/pWlboEqklqDY5441BYQGQmMmv6oTwdIdvE7AH
PCpmVA72WlyGYCCyKInrCqay6NSnqJLzN6IJRkcSuAUBB3lLFWXEBuRbfHh8dPkY
xF+ygpwJ4pgCjTj0W0tXk6fBpGaIkmNk97cIOy1C0ak00V5wo/Y7pLz9/uc5sxMn
WpW5+rQ86FaZ664d2tX5sGin9uQjvTA16W7VQKrdUi7LeCMD9jda3BpLGpz3W7G0
dileGlpwd7H6SMkczBVCpF53iR51YSHFebBcToUzb26h0hX/lToqO/8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:55 2024 by rpki-client on console-fra.rpki-client.org