Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/loPqPNv2hhE8mKnnFN8nOMBX4t4.roa
File: loPqPNv2hhE8mKnnFN8nOMBX4t4.roa (raw, json)
Hash identifier: zQuCpR9rJo/5DIqlQhbUdXEB8Vz1s3FrwD1U4PKH25c=
Subject key identifier: 96:83:EA:3C:DB:F6:86:11:3C:98:A9:E7:14:DF:27:38:C0:57:E2:DE
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 0185A5706433A29051E5A51A06AF0ADC69E2
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/loPqPNv2hhE8mKnnFN8nOMBX4t4.roa
Signing time: Thu 12 Jan 2023 10:04:44 +0000
ROA not before: Thu 12 Jan 2023 10:04:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 85.28.56.0/22 maxlen: 22
109.238.201.0/24 maxlen: 24
109.238.202.0/24 maxlen: 24
109.238.203.0/24 maxlen: 24
109.238.204.0/24 maxlen: 24
109.238.206.0/24 maxlen: 24
109.238.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:70:64:33:a2:90:51:e5:a5:1a:06:af:0a:dc:69:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: Jan 12 10:04:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9683ea3cdbf686113c98a9e714df2738c057e2de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:13:c4:26:52:27:91:65:fd:a2:59:2b:92:3f:
20:6e:c2:0e:dc:54:1b:24:ee:f6:f2:67:a0:ec:a7:
2e:21:02:f3:c0:d1:2a:a6:a3:60:36:6f:89:0c:ad:
84:52:4b:03:31:3c:f1:32:03:f8:da:c7:e7:a2:28:
21:96:95:99:ca:8b:a5:63:6e:86:f3:26:99:d4:f7:
02:e1:75:24:de:fe:d9:27:df:62:d7:7b:39:6a:31:
75:91:b3:72:a1:a3:d5:0b:d7:1e:ce:ad:54:6a:32:
34:be:cb:17:d5:1c:89:38:6a:b3:91:e3:79:33:47:
7c:62:2e:06:c5:dd:15:7e:5c:8b:3a:34:ac:3b:db:
8c:a7:20:5d:fe:51:a2:6e:7c:45:a6:c8:4a:c1:5d:
fb:71:35:64:15:6b:54:86:17:b9:c8:96:9c:1f:8f:
eb:80:2b:51:4b:8d:c1:ad:25:3c:03:27:ff:a0:78:
cf:8b:ac:e9:17:1c:5c:92:ab:97:37:35:09:a1:32:
44:8b:63:b0:59:4d:8b:7d:36:34:54:39:6e:63:96:
d5:10:b2:ed:ea:14:f0:ff:3b:92:56:66:12:10:e0:
69:53:92:86:d2:d1:a1:06:e4:bd:3e:77:d6:c7:fe:
1c:7a:21:4d:91:2f:e5:42:b6:e1:52:18:f3:6e:c0:
3b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:83:EA:3C:DB:F6:86:11:3C:98:A9:E7:14:DF:27:38:C0:57:E2:DE
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/loPqPNv2hhE8mKnnFN8nOMBX4t4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.28.56.0/22
109.238.201.0-109.238.204.255
109.238.206.0/23
Signature Algorithm: sha256WithRSAEncryption
55:dd:b6:fb:1d:f8:0e:63:f3:84:d4:b1:e9:99:08:7a:58:dc:
d2:92:0a:68:4e:9e:f6:ac:69:ab:76:68:f0:e9:09:cd:fa:a1:
09:6a:9c:d1:69:6b:39:a7:71:82:c0:92:29:b9:6c:d3:b6:f6:
39:fd:7c:c1:90:eb:e2:c2:0d:8b:2b:81:10:b5:bb:c9:6f:71:
7b:3a:0c:49:01:f8:76:39:47:6a:97:28:29:c3:ed:73:8b:63:
65:64:95:ea:67:d3:df:ec:22:6d:6c:06:22:2d:a1:f0:88:a5:
f3:91:93:58:2b:39:a6:e7:3e:6a:d2:f4:16:d7:08:79:2f:ee:
fd:63:f7:5a:0b:9e:bb:c6:99:d8:8c:8c:30:db:cf:ef:fb:fd:
02:dc:b9:bb:e6:5c:be:82:46:25:3e:26:be:88:ba:3a:15:79:
c3:20:75:da:fe:dd:b7:36:1d:45:dd:99:15:07:86:d5:98:33:
15:5e:ac:a5:17:75:cd:f9:4e:7b:85:1b:5c:07:94:e7:62:46:
9b:fd:6b:32:cc:b8:6d:22:15:95:c5:45:10:66:12:7c:4f:3c:
17:af:3a:ee:76:5c:29:a8:8b:cd:e2:23:ee:70:65:50:04:86:
02:9e:f8:14:c3:87:54:25:9b:5a:00:85:62:29:64:e3:2e:c4:
ac:8f:7b:e4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYWlcGQzopBR5aUaBq8K3GniMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2
NTg4MWEwHhcNMjMwMTEyMTAwNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjgzZWEzY2RiZjY4NjExM2M5OGE5ZTcxNGRmMjczOGMwNTdlMmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBPEJlInkWX9olkrkj8gbsIO3FQb
JO728meg7KcuIQLzwNEqpqNgNm+JDK2EUksDMTzxMgP42sfnoighlpWZyoulY26G
8yaZ1PcC4XUk3v7ZJ99i13s5ajF1kbNyoaPVC9cezq1UajI0vssX1RyJOGqzkeN5
M0d8Yi4Gxd0VflyLOjSsO9uMpyBd/lGibnxFpshKwV37cTVkFWtUhhe5yJacH4/r
gCtRS43BrSU8Ayf/oHjPi6zpFxxckquXNzUJoTJEi2OwWU2LfTY0VDluY5bVELLt
6hTw/zuSVmYSEOBpU5KG0tGhBuS9PnfWx/4ceiFNkS/lQrbhUhjzbsA74wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJaD6jzb9oYRPJip5xTfJzjAV+LeMB8GA1UdIwQY
MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct
ZmViYjY0YjVlMTY0LzEvbG9QcVBOdjJoaEU4bUtubkZOOG5PTUJYNHQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0
LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCVRw4MAwD
BABt7skDBABt7swDBAFt7s4wDQYJKoZIhvcNAQELBQADggEBAFXdtvsd+A5j84TU
semZCHpY3NKSCmhOnvasaat2aPDpCc36oQlqnNFpazmncYLAkim5bNO29jn9fMGQ
6+LCDYsrgRC1u8lvcXs6DEkB+HY5R2qXKCnD7XOLY2Vklepn09/sIm1sBiItofCI
pfORk1grOabnPmrS9BbXCHkv7v1j91oLnrvGmdiMjDDbz+/7/QLcubvmXL6CRiU+
Jr6IujoVecMgddr+3bc2HUXdmRUHhtWYMxVerKUXdc35TnuFG1wHlOdiRpv9azLM
uG0iFZXFRRBmEnxPPBevOu52XCmoi83iI+5wZVAEhgKe+BTDh1Qlm1oAhWIpZOMu
xKyPe+Q=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:38 2023 by rpki-client on console-fra.rpki-client.org