Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/95a5e6-5583-4cce-86e9-e230462fc57b/1/Rx8mDVAaueGjgBX498wi2IQxRXc.roa
File: Rx8mDVAaueGjgBX498wi2IQxRXc.roa (raw, json)
Hash identifier: Z2yJw9XmL+Asuj3lei8R7xBolvjCLpoZar2GL/MWBWE=
Subject key identifier: 47:1F:26:0D:50:1A:B9:E1:A3:80:15:F8:F7:CC:22:D8:84:31:45:77
Certificate issuer: /CN=cc977e9d52afbc47799d3975fcee8ac51ca0cf6a
Certificate serial: 018571A7BB44DEA906A37AA5E002E8B5334E
Authority key identifier: CC:97:7E:9D:52:AF:BC:47:79:9D:39:75:FC:EE:8A:C5:1C:A0:CF:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zJd-nVKvvEd5nTl1_O6KxRygz2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/95a5e6-5583-4cce-86e9-e230462fc57b/1/Rx8mDVAaueGjgBX498wi2IQxRXc.roa
Signing time: Mon 02 Jan 2023 08:44:55 +0000
ROA not before: Mon 02 Jan 2023 08:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209366
IP address blocks: 85.208.96.0/22 maxlen: 22
85.208.96.0/24 maxlen: 24
85.208.98.0/24 maxlen: 24
85.208.97.0/24 maxlen: 24
85.208.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:bb:44:de:a9:06:a3:7a:a5:e0:02:e8:b5:33:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc977e9d52afbc47799d3975fcee8ac51ca0cf6a
Validity
Not Before: Jan 2 08:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=471f260d501ab9e1a38015f8f7cc22d884314577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:50:19:53:2c:4f:a2:f2:6c:90:57:dc:af:27:
e8:43:c7:da:9c:48:32:61:ac:cd:58:96:3d:5d:c0:
e6:ed:ec:71:f8:33:8c:4f:d1:5d:ac:12:77:06:ec:
23:3a:ae:4b:0a:48:a4:65:0b:25:10:de:f3:4d:00:
72:0f:73:87:76:16:ca:08:2d:41:4a:17:28:b3:d1:
54:06:ce:c1:f8:d1:1d:83:3e:c7:57:15:20:e3:4e:
42:f5:07:b7:6d:5a:fb:55:f6:55:25:0c:ec:f0:d2:
5e:50:e4:05:2e:61:bd:e7:fc:c8:33:27:7b:ce:76:
a0:53:3e:cd:e0:54:d9:f5:c9:47:24:99:7c:5e:eb:
64:5a:84:11:4f:12:88:9a:b3:e7:6d:97:69:a0:7b:
96:a0:de:4f:cd:2e:d7:de:35:b4:84:3b:07:f0:01:
17:d2:56:70:d4:68:e2:14:0b:55:37:cd:32:f8:36:
7f:bc:2c:91:f7:36:06:4e:f6:7b:f2:8d:b8:3a:0f:
19:66:58:24:7a:bc:71:d3:7c:5a:b8:5e:3f:23:1b:
8f:94:71:0e:19:13:58:70:0f:a3:61:8f:fd:4f:1a:
2b:60:4e:9b:22:99:ac:bb:c6:d4:07:a3:c7:6b:84:
b4:cb:af:cd:04:49:d0:bd:6a:1a:14:bf:08:cd:6a:
d2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:1F:26:0D:50:1A:B9:E1:A3:80:15:F8:F7:CC:22:D8:84:31:45:77
X509v3 Authority Key Identifier:
keyid:CC:97:7E:9D:52:AF:BC:47:79:9D:39:75:FC:EE:8A:C5:1C:A0:CF:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zJd-nVKvvEd5nTl1_O6KxRygz2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/95a5e6-5583-4cce-86e9-e230462fc57b/1/Rx8mDVAaueGjgBX498wi2IQxRXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/95a5e6-5583-4cce-86e9-e230462fc57b/1/zJd-nVKvvEd5nTl1_O6KxRygz2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.96.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:77:f2:6d:a1:3f:24:74:77:08:92:9e:a7:4d:60:b6:ae:ce:
57:c0:6e:5d:d3:63:ed:7f:fb:45:1f:55:88:c7:3b:fb:e8:b7:
c9:93:77:7f:b3:f0:17:50:33:a5:a3:e1:60:2e:65:88:ee:fe:
d1:eb:29:03:24:1a:46:b2:84:30:3e:0f:8e:4f:17:96:7d:85:
76:e1:2c:25:20:af:58:f9:f7:e1:0d:c1:2e:1f:2f:c3:c5:ff:
7e:ca:05:eb:33:0d:70:2c:85:00:d4:9e:c8:a8:38:5e:5e:64:
e1:87:a2:99:00:8e:c3:89:8e:0d:5e:42:40:0b:89:57:b7:67:
44:8d:24:39:2e:4f:fd:95:43:3c:ce:77:81:e8:32:f7:dc:d0:
05:86:5b:3c:6e:35:05:a9:8c:24:f9:63:6d:11:05:b8:56:d2:
a0:bf:5e:74:3e:d7:60:a4:a4:5e:ea:ea:32:08:cd:9f:4c:8a:
05:65:27:66:88:94:0c:82:c3:87:25:8d:41:9c:19:02:86:d7:
b4:81:7a:2f:53:e9:42:91:43:ef:19:b6:f0:d8:c4:58:d3:2c:
0d:12:4d:a1:01:b8:90:41:11:c4:99:5c:c7:9b:d6:09:8d:69:
78:d6:55:fa:fb:17:84:ba:4c:42:51:4a:3b:75:a6:1c:f4:bb:
22:5e:0c:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp7tE3qkGo3ql4ALotTNOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjOTc3ZTlkNTJhZmJjNDc3OTlkMzk3NWZjZWU4YWM1MWNh
MGNmNmEwHhcNMjMwMTAyMDg0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzFmMjYwZDUwMWFiOWUxYTM4MDE1ZjhmN2NjMjJkODg0MzE0NTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFAZUyxPovJskFfcryfoQ8fanEgy
YazNWJY9XcDm7exx+DOMT9FdrBJ3BuwjOq5LCkikZQslEN7zTQByD3OHdhbKCC1B
Shcos9FUBs7B+NEdgz7HVxUg405C9Qe3bVr7VfZVJQzs8NJeUOQFLmG95/zIMyd7
znagUz7N4FTZ9clHJJl8XutkWoQRTxKImrPnbZdpoHuWoN5PzS7X3jW0hDsH8AEX
0lZw1GjiFAtVN80y+DZ/vCyR9zYGTvZ78o24Og8ZZlgkerxx03xauF4/IxuPlHEO
GRNYcA+jYY/9TxorYE6bIpmsu8bUB6PHa4S0y6/NBEnQvWoaFL8IzWrSQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEcfJg1QGrnho4AV+PfMItiEMUV3MB8GA1UdIwQY
MBaAFMyXfp1Sr7xHeZ05dfzuisUcoM9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekpkLW5WS3Z2RWQ1blRsMV9PNkt4UnlnejJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy85NWE1ZTYtNTU4My00Y2NlLTg2ZTkt
ZTIzMDQ2MmZjNTdiLzEvUng4bURWQWF1ZUdqZ0JYNDk4d2kySVF4UlhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy85NWE1ZTYtNTU4My00Y2NlLTg2ZTktZTIzMDQ2MmZjNTdi
LzEvekpkLW5WS3Z2RWQ1blRsMV9PNkt4UnlnejJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVdBgMA0G
CSqGSIb3DQEBCwUAA4IBAQA/d/JtoT8kdHcIkp6nTWC2rs5XwG5d02Ptf/tFH1WI
xzv76LfJk3d/s/AXUDOlo+FgLmWI7v7R6ykDJBpGsoQwPg+OTxeWfYV24SwlIK9Y
+ffhDcEuHy/Dxf9+ygXrMw1wLIUA1J7IqDheXmThh6KZAI7DiY4NXkJAC4lXt2dE
jSQ5Lk/9lUM8zneB6DL33NAFhls8bjUFqYwk+WNtEQW4VtKgv150PtdgpKRe6uoy
CM2fTIoFZSdmiJQMgsOHJY1BnBkChte0gXovU+lCkUPvGbbw2MRY0ywNEk2hAbiQ
QRHEmVzHm9YJjWl41lX6+xeEukxCUUo7daYc9LsiXgy5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:15 2024 by rpki-client on console-ams.rpki-client.org