Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/L2xMVNUM0bN1PUxxRd0q93Qj54k.roa
File: L2xMVNUM0bN1PUxxRd0q93Qj54k.roa (raw, json)
Hash identifier: YVRsq/C9uXKeKPZgu2bn2MEETIY7tqqx/8ImXb0wNjE=
Subject key identifier: 2F:6C:4C:54:D5:0C:D1:B3:75:3D:4C:71:45:DD:2A:F7:74:23:E7:89
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 018571154F8484AE9D498FE08E2B21C2D3B3
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/L2xMVNUM0bN1PUxxRd0q93Qj54k.roa
Signing time: Mon 02 Jan 2023 06:05:00 +0000
ROA not before: Mon 02 Jan 2023 06:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43153
IP address blocks: 85.219.208.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:4f:84:84:ae:9d:49:8f:e0:8e:2b:21:c2:d3:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 2 06:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f6c4c54d50cd1b3753d4c7145dd2af77423e789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4d:d0:e9:f6:d1:c6:a2:46:75:7e:33:51:ef:
6d:5c:f6:19:b2:15:15:c6:06:b5:5f:5b:74:40:fc:
c8:1d:8d:5c:be:76:14:27:d2:c8:f4:9b:5a:8b:f5:
e4:8a:41:10:7b:bd:c3:74:07:48:5c:59:39:14:ee:
1f:b9:9b:b0:ed:82:69:cf:d0:ad:c4:59:66:d3:be:
b1:ed:8f:11:c5:fd:a2:33:23:6c:1b:7d:0e:64:c8:
42:91:b8:c7:d9:f6:40:77:7f:6d:fc:ab:1a:d4:dd:
33:fe:db:4b:d0:3b:86:ac:ee:cb:2d:d0:46:39:e6:
22:59:ad:ac:50:b9:8e:a8:64:ed:da:7a:fe:49:e2:
f6:4b:8e:47:67:fd:cd:24:04:53:e5:28:dc:49:97:
c5:7a:4e:e6:f6:28:88:2a:ae:e2:9c:05:26:c7:66:
6f:51:65:09:e8:21:ac:80:16:5a:eb:a4:a9:9d:be:
69:0e:48:72:b5:32:bd:02:3c:38:72:b2:32:36:b4:
e3:0f:09:22:7e:4d:1f:ca:fc:e4:0e:eb:fb:45:ea:
48:52:1b:6d:ac:13:60:79:aa:8d:85:52:c5:da:11:
70:72:fc:fd:4b:01:49:29:40:83:ca:1e:72:d5:f9:
cd:6a:d0:43:9e:df:e9:5a:fd:53:23:19:c0:9d:2e:
19:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:6C:4C:54:D5:0C:D1:B3:75:3D:4C:71:45:DD:2A:F7:74:23:E7:89
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/L2xMVNUM0bN1PUxxRd0q93Qj54k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.219.208.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:57:03:ea:43:a8:d7:21:b1:25:76:f3:22:0b:2d:75:0b:8b:
84:4f:ff:4e:0e:31:eb:06:c7:81:72:75:2b:ad:47:91:92:b3:
00:3c:b2:79:07:39:90:fd:92:3e:54:0b:04:e9:41:42:10:0c:
88:95:bc:3d:3f:f4:89:71:f4:97:e1:a6:4d:9f:cf:45:2c:20:
97:78:a7:cf:c1:36:6b:94:f4:0a:4a:75:cf:68:c2:4e:ac:27:
20:04:d7:36:8c:ec:c6:f1:e6:b4:6a:57:52:f4:45:f1:2a:2f:
41:8c:a7:2b:d7:20:25:8d:8c:7e:69:8c:56:4c:4d:c1:c1:f5:
98:d6:ab:67:f0:af:26:02:4b:2c:15:b4:94:15:a9:bd:30:30:
52:2b:f5:97:9e:a8:a2:a6:a5:af:b0:91:c8:eb:79:c1:32:c0:
1d:32:52:72:4b:65:39:c8:45:aa:c3:69:31:b7:87:93:c8:52:
68:3c:9c:3b:57:0c:16:60:d7:58:8a:ac:3c:31:d9:4f:42:11:
b5:60:be:24:79:b5:f4:c0:01:cb:08:a2:86:e6:95:8c:ce:fd:
cb:65:59:dc:67:32:0b:43:02:ad:d0:fe:8d:00:51:92:3a:c3:
11:ec:ad:9a:61:80:04:61:08:a7:ca:1e:51:02:42:9c:54:cb:
de:23:37:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFU+EhK6dSY/gjishwtOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjZjNGM1NGQ1MGNkMWIzNzUzZDRjNzE0NWRkMmFmNzc0MjNlNzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuU3Q6fbRxqJGdX4zUe9tXPYZshUV
xga1X1t0QPzIHY1cvnYUJ9LI9Jtai/XkikEQe73DdAdIXFk5FO4fuZuw7YJpz9Ct
xFlm076x7Y8Rxf2iMyNsG30OZMhCkbjH2fZAd39t/Ksa1N0z/ttL0DuGrO7LLdBG
OeYiWa2sULmOqGTt2nr+SeL2S45HZ/3NJART5SjcSZfFek7m9iiIKq7inAUmx2Zv
UWUJ6CGsgBZa66Spnb5pDkhytTK9Ajw4crIyNrTjDwkifk0fyvzkDuv7RepIUhtt
rBNgeaqNhVLF2hFwcvz9SwFJKUCDyh5y1fnNatBDnt/pWv1TIxnAnS4ZSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC9sTFTVDNGzdT1McUXdKvd0I+eJMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvTDJ4TVZOVU0wYk4xUFV4eFJkMHE5M1FqNTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVdvQMA0G
CSqGSIb3DQEBCwUAA4IBAQBqVwPqQ6jXIbEldvMiCy11C4uET/9ODjHrBseBcnUr
rUeRkrMAPLJ5BzmQ/ZI+VAsE6UFCEAyIlbw9P/SJcfSX4aZNn89FLCCXeKfPwTZr
lPQKSnXPaMJOrCcgBNc2jOzG8ea0aldS9EXxKi9BjKcr1yAljYx+aYxWTE3BwfWY
1qtn8K8mAkssFbSUFam9MDBSK/WXnqiipqWvsJHI63nBMsAdMlJyS2U5yEWqw2kx
t4eTyFJoPJw7VwwWYNdYiqw8MdlPQhG1YL4kebX0wAHLCKKG5pWMzv3LZVncZzIL
QwKt0P6NAFGSOsMR7K2aYYAEYQinyh5RAkKcVMveIzfh
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:22 2024 by rpki-client on console-ams.rpki-client.org