Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/81f3b6-6d40-4902-bee1-3f39d76424fb/1/cDSvgO122Wn_LPQCaR7lFMN6Q1w.roa
File: cDSvgO122Wn_LPQCaR7lFMN6Q1w.roa (raw, json)
Hash identifier: MGd49eC4zI02bdlhzp/+X3UvCmBVy8IwuMNx/7ltBEk=
Subject key identifier: 70:34:AF:80:ED:76:D9:69:FF:2C:F4:02:69:1E:E5:14:C3:7A:43:5C
Certificate issuer: /CN=17fff1e78c37499d72d108ba728ef029b7f0e7f3
Certificate serial: 018570B095E3DE25E25A7EC9DFEF08BA85EB
Authority key identifier: 17:FF:F1:E7:8C:37:49:9D:72:D1:08:BA:72:8E:F0:29:B7:F0:E7:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F__x54w3SZ1y0Qi6co7wKbfw5_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/81f3b6-6d40-4902-bee1-3f39d76424fb/1/cDSvgO122Wn_LPQCaR7lFMN6Q1w.roa
Signing time: Mon 02 Jan 2023 04:14:58 +0000
ROA not before: Mon 02 Jan 2023 04:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2589
IP address blocks: 85.119.96.0/21 maxlen: 24
178.251.168.0/21 maxlen: 24
185.21.20.0/22 maxlen: 24
2a00:ea40::/32 maxlen: 56
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:31:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:95:e3:de:25:e2:5a:7e:c9:df:ef:08:ba:85:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17fff1e78c37499d72d108ba728ef029b7f0e7f3
Validity
Not Before: Jan 2 04:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7034af80ed76d969ff2cf402691ee514c37a435c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:13:22:61:1c:7c:3e:0a:27:9b:5e:86:9b:52:
2f:6f:25:5f:9b:47:1a:e6:71:53:eb:db:7f:ab:46:
d4:20:54:73:b9:de:69:86:2f:db:60:e8:98:3d:38:
9d:fa:05:87:af:99:67:b3:d1:67:3a:33:7f:bd:92:
20:05:98:86:96:a6:b4:63:93:48:7b:88:3a:5d:83:
b6:f6:cf:28:6a:25:d7:2b:17:6a:9e:e8:85:3e:86:
e8:d5:ce:82:26:a1:1b:ad:6c:3d:ac:74:83:48:db:
b8:03:f7:31:35:54:ec:fa:2a:c6:e0:6e:c1:ea:78:
bc:76:28:4b:81:f3:18:fb:06:ea:78:1e:20:b3:f1:
c5:b4:fd:e7:42:9b:6e:51:fb:c9:d2:b0:54:e4:06:
44:10:6c:e0:64:83:92:18:3f:0c:90:d8:fa:76:d3:
91:e6:6b:06:c1:c8:d4:be:66:b6:0a:4b:0e:17:dd:
d8:35:97:6e:69:a8:e6:e8:43:45:65:21:59:69:8e:
b3:8c:49:cd:8c:46:5b:dc:5a:3c:7e:91:31:35:fb:
5b:bf:6c:58:6e:6e:64:41:4e:9a:1d:83:7d:a3:ad:
a7:e4:85:1b:6a:5b:4c:e8:10:f0:8c:46:fb:e0:18:
0c:54:52:5a:df:03:11:fa:71:38:87:b9:67:33:ba:
25:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:34:AF:80:ED:76:D9:69:FF:2C:F4:02:69:1E:E5:14:C3:7A:43:5C
X509v3 Authority Key Identifier:
keyid:17:FF:F1:E7:8C:37:49:9D:72:D1:08:BA:72:8E:F0:29:B7:F0:E7:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F__x54w3SZ1y0Qi6co7wKbfw5_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/81f3b6-6d40-4902-bee1-3f39d76424fb/1/cDSvgO122Wn_LPQCaR7lFMN6Q1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/81f3b6-6d40-4902-bee1-3f39d76424fb/1/F__x54w3SZ1y0Qi6co7wKbfw5_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.119.96.0/21
178.251.168.0/21
185.21.20.0/22
IPv6:
2a00:ea40::/32
Signature Algorithm: sha256WithRSAEncryption
47:0b:c1:cf:0c:75:f9:a8:26:51:68:46:55:02:de:c2:8e:0f:
c6:ba:96:36:82:6a:93:f0:5c:d8:e1:23:12:c6:74:6c:4c:d0:
36:7d:35:ed:60:62:af:a4:16:f2:a4:33:fb:ec:65:96:6f:f2:
de:16:ef:8e:6f:c4:33:c5:2b:9a:63:2d:45:3b:d0:d9:9e:82:
0f:f4:01:78:a4:7a:dc:3d:e9:54:d1:c2:23:8a:a0:6c:fa:b0:
7f:e9:de:26:2d:dd:11:f4:01:4f:ba:73:f6:89:7f:e5:e7:5e:
65:da:43:f6:e7:87:20:73:ed:79:42:01:7b:87:7e:83:0d:d3:
ca:19:a8:74:9f:a6:62:e9:92:07:3e:cc:97:91:42:57:bb:f2:
44:0a:8f:5c:11:4d:1f:8e:e6:a2:80:19:03:de:82:80:ba:12:
3e:65:cf:8b:8c:18:33:69:d6:e1:ec:ae:9d:b1:87:9b:32:45:
ff:94:8d:d5:46:e1:91:ba:6e:3a:ac:4b:0d:78:45:4a:46:0f:
21:51:1d:15:73:fc:ff:f6:13:c8:16:35:08:71:b0:9f:13:b8:
96:5b:0a:21:85:3f:32:5a:d6:0b:a6:f1:af:6b:64:33:8f:f3:
70:45:9f:30:69:6d:3f:b2:34:6e:f6:97:98:11:8f:00:6e:d9:
e8:94:75:d0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVwsJXj3iXiWn7J3+8IuoXrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZmZmMWU3OGMzNzQ5OWQ3MmQxMDhiYTcyOGVmMDI5Yjdm
MGU3ZjMwHhcNMjMwMTAyMDQxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDM0YWY4MGVkNzZkOTY5ZmYyY2Y0MDI2OTFlZTUxNGMzN2E0MzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBMiYRx8Pgonm16Gm1IvbyVfm0ca
5nFT69t/q0bUIFRzud5phi/bYOiYPTid+gWHr5lns9FnOjN/vZIgBZiGlqa0Y5NI
e4g6XYO29s8oaiXXKxdqnuiFPobo1c6CJqEbrWw9rHSDSNu4A/cxNVTs+irG4G7B
6ni8dihLgfMY+wbqeB4gs/HFtP3nQptuUfvJ0rBU5AZEEGzgZIOSGD8MkNj6dtOR
5msGwcjUvma2CksOF93YNZduaajm6ENFZSFZaY6zjEnNjEZb3Fo8fpExNftbv2xY
bm5kQU6aHYN9o62n5IUbaltM6BDwjEb74BgMVFJa3wMR+nE4h7lnM7olbQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHA0r4Dtdtlp/yz0Amke5RTDekNcMB8GA1UdIwQY
MBaAFBf/8eeMN0mdctEIunKO8Cm38OfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRl9feDU0dzNTWjF5MFFpNmNvN3dLYmZ3NV9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi84MWYzYjYtNmQ0MC00OTAyLWJlZTEt
M2YzOWQ3NjQyNGZiLzEvY0RTdmdPMTIyV25fTFBRQ2FSN2xGTU42UTF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi84MWYzYjYtNmQ0MC00OTAyLWJlZTEtM2YzOWQ3NjQyNGZi
LzEvRl9feDU0dzNTWjF5MFFpNmNvN3dLYmZ3NV9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDVXdgAwQD
svuoAwQCuRUUMA0EAgACMAcDBQAqAOpAMA0GCSqGSIb3DQEBCwUAA4IBAQBHC8HP
DHX5qCZRaEZVAt7Cjg/GupY2gmqT8FzY4SMSxnRsTNA2fTXtYGKvpBbypDP77GWW
b/LeFu+Ob8QzxSuaYy1FO9DZnoIP9AF4pHrcPelU0cIjiqBs+rB/6d4mLd0R9AFP
unP2iX/l515l2kP254cgc+15QgF7h36DDdPKGah0n6Zi6ZIHPsyXkUJXu/JECo9c
EU0fjuaigBkD3oKAuhI+Zc+LjBgzadbh7K6dsYebMkX/lI3VRuGRum46rEsNeEVK
Rg8hUR0Vc/z/9hPIFjUIcbCfE7iWWwohhT8yWtYLpvGva2Qzj/NwRZ8waW0/sjRu
9peYEY8AbtnolHXQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:33 2024 by rpki-client on console-ams.rpki-client.org