Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/f-fNL34Ae1LQEAViajpcGc1goFY.roa
File: f-fNL34Ae1LQEAViajpcGc1goFY.roa (raw, json)
Hash identifier: 3xtpNnbQptWe45yir6THmVPqzBpzApKXb0BNW01I0f0=
Subject key identifier: 7F:E7:CD:2F:7E:00:7B:52:D0:10:05:62:6A:3A:5C:19:CD:60:A0:56
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0185710C3B4AD6A5DBDD97A2B2A95410079A
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/f-fNL34Ae1LQEAViajpcGc1goFY.roa
Signing time: Mon 02 Jan 2023 05:55:05 +0000
ROA not before: Mon 02 Jan 2023 05:55:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209019
IP address blocks: 185.221.161.0/24 maxlen: 24
85.209.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:3b:4a:d6:a5:db:dd:97:a2:b2:a9:54:10:07:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 05:55:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7fe7cd2f7e007b52d01005626a3a5c19cd60a056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:bf:da:c8:77:67:17:ad:a2:04:87:b1:92:55:
fb:15:65:84:76:e4:c6:d0:43:c9:45:23:de:e1:fd:
ab:34:b5:02:0d:7e:3b:a8:b6:e4:0d:2b:7e:b1:eb:
82:d2:f5:d9:2f:53:00:14:e1:c8:b8:c9:87:ec:4c:
e4:20:76:93:21:7c:bb:82:ea:06:31:d6:f2:2c:6d:
86:e8:72:0a:7e:ec:a1:62:5b:ea:93:73:39:3d:57:
3d:82:54:44:72:07:53:47:f2:05:80:7a:9b:f8:18:
c6:23:52:46:e5:60:00:e9:01:27:36:96:7c:a2:16:
7b:f4:df:8b:22:25:b5:70:77:18:68:81:0d:78:ab:
0b:ed:19:aa:dd:b0:78:ed:54:b1:75:5a:63:46:b7:
78:d0:ff:0c:1a:e3:53:94:89:21:86:32:92:1e:8f:
83:76:65:a8:15:40:aa:6c:6b:6c:f0:a1:af:29:b1:
25:bd:be:94:38:65:b1:a8:96:d8:63:93:f0:67:ac:
72:d7:0f:ad:2c:bb:1d:89:29:f6:87:db:6e:07:cf:
df:69:0c:c7:1c:d8:de:c4:03:d6:08:07:f3:68:6f:
be:30:14:0d:3a:3f:f3:97:37:d4:d0:e0:d4:86:ef:
4d:b7:de:85:cb:fb:7b:9e:93:5b:55:d4:73:cf:5f:
66:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:E7:CD:2F:7E:00:7B:52:D0:10:05:62:6A:3A:5C:19:CD:60:A0:56
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/f-fNL34Ae1LQEAViajpcGc1goFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.1.0/24
185.221.161.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:ee:5f:71:94:3f:6c:8a:bc:3d:e1:88:ee:1c:8c:b6:82:1c:
e6:ec:05:b5:6a:3f:af:3f:03:a7:a8:36:0f:b3:ba:a5:c2:a4:
94:95:16:a5:6d:ce:1c:ca:3f:4d:1c:38:88:7d:d4:82:fc:65:
e7:97:15:b5:15:db:49:b4:c2:96:84:eb:92:fe:07:ae:aa:41:
9b:62:b7:ca:26:e9:11:f7:e7:58:71:29:c2:1c:6c:db:7b:c3:
ed:c1:d3:c5:d8:5a:33:2f:9a:92:e6:f4:dc:b9:b0:b0:cf:45:
6c:24:dd:96:0a:22:98:b7:73:84:63:b5:9d:22:01:6c:d6:68:
68:82:2a:d7:15:f8:a5:4b:ff:8c:e8:4f:fe:5d:4f:16:74:39:
9e:b9:96:8b:e9:88:26:40:a9:d6:d0:16:9f:ae:fa:9a:8f:49:
16:53:8b:9d:b3:18:f6:56:44:35:3b:9a:f1:83:d3:bb:80:88:
6d:95:1f:93:3b:b6:8c:70:32:34:d1:55:2c:ad:a5:36:ba:b0:
7e:06:0f:4c:44:e9:c7:69:62:10:ca:be:4c:8a:99:de:e5:f4:
18:9c:22:62:79:12:c6:39:81:ff:30:60:14:7c:4f:19:18:72:
bb:e9:c4:17:27:cc:e9:64:e8:46:b0:5c:ad:43:8a:d5:e3:00:
f4:c9:08:2c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxDDtK1qXb3ZeisqlUEAeaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTAyMDU1NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmU3Y2QyZjdlMDA3YjUyZDAxMDA1NjI2YTNhNWMxOWNkNjBhMDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7/ayHdnF62iBIexklX7FWWEduTG
0EPJRSPe4f2rNLUCDX47qLbkDSt+seuC0vXZL1MAFOHIuMmH7EzkIHaTIXy7guoG
MdbyLG2G6HIKfuyhYlvqk3M5PVc9glREcgdTR/IFgHqb+BjGI1JG5WAA6QEnNpZ8
ohZ79N+LIiW1cHcYaIENeKsL7Rmq3bB47VSxdVpjRrd40P8MGuNTlIkhhjKSHo+D
dmWoFUCqbGts8KGvKbElvb6UOGWxqJbYY5PwZ6xy1w+tLLsdiSn2h9tuB8/faQzH
HNjexAPWCAfzaG++MBQNOj/zlzfU0ODUhu9Nt96Fy/t7npNbVdRzz19mOQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH/nzS9+AHtS0BAFYmo6XBnNYKBWMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvZi1mTkwzNEFlMUxRRUFWaWFqcGNHYzFnb0ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVdEBAwQA
ud2hMA0GCSqGSIb3DQEBCwUAA4IBAQCe7l9xlD9sirw94YjuHIy2ghzm7AW1aj+v
PwOnqDYPs7qlwqSUlRalbc4cyj9NHDiIfdSC/GXnlxW1FdtJtMKWhOuS/geuqkGb
YrfKJukR9+dYcSnCHGzbe8PtwdPF2FozL5qS5vTcubCwz0VsJN2WCiKYt3OEY7Wd
IgFs1mhogirXFfilS/+M6E/+XU8WdDmeuZaL6YgmQKnW0Bafrvqaj0kWU4udsxj2
VkQ1O5rxg9O7gIhtlR+TO7aMcDI00VUsraU2urB+Bg9MROnHaWIQyr5Mipne5fQY
nCJieRLGOYH/MGAUfE8ZGHK76cQXJ8zpZOhGsFytQ4rV4wD0yQgs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org