Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/uXj2wCvJaQ-F8e38VF0a8MZUM-8.roa
File: uXj2wCvJaQ-F8e38VF0a8MZUM-8.roa (raw, json)
Hash identifier: NbNdD+qLDELB7Ys2Bbjo3azUSiU91geIyr0sCg4lFuI=
Subject key identifier: B9:78:F6:C0:2B:C9:69:0F:85:F1:ED:FC:54:5D:1A:F0:C6:54:33:EF
Certificate issuer: /CN=8e0840804c6680c41f21e8726f380b95e69e9447
Certificate serial: 018CC424595A4C05E603C469FAA28F8E727E
Authority key identifier: 8E:08:40:80:4C:66:80:C4:1F:21:E8:72:6F:38:0B:95:E6:9E:94:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jghAgExmgMQfIehybzgLleaelEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/uXj2wCvJaQ-F8e38VF0a8MZUM-8.roa
Signing time: Mon 01 Jan 2024 08:29:25 +0000
ROA not before: Mon 01 Jan 2024 08:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21430
IP address blocks: 85.209.124.0/23 maxlen: 23
85.209.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:59:5a:4c:05:e6:03:c4:69:fa:a2:8f:8e:72:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e0840804c6680c41f21e8726f380b95e69e9447
Validity
Not Before: Jan 1 08:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b978f6c02bc9690f85f1edfc545d1af0c65433ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:61:ec:38:d8:ea:de:1d:e7:4a:6b:ed:3f:4d:
e7:b2:a2:f1:cd:91:97:36:e9:5e:a9:5f:ce:a4:58:
5b:5e:65:8c:5a:ff:8a:64:96:38:d1:59:d6:eb:de:
fe:91:f4:4b:87:1a:76:18:d6:3a:91:ed:1d:d3:89:
2c:f3:4a:d2:f3:cb:7b:80:27:bb:aa:15:8e:86:24:
f1:bb:a3:20:ef:23:8c:0f:66:7f:ac:10:1d:85:23:
c8:1c:75:f6:0d:f4:c2:41:1b:ba:16:2e:5c:db:ca:
fa:fe:66:6e:a7:77:57:41:56:4d:df:53:4f:34:0f:
82:62:9a:4e:56:12:be:4d:86:6e:cf:6c:6b:d4:ff:
b7:4e:d3:d8:d7:2e:b3:c2:96:1c:07:5e:8a:69:7f:
8e:2e:86:aa:26:24:78:9e:47:ec:73:85:b2:d3:d5:
da:cd:c4:82:e1:9b:32:e6:ea:96:48:bd:e8:dd:01:
65:89:88:b5:c5:b6:d4:a9:6c:41:0e:f5:85:9b:51:
12:bb:78:fd:5c:f3:a1:67:d3:52:8c:9b:78:b3:56:
a0:42:45:21:37:4b:0e:fd:2c:08:f8:e4:18:86:a2:
36:ee:a9:1e:fd:9d:64:96:53:b4:bb:ef:c8:2f:1f:
7f:75:5e:a4:27:b0:4a:b1:c4:92:74:ea:d6:60:05:
6a:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:78:F6:C0:2B:C9:69:0F:85:F1:ED:FC:54:5D:1A:F0:C6:54:33:EF
X509v3 Authority Key Identifier:
keyid:8E:08:40:80:4C:66:80:C4:1F:21:E8:72:6F:38:0B:95:E6:9E:94:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jghAgExmgMQfIehybzgLleaelEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/uXj2wCvJaQ-F8e38VF0a8MZUM-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.124.0-85.209.126.255
Signature Algorithm: sha256WithRSAEncryption
84:c1:17:fb:c3:ba:fe:17:80:5b:48:a1:27:8c:9e:cb:01:ea:
3a:a0:c4:92:90:d9:61:9d:90:18:45:74:36:e3:94:e4:31:6d:
01:a8:30:75:19:34:15:87:37:5e:98:c4:5b:e6:1e:1d:c2:67:
66:cc:36:52:6d:a1:91:b2:70:9c:6d:b0:23:31:ea:d5:b3:e7:
b9:99:2b:b1:68:17:c7:5a:71:86:2c:f1:b2:9f:44:1b:64:95:
96:4b:40:b6:e4:ba:c7:b6:b5:2f:a7:cc:b7:1f:23:b5:75:ac:
11:04:29:d0:cb:ae:29:3f:e6:5a:a9:41:b9:44:bd:5c:d2:92:
c1:4f:df:16:7f:67:de:21:fd:bb:8b:bb:cd:42:30:50:ef:c6:
7f:a2:18:f1:c8:75:1a:a5:91:e1:0e:94:92:06:75:b8:fb:ab:
14:25:ce:99:35:43:c7:3c:a7:76:d7:99:be:c4:21:bd:8b:b0:
a5:99:35:90:e0:96:04:09:8d:c0:ea:06:9c:24:f2:6c:b0:2f:
72:f6:0c:2d:d6:ed:fa:16:81:91:17:e5:01:a9:ef:1c:16:59:
6e:6c:fd:72:ec:8b:4e:38:7a:fa:bf:dc:0e:15:ec:7f:88:ab:
1f:a6:e3:2a:8f:0e:47:49:0c:41:48:7c:1f:65:d8:ac:f7:ae:
6b:72:2e:09
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzEJFlaTAXmA8Rp+qKPjnJ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMDg0MDgwNGM2NjgwYzQxZjIxZTg3MjZmMzgwYjk1ZTY5
ZTk0NDcwHhcNMjQwMTAxMDgyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTc4ZjZjMDJiYzk2OTBmODVmMWVkZmM1NDVkMWFmMGM2NTQzM2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGHsONjq3h3nSmvtP03nsqLxzZGX
NuleqV/OpFhbXmWMWv+KZJY40VnW697+kfRLhxp2GNY6ke0d04ks80rS88t7gCe7
qhWOhiTxu6Mg7yOMD2Z/rBAdhSPIHHX2DfTCQRu6Fi5c28r6/mZup3dXQVZN31NP
NA+CYppOVhK+TYZuz2xr1P+3TtPY1y6zwpYcB16KaX+OLoaqJiR4nkfsc4Wy09Xa
zcSC4Zsy5uqWSL3o3QFliYi1xbbUqWxBDvWFm1ESu3j9XPOhZ9NSjJt4s1agQkUh
N0sO/SwI+OQYhqI27qke/Z1kllO0u+/ILx9/dV6kJ7BKscSSdOrWYAVqhQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLl49sAryWkPhfHt/FRdGvDGVDPvMB8GA1UdIwQY
MBaAFI4IQIBMZoDEHyHocm84C5XmnpRHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamdoQWdFeG1nTVFmSWVoeWJ6Z0xsZWFlbEVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9jZWU1NzItMzQyMC00NWU0LTg3YjYt
YzI3OTk3NTNjODUzLzEvdVhqMndDdkphUS1GOGUzOFZGMGE4TVpVTS04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9jZWU1NzItMzQyMC00NWU0LTg3YjYtYzI3OTk3NTNjODUz
LzEvamdoQWdFeG1nTVFmSWVoeWJ6Z0xsZWFlbEVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJV0XwD
BABV0X4wDQYJKoZIhvcNAQELBQADggEBAITBF/vDuv4XgFtIoSeMnssB6jqgxJKQ
2WGdkBhFdDbjlOQxbQGoMHUZNBWHN16YxFvmHh3CZ2bMNlJtoZGycJxtsCMx6tWz
57mZK7FoF8dacYYs8bKfRBtklZZLQLbkuse2tS+nzLcfI7V1rBEEKdDLrik/5lqp
QblEvVzSksFP3xZ/Z94h/buLu81CMFDvxn+iGPHIdRqlkeEOlJIGdbj7qxQlzpk1
Q8c8p3bXmb7EIb2LsKWZNZDglgQJjcDqBpwk8mywL3L2DC3W7foWgZEX5QGp7xwW
WW5s/XLsi044evq/3A4V7H+Iqx+m4yqPDkdJDEFIfB9l2Kz3rmtyLgk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:34 2025 by rpki-client