Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/7l4AOomCDQQ3bRcpjlj9rNoZb9s.roa
File: 7l4AOomCDQQ3bRcpjlj9rNoZb9s.roa (raw, json)
Hash identifier: N9ixwZxwFG1RsdUS4trhz2FYCHWMDa86MIaOveFdE2o=
Subject key identifier: EE:5E:00:3A:89:82:0D:04:37:6D:17:29:8E:58:FD:AC:DA:19:6F:DB
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B6A373ADFF6A093BB0ED5EBC3C7D5
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/7l4AOomCDQQ3bRcpjlj9rNoZb9s.roa
Signing time: Tue 02 Jan 2024 12:34:52 +0000
ROA not before: Tue 02 Jan 2024 12:34:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396006
IP address blocks: 85.208.154.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:6a:37:3a:df:f6:a0:93:bb:0e:d5:eb:c3:c7:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee5e003a89820d04376d17298e58fdacda196fdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f9:21:aa:4d:1a:7e:7a:80:73:50:5c:95:04:
ca:57:7e:66:62:7f:0d:25:48:35:52:6e:d2:5b:ab:
fb:f2:94:af:56:ff:f6:8e:d1:5b:aa:33:ad:08:45:
fa:dc:bb:88:64:28:75:96:df:85:4a:a0:0f:4e:f0:
83:59:7b:3b:5c:d9:1e:d7:59:27:1e:19:b6:c0:a4:
ec:f8:17:a3:a9:ae:ec:56:5b:6a:39:23:76:6a:3a:
69:da:e4:b7:fb:c4:2f:d2:68:25:33:79:2e:ae:e0:
be:5e:a1:40:9e:a7:f0:5e:2d:ba:df:06:41:f4:8c:
bb:e4:86:f3:b4:1a:60:d9:12:83:42:a8:52:86:c7:
59:f2:5b:91:60:26:72:fb:f5:71:98:1c:41:73:69:
77:37:90:ff:81:83:f3:8e:bc:29:cf:55:e5:cb:1c:
c9:15:cd:68:a5:cc:c7:16:9a:8a:c3:24:9a:4b:47:
03:50:14:ec:d7:49:6f:89:d0:90:12:79:c3:85:2e:
8a:45:a8:21:46:d9:e4:bb:d6:bc:87:24:14:c3:7d:
01:39:f7:a8:18:a1:fe:65:4e:78:84:0e:b3:df:dc:
ab:55:93:2c:e9:ff:af:cd:ad:af:cb:b0:5e:64:8b:
57:87:44:42:d0:25:7a:5b:12:49:f4:93:13:70:95:
1d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:5E:00:3A:89:82:0D:04:37:6D:17:29:8E:58:FD:AC:DA:19:6F:DB
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/7l4AOomCDQQ3bRcpjlj9rNoZb9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.154.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:52:5e:16:cd:0b:5d:1e:42:37:05:2a:76:b4:c6:fd:bd:3c:
cc:b1:a7:05:78:30:e5:ee:d8:c8:03:c4:2a:c0:fb:3c:0b:b2:
99:6b:bb:b0:0e:75:78:b1:eb:c3:06:7f:74:4c:a2:02:e7:d7:
d6:fd:d5:2a:4c:72:cc:a4:1b:99:ed:8a:63:31:53:69:3f:2d:
9e:f8:a7:be:42:7f:9d:eb:1c:ed:31:59:33:ac:d4:47:0f:a4:
ce:59:8f:a2:78:ec:12:4d:35:45:7d:20:1b:5e:e6:b7:e1:c0:
65:6b:cc:f5:c6:3b:e0:e8:bf:97:e5:83:03:16:c4:d8:3f:fc:
ee:a9:ad:ab:9d:2a:a0:73:bb:b1:f2:3a:00:f8:53:9f:95:64:
25:bf:e2:04:fd:f9:33:41:4f:de:13:33:d3:e5:98:d7:37:91:
db:e5:85:dd:f1:13:01:88:da:4b:e8:93:1e:48:5a:9a:1c:1d:
f0:c9:15:a5:34:63:23:06:62:b3:9b:7a:2b:d7:de:83:36:cb:
f8:3b:fc:b1:de:b6:1f:08:d7:1f:5c:c9:4c:af:84:92:e1:f4:
7e:c6:ed:83:0d:68:42:aa:64:71:23:83:43:1f:70:fe:a0:db:
5a:3b:84:62:c5:df:fc:0a:2a:10:79:97:bd:08:f1:79:38:c1:
a0:8c:cc:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK2o3Ot/2oJO7DtXrw8fVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTVlMDAzYTg5ODIwZDA0Mzc2ZDE3Mjk4ZTU4ZmRhY2RhMTk2ZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfkhqk0afnqAc1BclQTKV35mYn8N
JUg1Um7SW6v78pSvVv/2jtFbqjOtCEX63LuIZCh1lt+FSqAPTvCDWXs7XNke11kn
Hhm2wKTs+Bejqa7sVltqOSN2ajpp2uS3+8Qv0mglM3kuruC+XqFAnqfwXi263wZB
9Iy75IbztBpg2RKDQqhShsdZ8luRYCZy+/VxmBxBc2l3N5D/gYPzjrwpz1XlyxzJ
Fc1opczHFpqKwySaS0cDUBTs10lvidCQEnnDhS6KRaghRtnku9a8hyQUw30BOfeo
GKH+ZU54hA6z39yrVZMs6f+vza2vy7BeZItXh0RC0CV6WxJJ9JMTcJUdiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO5eADqJgg0EN20XKY5Y/azaGW/bMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvN2w0QU9vbUNEUVEzYlJjcGpsajlyTm9aYjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdCaMA0G
CSqGSIb3DQEBCwUAA4IBAQAPUl4WzQtdHkI3BSp2tMb9vTzMsacFeDDl7tjIA8Qq
wPs8C7KZa7uwDnV4sevDBn90TKIC59fW/dUqTHLMpBuZ7YpjMVNpPy2e+Ke+Qn+d
6xztMVkzrNRHD6TOWY+ieOwSTTVFfSAbXua34cBla8z1xjvg6L+X5YMDFsTYP/zu
qa2rnSqgc7ux8joA+FOflWQlv+IE/fkzQU/eEzPT5ZjXN5Hb5YXd8RMBiNpL6JMe
SFqaHB3wyRWlNGMjBmKzm3or196DNsv4O/yx3rYfCNcfXMlMr4SS4fR+xu2DDWhC
qmRxI4NDH3D+oNtaO4Rixd/8CioQeZe9CPF5OMGgjMwR
-----END CERTIFICATE-----
Generated at Fri Jan 5 14:17:38 2024 by rpki-client on console-ams.rpki-client.org