Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ehCl3N8Ex42psCxqcUAK80g6rrc.roa
File: ehCl3N8Ex42psCxqcUAK80g6rrc.roa (raw, json)
Hash identifier: PRWgr274fUqzQ+h9x9i1cLq/mjXCMLJRFh8fudu3gic=
Subject key identifier: 7A:10:A5:DC:DF:04:C7:8D:A9:B0:2C:6A:71:40:0A:F3:48:3A:AE:B7
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C53E9E62FD4D50AE32DD938EF937B43
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ehCl3N8Ex42psCxqcUAK80g6rrc.roa
Signing time: Sun 01 Jan 2023 07:55:16 +0000
ROA not before: Sun 01 Jan 2023 07:55:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38047
IP address blocks: 85.209.254.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:e9:e6:2f:d4:d5:0a:e3:2d:d9:38:ef:93:7b:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a10a5dcdf04c78da9b02c6a71400af3483aaeb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:04:b9:bc:dc:75:50:5a:0f:41:a1:23:09:3a:
16:81:d9:79:38:01:8a:9c:45:9b:a1:06:94:86:6f:
02:3c:e3:5f:a8:d7:6f:e4:4d:1d:05:51:2b:d3:c8:
63:85:8b:f2:eb:05:2f:dd:43:ea:98:8d:3d:7a:f1:
b9:5e:6b:04:78:51:ed:16:8f:60:00:92:a6:d8:b4:
dc:76:69:0f:61:96:b2:2d:a2:03:cf:8f:1d:53:c5:
75:51:71:21:26:2e:61:f6:e8:25:c0:21:9f:dc:52:
2b:d8:6f:fc:71:98:c9:46:54:a6:32:9c:9d:44:03:
98:ab:41:79:72:6a:ef:90:45:22:8b:4e:b8:d1:b5:
c2:59:66:f8:47:dd:4e:5a:92:33:32:66:7f:b8:dc:
77:22:b6:a0:4c:31:e2:93:f3:c1:d8:70:c6:4b:15:
12:c0:6e:d3:c3:1e:0f:cc:b7:9e:bb:6d:da:8a:2b:
1e:ae:b9:0c:d6:57:da:9a:93:a2:c4:af:e2:34:af:
63:41:21:a6:bc:f5:1d:85:6e:d6:04:82:fd:47:3e:
e2:42:68:ea:a9:d1:c4:ce:08:ec:8d:46:39:5e:69:
2b:bc:36:c8:21:13:35:cf:8e:57:2d:39:33:1f:8d:
19:58:28:cb:5e:83:ff:05:21:c7:b9:f7:80:dd:8c:
99:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:10:A5:DC:DF:04:C7:8D:A9:B0:2C:6A:71:40:0A:F3:48:3A:AE:B7
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ehCl3N8Ex42psCxqcUAK80g6rrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.254.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:6f:f3:87:71:f2:87:9e:09:dc:a3:ae:8d:74:00:fb:5c:37:
be:2a:d2:c0:af:80:0a:e0:13:00:25:1d:1c:a9:44:c0:8c:2e:
ff:f7:73:f5:87:1d:45:93:b4:66:30:29:8e:b2:bd:dc:58:d3:
de:07:4d:b2:c9:2a:20:3b:2a:12:ff:c4:8b:eb:48:36:db:30:
22:da:3a:e2:e4:b8:ca:31:2e:a2:2a:86:37:66:65:ac:fc:e5:
f5:fa:1b:8e:32:6a:23:8d:69:43:68:3c:20:b4:33:d8:1d:49:
ed:ce:91:ec:4f:45:67:08:8d:b6:4c:38:29:7c:60:50:10:c9:
df:8e:3e:96:bb:bf:87:84:c3:7b:94:c6:4e:ae:df:93:55:29:
bd:6b:c6:88:4d:aa:44:7d:c8:2e:6e:56:66:a6:b6:67:0a:ed:
5f:59:66:e1:df:ca:79:b3:d3:a5:44:da:39:01:73:d5:9e:b5:
1b:f7:59:91:96:3f:2b:00:a8:3c:9e:0d:4d:45:36:71:8a:06:
ba:b0:6e:4a:36:5c:d5:2d:0d:d2:ed:58:68:1a:75:56:f9:aa:
59:d2:16:61:8e:42:91:cb:5e:4a:55:3c:37:e9:01:6f:44:1f:
5c:90:38:b8:2f:22:a7:cf:ed:92:2e:e3:b0:55:3b:77:2f:5d:
03:48:e7:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsU+nmL9TVCuMt2Tjvk3tDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTEwYTVkY2RmMDRjNzhkYTliMDJjNmE3MTQwMGFmMzQ4M2FhZWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQS5vNx1UFoPQaEjCToWgdl5OAGK
nEWboQaUhm8CPONfqNdv5E0dBVEr08hjhYvy6wUv3UPqmI09evG5XmsEeFHtFo9g
AJKm2LTcdmkPYZayLaIDz48dU8V1UXEhJi5h9uglwCGf3FIr2G/8cZjJRlSmMpyd
RAOYq0F5cmrvkEUii0640bXCWWb4R91OWpIzMmZ/uNx3IragTDHik/PB2HDGSxUS
wG7Twx4PzLeeu23aiiserrkM1lfampOixK/iNK9jQSGmvPUdhW7WBIL9Rz7iQmjq
qdHEzgjsjUY5XmkrvDbIIRM1z45XLTkzH40ZWCjLXoP/BSHHufeA3YyZKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHoQpdzfBMeNqbAsanFACvNIOq63MB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvZWhDbDNOOEV4NDJwc0N4cWNVQUs4MGc2cnJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdH+MA0G
CSqGSIb3DQEBCwUAA4IBAQCnb/OHcfKHngnco66NdAD7XDe+KtLAr4AK4BMAJR0c
qUTAjC7/93P1hx1Fk7RmMCmOsr3cWNPeB02yySogOyoS/8SL60g22zAi2jri5LjK
MS6iKoY3ZmWs/OX1+huOMmojjWlDaDwgtDPYHUntzpHsT0VnCI22TDgpfGBQEMnf
jj6Wu7+HhMN7lMZOrt+TVSm9a8aITapEfcgublZmprZnCu1fWWbh38p5s9OlRNo5
AXPVnrUb91mRlj8rAKg8ng1NRTZxiga6sG5KNlzVLQ3S7VhoGnVW+apZ0hZhjkKR
y15KVTw36QFvRB9ckDi4LyKnz+2SLuOwVTt3L10DSOfb
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:00 2024 by rpki-client on console-ams.rpki-client.org