Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/l9E9aE6i0gDiOaxWD2bQQwpNw-c.roa
File: l9E9aE6i0gDiOaxWD2bQQwpNw-c.roa (raw, json)
Hash identifier: kgFxBMeBIo24SAO0C33skbhdLHN8gLisskDzOLBKy6Q=
Subject key identifier: 97:D1:3D:68:4E:A2:D2:00:E2:39:AC:56:0F:66:D0:43:0A:4D:C3:E7
Certificate issuer: /CN=20b5100e798fab7577bf725ac9569ea80e6c2a04
Certificate serial: 018EA4AE398B8A4DA71AC06463D86D3330CA
Authority key identifier: 20:B5:10:0E:79:8F:AB:75:77:BF:72:5A:C9:56:9E:A8:0E:6C:2A:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ILUQDnmPq3V3v3JayVaeqA5sKgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/l9E9aE6i0gDiOaxWD2bQQwpNw-c.roa
Signing time: Wed 03 Apr 2024 15:57:45 +0000
ROA not before: Wed 03 Apr 2024 15:57:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44703
IP address blocks: 85.115.64.0/19 maxlen: 19
85.115.64.0/24 maxlen: 24
85.115.65.0/24 maxlen: 24
85.115.70.0/24 maxlen: 24
85.115.71.0/24 maxlen: 24
85.115.72.0/21 maxlen: 21
85.115.80.0/21 maxlen: 21
85.115.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Apr 2024 07:13:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a4:ae:39:8b:8a:4d:a7:1a:c0:64:63:d8:6d:33:30:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20b5100e798fab7577bf725ac9569ea80e6c2a04
Validity
Not Before: Apr 3 15:57:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97d13d684ea2d200e239ac560f66d0430a4dc3e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ea:85:ab:8a:01:a4:aa:b2:72:2c:e5:a6:c8:
53:d1:1c:e5:17:7e:65:af:f9:94:50:36:70:6b:6f:
54:1b:ab:61:44:29:e0:b8:fb:db:e1:85:54:b2:15:
6d:5e:8d:d3:8a:be:ba:f5:71:f7:0e:c4:06:81:10:
46:c2:2e:1d:29:05:de:3b:ef:c3:70:9e:31:e8:74:
0d:b9:4f:5f:a6:2a:48:b8:3d:7b:d6:8e:4c:ff:83:
0f:26:e1:59:34:75:c4:c5:79:fb:10:a5:93:64:56:
3e:9a:ed:d0:cf:a8:9f:ee:21:62:31:c4:c2:60:67:
55:a6:18:70:07:33:c3:65:c9:4a:62:98:3e:ff:89:
3a:96:c7:a3:0e:c6:6f:81:b1:36:9b:25:aa:2b:e7:
c3:78:55:86:24:52:98:13:4b:f6:b1:b6:c4:93:0b:
b7:91:97:00:ac:93:cd:d2:d0:a9:06:22:26:bd:fc:
20:b9:56:54:ff:a0:2d:a1:eb:1a:57:61:f3:47:38:
d3:2f:c7:26:85:87:ca:2f:70:8d:67:1f:47:2a:03:
1e:42:a5:ec:2f:89:ac:51:28:da:c4:79:aa:aa:a8:
cc:85:c5:6f:87:61:0b:1b:d7:5b:8b:2c:26:81:c4:
12:89:55:df:d9:f3:d9:73:99:de:a9:eb:f0:17:a9:
53:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:D1:3D:68:4E:A2:D2:00:E2:39:AC:56:0F:66:D0:43:0A:4D:C3:E7
X509v3 Authority Key Identifier:
keyid:20:B5:10:0E:79:8F:AB:75:77:BF:72:5A:C9:56:9E:A8:0E:6C:2A:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ILUQDnmPq3V3v3JayVaeqA5sKgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/l9E9aE6i0gDiOaxWD2bQQwpNw-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/ILUQDnmPq3V3v3JayVaeqA5sKgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.64.0/19
Signature Algorithm: sha256WithRSAEncryption
94:73:b0:1b:df:fd:06:8c:0c:ec:96:8c:ca:ff:8c:76:45:6d:
13:70:7d:a8:03:81:e5:98:05:bc:cf:9a:6c:dc:aa:4d:c9:37:
61:b3:36:32:f8:69:85:cf:e7:9e:d0:1c:9d:09:ab:91:45:0f:
5e:f1:87:a0:91:0f:f8:78:e2:01:8a:ce:ea:9f:05:55:1f:ff:
47:fe:05:fb:36:cf:f5:44:40:e6:d3:28:a2:24:5c:c0:57:00:
e6:30:41:ea:7a:8d:be:d8:d3:28:ed:4d:bb:24:cc:97:43:5d:
95:6c:ef:22:b9:7a:01:af:a3:df:08:17:7f:53:0c:d4:13:48:
47:a5:0e:39:41:5a:fc:33:21:a0:f5:2a:a4:43:76:5c:f7:ac:
12:f7:78:7b:05:75:32:5d:fc:54:f5:27:73:f4:4d:c3:88:c3:
52:33:9f:81:62:df:f1:e6:6d:7f:59:27:1e:17:71:28:18:5b:
27:ec:7f:72:c7:7d:0b:a0:3b:79:f0:1a:27:cf:07:f5:43:aa:
96:0e:f2:83:40:a0:a0:86:08:a9:40:36:ce:cc:5a:d2:d3:f1:
91:8c:44:a4:5f:4c:6a:b6:81:62:54:18:bc:ce:f3:de:4f:d8:
3b:ff:0d:35:c6:84:f5:6f:e0:a3:3a:69:0d:f9:c2:d3:3c:76:
3e:a5:06:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6krjmLik2nGsBkY9htMzDKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYjUxMDBlNzk4ZmFiNzU3N2JmNzI1YWM5NTY5ZWE4MGU2
YzJhMDQwHhcNMjQwNDAzMTU1NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2QxM2Q2ODRlYTJkMjAwZTIzOWFjNTYwZjY2ZDA0MzBhNGRjM2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+qFq4oBpKqycizlpshT0RzlF35l
r/mUUDZwa29UG6thRCnguPvb4YVUshVtXo3Tir669XH3DsQGgRBGwi4dKQXeO+/D
cJ4x6HQNuU9fpipIuD171o5M/4MPJuFZNHXExXn7EKWTZFY+mu3Qz6if7iFiMcTC
YGdVphhwBzPDZclKYpg+/4k6lsejDsZvgbE2myWqK+fDeFWGJFKYE0v2sbbEkwu3
kZcArJPN0tCpBiImvfwguVZU/6AtoesaV2HzRzjTL8cmhYfKL3CNZx9HKgMeQqXs
L4msUSjaxHmqqqjMhcVvh2ELG9dbiywmgcQSiVXf2fPZc5neqevwF6lTzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJfRPWhOotIA4jmsVg9m0EMKTcPnMB8GA1UdIwQY
MBaAFCC1EA55j6t1d79yWslWnqgObCoEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUxVUURubVBxM1YzdjNKYXlWYWVxQTVzS2dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS85ZTQ5ZmYtNDI2NC00NjQ3LTk1YTQt
ODAzNzk2NTY5M2EyLzEvbDlFOWFFNmkwZ0RpT2F4V0QyYlFRd3BOdy1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS85ZTQ5ZmYtNDI2NC00NjQ3LTk1YTQtODAzNzk2NTY5M2Ey
LzEvSUxVUURubVBxM1YzdjNKYXlWYWVxQTVzS2dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFVXNAMA0G
CSqGSIb3DQEBCwUAA4IBAQCUc7Ab3/0GjAzslozK/4x2RW0TcH2oA4HlmAW8z5ps
3KpNyTdhszYy+GmFz+ee0BydCauRRQ9e8YegkQ/4eOIBis7qnwVVH/9H/gX7Ns/1
REDm0yiiJFzAVwDmMEHqeo2+2NMo7U27JMyXQ12VbO8iuXoBr6PfCBd/UwzUE0hH
pQ45QVr8MyGg9SqkQ3Zc96wS93h7BXUyXfxU9Sdz9E3DiMNSM5+BYt/x5m1/WSce
F3EoGFsn7H9yx30LoDt58Bonzwf1Q6qWDvKDQKCghgipQDbOzFrS0/GRjESkX0xq
toFiVBi8zvPeT9g7/w01xoT1b+CjOmkN+cLTPHY+pQaY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:54 2024 by rpki-client on console-fra.rpki-client.org