Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/EhTnNaSi7wdwM4o4pTmLG1hiJ0s.roa
File: EhTnNaSi7wdwM4o4pTmLG1hiJ0s.roa (raw, json)
Hash identifier: RKVowGc+KoX7uIGsf+fKHdADeEQr9D7YPNTrRxdSoD8=
Subject key identifier: 12:14:E7:35:A4:A2:EF:07:70:33:8A:38:A5:39:8B:1B:58:62:27:4B
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 0185706717B6410AC8D15267E722E6375C72
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/EhTnNaSi7wdwM4o4pTmLG1hiJ0s.roa
Signing time: Mon 02 Jan 2023 02:54:42 +0000
ROA not before: Mon 02 Jan 2023 02:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3177
IP address blocks: 85.9.86.0/23 maxlen: 23
85.9.116.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 25 Oct 2023 09:15:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:17:b6:41:0a:c8:d1:52:67:e7:22:e6:37:5c:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jan 2 02:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1214e735a4a2ef0770338a38a5398b1b5862274b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:2c:c6:34:15:5c:15:4f:48:e2:3f:e3:8e:d6:
6a:11:df:bb:a6:89:a1:b0:06:27:d5:fa:ea:52:fb:
0e:f5:b2:07:f6:33:f1:96:72:f7:ca:db:e6:22:7f:
01:82:26:d2:09:3f:38:14:92:fd:db:9d:b2:02:9d:
76:97:d8:d2:ee:35:5e:ac:bd:9a:d7:a3:73:9b:a1:
60:6d:94:89:84:60:c8:40:b2:7c:38:09:35:10:f4:
7f:49:99:68:67:b4:9b:d7:47:06:3e:3b:3c:6f:11:
f3:a7:98:b0:74:fc:ab:e9:a5:12:0f:23:fe:19:c8:
f9:18:33:8e:96:a9:3c:f0:95:85:18:01:c1:c6:11:
6b:5f:85:eb:ab:4d:f3:e3:3e:f9:c3:98:94:e1:93:
04:f4:4c:56:33:77:da:b1:d1:f3:9a:d9:29:4f:b1:
39:5d:65:95:a3:68:f1:4b:69:9e:7b:bb:eb:77:96:
00:59:f8:c3:de:da:f3:47:cb:1e:fb:85:cd:19:fb:
b3:ae:5c:76:0d:d0:94:65:bb:3d:23:92:e9:3f:cf:
fb:33:eb:c3:49:2e:42:c1:0a:36:66:09:c7:6b:3c:
13:cb:76:77:6c:00:65:24:3c:96:f9:e9:82:b1:35:
7d:c6:9f:fd:83:a1:fb:6f:3d:f7:33:2b:09:fc:df:
b8:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:14:E7:35:A4:A2:EF:07:70:33:8A:38:A5:39:8B:1B:58:62:27:4B
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/EhTnNaSi7wdwM4o4pTmLG1hiJ0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.9.86.0/23
85.9.116.0/22
Signature Algorithm: sha256WithRSAEncryption
51:77:39:83:e7:7c:ce:e1:4f:c5:cc:9a:fe:c8:0c:9b:6a:de:
b3:6c:fb:0a:2b:58:0c:25:ff:34:4d:f1:69:93:9e:6c:18:fe:
ef:b7:7e:08:6f:4d:29:73:8b:d7:47:41:07:ec:cb:69:a8:f0:
be:a4:ff:d4:07:1a:c2:47:21:51:ec:11:62:44:a4:f8:46:dd:
29:50:dc:e5:6c:82:3a:e3:2e:65:9d:f6:72:9f:78:b1:7f:2a:
45:de:2f:a1:53:96:0d:e2:65:ec:1f:ac:fc:b4:f7:95:0a:1c:
ed:95:a4:d7:3c:07:ee:49:5b:98:4f:4f:b6:33:fa:50:13:47:
68:98:72:6a:58:29:e1:42:7a:6f:e9:9f:18:b2:ff:37:33:54:
22:5f:af:2b:1f:54:ef:e3:e6:d1:ea:e0:79:3f:55:d9:d8:c7:
fa:eb:e2:d5:39:01:14:fa:d0:be:66:1b:ea:cb:e1:06:3a:f2:
09:5c:ae:92:ef:87:0b:ab:42:59:0d:d6:0e:de:9b:10:a6:a4:
43:a4:6d:87:f7:c1:bb:25:72:1c:82:80:89:3b:2c:de:1a:67:
92:da:de:89:61:82:16:ca:f3:66:70:bf:f4:27:45:ac:42:09:
b5:d0:be:80:f5:49:4e:a4:d4:a9:b9:36:8f:2f:0a:6b:38:1a:
10:32:27:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwZxe2QQrI0VJn5yLmN1xyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjMwMTAyMDI1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjE0ZTczNWE0YTJlZjA3NzAzMzhhMzhhNTM5OGIxYjU4NjIyNzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyzGNBVcFU9I4j/jjtZqEd+7pomh
sAYn1frqUvsO9bIH9jPxlnL3ytvmIn8BgibSCT84FJL9252yAp12l9jS7jVerL2a
16Nzm6FgbZSJhGDIQLJ8OAk1EPR/SZloZ7Sb10cGPjs8bxHzp5iwdPyr6aUSDyP+
Gcj5GDOOlqk88JWFGAHBxhFrX4Xrq03z4z75w5iU4ZME9ExWM3fasdHzmtkpT7E5
XWWVo2jxS2mee7vrd5YAWfjD3trzR8se+4XNGfuzrlx2DdCUZbs9I5LpP8/7M+vD
SS5CwQo2ZgnHazwTy3Z3bABlJDyW+emCsTV9xp/9g6H7bz33MysJ/N+45QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBIU5zWkou8HcDOKOKU5ixtYYidLMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvRWhUbk5hU2k3d2R3TTRvNHBUbUxHMWhpSjBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVQlWAwQC
VQl0MA0GCSqGSIb3DQEBCwUAA4IBAQBRdzmD53zO4U/FzJr+yAybat6zbPsKK1gM
Jf80TfFpk55sGP7vt34Ib00pc4vXR0EH7MtpqPC+pP/UBxrCRyFR7BFiRKT4Rt0p
UNzlbII64y5lnfZyn3ixfypF3i+hU5YN4mXsH6z8tPeVChztlaTXPAfuSVuYT0+2
M/pQE0domHJqWCnhQnpv6Z8Ysv83M1QiX68rH1Tv4+bR6uB5P1XZ2Mf66+LVOQEU
+tC+Zhvqy+EGOvIJXK6S74cLq0JZDdYO3psQpqRDpG2H98G7JXIcgoCJOyzeGmeS
2t6JYYIWyvNmcL/0J0WsQgm10L6A9UlOpNSpuTaPLwprOBoQMifC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:33 2024 by rpki-client on console-ams.rpki-client.org