Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/9AmQlAzI5nbzluSEr4ZyIY_1zAQ.roa
File: 9AmQlAzI5nbzluSEr4ZyIY_1zAQ.roa (raw, json)
Hash identifier: Pq47mSSFHhj55Xk7tJaVDfCSeV+8czNExf7xNeJtS8o=
Subject key identifier: F4:09:90:94:0C:C8:E6:76:F3:96:E4:84:AF:86:72:21:8F:F5:CC:04
Certificate issuer: /CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Certificate serial: 018675C608A9D100F9E0E2A778C84B3384E3
Authority key identifier: 85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/9AmQlAzI5nbzluSEr4ZyIY_1zAQ.roa
Signing time: Tue 21 Feb 2023 20:59:17 +0000
ROA not before: Tue 21 Feb 2023 20:59:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213354
IP address blocks: 194.62.246.0/23 maxlen: 23
194.62.244.0/23 maxlen: 23
194.15.112.0/24 maxlen: 24
194.15.113.0/24 maxlen: 24
185.248.192.0/23 maxlen: 23
185.248.194.0/23 maxlen: 23
91.228.68.0/22 maxlen: 22
2a11:9c00::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 27 Feb 2023 12:12:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:75:c6:08:a9:d1:00:f9:e0:e2:a7:78:c8:4b:33:84:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Validity
Not Before: Feb 21 20:59:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f40990940cc8e676f396e484af8672218ff5cc04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a3:af:cf:4e:01:4a:7a:eb:b4:b2:0a:8e:b9:
4e:d5:1d:c6:40:7a:8c:f9:9a:fb:2e:00:bf:9c:35:
ab:10:55:59:b5:d0:d7:94:83:45:bb:1a:c8:7d:d5:
16:e0:98:17:10:2b:22:a5:2f:76:63:38:9e:3a:1a:
74:83:97:a7:08:b6:80:ab:6a:5c:60:ae:96:9f:8c:
f0:c5:fe:8d:d6:ec:f1:bb:3c:9e:08:04:40:20:70:
28:2a:d5:ce:cb:08:d2:25:cd:c4:62:03:07:51:cd:
06:fe:49:d4:d3:04:6c:10:e0:95:78:b6:14:23:dd:
3d:54:eb:d8:f0:bd:67:0e:f3:15:5d:cf:79:2b:31:
10:cb:74:a7:10:4a:2a:1e:74:c4:29:49:4a:cd:69:
dd:ff:fe:9a:e5:23:c1:3b:ee:f5:07:28:f9:50:f0:
26:6f:97:b2:f6:a0:31:8b:34:8f:f3:f5:fb:1e:62:
e1:dc:2e:8d:da:e7:54:a4:e4:a9:c8:f0:23:c4:a2:
ac:4a:1f:43:12:ea:dd:6a:16:57:ee:2a:ef:b8:1f:
ea:8c:9b:a2:bf:bf:80:5e:a3:fd:e4:a9:31:04:ff:
9b:b8:38:56:2b:ed:5e:af:57:d2:db:30:b3:ab:eb:
3d:73:ad:f9:cd:22:0d:91:2a:97:d8:2b:8d:1e:19:
f6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:09:90:94:0C:C8:E6:76:F3:96:E4:84:AF:86:72:21:8F:F5:CC:04
X509v3 Authority Key Identifier:
keyid:85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/9AmQlAzI5nbzluSEr4ZyIY_1zAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/hdycVeFZfohWTa9WflpGZZeMe4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.68.0/22
185.248.192.0/22
194.15.112.0/23
194.62.244.0/22
IPv6:
2a11:9c00::/40
Signature Algorithm: sha256WithRSAEncryption
5b:70:ca:0e:42:fc:21:06:80:9f:74:51:bf:8d:42:21:16:d9:
52:57:82:55:b7:cd:39:cb:31:c4:d6:64:e5:98:67:68:70:90:
3e:40:bc:89:1f:a8:8c:df:c0:b9:7d:a9:b6:03:9c:8a:d8:9f:
38:d0:48:7c:0b:0a:5e:01:20:4b:6a:7e:2e:9b:cd:0b:64:8d:
2b:7b:7e:89:d1:e2:3c:68:71:fe:af:77:df:12:6e:11:8f:ed:
6f:66:fc:b4:2a:a8:a8:40:05:13:c3:ab:fd:7c:28:15:9b:c8:
8a:70:20:c6:35:a8:7f:34:3c:c7:7a:96:c7:37:02:57:95:b2:
9b:0c:8f:44:00:5d:66:1c:b5:b5:b3:6c:ca:d5:0e:36:1c:ac:
84:98:75:c4:3c:94:67:a1:d0:96:5f:ac:2e:03:4b:ca:8d:f3:
7e:23:9e:71:c4:b0:7d:f5:12:67:5f:20:f0:7c:40:84:8a:ce:
7f:4e:2a:6d:7e:63:dc:15:1a:01:08:df:76:08:8d:b6:21:a6:
a0:27:7f:a3:2f:dd:92:0f:96:af:f5:44:bf:66:8e:2f:03:08:
93:f1:8a:97:77:06:1e:89:02:cd:1b:70:3b:f2:63:1f:93:ab:
45:e6:eb:6c:d6:91:b1:49:43:7c:bc:58:1a:3c:ca:8d:95:83:
4c:d0:75:5c
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYZ1xgip0QD54OKneMhLM4TjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZGM5YzU1ZTE1OTdlODg1NjRkYWY1NjdlNWE0NjY1OTc4
YzdiODUwHhcNMjMwMjIxMjA1OTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDA5OTA5NDBjYzhlNjc2ZjM5NmU0ODRhZjg2NzIyMThmZjVjYzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKOvz04BSnrrtLIKjrlO1R3GQHqM
+Zr7LgC/nDWrEFVZtdDXlINFuxrIfdUW4JgXECsipS92YzieOhp0g5enCLaAq2pc
YK6Wn4zwxf6N1uzxuzyeCARAIHAoKtXOywjSJc3EYgMHUc0G/knU0wRsEOCVeLYU
I909VOvY8L1nDvMVXc95KzEQy3SnEEoqHnTEKUlKzWnd//6a5SPBO+71Byj5UPAm
b5ey9qAxizSP8/X7HmLh3C6N2udUpOSpyPAjxKKsSh9DEurdahZX7irvuB/qjJui
v7+AXqP95KkxBP+buDhWK+1er1fS2zCzq+s9c635zSINkSqX2CuNHhn2sQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPQJkJQMyOZ285bkhK+GciGP9cwEMB8GA1UdIwQY
MBaAFIXcnFXhWX6IVk2vVn5aRmWXjHuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0Mjkt
ODZlYTE5ZDI5MTYzLzEvOUFtUWxBekk1bmJ6bHVTRXI0WnlJWV8xekFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0MjktODZlYTE5ZDI5MTYz
LzEvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQCW+REAwQC
ufjAAwQBwg9wAwQCwj70MA4EAgACMAgDBgAqEZwAADANBgkqhkiG9w0BAQsFAAOC
AQEAW3DKDkL8IQaAn3RRv41CIRbZUleCVbfNOcsxxNZk5ZhnaHCQPkC8iR+ojN/A
uX2ptgOcitifONBIfAsKXgEgS2p+LpvNC2SNK3t+idHiPGhx/q933xJuEY/tb2b8
tCqoqEAFE8Or/XwoFZvIinAgxjWofzQ8x3qWxzcCV5WymwyPRABdZhy1tbNsytUO
NhyshJh1xDyUZ6HQll+sLgNLyo3zfiOeccSwffUSZ18g8HxAhIrOf04qbX5j3BUa
AQjfdgiNtiGmoCd/oy/dkg+Wr/VEv2aOLwMIk/GKl3cGHokCzRtwO/JjH5OrRebr
bNaRsUlDfLxYGjzKjZWDTNB1XA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:30 2024 by rpki-client on console-ams.rpki-client.org