Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/dET8faxs4fXx8BNhhuTo-cxikVU.roa
File: dET8faxs4fXx8BNhhuTo-cxikVU.roa (raw, json)
Hash identifier: pOg/b2OE7S+TJus4DxBzhDbjEuy1evLDXQxJuZre44s=
Subject key identifier: 74:44:FC:7D:AC:6C:E1:F5:F1:F0:13:61:86:E4:E8:F9:CC:62:91:55
Certificate issuer: /CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Certificate serial: 018675BBF492A1015AD705D3641A58E90338
Authority key identifier: 85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/dET8faxs4fXx8BNhhuTo-cxikVU.roa
Signing time: Tue 21 Feb 2023 20:48:17 +0000
ROA not before: Tue 21 Feb 2023 20:48:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213354
IP address blocks: 194.62.244.0/23 maxlen: 23
194.15.112.0/24 maxlen: 24
194.15.113.0/24 maxlen: 24
185.248.192.0/23 maxlen: 23
185.248.194.0/23 maxlen: 23
91.228.68.0/22 maxlen: 22
2a11:9c00::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 21 Feb 2023 20:59:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:75:bb:f4:92:a1:01:5a:d7:05:d3:64:1a:58:e9:03:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Validity
Not Before: Feb 21 20:48:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7444fc7dac6ce1f5f1f0136186e4e8f9cc629155
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:2e:64:60:d8:5c:ec:df:31:c8:92:92:ac:c5:
47:ea:3b:88:1c:0a:8b:bc:bd:d0:6a:32:25:3b:93:
00:9d:d4:b0:b1:09:89:b7:60:76:4a:22:b2:19:23:
2d:46:c6:e0:13:93:a2:b4:04:f2:33:ef:5f:e9:be:
df:63:ea:e0:37:8a:cd:fb:d2:5f:a4:20:53:d5:3c:
54:07:02:35:8f:99:df:ba:e3:9e:c5:81:fc:a3:69:
00:0f:1e:3b:c5:51:c1:5f:03:c0:92:2e:87:97:a8:
87:09:ad:91:ab:4e:4b:aa:26:59:13:c7:41:7e:0e:
91:e1:3a:bb:61:3a:19:8e:2a:6e:29:9b:a0:8c:21:
25:4a:15:89:92:47:5f:7f:1e:f8:82:a0:c4:0a:0e:
3f:3f:a2:aa:f4:c2:1f:38:1d:a1:b0:2d:f2:61:26:
07:72:6b:ca:a9:ed:c5:6d:34:c4:93:2a:ff:b0:fe:
9a:7f:70:fe:c4:46:c7:dc:2b:4d:d0:69:d7:dc:20:
05:bb:cd:a0:cd:f3:56:1f:f9:09:6d:c3:2a:03:fc:
54:80:06:80:22:5f:db:49:bc:cd:e8:8a:5f:a5:f3:
e7:36:99:60:46:5c:39:d3:e9:3d:a7:d3:8c:29:fc:
fe:35:22:ca:f2:1a:4f:2d:a7:e5:e1:19:a3:6a:30:
01:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:44:FC:7D:AC:6C:E1:F5:F1:F0:13:61:86:E4:E8:F9:CC:62:91:55
X509v3 Authority Key Identifier:
keyid:85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/dET8faxs4fXx8BNhhuTo-cxikVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/hdycVeFZfohWTa9WflpGZZeMe4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.68.0/22
185.248.192.0/22
194.15.112.0/23
194.62.244.0/23
IPv6:
2a11:9c00::/40
Signature Algorithm: sha256WithRSAEncryption
1a:34:e2:19:3e:49:49:0e:4a:0d:46:da:51:9e:83:c4:9a:4e:
52:2c:92:8c:fb:e0:09:43:7f:8d:52:5c:e0:27:66:a0:15:b6:
6b:01:52:13:2a:eb:c1:94:6f:50:39:14:a0:33:22:d8:63:e2:
8b:bc:06:f8:38:41:a8:b2:d5:61:c5:d7:01:9d:11:7a:19:a2:
09:77:79:f5:f9:22:55:a0:9b:cb:b1:90:1a:30:33:d2:35:03:
d0:f3:3f:c6:ee:40:d2:57:6b:af:e1:b4:71:06:35:dc:02:22:
3a:dc:d3:1c:aa:9c:1c:5e:bb:55:17:38:3c:6e:ec:65:c3:8e:
ef:53:f1:81:11:33:4f:69:d4:78:3e:ae:c8:d2:9e:46:d9:14:
47:26:eb:c3:f7:31:77:21:ce:d1:a7:23:da:58:7d:2e:d5:38:
2b:1b:f7:e4:53:ee:62:da:7b:14:31:b9:7f:1a:91:04:a6:97:
05:04:28:b6:a9:4f:e5:a9:68:4d:a0:f5:ae:a9:2e:ef:bd:5a:
58:8b:6c:46:47:93:d6:db:15:b5:1a:fa:cd:f0:4a:00:fd:c2:
29:05:8f:9c:48:e1:5f:d2:c8:f3:d4:a1:f1:3a:05:56:4f:45:
df:2d:27:39:55:0d:9c:ce:50:92:46:86:cb:67:1a:72:9b:76:
90:4a:df:cc
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYZ1u/SSoQFa1wXTZBpY6QM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZGM5YzU1ZTE1OTdlODg1NjRkYWY1NjdlNWE0NjY1OTc4
YzdiODUwHhcNMjMwMjIxMjA0ODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDQ0ZmM3ZGFjNmNlMWY1ZjFmMDEzNjE4NmU0ZThmOWNjNjI5MTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoS5kYNhc7N8xyJKSrMVH6juIHAqL
vL3QajIlO5MAndSwsQmJt2B2SiKyGSMtRsbgE5OitATyM+9f6b7fY+rgN4rN+9Jf
pCBT1TxUBwI1j5nfuuOexYH8o2kADx47xVHBXwPAki6Hl6iHCa2Rq05LqiZZE8dB
fg6R4Tq7YToZjipuKZugjCElShWJkkdffx74gqDECg4/P6Kq9MIfOB2hsC3yYSYH
cmvKqe3FbTTEkyr/sP6af3D+xEbH3CtN0GnX3CAFu82gzfNWH/kJbcMqA/xUgAaA
Il/bSbzN6IpfpfPnNplgRlw50+k9p9OMKfz+NSLK8hpPLafl4RmjajABxQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFHRE/H2sbOH18fATYYbk6PnMYpFVMB8GA1UdIwQY
MBaAFIXcnFXhWX6IVk2vVn5aRmWXjHuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0Mjkt
ODZlYTE5ZDI5MTYzLzEvZEVUOGZheHM0Zlh4OEJOaGh1VG8tY3hpa1ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0MjktODZlYTE5ZDI5MTYz
LzEvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQCW+REAwQC
ufjAAwQBwg9wAwQBwj70MA4EAgACMAgDBgAqEZwAADANBgkqhkiG9w0BAQsFAAOC
AQEAGjTiGT5JSQ5KDUbaUZ6DxJpOUiySjPvgCUN/jVJc4CdmoBW2awFSEyrrwZRv
UDkUoDMi2GPii7wG+DhBqLLVYcXXAZ0RehmiCXd59fkiVaCby7GQGjAz0jUD0PM/
xu5A0ldrr+G0cQY13AIiOtzTHKqcHF67VRc4PG7sZcOO71PxgREzT2nUeD6uyNKe
RtkURybrw/cxdyHO0acj2lh9LtU4Kxv35FPuYtp7FDG5fxqRBKaXBQQotqlP5alo
TaD1rqku771aWItsRkeT1tsVtRr6zfBKAP3CKQWPnEjhX9LI89Sh8ToFVk9F3y0n
OVUNnM5QkkaGy2cacpt2kErfzA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:30 2024 by rpki-client on console-ams.rpki-client.org