Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/laQlaLoipZR4M6aJbLl2AMBXrvo.roa
File: laQlaLoipZR4M6aJbLl2AMBXrvo.roa (raw, json)
Hash identifier: QiIHJOogj/E2GnQ/+yPXTTIYWio0UpeUQ5H2JNaILbU=
Subject key identifier: 95:A4:25:68:BA:22:A5:94:78:33:A6:89:6C:B9:76:00:C0:57:AE:FA
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 01919EE6F885BE5A5E1803255291C25AAF6B
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/laQlaLoipZR4M6aJbLl2AMBXrvo.roa
Signing time: Thu 29 Aug 2024 16:10:22 +0000
ROA not before: Thu 29 Aug 2024 16:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211500
IP address blocks: 85.208.10.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 17 Sep 2024 17:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9e:e6:f8:85:be:5a:5e:18:03:25:52:91:c2:5a:af:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Aug 29 16:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95a42568ba22a5947833a6896cb97600c057aefa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:ec:37:aa:16:23:57:9c:6d:7f:33:02:1d:d4:
34:3f:d1:c9:58:60:e9:c7:8a:93:00:9a:98:5f:ed:
6b:90:84:ec:8c:e4:e5:93:df:c0:77:18:ee:81:4c:
d6:f1:d4:47:e4:02:d2:33:48:13:6c:d8:9f:30:59:
05:7c:c2:16:ba:51:0b:62:50:93:84:27:09:f1:2e:
85:cd:5a:68:a7:dd:2a:f4:10:37:d8:75:9d:63:6e:
bf:67:04:fd:8d:8b:6f:eb:7d:1a:06:e2:e5:38:be:
5d:e7:4c:46:26:d6:8a:aa:f8:b5:5a:fe:4f:49:22:
88:da:4f:8c:59:de:67:2a:15:8f:7d:54:d3:ee:a9:
99:70:87:d3:be:18:89:23:06:e3:a2:36:bf:2a:17:
e1:f3:ba:26:b8:c9:a4:db:2d:65:10:d7:2d:b2:8b:
84:f3:1b:8c:86:b0:c1:e3:38:12:71:6e:22:37:0a:
0c:78:77:5c:64:52:c4:a3:60:ea:43:6f:3b:f1:29:
cb:72:56:f0:47:f5:eb:70:da:63:3b:79:69:97:ae:
51:e0:1c:ae:88:cc:91:d3:93:0e:d5:82:b7:85:9f:
ef:74:61:d2:9d:83:8c:6a:ed:40:59:7a:d7:30:27:
c4:57:56:72:2c:0a:fa:6a:13:32:af:ab:74:dc:27:
19:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:A4:25:68:BA:22:A5:94:78:33:A6:89:6C:B9:76:00:C0:57:AE:FA
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/laQlaLoipZR4M6aJbLl2AMBXrvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.10.0/23
Signature Algorithm: sha256WithRSAEncryption
74:e7:2b:25:4b:b2:a0:fb:3c:cc:58:1d:7d:d5:39:45:9b:99:
26:7f:b7:c3:5a:2a:a8:24:7d:b8:fd:a2:c2:b9:e7:87:8d:b2:
fc:31:f9:f6:69:13:fa:8f:fd:49:ca:cf:0f:26:2e:3e:7a:3f:
18:8c:ca:72:c4:3a:bf:42:08:12:76:e1:ee:ae:48:04:c1:1b:
28:95:7a:7f:dc:19:3a:24:7d:86:cd:75:6a:76:5a:97:54:a9:
fc:c9:9c:95:7e:d4:f7:0a:a5:08:27:b8:05:62:7e:90:ff:b2:
76:d9:90:56:e7:07:df:46:dd:a3:8f:d5:6e:06:52:40:c0:06:
4d:e3:4a:47:a4:68:f0:10:c7:1c:47:d1:25:13:07:d2:09:94:
12:64:cc:aa:7f:3b:5b:e6:a3:6f:4f:5f:84:fd:3c:c6:ca:1c:
fb:5e:2b:7c:ee:ef:c1:3b:dd:40:fa:0a:f5:44:66:81:a7:61:
2f:3e:f5:fe:76:7e:14:2a:f1:a1:08:e8:d0:88:da:d7:9d:75:
68:99:d2:91:93:3c:03:2f:e8:5f:7c:3a:5d:07:66:a6:62:58:
fe:32:d0:24:4b:2a:d7:0d:3a:03:78:05:cd:f8:5b:e4:38:d8:
f7:5e:3e:34:f9:90:ec:20:40:5f:1a:87:21:87:00:0c:68:14:
41:6e:0e:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGe5viFvlpeGAMlUpHCWq9rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQwODI5MTYxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWE0MjU2OGJhMjJhNTk0NzgzM2E2ODk2Y2I5NzYwMGMwNTdhZWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Ow3qhYjV5xtfzMCHdQ0P9HJWGDp
x4qTAJqYX+1rkITsjOTlk9/AdxjugUzW8dRH5ALSM0gTbNifMFkFfMIWulELYlCT
hCcJ8S6FzVpop90q9BA32HWdY26/ZwT9jYtv630aBuLlOL5d50xGJtaKqvi1Wv5P
SSKI2k+MWd5nKhWPfVTT7qmZcIfTvhiJIwbjoja/Khfh87omuMmk2y1lENctsouE
8xuMhrDB4zgScW4iNwoMeHdcZFLEo2DqQ2878SnLclbwR/XrcNpjO3lpl65R4Byu
iMyR05MO1YK3hZ/vdGHSnYOMau1AWXrXMCfEV1ZyLAr6ahMyr6t03CcZSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWkJWi6IqWUeDOmiWy5dgDAV676MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvbGFRbGFMb2lwWlI0TTZhSmJMbDJBTUJYcnZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVdAKMA0G
CSqGSIb3DQEBCwUAA4IBAQB05yslS7Kg+zzMWB191TlFm5kmf7fDWiqoJH24/aLC
ueeHjbL8Mfn2aRP6j/1Jys8PJi4+ej8YjMpyxDq/QggSduHurkgEwRsolXp/3Bk6
JH2GzXVqdlqXVKn8yZyVftT3CqUIJ7gFYn6Q/7J22ZBW5wffRt2jj9VuBlJAwAZN
40pHpGjwEMccR9ElEwfSCZQSZMyqfztb5qNvT1+E/TzGyhz7Xit87u/BO91A+gr1
RGaBp2EvPvX+dn4UKvGhCOjQiNrXnXVomdKRkzwDL+hffDpdB2amYlj+MtAkSyrX
DToDeAXN+FvkONj3Xj40+ZDsIEBfGochhwAMaBRBbg6L
-----END CERTIFICATE-----
Generated at Tue Sep 17 21:03:17 2024 by rpki-client on console-ams.rpki-client.org