Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/e3fd0b-9f4a-4452-92af-be151839f366/1/j9klYrl-Kqk7IziWeMLb5Xpcfnk.roa
File: j9klYrl-Kqk7IziWeMLb5Xpcfnk.roa (raw, json)
Hash identifier: EPohrW0o90U7V+brGi9AfiFlxQG0V4eTIZXTn7Rc4Zs=
Subject key identifier: 8F:D9:25:62:B9:7E:2A:A9:3B:23:38:96:78:C2:DB:E5:7A:5C:7E:79
Certificate issuer: /CN=077946f04742c66279acd322009be15e3d588a5a
Certificate serial: 018CC26D13DDDCD60D53D65CB273ECE6BC14
Authority key identifier: 07:79:46:F0:47:42:C6:62:79:AC:D3:22:00:9B:E1:5E:3D:58:8A:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B3lG8EdCxmJ5rNMiAJvhXj1Yilo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/e3fd0b-9f4a-4452-92af-be151839f366/1/j9klYrl-Kqk7IziWeMLb5Xpcfnk.roa
Signing time: Mon 01 Jan 2024 00:29:37 +0000
ROA not before: Mon 01 Jan 2024 00:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24806
IP address blocks: 85.255.0.0/20 maxlen: 32
185.186.20.0/22 maxlen: 32
Validation: Failed, certificate revoked on Wed 03 Jul 2024 06:45:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:13:dd:dc:d6:0d:53:d6:5c:b2:73:ec:e6:bc:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=077946f04742c66279acd322009be15e3d588a5a
Validity
Not Before: Jan 1 00:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8fd92562b97e2aa93b23389678c2dbe57a5c7e79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:5a:71:f9:b4:4a:c3:04:67:36:2e:8d:88:6f:
51:4d:de:0e:58:de:f6:b2:1b:ec:a1:b7:fd:a1:bc:
1f:dd:82:0e:dd:cf:6f:89:4f:57:dd:bc:69:c1:ba:
6b:79:99:bb:3a:04:12:40:12:5a:8a:db:33:44:b8:
23:3b:8c:b3:7f:f3:42:08:36:59:94:ad:0f:c3:25:
9f:63:b3:95:df:3e:c3:2c:7f:6e:94:95:3f:f3:77:
b6:30:51:d2:41:3c:a7:35:c6:b5:f5:a9:8c:2c:58:
c8:8b:62:93:6b:fa:0f:1e:e0:89:74:58:6e:ad:4d:
6d:d5:2a:64:2b:a1:e4:21:03:1d:18:3c:e5:2c:de:
bf:05:e5:38:ea:10:74:02:4e:5b:47:c2:b1:fd:7d:
cb:27:b0:ad:7c:43:17:40:af:9b:40:70:31:61:c7:
46:ce:3f:47:87:d3:a8:50:5f:29:ba:ef:a9:c5:b5:
da:64:79:5d:96:c5:11:45:09:65:e9:ab:5a:d8:7d:
a9:49:d2:c6:e3:42:bb:66:a1:86:cd:44:b3:02:07:
94:ba:6d:47:15:be:45:e9:c6:b3:f5:0d:df:0a:b8:
4f:c3:5b:2a:c6:93:dc:ee:28:77:ec:16:a7:79:34:
ab:45:cf:39:ca:8e:e3:bd:de:c9:51:63:2f:c2:9a:
24:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:D9:25:62:B9:7E:2A:A9:3B:23:38:96:78:C2:DB:E5:7A:5C:7E:79
X509v3 Authority Key Identifier:
keyid:07:79:46:F0:47:42:C6:62:79:AC:D3:22:00:9B:E1:5E:3D:58:8A:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B3lG8EdCxmJ5rNMiAJvhXj1Yilo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/e3fd0b-9f4a-4452-92af-be151839f366/1/j9klYrl-Kqk7IziWeMLb5Xpcfnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/e3fd0b-9f4a-4452-92af-be151839f366/1/B3lG8EdCxmJ5rNMiAJvhXj1Yilo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.0.0/20
185.186.20.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:35:6e:d0:4e:35:88:63:f9:87:9d:e2:f2:fa:46:00:47:b7:
15:b2:d4:af:68:fa:7b:cf:78:59:1b:61:7b:35:df:df:60:8d:
18:09:90:3d:16:90:03:86:d3:1a:a3:22:35:e7:9b:69:ff:4f:
95:20:96:e5:42:b7:32:b9:55:5a:cb:79:24:61:47:8e:83:89:
b4:ea:0f:55:e6:25:45:d0:7c:67:15:42:7b:c1:7f:49:6a:35:
73:47:73:27:a7:cc:1a:49:2e:5e:90:b4:08:60:db:f8:96:d0:
18:12:57:ad:75:12:ea:75:f2:c1:34:f2:be:79:5d:cd:63:da:
55:00:1f:83:fa:7e:1b:96:bf:a1:05:28:be:2b:65:75:f0:a6:
5a:5a:12:f5:c8:38:71:46:bb:1b:90:c4:a8:87:75:da:50:07:
21:c6:5f:b3:8d:00:e2:9e:e7:07:b3:30:ca:1a:7a:15:11:a6:
0c:7e:31:01:e6:d5:96:22:a7:87:45:82:9d:1d:b3:09:bf:03:
38:1b:64:69:ee:fb:0e:06:f9:fe:fc:60:52:c2:70:69:1d:16:
38:9d:30:6b:b6:66:82:67:ae:40:af:1b:a6:a0:40:d1:60:4e:
36:aa:71:26:be:08:ca:f5:c9:00:ee:84:e8:64:cf:e7:60:01:
fc:e9:70:7e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbRPd3NYNU9ZcsnPs5rwUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3Nzk0NmYwNDc0MmM2NjI3OWFjZDMyMjAwOWJlMTVlM2Q1
ODhhNWEwHhcNMjQwMTAxMDAyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmQ5MjU2MmI5N2UyYWE5M2IyMzM4OTY3OGMyZGJlNTdhNWM3ZTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolpx+bRKwwRnNi6NiG9RTd4OWN72
shvsobf9obwf3YIO3c9viU9X3bxpwbpreZm7OgQSQBJaitszRLgjO4yzf/NCCDZZ
lK0PwyWfY7OV3z7DLH9ulJU/83e2MFHSQTynNca19amMLFjIi2KTa/oPHuCJdFhu
rU1t1SpkK6HkIQMdGDzlLN6/BeU46hB0Ak5bR8Kx/X3LJ7CtfEMXQK+bQHAxYcdG
zj9Hh9OoUF8puu+pxbXaZHldlsURRQll6ata2H2pSdLG40K7ZqGGzUSzAgeUum1H
Fb5F6caz9Q3fCrhPw1sqxpPc7ih37BaneTSrRc85yo7jvd7JUWMvwpokRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI/ZJWK5fiqpOyM4lnjC2+V6XH55MB8GA1UdIwQY
MBaAFAd5RvBHQsZieazTIgCb4V49WIpaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjNsRzhFZEN4bUo1ck5NaUFKdmhYajFZaWxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9lM2ZkMGItOWY0YS00NDUyLTkyYWYt
YmUxNTE4MzlmMzY2LzEvajlrbFlybC1LcWs3SXppV2VNTGI1WHBjZm5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9lM2ZkMGItOWY0YS00NDUyLTkyYWYtYmUxNTE4MzlmMzY2
LzEvQjNsRzhFZEN4bUo1ck5NaUFKdmhYajFZaWxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEVf8AAwQC
uboUMA0GCSqGSIb3DQEBCwUAA4IBAQCdNW7QTjWIY/mHneLy+kYAR7cVstSvaPp7
z3hZG2F7Nd/fYI0YCZA9FpADhtMaoyI155tp/0+VIJblQrcyuVVay3kkYUeOg4m0
6g9V5iVF0HxnFUJ7wX9JajVzR3Mnp8waSS5ekLQIYNv4ltAYEletdRLqdfLBNPK+
eV3NY9pVAB+D+n4blr+hBSi+K2V18KZaWhL1yDhxRrsbkMSoh3XaUAchxl+zjQDi
nucHszDKGnoVEaYMfjEB5tWWIqeHRYKdHbMJvwM4G2Rp7vsOBvn+/GBSwnBpHRY4
nTBrtmaCZ65ArxumoEDRYE42qnEmvgjK9ckA7oToZM/nYAH86XB+
-----END CERTIFICATE-----
Generated at Wed Jul 3 08:15:11 2024 by rpki-client on console-ams.rpki-client.org