Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/9MfT87Z6FrdN_b4EBJUxWSB6cko.roa
File: 9MfT87Z6FrdN_b4EBJUxWSB6cko.roa (raw, json)
Hash identifier: zElIYSSI1Lhrr01le2ZC0j47aN+sWId6jPxaCx8qqaE=
Subject key identifier: F4:C7:D3:F3:B6:7A:16:B7:4D:FD:BE:04:04:95:31:59:20:7A:72:4A
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 018CCD5DFDCE4E4758E03B0DC0A72A81ECEF
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/9MfT87Z6FrdN_b4EBJUxWSB6cko.roa
Signing time: Wed 03 Jan 2024 03:28:58 +0000
ROA not before: Wed 03 Jan 2024 03:28:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29555
IP address blocks: 85.117.98.0/24 maxlen: 24
85.117.96.0/24 maxlen: 24
85.117.97.0/24 maxlen: 24
85.117.105.0/24 maxlen: 24
85.117.99.0/24 maxlen: 24
85.117.100.0/24 maxlen: 24
85.117.101.0/24 maxlen: 24
85.117.102.0/24 maxlen: 24
85.117.103.0/24 maxlen: 24
85.117.104.0/24 maxlen: 24
85.117.106.0/24 maxlen: 24
85.117.107.0/24 maxlen: 24
2a03:32c0:d::/48 maxlen: 48
2a03:32c0:c::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cd:5d:fd:ce:4e:47:58:e0:3b:0d:c0:a7:2a:81:ec:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Jan 3 03:28:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4c7d3f3b67a16b74dfdbe0404953159207a724a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d7:6c:3c:e3:a3:fb:36:c8:4d:d1:31:6a:9b:
44:61:7d:73:6c:2c:ad:b8:ac:6b:d9:f2:84:f3:77:
65:c2:88:f9:8e:a0:03:6e:97:d3:30:bd:b9:7a:9e:
20:9e:3a:eb:25:01:af:6f:7b:de:f4:fe:fd:44:4f:
d9:0b:48:c9:1d:aa:66:8c:24:55:71:20:01:c5:32:
9c:dc:7c:80:71:d2:fe:83:14:68:0a:19:65:2e:c4:
ec:f6:31:a4:5f:eb:01:2b:23:5e:4e:60:96:53:61:
24:9c:d1:09:56:4c:e1:50:53:f3:88:16:04:d0:e5:
d4:78:28:ec:d3:30:76:3e:6e:3d:d0:c6:da:5b:57:
b9:72:a5:0a:00:17:fb:ff:3f:f5:a0:63:68:5e:a3:
44:c7:18:ec:d8:ea:4a:f0:a1:6b:3c:a6:c3:ce:dd:
51:84:1b:2f:19:63:b2:69:b6:e8:11:98:39:36:d3:
cf:88:83:b0:f6:86:73:ec:c9:c4:23:a1:af:1c:ee:
ec:83:df:28:bd:c8:4a:d2:21:8c:33:d2:65:bc:08:
a7:93:e6:bb:28:be:11:1b:31:c0:c6:db:8c:81:74:
5b:2b:e9:0b:a6:12:46:38:46:e3:55:74:02:3d:e5:
1c:44:56:16:d9:9c:b3:7a:72:2d:c5:71:a3:90:46:
7b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:C7:D3:F3:B6:7A:16:B7:4D:FD:BE:04:04:95:31:59:20:7A:72:4A
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/9MfT87Z6FrdN_b4EBJUxWSB6cko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.96.0-85.117.107.255
IPv6:
2a03:32c0:c::/47
Signature Algorithm: sha256WithRSAEncryption
b7:3f:89:df:e6:d6:4d:b5:6d:93:46:db:7e:1f:aa:7e:b5:58:
2d:7f:11:e6:9b:ce:5c:f8:fa:9e:cf:a6:6a:49:67:c0:e3:46:
ef:7a:93:c6:a8:e5:6a:d8:a4:68:f3:c3:ac:ab:c4:45:cd:58:
27:92:4d:bf:0f:6f:6e:12:46:83:89:50:ec:5b:11:ca:56:8d:
00:a3:85:02:9f:98:9f:b5:a7:bc:38:cf:0f:fc:c5:3a:3a:03:
60:cf:45:c6:df:4b:c6:30:2f:94:96:65:91:ed:5e:92:4b:5a:
22:6f:f8:8f:5c:20:5d:d6:3c:6d:1e:02:16:4b:3f:ed:7e:c2:
d5:fe:6e:76:30:ae:86:1e:c7:c7:d6:20:be:0a:53:bb:47:22:
57:fc:8b:e8:8c:ed:47:1a:e0:01:90:ed:b3:e2:75:22:39:e7:
d5:ca:f0:0f:00:34:38:eb:ac:55:5a:b5:86:a0:8a:52:4a:70:
3c:ce:cd:d1:5e:6b:d3:ff:a6:ce:e2:99:a3:ef:fa:e5:1c:13:
21:89:e8:85:d7:24:f4:4d:d8:2a:21:ac:36:bc:bf:bf:2f:e2:
f5:a8:38:6c:33:ee:b2:a0:bd:23:ce:8e:d0:7e:cb:23:81:73:
d6:41:74:b2:3c:ed:5b:27:57:a1:11:35:48:3a:88:f0:94:b8:
ab:64:8d:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzNXf3OTkdY4DsNwKcqgezvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjQwMTAzMDMyODU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGM3ZDNmM2I2N2ExNmI3NGRmZGJlMDQwNDk1MzE1OTIwN2E3MjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmddsPOOj+zbITdExaptEYX1zbCyt
uKxr2fKE83dlwoj5jqADbpfTML25ep4gnjrrJQGvb3ve9P79RE/ZC0jJHapmjCRV
cSABxTKc3HyAcdL+gxRoChllLsTs9jGkX+sBKyNeTmCWU2EknNEJVkzhUFPziBYE
0OXUeCjs0zB2Pm490MbaW1e5cqUKABf7/z/1oGNoXqNExxjs2OpK8KFrPKbDzt1R
hBsvGWOyabboEZg5NtPPiIOw9oZz7MnEI6GvHO7sg98ovchK0iGMM9JlvAink+a7
KL4RGzHAxtuMgXRbK+kLphJGOEbjVXQCPeUcRFYW2ZyzenItxXGjkEZ7iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPTH0/O2eha3Tf2+BASVMVkgenJKMB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvOU1mVDg3WjZGcmROX2I0RUJKVXhXU0I2Y2tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAVVdWAD
BAJVdWgwDwQCAAIwCQMHASoDMsAADDANBgkqhkiG9w0BAQsFAAOCAQEAtz+J3+bW
TbVtk0bbfh+qfrVYLX8R5pvOXPj6ns+maklnwONG73qTxqjlatikaPPDrKvERc1Y
J5JNvw9vbhJGg4lQ7FsRylaNAKOFAp+Yn7WnvDjPD/zFOjoDYM9Fxt9LxjAvlJZl
ke1ekktaIm/4j1wgXdY8bR4CFks/7X7C1f5udjCuhh7Hx9YgvgpTu0ciV/yL6Izt
RxrgAZDts+J1Ijnn1crwDwA0OOusVVq1hqCKUkpwPM7N0V5r0/+mzuKZo+/65RwT
IYnohdck9E3YKiGsNry/vy/i9ag4bDPusqC9I86O0H7LI4Fz1kF0sjztWydXoRE1
SDqI8JS4q2SNsw==
-----END CERTIFICATE-----
Generated at Fri Jan 5 06:12:51 2024 by rpki-client on console-fra.rpki-client.org