Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/t2GLtSPDjmIQ66yvqP081wuNBYk.roa
File: t2GLtSPDjmIQ66yvqP081wuNBYk.roa (raw, json)
Hash identifier: 25cgnN6SLPY0rQnIha+mA56RlTL4LZoTmQ2UUdYay/o=
Subject key identifier: B7:61:8B:B5:23:C3:8E:62:10:EB:AC:AF:A8:FD:3C:D7:0B:8D:05:89
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 018CA4545151BC930B4FF62295A69CC38EFA
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/t2GLtSPDjmIQ66yvqP081wuNBYk.roa
Signing time: Tue 26 Dec 2023 04:13:58 +0000
ROA not before: Tue 26 Dec 2023 04:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29555
IP address blocks: 85.117.98.0/24 maxlen: 24
85.117.96.0/24 maxlen: 24
85.117.97.0/24 maxlen: 24
85.117.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Dec 2023 06:44:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a4:54:51:51:bc:93:0b:4f:f6:22:95:a6:9c:c3:8e:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Dec 26 04:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7618bb523c38e6210ebacafa8fd3cd70b8d0589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3b:e6:34:2c:17:23:82:a2:90:7f:de:00:f5:
9e:e3:db:45:5d:28:35:ac:87:51:eb:ef:73:9c:b1:
e9:88:e4:f1:49:47:c9:24:b9:e3:12:19:0d:8a:db:
81:c7:09:83:f0:41:ad:4b:83:cd:48:b1:79:11:9b:
ad:38:04:a0:81:d6:6b:b1:35:e3:b4:c5:aa:08:90:
7d:61:e6:1e:3d:ce:35:1c:a6:1c:89:13:16:6e:b6:
4e:3b:55:46:75:8b:d6:13:d8:41:0e:40:c6:d8:64:
aa:d3:31:3a:cc:ba:94:49:13:be:54:75:12:27:f8:
cd:6f:f2:d0:1d:ca:b0:17:c6:fb:99:d0:f6:9c:72:
57:37:93:2e:b4:4d:22:b3:f9:bd:74:75:bf:b3:88:
0b:33:85:b6:50:52:d5:7a:d6:64:6e:dc:08:7b:14:
1e:0e:22:fd:35:30:0a:e7:ec:b6:44:72:11:52:fc:
10:29:75:2b:c6:a1:d7:f7:fc:56:8e:cd:a5:80:71:
37:cd:46:53:97:b6:a8:99:9a:d1:73:27:46:ce:bf:
24:8a:6c:b0:16:0d:a5:94:3a:ef:0b:33:6f:ab:0c:
58:45:3a:ee:e1:55:30:53:e4:d9:4c:a2:95:7c:e9:
c6:cd:3a:b6:94:8e:72:29:30:9c:ba:ac:f2:53:82:
75:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:61:8B:B5:23:C3:8E:62:10:EB:AC:AF:A8:FD:3C:D7:0B:8D:05:89
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/t2GLtSPDjmIQ66yvqP081wuNBYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.96.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:7a:14:53:b9:76:7d:4c:81:ee:9d:bb:3f:47:2d:d3:c8:1a:
16:9d:d5:2c:a6:ad:04:30:8f:0d:85:a9:d6:54:ac:1f:5f:71:
de:26:30:ee:67:f9:88:3b:f0:5e:63:e6:1b:43:fe:7d:dc:d8:
17:d3:6f:48:0d:1e:c4:fa:ea:98:95:ff:46:88:ae:05:5a:49:
4a:9a:d4:14:ed:8f:bd:05:39:14:31:3b:2f:34:36:72:19:d6:
bb:27:7b:9c:88:76:3c:2a:a4:61:01:7d:67:60:03:6c:b3:bc:
29:f6:c2:df:8c:4a:92:c0:14:b1:2b:6b:6d:ef:a5:aa:fa:4e:
84:84:ef:71:e0:af:d1:94:cd:eb:cd:7d:d8:29:e4:d2:df:6e:
f2:22:27:8d:a0:c3:40:04:1b:59:7a:27:3a:9e:89:af:73:40:
04:3a:db:16:9c:1a:de:d4:7c:ec:5d:a5:63:c9:39:49:d2:f7:
c9:d7:ca:7f:a9:3b:78:23:61:10:d9:ad:af:8c:96:96:58:af:
ea:6e:8c:82:b8:62:18:31:3a:2c:69:f5:df:0c:38:02:d7:e8:
9f:b7:b0:ce:ef:8b:a5:d9:d9:dd:9f:5e:8f:fb:0d:e2:1a:42:
9f:25:08:01:9f:24:4f:9c:5b:13:dc:01:fa:b0:46:bb:64:40:
5e:fe:b9:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYykVFFRvJMLT/Yilaacw476MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjMxMjI2MDQxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzYxOGJiNTIzYzM4ZTYyMTBlYmFjYWZhOGZkM2NkNzBiOGQwNTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DvmNCwXI4KikH/eAPWe49tFXSg1
rIdR6+9znLHpiOTxSUfJJLnjEhkNituBxwmD8EGtS4PNSLF5EZutOASggdZrsTXj
tMWqCJB9YeYePc41HKYciRMWbrZOO1VGdYvWE9hBDkDG2GSq0zE6zLqUSRO+VHUS
J/jNb/LQHcqwF8b7mdD2nHJXN5MutE0is/m9dHW/s4gLM4W2UFLVetZkbtwIexQe
DiL9NTAK5+y2RHIRUvwQKXUrxqHX9/xWjs2lgHE3zUZTl7aomZrRcydGzr8kimyw
Fg2llDrvCzNvqwxYRTru4VUwU+TZTKKVfOnGzTq2lI5yKTCcuqzyU4J1gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLdhi7Ujw45iEOusr6j9PNcLjQWJMB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvdDJHTHRTUERqbUlRNjZ5dnFQMDgxd3VOQllrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVXVgMA0G
CSqGSIb3DQEBCwUAA4IBAQB/ehRTuXZ9TIHunbs/Ry3TyBoWndUspq0EMI8NhanW
VKwfX3HeJjDuZ/mIO/BeY+YbQ/593NgX029IDR7E+uqYlf9GiK4FWklKmtQU7Y+9
BTkUMTsvNDZyGda7J3uciHY8KqRhAX1nYANss7wp9sLfjEqSwBSxK2tt76Wq+k6E
hO9x4K/RlM3rzX3YKeTS327yIieNoMNABBtZeic6nomvc0AEOtsWnBre1HzsXaVj
yTlJ0vfJ18p/qTt4I2EQ2a2vjJaWWK/qboyCuGIYMTosafXfDDgC1+ift7DO74ul
2dndn16P+w3iGkKfJQgBnyRPnFsT3AH6sEa7ZEBe/rnM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:08 2024 by rpki-client on console-fra.rpki-client.org