Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/16eeb2-c827-42c9-8e48-2a3df9b33313/1/g-KxcPhDZa_7SatULK2ykfhBjIw.roa
File: g-KxcPhDZa_7SatULK2ykfhBjIw.roa (raw, json)
Hash identifier: 3i023CjhlGBrfJ+Ig3ZfFSol9kDpDdOq2z187+RcHiw=
Subject key identifier: 83:E2:B1:70:F8:43:65:AF:FB:49:AB:54:2C:AD:B2:91:F8:41:8C:8C
Certificate issuer: /CN=ca748cd00cd7fe6a21755af642d881b8dd9a39f7
Certificate serial: 018CC4931AA50466AC8ECD6009A8B13A549F
Authority key identifier: CA:74:8C:D0:0C:D7:FE:6A:21:75:5A:F6:42:D8:81:B8:DD:9A:39:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ynSM0AzX_mohdVr2QtiBuN2aOfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/16eeb2-c827-42c9-8e48-2a3df9b33313/1/g-KxcPhDZa_7SatULK2ykfhBjIw.roa
Signing time: Mon 01 Jan 2024 10:30:24 +0000
ROA not before: Mon 01 Jan 2024 10:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49544
IP address blocks: 85.159.114.0/24 maxlen: 24
2a0f:efc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 10 Feb 2024 22:31:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:1a:a5:04:66:ac:8e:cd:60:09:a8:b1:3a:54:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca748cd00cd7fe6a21755af642d881b8dd9a39f7
Validity
Not Before: Jan 1 10:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83e2b170f84365affb49ab542cadb291f8418c8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f8:d7:7a:3e:0c:99:df:52:bb:a8:35:7f:1e:
15:33:a6:8e:8f:76:ad:8a:21:e7:ac:16:74:56:f6:
a0:e1:a0:39:44:4d:41:05:20:df:3b:52:a8:83:b8:
a6:c0:b5:c7:5b:ac:a4:d4:20:3f:45:f4:67:8a:03:
43:7e:fb:65:c4:20:06:d0:21:80:fa:a8:f3:36:10:
ec:f2:f6:fd:88:11:a9:d0:3d:98:34:3b:70:14:f8:
ad:44:bb:f3:bc:9d:b8:8c:60:da:0e:b6:38:4d:8c:
2a:cb:85:52:f6:6e:9e:32:0c:23:e4:91:d0:4c:6b:
73:81:49:4e:1d:3f:79:85:cc:d1:71:1e:bf:e5:9f:
74:ac:40:69:37:86:18:32:c1:60:95:85:11:fc:76:
6c:13:26:92:d8:a5:17:a3:cf:5d:81:0c:d6:7d:2a:
45:9a:34:ba:79:24:c6:d3:33:57:63:db:df:66:c4:
f5:d3:4e:a2:70:b0:03:cb:cc:5b:83:52:37:9e:aa:
94:bc:0a:4e:9f:8d:ea:da:43:05:3d:41:34:ce:81:
19:96:e6:6b:d9:50:1a:9d:87:66:c1:66:75:56:86:
5d:93:d8:7f:a1:0c:5e:2c:dc:4a:dd:d9:d7:7d:94:
dc:34:8d:7e:ef:7c:ef:f6:d7:3f:aa:3d:bc:48:6f:
a4:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:E2:B1:70:F8:43:65:AF:FB:49:AB:54:2C:AD:B2:91:F8:41:8C:8C
X509v3 Authority Key Identifier:
keyid:CA:74:8C:D0:0C:D7:FE:6A:21:75:5A:F6:42:D8:81:B8:DD:9A:39:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ynSM0AzX_mohdVr2QtiBuN2aOfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/16eeb2-c827-42c9-8e48-2a3df9b33313/1/g-KxcPhDZa_7SatULK2ykfhBjIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/16eeb2-c827-42c9-8e48-2a3df9b33313/1/ynSM0AzX_mohdVr2QtiBuN2aOfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.159.114.0/24
IPv6:
2a0f:efc0::/32
Signature Algorithm: sha256WithRSAEncryption
2c:cc:d0:0a:2b:ee:1f:49:2e:5f:5b:64:3e:e4:bb:28:ca:b7:
f2:1b:2b:75:cb:26:e6:14:93:84:6b:fb:72:95:e9:00:58:57:
f8:d3:3b:fb:e9:13:60:5c:03:e9:da:59:42:c9:c9:f7:ce:ec:
d7:56:1c:c2:7d:aa:37:d3:96:22:c6:ab:74:31:52:99:9d:1b:
c7:90:2a:31:25:bc:61:02:5c:70:7d:f9:ae:52:3c:95:14:3d:
f3:56:67:c6:48:eb:00:b3:13:16:89:aa:90:13:ae:54:25:0f:
cb:07:9f:e8:37:e3:5e:a2:bc:4c:a5:90:8f:30:23:7e:78:88:
16:08:0a:e2:b7:56:87:2c:bb:6e:16:a0:f9:b9:6e:45:8d:7d:
c6:ba:a4:79:62:51:b7:37:66:f1:68:c8:c3:28:fa:59:a2:1b:
d7:11:a6:d8:f8:fb:48:81:17:10:58:97:e7:70:21:f3:ed:87:
f8:b0:5c:50:64:58:07:d6:14:6f:a8:48:c5:7a:99:13:60:74:
ec:07:d2:3d:9d:8a:98:9b:b0:5b:2e:5a:b0:89:67:72:af:45:
61:a3:a3:70:7c:4b:88:6d:80:5a:4e:c2:0e:10:3e:18:e7:10:
e8:8b:ab:3c:9b:d5:44:0c:4a:8d:65:c0:e4:6e:7c:2b:2a:a2:
76:be:55:21
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEkxqlBGasjs1gCaixOlSfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNzQ4Y2QwMGNkN2ZlNmEyMTc1NWFmNjQyZDg4MWI4ZGQ5
YTM5ZjcwHhcNMjQwMTAxMTAzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2UyYjE3MGY4NDM2NWFmZmI0OWFiNTQyY2FkYjI5MWY4NDE4YzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/jXej4Mmd9Su6g1fx4VM6aOj3at
iiHnrBZ0Vvag4aA5RE1BBSDfO1Kog7imwLXHW6yk1CA/RfRnigNDfvtlxCAG0CGA
+qjzNhDs8vb9iBGp0D2YNDtwFPitRLvzvJ24jGDaDrY4TYwqy4VS9m6eMgwj5JHQ
TGtzgUlOHT95hczRcR6/5Z90rEBpN4YYMsFglYUR/HZsEyaS2KUXo89dgQzWfSpF
mjS6eSTG0zNXY9vfZsT1006icLADy8xbg1I3nqqUvApOn43q2kMFPUE0zoEZluZr
2VAanYdmwWZ1VoZdk9h/oQxeLNxK3dnXfZTcNI1+73zv9tc/qj28SG+kuwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIPisXD4Q2Wv+0mrVCytspH4QYyMMB8GA1UdIwQY
MBaAFMp0jNAM1/5qIXVa9kLYgbjdmjn3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW5TTTBBelhfbW9oZFZyMlF0aUJ1TjJhT2ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8xNmVlYjItYzgyNy00MmM5LThlNDgt
MmEzZGY5YjMzMzEzLzEvZy1LeGNQaERaYV83U2F0VUxLMnlrZmhCakl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8xNmVlYjItYzgyNy00MmM5LThlNDgtMmEzZGY5YjMzMzEz
LzEveW5TTTBBelhfbW9oZFZyMlF0aUJ1TjJhT2ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAVZ9yMA0E
AgACMAcDBQAqD+/AMA0GCSqGSIb3DQEBCwUAA4IBAQAszNAKK+4fSS5fW2Q+5Lso
yrfyGyt1yybmFJOEa/tylekAWFf40zv76RNgXAPp2llCycn3zuzXVhzCfao305Yi
xqt0MVKZnRvHkCoxJbxhAlxwffmuUjyVFD3zVmfGSOsAsxMWiaqQE65UJQ/LB5/o
N+NeorxMpZCPMCN+eIgWCArit1aHLLtuFqD5uW5FjX3GuqR5YlG3N2bxaMjDKPpZ
ohvXEabY+PtIgRcQWJfncCHz7Yf4sFxQZFgH1hRvqEjFepkTYHTsB9I9nYqYm7Bb
LlqwiWdyr0Vho6NwfEuIbYBaTsIOED4Y5xDoi6s8m9VEDEqNZcDkbnwrKqJ2vlUh
Generated at Sun Feb 11 01:41:45 2024 by rpki-client on console-ams.rpki-client.org