Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/iOWVrs2wjOtjAbeBccCP_bWdxZ8.roa
File: iOWVrs2wjOtjAbeBccCP_bWdxZ8.roa (raw, json)
Hash identifier: 8gZwlv7quM1U2N5lVsIiZOEMXM6yKL47Qv7AhdiSttE=
Subject key identifier: 88:E5:95:AE:CD:B0:8C:EB:63:01:B7:81:71:C0:8F:FD:B5:9D:C5:9F
Certificate issuer: /CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Certificate serial: 01856DEF649BBCEBCE2D0CF17E9A9B78EE34
Authority key identifier: 8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/iOWVrs2wjOtjAbeBccCP_bWdxZ8.roa
Signing time: Sun 01 Jan 2023 15:24:43 +0000
ROA not before: Sun 01 Jan 2023 15:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210393
IP address blocks: 85.31.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ef:64:9b:bc:eb:ce:2d:0c:f1:7e:9a:9b:78:ee:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Validity
Not Before: Jan 1 15:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88e595aecdb08ceb6301b78171c08ffdb59dc59f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d2:52:39:d1:81:10:f3:24:c4:dc:a6:c2:db:
c6:a3:53:f6:b1:8b:49:8f:aa:d0:7c:84:8b:47:3a:
bd:3b:0a:99:16:4a:2c:12:2a:e5:e1:b0:e4:37:26:
0d:88:69:db:23:ff:60:b5:5a:5b:cb:6e:4d:07:19:
ae:09:88:af:1f:68:1b:ee:90:7f:93:9e:c0:8d:f4:
af:b2:4a:d8:9e:d0:af:a5:59:cd:40:85:46:64:a1:
24:70:38:a8:f6:10:86:ef:63:c0:7c:6f:c8:54:bf:
e6:09:cb:92:54:75:e3:a2:24:4c:72:2a:bc:14:ff:
e6:72:ea:ca:64:b9:dc:26:77:08:82:06:c8:c1:ff:
43:af:7b:d6:04:07:fb:cb:80:c2:63:34:d6:0d:01:
d0:9a:ce:e8:0f:e6:18:2e:ae:fe:44:72:76:47:5d:
52:2c:2c:47:d4:c2:4f:9c:72:fe:2b:be:23:f4:d3:
6d:0a:bb:45:0d:63:6b:8e:2a:58:68:91:30:12:7a:
21:b5:c7:26:18:17:e3:a3:93:8a:9a:f2:c9:24:1d:
41:22:cd:71:5c:c4:e4:9a:14:e9:1e:43:42:61:ef:
19:18:08:a5:f3:83:ca:58:23:a5:56:a2:43:4a:b5:
9d:78:58:a4:d1:36:62:ce:2e:8f:3d:a9:0a:39:a2:
9b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:E5:95:AE:CD:B0:8C:EB:63:01:B7:81:71:C0:8F:FD:B5:9D:C5:9F
X509v3 Authority Key Identifier:
keyid:8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/iOWVrs2wjOtjAbeBccCP_bWdxZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/itJAYD7G681i9y1G8dwAy34fCy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.31.6.0/24
Signature Algorithm: sha256WithRSAEncryption
93:76:a7:53:35:74:46:d5:7c:f1:dc:c3:c8:6e:42:ce:d2:65:
69:10:1f:2a:f0:4c:5b:12:68:16:03:4c:89:5b:79:4f:58:5a:
e3:6e:83:a2:66:78:4d:2f:98:72:b2:41:1a:6b:83:38:5f:e3:
87:18:bf:be:6d:d2:6f:3a:01:f2:1f:dc:fa:ab:1d:35:42:27:
ab:d6:a9:e7:da:84:ca:83:c3:7f:9f:39:12:33:f7:11:47:e4:
2a:34:f0:7d:d2:17:c3:92:f3:1c:99:d6:cd:af:2d:6c:27:91:
ef:c1:b9:75:f2:fd:a4:b6:b1:74:3f:0f:b9:22:40:e4:11:bd:
62:0d:93:0b:a8:71:12:65:33:fb:7d:1a:db:3a:80:0b:4e:62:
e2:1a:8a:9d:68:3f:c9:7f:e5:18:f2:4b:53:fb:35:f5:6d:33:
6e:08:69:ab:87:d8:99:9b:1f:18:1a:e8:ff:47:5b:d2:0e:1b:
12:3e:79:45:ae:98:2f:28:10:b9:83:ae:d1:bc:5c:8b:2d:3f:
ea:2c:80:ef:66:3f:dc:a4:fa:45:ff:95:79:a9:e3:97:9b:0e:
d0:08:8c:79:a2:00:40:d6:d8:ff:3a:fe:de:be:5e:f4:30:bf:
dd:94:09:d2:e1:f6:e9:53:96:81:bf:2b:29:5b:b9:ef:d0:a3:
71:02:9c:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt72SbvOvOLQzxfpqbeO40MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDI0MDYwM2VjNmViY2Q2MmY3MmQ0NmYxZGMwMGNiN2Ux
ZjBiMmUwHhcNMjMwMTAxMTUyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGU1OTVhZWNkYjA4Y2ViNjMwMWI3ODE3MWMwOGZmZGI1OWRjNTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNJSOdGBEPMkxNymwtvGo1P2sYtJ
j6rQfISLRzq9OwqZFkosEirl4bDkNyYNiGnbI/9gtVpby25NBxmuCYivH2gb7pB/
k57AjfSvskrYntCvpVnNQIVGZKEkcDio9hCG72PAfG/IVL/mCcuSVHXjoiRMciq8
FP/mcurKZLncJncIggbIwf9Dr3vWBAf7y4DCYzTWDQHQms7oD+YYLq7+RHJ2R11S
LCxH1MJPnHL+K74j9NNtCrtFDWNrjipYaJEwEnohtccmGBfjo5OKmvLJJB1BIs1x
XMTkmhTpHkNCYe8ZGAil84PKWCOlVqJDSrWdeFik0TZizi6PPakKOaKbvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIjlla7NsIzrYwG3gXHAj/21ncWfMB8GA1UdIwQY
MBaAFIrSQGA+xuvNYvctRvHcAMt+HwsuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUt
ZDc2YzhjNzM5ODYxLzEvaU9XVnJzMndqT3RqQWJlQmNjQ1BfYldkeFo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUtZDc2YzhjNzM5ODYx
LzEvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVR8GMA0G
CSqGSIb3DQEBCwUAA4IBAQCTdqdTNXRG1Xzx3MPIbkLO0mVpEB8q8ExbEmgWA0yJ
W3lPWFrjboOiZnhNL5hyskEaa4M4X+OHGL++bdJvOgHyH9z6qx01Qier1qnn2oTK
g8N/nzkSM/cRR+QqNPB90hfDkvMcmdbNry1sJ5Hvwbl18v2ktrF0Pw+5IkDkEb1i
DZMLqHESZTP7fRrbOoALTmLiGoqdaD/Jf+UY8ktT+zX1bTNuCGmrh9iZmx8YGuj/
R1vSDhsSPnlFrpgvKBC5g67RvFyLLT/qLIDvZj/cpPpF/5V5qeOXmw7QCIx5ogBA
1tj/Ov7evl70ML/dlAnS4fbpU5aBvyspW7nv0KNxApxW
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:04 2024 by rpki-client on console-fra.rpki-client.org