Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/2a5xb7opa_wE1Z5OT1UkQ07GYeE.roa
File: 2a5xb7opa_wE1Z5OT1UkQ07GYeE.roa (raw, json)
Hash identifier: kXQbjuqmvEd0fcO+NO6xF3ixZEthlPF7M4DAc02zWM0=
Subject key identifier: D9:AE:71:6F:BA:29:6B:FC:04:D5:9E:4E:4F:55:24:43:4E:C6:61:E1
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0192640DA561AEE5DC1F72679A5365A6463C
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/2a5xb7opa_wE1Z5OT1UkQ07GYeE.roa
Signing time: Sun 06 Oct 2024 22:57:48 +0000
ROA not before: Sun 06 Oct 2024 22:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.68.0/24 maxlen: 24
213.145.70.0/23 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.82.0/23 maxlen: 24
213.145.82.0/24 maxlen: 24
213.145.83.0/24 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.86.0/23 maxlen: 23
213.145.88.0/21 maxlen: 24
213.145.88.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Oct 2024 13:52:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:64:0d:a5:61:ae:e5:dc:1f:72:67:9a:53:65:a6:46:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Oct 6 22:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9ae716fba296bfc04d59e4e4f5524434ec661e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:99:96:36:d4:70:96:0e:d8:f0:fc:71:43:d6:
db:93:60:00:bf:fa:7e:ff:3e:c2:e9:52:af:80:6d:
bf:f9:91:2d:56:ec:4f:7b:6c:1c:2e:22:07:11:20:
49:d6:9f:a2:e5:9d:91:1c:f6:55:e8:4c:56:70:57:
a4:bb:5d:34:00:d8:04:c6:45:c3:51:86:24:97:eb:
b1:c9:c4:cf:10:36:6f:35:18:4f:87:a3:5b:80:76:
da:60:cd:4c:9e:f0:42:50:34:f5:dc:1d:bd:8d:63:
ac:15:70:6f:78:97:bb:4f:dd:37:3e:2e:a2:04:ee:
d7:74:11:92:30:b7:bc:34:98:fb:0a:1f:6b:09:7b:
bc:b0:4b:aa:fc:6e:69:cd:fa:15:76:8e:0a:1c:54:
37:d4:6b:4c:02:7b:ee:1f:2b:0b:e2:c4:c5:75:c4:
77:bf:ab:6e:f4:6d:b0:6d:f4:41:a4:6d:cc:d8:d3:
4c:64:cd:43:31:c1:df:03:63:61:d3:09:b5:50:d0:
4d:cc:6e:83:51:1b:e7:2f:6d:07:43:76:bf:3c:2b:
63:9e:b9:f5:8e:82:2b:92:c5:64:07:03:02:ca:30:
bc:99:24:93:69:7f:04:ee:55:a4:70:8e:bd:51:ae:
4c:68:14:74:f2:50:11:ee:fc:6f:f6:21:a6:b0:a2:
59:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:AE:71:6F:BA:29:6B:FC:04:D5:9E:4E:4F:55:24:43:4E:C6:61:E1
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/2a5xb7opa_wE1Z5OT1UkQ07GYeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.68.0-213.145.79.255
213.145.82.0-213.145.95.255
Signature Algorithm: sha256WithRSAEncryption
a2:71:65:81:5b:ae:88:ed:da:8e:b7:a5:d2:4a:2b:ff:d9:25:
c5:29:8b:c8:ad:72:e4:25:cc:f6:8c:d5:95:27:70:28:a1:e3:
e2:d5:75:86:32:ad:58:e7:9e:b5:46:eb:bb:d3:29:17:f9:99:
35:be:c2:7b:8c:c5:da:9c:6d:02:f2:e4:ca:c5:9f:d2:c7:06:
ea:3d:c5:b6:7a:65:b6:e5:9a:a7:09:e0:ce:29:b0:64:df:b2:
a9:46:7d:f1:80:29:30:db:0b:dd:b4:5d:7a:9d:61:25:63:16:
f7:ea:31:d5:1f:c6:55:96:3f:76:45:b2:d4:4e:0a:be:f1:26:
f6:eb:4f:12:25:57:24:da:d7:ba:6d:70:96:ed:ec:62:25:8b:
51:35:8a:2e:e8:44:3b:aa:e6:3b:61:dc:af:b2:f8:1d:e0:47:
0d:56:8d:2d:c0:04:e4:11:5d:35:89:8a:72:7d:b1:f3:48:d7:
5e:4d:5c:e3:8b:f0:b9:54:86:35:62:68:44:48:97:c6:ef:ef:
82:a2:29:13:39:a6:e8:2d:a1:26:d3:bb:b3:30:f4:c5:0d:3e:
5e:b1:ca:b5:88:48:44:12:b0:05:fc:af:6f:81:eb:94:1d:d5:
33:00:c7:b7:cd:02:b3:9e:92:82:c1:e3:6f:3e:b1:22:71:a1:
fe:bb:7b:c4
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZJkDaVhruXcH3JnmlNlpkY8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQxMDA2MjI1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWFlNzE2ZmJhMjk2YmZjMDRkNTllNGU0ZjU1MjQ0MzRlYzY2MWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5mWNtRwlg7Y8PxxQ9bbk2AAv/p+
/z7C6VKvgG2/+ZEtVuxPe2wcLiIHESBJ1p+i5Z2RHPZV6ExWcFeku100ANgExkXD
UYYkl+uxycTPEDZvNRhPh6NbgHbaYM1MnvBCUDT13B29jWOsFXBveJe7T903Pi6i
BO7XdBGSMLe8NJj7Ch9rCXu8sEuq/G5pzfoVdo4KHFQ31GtMAnvuHysL4sTFdcR3
v6tu9G2wbfRBpG3M2NNMZM1DMcHfA2Nh0wm1UNBNzG6DURvnL20HQ3a/PCtjnrn1
joIrksVkBwMCyjC8mSSTaX8E7lWkcI69Ua5MaBR08lAR7vxv9iGmsKJZBQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNmucW+6KWv8BNWeTk9VJENOxmHhMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvMmE1eGI3b3BhX3dFMVo1T1QxVWtRMDdHWWVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQBVXPQMAwD
BALVkUQDBATVkUAwDAMEAdWRUgMEBdWRQDANBgkqhkiG9w0BAQsFAAOCAQEAonFl
gVuuiO3ajrel0kor/9klxSmLyK1y5CXM9ozVlSdwKKHj4tV1hjKtWOeetUbru9Mp
F/mZNb7Ce4zF2pxtAvLkysWf0scG6j3FtnpltuWapwngzimwZN+yqUZ98YApMNsL
3bRdep1hJWMW9+ox1R/GVZY/dkWy1E4KvvEm9utPEiVXJNrXum1wlu3sYiWLUTWK
LuhEO6rmO2Hcr7L4HeBHDVaNLcAE5BFdNYmKcn2x80jXXk1c44vwuVSGNWJoREiX
xu/vgqIpEzmm6C2hJtO7szD0xQ0+XrHKtYhIRBKwBfyvb4HrlB3VMwDHt80Cs56S
gsHjbz6xInGh/rt7xA==
Generated at Mon Oct 14 17:39:51 2024 by rpki-client on console-fra.rpki-client.org