Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/2xFgjDdKYhGFMRXf6ZwtOT8GX5c.roa
File: 2xFgjDdKYhGFMRXf6ZwtOT8GX5c.roa (raw, json)
Hash identifier: 0L/coF5mDQ5PXmGH2B/DKIB+83F/sANm7g/uKrijrAg=
Subject key identifier: DB:11:60:8C:37:4A:62:11:85:31:15:DF:E9:9C:2D:39:3F:06:5F:97
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 01888BD1A392C17D22F586FCE9995B5739DF
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/2xFgjDdKYhGFMRXf6ZwtOT8GX5c.roa
Signing time: Mon 05 Jun 2023 13:49:11 +0000
ROA not before: Mon 05 Jun 2023 13:49:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
213.145.72.0/21 maxlen: 24
85.115.210.0/23 maxlen: 24
213.145.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Jun 2023 21:22:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8b:d1:a3:92:c1:7d:22:f5:86:fc:e9:99:5b:57:39:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jun 5 13:49:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db11608c374a6211853115dfe99c2d393f065f97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:cf:fc:42:03:f1:44:35:1b:4c:15:cc:9e:14:
d9:4b:27:80:69:56:e1:73:24:ec:07:4c:d6:50:e1:
51:3c:95:83:26:32:35:f9:4b:85:73:e6:05:1f:66:
19:f9:10:43:24:33:e4:d7:18:b6:52:51:56:ce:49:
87:00:30:3c:d0:7f:c0:03:ee:e4:20:c7:9b:68:15:
cf:af:6d:5e:7c:84:4f:da:e1:70:5a:6d:ed:94:e6:
e0:c1:69:e8:37:7a:b6:aa:86:a9:0c:30:d8:ab:d3:
f3:cd:34:34:6b:77:8f:c9:2f:af:ec:c2:f2:4a:96:
4b:3f:b7:d4:37:da:43:b1:4c:bf:45:6b:a2:4d:09:
54:d5:ab:8e:38:8e:56:b1:a3:c9:5b:87:21:c5:6a:
3a:44:14:54:96:27:c6:ee:a2:08:8e:58:22:fc:af:
8e:c6:36:35:c3:c4:97:05:60:bf:74:f6:f8:e4:98:
1e:6b:5d:5a:bf:03:30:08:b6:7f:d4:eb:36:19:de:
2d:cf:84:40:04:9e:c2:30:77:72:0e:7e:8e:90:7c:
58:fe:2a:9f:95:f5:db:c9:df:56:8a:ec:fe:f9:cc:
5e:3d:97:ce:34:91:e5:c6:33:c1:d8:76:93:f6:86:
ce:24:69:8b:32:8a:b4:73:77:3d:c0:91:1e:0e:6f:
71:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:11:60:8C:37:4A:62:11:85:31:15:DF:E9:9C:2D:39:3F:06:5F:97
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/2xFgjDdKYhGFMRXf6ZwtOT8GX5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/22
213.145.72.0/21
213.145.88.0/21
Signature Algorithm: sha256WithRSAEncryption
f3:15:37:0b:26:5d:d4:a5:ec:15:cd:6c:65:f5:d1:80:ee:3f:
66:30:23:59:e5:b8:93:58:bc:1b:52:16:a9:10:91:9e:3c:9c:
6e:b1:02:2f:93:51:47:52:7f:10:36:cd:de:30:e0:2f:1f:4b:
7d:05:55:e6:41:ca:4a:8a:97:19:11:42:b1:bb:ff:2e:5e:15:
40:6b:c3:f4:c1:27:35:cb:25:36:ff:10:e9:62:20:1e:c4:95:
6b:c3:01:01:98:5d:af:71:32:36:f7:1b:27:db:61:f8:5c:c4:
c9:0f:fa:db:1b:34:06:8d:fa:3e:ed:73:ed:d1:d4:cb:e8:0f:
33:af:f8:c9:fe:ca:f4:32:9b:e0:bd:0c:7a:67:fd:ee:83:45:
3b:20:3d:ec:14:4c:f4:bf:b1:d9:6c:4c:67:a0:ff:6c:82:b9:
2d:e0:84:19:2e:c8:5f:a9:49:7a:56:01:52:59:08:0a:9c:f9:
21:ce:b8:6a:10:e4:b1:61:46:61:d3:ae:c0:f0:12:d5:01:95:
a7:77:f2:6c:28:1b:40:f0:60:95:6b:e2:90:ea:88:5e:aa:6b:
6f:ce:d1:06:d2:a7:c9:d5:ed:4a:15:8c:9d:2e:27:0e:4d:ca:
14:3e:5a:a6:99:be:b3:60:aa:03:65:9e:76:1c:7e:37:61:e2:
dc:63:ab:1b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYiL0aOSwX0i9Yb86ZlbVznfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjMwNjA1MTM0OTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjExNjA4YzM3NGE2MjExODUzMTE1ZGZlOTljMmQzOTNmMDY1Zjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28/8QgPxRDUbTBXMnhTZSyeAaVbh
cyTsB0zWUOFRPJWDJjI1+UuFc+YFH2YZ+RBDJDPk1xi2UlFWzkmHADA80H/AA+7k
IMebaBXPr21efIRP2uFwWm3tlObgwWnoN3q2qoapDDDYq9PzzTQ0a3ePyS+v7MLy
SpZLP7fUN9pDsUy/RWuiTQlU1auOOI5WsaPJW4chxWo6RBRUlifG7qIIjlgi/K+O
xjY1w8SXBWC/dPb45Jgea11avwMwCLZ/1Os2Gd4tz4RABJ7CMHdyDn6OkHxY/iqf
lfXbyd9Wiuz++cxePZfONJHlxjPB2HaT9obOJGmLMoq0c3c9wJEeDm9xOQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNsRYIw3SmIRhTEV3+mcLTk/Bl+XMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvMnhGZ2pEZEtZaEdGTVJYZjZad3RPVDhHWDVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCVXPQAwQD
1ZFIAwQD1ZFYMA0GCSqGSIb3DQEBCwUAA4IBAQDzFTcLJl3UpewVzWxl9dGA7j9m
MCNZ5biTWLwbUhapEJGePJxusQIvk1FHUn8QNs3eMOAvH0t9BVXmQcpKipcZEUKx
u/8uXhVAa8P0wSc1yyU2/xDpYiAexJVrwwEBmF2vcTI29xsn22H4XMTJD/rbGzQG
jfo+7XPt0dTL6A8zr/jJ/sr0MpvgvQx6Z/3ug0U7ID3sFEz0v7HZbExnoP9sgrkt
4IQZLshfqUl6VgFSWQgKnPkhzrhqEOSxYUZh067A8BLVAZWnd/JsKBtA8GCVa+KQ
6oheqmtvztEG0qfJ1e1KFYydLicOTcoUPlqmmb6zYKoDZZ52HH43YeLcY6sb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:06 2024 by rpki-client on console-fra.rpki-client.org