Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/4VEc4Rk4HYVdtXSdOgn4mU5xCAY.roa
File: 4VEc4Rk4HYVdtXSdOgn4mU5xCAY.roa (raw, json)
Hash identifier: /zOP0LmNbVDV7ndt1zeHXcnJyL/cko8G8vYRr8ZnkvM=
Subject key identifier: E1:51:1C:E1:19:38:1D:85:5D:B5:74:9D:3A:09:F8:99:4E:71:08:06
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 019228571641E44C5EFC02065EA8699755DB
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/4VEc4Rk4HYVdtXSdOgn4mU5xCAY.roa
Signing time: Wed 25 Sep 2024 08:40:48 +0000
ROA not before: Wed 25 Sep 2024 08:40:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.72.0/21 maxlen: 24
213.145.82.0/23 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.86.0/23 maxlen: 23
213.145.88.0/21 maxlen: 24
213.145.88.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 08:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:28:57:16:41:e4:4c:5e:fc:02:06:5e:a8:69:97:55:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Sep 25 08:40:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1511ce119381d855db5749d3a09f8994e710806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a1:5d:29:98:a7:df:a6:90:e9:6c:f3:67:47:
e3:bc:5e:91:7d:24:3a:87:ee:9d:57:9c:dc:94:26:
75:2e:91:f0:7b:6d:3b:43:8a:a0:ad:b3:57:af:2c:
3f:28:b4:a8:06:5a:04:40:ff:fe:90:82:88:31:4d:
6c:a1:96:a8:7a:d1:97:0f:3d:e6:c0:6e:b0:e9:d3:
dd:ae:ed:5c:21:58:a4:d8:fe:59:07:88:8c:e0:92:
d7:7d:d6:1e:ca:15:f8:58:dd:81:1b:08:42:dc:d2:
77:58:fc:04:7b:51:13:37:8e:56:0a:f1:5c:bf:ea:
73:20:be:68:07:68:af:05:6c:88:d8:4b:f8:20:fa:
97:f8:08:dc:12:86:fd:5d:01:61:18:70:3e:03:2b:
50:3d:96:6c:5d:e7:41:01:6f:e4:78:2f:9e:3a:f1:
77:e6:18:1c:e5:93:6d:79:59:fc:eb:1b:4c:40:db:
ac:15:3c:3e:ac:ad:ee:52:be:51:60:5b:82:4d:7c:
cf:d1:a5:37:bb:a0:a6:bb:fe:12:9f:c0:ee:9a:99:
54:d8:8c:1e:59:2d:49:18:9a:41:06:e2:fa:b0:a3:
0d:ad:c0:41:e9:f6:db:2e:86:17:48:b1:be:e5:21:
4a:58:0f:fb:76:33:15:94:d1:65:01:b0:9d:e1:84:
33:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:51:1C:E1:19:38:1D:85:5D:B5:74:9D:3A:09:F8:99:4E:71:08:06
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/4VEc4Rk4HYVdtXSdOgn4mU5xCAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.68.0/23
213.145.72.0/21
213.145.82.0-213.145.95.255
Signature Algorithm: sha256WithRSAEncryption
93:bd:10:eb:de:a6:c6:a2:ce:f1:4a:02:8f:9a:85:87:01:01:
10:4b:0a:b0:5b:91:6e:35:02:46:cd:43:77:de:4c:8f:12:a8:
a2:f3:94:80:78:2a:8a:c6:fb:0a:d5:49:95:e2:5f:d5:d1:3e:
d6:f3:30:fc:e9:40:1a:20:b1:0d:ba:6b:53:7f:a8:19:02:7b:
75:11:b5:8f:49:4d:6b:d2:da:f8:ca:27:9f:01:b5:90:97:44:
cd:40:b0:e7:d3:74:dc:4e:41:8d:f4:f1:d6:19:54:14:09:c9:
83:5a:65:27:cb:9a:b1:8e:8d:b8:6f:88:93:e9:12:97:1c:ae:
30:c3:99:2b:9b:b6:99:42:b9:e8:7a:6f:b0:d0:c5:62:f1:a2:
af:c7:b8:70:6c:ef:2a:38:01:91:6d:16:0e:a1:f7:c6:c6:b6:
d3:00:66:e5:f4:be:90:04:3f:62:fb:63:3f:96:f0:cb:ad:71:
c8:c0:cc:7d:97:85:ca:30:d1:37:28:32:b6:11:83:d0:29:f3:
10:60:64:5d:41:26:d9:31:f1:72:0c:2b:21:cf:47:24:15:2b:
61:7f:e6:35:98:6d:3f:be:1a:05:b3:52:e9:05:f4:46:5f:aa:
30:f3:f6:2f:88:04:9e:b5:0d:88:02:f0:a2:6b:8e:ac:7a:02:
6c:b5:61:80
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZIoVxZB5Exe/AIGXqhpl1XbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwOTI1MDg0MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTUxMWNlMTE5MzgxZDg1NWRiNTc0OWQzYTA5Zjg5OTRlNzEwODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqFdKZin36aQ6WzzZ0fjvF6RfSQ6
h+6dV5zclCZ1LpHwe207Q4qgrbNXryw/KLSoBloEQP/+kIKIMU1soZaoetGXDz3m
wG6w6dPdru1cIVik2P5ZB4iM4JLXfdYeyhX4WN2BGwhC3NJ3WPwEe1ETN45WCvFc
v+pzIL5oB2ivBWyI2Ev4IPqX+AjcEob9XQFhGHA+AytQPZZsXedBAW/keC+eOvF3
5hgc5ZNteVn86xtMQNusFTw+rK3uUr5RYFuCTXzP0aU3u6Cmu/4Sn8DumplU2Iwe
WS1JGJpBBuL6sKMNrcBB6fbbLoYXSLG+5SFKWA/7djMVlNFlAbCd4YQzLQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOFRHOEZOB2FXbV0nToJ+JlOcQgGMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvNFZFYzRSazRIWVZkdFhTZE9nbjRtVTV4Q0FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBVXPQAwQB
1ZFEAwQD1ZFIMAwDBAHVkVIDBAXVkUAwDQYJKoZIhvcNAQELBQADggEBAJO9EOve
psaizvFKAo+ahYcBARBLCrBbkW41AkbNQ3feTI8SqKLzlIB4KorG+wrVSZXiX9XR
PtbzMPzpQBogsQ26a1N/qBkCe3URtY9JTWvS2vjKJ58BtZCXRM1AsOfTdNxOQY30
8dYZVBQJyYNaZSfLmrGOjbhviJPpEpccrjDDmSubtplCueh6b7DQxWLxoq/HuHBs
7yo4AZFtFg6h98bGttMAZuX0vpAEP2L7Yz+W8MutccjAzH2Xhcow0TcoMrYRg9Ap
8xBgZF1BJtkx8XIMKyHPRyQVK2F/5jWYbT++GgWzUukF9EZfqjDz9i+IBJ61DYgC
8KJrjqx6Amy1YYA=
-----END CERTIFICATE-----
Generated at Thu Oct 3 12:20:06 2024 by rpki-client on console-ams.rpki-client.org