Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/4XjmP6WpcsNA1IIcB234dqmYaJg.roa
File: 4XjmP6WpcsNA1IIcB234dqmYaJg.roa (raw, json)
Hash identifier: Ilz9usHAbxaw323EWfgtkfmzmM37NKVGy9Mf61mEWu0=
Subject key identifier: E1:78:E6:3F:A5:A9:72:C3:40:D4:82:1C:07:6D:F8:76:A9:98:68:98
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 018D1188976CE12E0F1D0F23EACD8B11153C
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/4XjmP6WpcsNA1IIcB234dqmYaJg.roa
Signing time: Tue 16 Jan 2024 09:09:40 +0000
ROA not before: Tue 16 Jan 2024 09:09:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 213.145.72.0/21 maxlen: 24
85.115.208.0/23 maxlen: 24
213.145.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Jan 2024 11:18:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:11:88:97:6c:e1:2e:0f:1d:0f:23:ea:cd:8b:11:15:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jan 16 09:09:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e178e63fa5a972c340d4821c076df876a9986898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9f:bc:99:2c:6f:02:0e:13:61:9f:81:50:f6:
53:3a:17:91:76:bf:23:40:fd:ea:72:a8:33:0a:3d:
30:dc:05:da:0b:a5:67:5c:22:5c:51:a9:1d:1b:76:
70:9f:4f:ca:ff:5b:42:f4:7e:ef:fe:b1:03:fa:83:
77:c7:79:24:ed:b9:fe:2e:85:55:90:78:d6:f5:83:
ed:b9:ca:6c:29:24:0b:11:fe:a2:95:77:d4:cc:d3:
e2:7e:21:9e:a0:f3:01:b7:e8:30:65:a5:71:42:0a:
80:16:6d:9d:b9:92:40:48:f2:f9:66:63:d4:da:cb:
39:e4:d4:ad:c8:0a:07:45:2d:a3:d2:3f:ff:9a:c3:
e8:9b:b8:d2:34:9d:0c:54:d9:7c:fb:89:b5:e6:f7:
e3:34:f4:99:30:b7:34:c4:a7:fb:2a:70:28:59:b6:
2e:9a:2e:e0:f7:53:35:91:31:e0:e5:87:a7:e0:f6:
3b:10:50:5a:ee:68:9c:dd:f4:29:e5:ad:d1:ed:33:
7d:0b:79:da:c2:c2:cc:9a:5e:b0:31:51:5c:bc:52:
69:c2:c5:d0:4f:f4:69:d4:78:b3:dd:73:c0:f8:3a:
04:cf:03:3b:8c:9b:67:d0:ac:dd:22:79:f6:f8:7f:
bc:fa:5d:03:30:c4:81:6b:e6:10:d4:04:02:fd:59:
62:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:78:E6:3F:A5:A9:72:C3:40:D4:82:1C:07:6D:F8:76:A9:98:68:98
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/4XjmP6WpcsNA1IIcB234dqmYaJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.72.0/21
213.145.88.0/21
Signature Algorithm: sha256WithRSAEncryption
a3:73:94:f6:e4:97:92:51:b8:33:a1:c0:d4:83:dd:ab:1e:a6:
e5:36:09:9a:60:ab:09:43:08:72:b8:f4:b3:1f:74:76:ff:66:
de:f8:21:68:60:cd:a9:40:ba:ad:31:4f:bf:94:eb:96:d6:86:
28:f0:32:08:b6:84:21:79:4d:ce:ab:06:e1:d5:40:e2:42:a8:
35:ac:3f:e5:10:f6:db:c9:b4:07:fb:19:11:92:e9:bb:d2:df:
f7:0c:72:e4:9d:8d:56:05:3c:86:12:29:39:a2:20:dd:04:dc:
46:ae:72:bd:0a:99:67:d6:e4:a7:92:dc:e8:bf:7c:fe:1e:ba:
45:58:56:9d:93:69:6e:23:42:f3:bb:70:92:d3:ee:8d:6d:cb:
26:b3:67:ad:11:9d:10:5b:c8:4f:c2:55:49:e8:15:c2:3a:c9:
f0:30:3c:ec:58:d5:a8:86:1e:8f:35:c8:90:fe:25:4f:0e:d8:
9a:08:34:e0:a7:fc:90:fa:ad:8c:08:c3:67:f3:60:b3:9a:e7:
43:86:b9:38:cf:d3:06:3c:38:2d:2b:3d:97:ca:5f:69:de:72:
a1:b8:77:45:ac:64:4b:61:84:e9:ce:d7:0b:7c:a5:1a:7f:df:
18:74:38:ac:ee:24:c1:ce:e3:e7:a1:c2:27:2b:df:ff:09:22:
4f:42:b5:fb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0RiJds4S4PHQ8j6s2LERU8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwMTE2MDkwOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTc4ZTYzZmE1YTk3MmMzNDBkNDgyMWMwNzZkZjg3NmE5OTg2ODk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Z+8mSxvAg4TYZ+BUPZTOheRdr8j
QP3qcqgzCj0w3AXaC6VnXCJcUakdG3Zwn0/K/1tC9H7v/rED+oN3x3kk7bn+LoVV
kHjW9YPtucpsKSQLEf6ilXfUzNPifiGeoPMBt+gwZaVxQgqAFm2duZJASPL5ZmPU
2ss55NStyAoHRS2j0j//msPom7jSNJ0MVNl8+4m15vfjNPSZMLc0xKf7KnAoWbYu
mi7g91M1kTHg5Yen4PY7EFBa7mic3fQp5a3R7TN9C3nawsLMml6wMVFcvFJpwsXQ
T/Rp1Hiz3XPA+DoEzwM7jJtn0KzdInn2+H+8+l0DMMSBa+YQ1AQC/Vli2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOF45j+lqXLDQNSCHAdt+HapmGiYMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvNFhqbVA2V3Bjc05BMUlJY0IyMzRkcW1ZYUpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVXPQAwQD
1ZFIAwQD1ZFYMA0GCSqGSIb3DQEBCwUAA4IBAQCjc5T25JeSUbgzocDUg92rHqbl
NgmaYKsJQwhyuPSzH3R2/2be+CFoYM2pQLqtMU+/lOuW1oYo8DIItoQheU3Oqwbh
1UDiQqg1rD/lEPbbybQH+xkRkum70t/3DHLknY1WBTyGEik5oiDdBNxGrnK9Cpln
1uSnktzov3z+HrpFWFadk2luI0Lzu3CS0+6Nbcsms2etEZ0QW8hPwlVJ6BXCOsnw
MDzsWNWohh6PNciQ/iVPDtiaCDTgp/yQ+q2MCMNn82CzmudDhrk4z9MGPDgtKz2X
yl9p3nKhuHdFrGRLYYTpztcLfKUaf98YdDis7iTBzuPnocInK9//CSJPQrX7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:12 2024 by rpki-client on console-ams.rpki-client.org