Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/4s8QBBoUmymE1OauRvisQRfeO6g.roa
File: 4s8QBBoUmymE1OauRvisQRfeO6g.roa (raw, json)
Hash identifier: NNW9WN9AbI4rq3nxOmDv7Ma20wIHpE2d9BCHzrsKrdU=
Subject key identifier: E2:CF:10:04:1A:14:9B:29:84:D4:E6:AE:46:F8:AC:41:17:DE:3B:A8
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0192C20FA14244D63B561E9856F3B0205406
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/4s8QBBoUmymE1OauRvisQRfeO6g.roa
Signing time: Fri 25 Oct 2024 05:04:17 +0000
ROA not before: Fri 25 Oct 2024 05:04:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.70.0/23 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.82.0/23 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.86.0/23 maxlen: 23
213.145.88.0/21 maxlen: 24
213.145.88.0/23 maxlen: 24
213.145.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Oct 2024 21:59:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c2:0f:a1:42:44:d6:3b:56:1e:98:56:f3:b0:20:54:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Oct 25 05:04:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2cf10041a149b2984d4e6ae46f8ac4117de3ba8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b8:53:9d:d8:73:b6:b4:48:43:39:91:ca:3b:
d4:d9:6c:d4:08:86:b1:0a:b7:05:37:05:eb:6d:d2:
d5:c8:1e:2d:5c:0b:1d:19:50:39:78:75:2a:18:0e:
ac:9a:97:fd:fe:d1:63:0a:ed:ff:6e:20:3c:96:0a:
27:00:2e:7a:98:01:a4:48:a2:da:73:b9:b7:62:e6:
f6:be:1c:a6:d9:04:66:78:65:6d:73:4e:97:df:71:
e7:36:2e:6a:8d:41:23:cd:97:fa:4f:b0:69:0b:8f:
ce:0e:27:d9:a1:1b:ac:33:85:93:29:35:24:aa:4b:
ad:d5:b3:19:28:b6:e0:fb:6f:a6:f0:ce:3c:04:7d:
4a:eb:c6:61:14:d9:00:2a:97:94:2f:62:0d:e4:75:
e5:5e:32:3f:69:0f:3d:21:28:c1:9b:bd:db:68:bc:
da:bc:ca:22:47:d8:03:78:e5:78:a1:3a:d0:84:ab:
3d:47:43:b1:77:d8:13:0a:2c:a6:7a:e4:4f:0d:a1:
99:de:48:6c:79:a6:0e:1a:90:f6:96:88:c1:29:00:
9b:4b:84:f7:35:2e:5f:a0:5f:ae:ad:58:16:3b:18:
b6:71:c4:dd:3e:ab:30:9e:ca:c3:85:37:d9:c9:fc:
54:27:1d:37:dc:66:c3:97:b2:ab:ad:56:c8:df:00:
b1:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:CF:10:04:1A:14:9B:29:84:D4:E6:AE:46:F8:AC:41:17:DE:3B:A8
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/4s8QBBoUmymE1OauRvisQRfeO6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.68.0-213.145.79.255
213.145.82.0-213.145.95.255
Signature Algorithm: sha256WithRSAEncryption
bc:b4:15:05:23:20:fc:f5:90:85:23:22:ce:19:20:7a:72:58:
64:89:57:20:a1:82:25:c4:8e:2a:31:29:07:0c:a0:7e:cd:4b:
3b:f0:a7:3f:39:56:14:41:13:09:23:6d:da:0e:ab:af:cb:03:
ff:70:04:d4:3e:5a:c7:37:16:21:83:50:7a:1d:6c:56:41:ff:
21:f3:ae:4f:09:73:8c:27:b9:7f:89:19:6b:08:8b:a6:44:d9:
c7:2e:95:e1:97:79:cc:bc:db:1f:5c:9a:8a:1e:eb:07:60:52:
49:35:08:48:16:b4:95:4b:1e:c3:35:81:5f:76:47:03:41:42:
03:af:bc:c8:35:e8:7c:21:2b:7b:91:06:73:de:99:b8:d1:eb:
cc:67:e9:37:df:76:83:6a:e1:46:c1:f2:4a:b2:a7:cc:c9:c7:
94:1c:83:a9:09:06:b4:c0:c0:b1:c0:88:48:ee:b2:01:cb:e1:
4a:7a:1a:ab:8c:03:3e:7b:0b:71:86:44:2d:d0:e3:81:37:8a:
69:52:5c:47:05:02:74:fe:dc:35:98:23:80:b5:2c:07:00:ff:
4c:d5:42:31:ea:e0:92:17:ee:ac:47:0c:7f:19:10:f4:b2:be:
22:d3:77:b8:2b:0b:3a:63:91:20:22:fa:42:45:3f:b5:dd:72:
d1:66:d7:24
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZLCD6FCRNY7Vh6YVvOwIFQGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQxMDI1MDUwNDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmNmMTAwNDFhMTQ5YjI5ODRkNGU2YWU0NmY4YWM0MTE3ZGUzYmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrhTndhztrRIQzmRyjvU2WzUCIax
CrcFNwXrbdLVyB4tXAsdGVA5eHUqGA6smpf9/tFjCu3/biA8lgonAC56mAGkSKLa
c7m3Yub2vhym2QRmeGVtc06X33HnNi5qjUEjzZf6T7BpC4/ODifZoRusM4WTKTUk
qkut1bMZKLbg+2+m8M48BH1K68ZhFNkAKpeUL2IN5HXlXjI/aQ89ISjBm73baLza
vMoiR9gDeOV4oTrQhKs9R0Oxd9gTCiymeuRPDaGZ3khseaYOGpD2lojBKQCbS4T3
NS5foF+urVgWOxi2ccTdPqswnsrDhTfZyfxUJx033GbDl7KrrVbI3wCxKwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOLPEAQaFJsphNTmrkb4rEEX3juoMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvNHM4UUJCb1VteW1FMU9hdVJ2aXNRUmZlTzZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQBVXPQMAwD
BALVkUQDBATVkUAwDAMEAdWRUgMEBdWRQDANBgkqhkiG9w0BAQsFAAOCAQEAvLQV
BSMg/PWQhSMizhkgenJYZIlXIKGCJcSOKjEpBwygfs1LO/CnPzlWFEETCSNt2g6r
r8sD/3AE1D5axzcWIYNQeh1sVkH/IfOuTwlzjCe5f4kZawiLpkTZxy6V4Zd5zLzb
H1yaih7rB2BSSTUISBa0lUsewzWBX3ZHA0FCA6+8yDXofCEre5EGc96ZuNHrzGfp
N992g2rhRsHySrKnzMnHlByDqQkGtMDAscCISO6yAcvhSnoaq4wDPnsLcYZELdDj
gTeKaVJcRwUCdP7cNZgjgLUsBwD/TNVCMergkhfurEcMfxkQ9LK+ItN3uCsLOmOR
ICL6QkU/td1y0WbXJA==
Generated at Mon Oct 28 23:40:08 2024 by rpki-client on console-fra.rpki-client.org