Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/C-_cgkTlH09wnsoKha2_9Y94pbk.roa
File: C-_cgkTlH09wnsoKha2_9Y94pbk.roa (raw, json)
Hash identifier: pynJtDi/JvwkqstODTFO3F/ZrOsB4IqMJi5SM7EWVrs=
Subject key identifier: 0B:EF:DC:82:44:E5:1F:4F:70:9E:CA:0A:85:AD:BF:F5:8F:78:A5:B9
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 01856D660FEAC3707C7693F2D0130E5F6489
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/C-_cgkTlH09wnsoKha2_9Y94pbk.roa
Signing time: Sun 01 Jan 2023 12:54:43 +0000
ROA not before: Sun 01 Jan 2023 12:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13115
IP address blocks: 213.145.64.0/19 maxlen: 20
85.115.208.0/22 maxlen: 22
2001:41f8::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 25 Jan 2023 23:14:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:0f:ea:c3:70:7c:76:93:f2:d0:13:0e:5f:64:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jan 1 12:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0befdc8244e51f4f709eca0a85adbff58f78a5b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ef:64:b7:4a:ed:92:20:ad:ab:13:3a:36:c1:
32:2b:d8:47:22:5e:36:dd:ad:fa:e9:c4:ab:79:82:
33:fa:3a:c1:91:39:d4:46:dd:45:67:3c:e1:97:b9:
1b:2a:62:1a:75:cf:e8:26:34:2a:e1:95:08:ae:8b:
0f:de:c7:6e:ad:de:31:cc:78:b5:4e:c4:50:91:c2:
eb:dc:6a:47:76:bb:a8:08:78:52:73:be:14:6a:46:
44:d9:39:71:78:13:f1:15:bc:03:5a:52:bb:87:31:
80:ef:13:ff:1d:a5:d3:11:e0:cf:7d:76:41:02:e8:
7f:b5:5c:15:68:6d:00:7e:e3:fe:bf:0b:cc:7b:59:
d1:b1:cf:5b:36:18:75:66:07:08:d0:c3:bf:39:04:
c9:a9:d3:4f:b4:8f:22:d9:bf:4c:ac:d4:de:9b:e1:
4d:73:ac:0a:68:66:20:49:50:10:07:77:0a:07:6d:
18:e7:55:43:2b:98:8b:50:74:66:da:9c:6b:48:a5:
8f:d2:3e:61:80:10:07:c7:75:c0:48:a5:7a:50:09:
70:a7:cb:36:98:49:9f:ba:c8:14:8c:96:f9:36:7b:
ed:46:0f:9b:1f:eb:00:b7:73:88:26:8f:6e:e6:d3:
f6:2b:91:69:03:19:02:1e:9d:1f:74:10:b8:a2:83:
4f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:EF:DC:82:44:E5:1F:4F:70:9E:CA:0A:85:AD:BF:F5:8F:78:A5:B9
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/C-_cgkTlH09wnsoKha2_9Y94pbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/22
213.145.64.0/19
IPv6:
2001:41f8::/32
Signature Algorithm: sha256WithRSAEncryption
a1:a0:ca:6f:76:94:4f:88:fb:a3:59:9d:81:4a:e7:8e:e8:84:
ac:31:1c:4b:fb:ba:92:93:5e:a5:e1:e6:37:48:77:d5:99:1e:
1d:2b:32:31:e0:37:f9:93:46:c0:47:b5:ae:ee:b7:6b:14:fb:
c6:ca:d9:cf:ef:e8:ea:dd:7c:0b:ea:27:f4:19:57:44:11:14:
f1:34:ec:69:55:95:ec:bf:09:a1:81:e0:cb:bb:d1:3d:a0:e2:
0d:5d:5b:27:58:f4:9b:29:df:11:f3:86:12:82:4c:ed:8d:01:
58:31:ec:4c:11:12:ec:fc:49:3d:ff:3b:ba:a0:49:3d:2c:2a:
16:85:aa:af:0d:b7:6e:8d:de:fd:74:e0:72:e3:0a:18:48:90:
fb:97:62:4e:9b:a7:3c:a0:c5:81:a1:f1:76:4e:19:c3:ee:23:
08:dc:28:a0:14:a8:d7:1c:f4:c4:87:b2:99:39:3b:fe:4e:e2:
f6:c2:8c:24:84:89:d8:cb:5d:52:c9:33:aa:cd:17:31:d5:20:
c4:c8:fd:cf:e1:45:be:48:0d:d2:f5:26:fe:59:35:1c:79:e7:
85:9b:db:94:5b:c1:28:3a:02:ba:18:14:62:2f:e4:b4:06:56:
0e:a7:9c:34:df:69:9d:50:c1:de:65:82:b0:98:64:b3:31:75:
1e:f2:e3:4c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtZg/qw3B8dpPy0BMOX2SJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjMwMTAxMTI1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmVmZGM4MjQ0ZTUxZjRmNzA5ZWNhMGE4NWFkYmZmNThmNzhhNWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhO9kt0rtkiCtqxM6NsEyK9hHIl42
3a366cSreYIz+jrBkTnURt1FZzzhl7kbKmIadc/oJjQq4ZUIrosP3sdurd4xzHi1
TsRQkcLr3GpHdruoCHhSc74UakZE2TlxeBPxFbwDWlK7hzGA7xP/HaXTEeDPfXZB
Auh/tVwVaG0AfuP+vwvMe1nRsc9bNhh1ZgcI0MO/OQTJqdNPtI8i2b9MrNTem+FN
c6wKaGYgSVAQB3cKB20Y51VDK5iLUHRm2pxrSKWP0j5hgBAHx3XASKV6UAlwp8s2
mEmfusgUjJb5NnvtRg+bH+sAt3OIJo9u5tP2K5FpAxkCHp0fdBC4ooNP7QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAvv3IJE5R9PcJ7KCoWtv/WPeKW5MB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvQy1fY2drVGxIMDl3bnNvS2hhMl85WTk0cGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCVXPQAwQF
1ZFAMA0EAgACMAcDBQAgAUH4MA0GCSqGSIb3DQEBCwUAA4IBAQChoMpvdpRPiPuj
WZ2BSueO6ISsMRxL+7qSk16l4eY3SHfVmR4dKzIx4Df5k0bAR7Wu7rdrFPvGytnP
7+jq3XwL6if0GVdEERTxNOxpVZXsvwmhgeDLu9E9oOINXVsnWPSbKd8R84YSgkzt
jQFYMexMERLs/Ek9/zu6oEk9LCoWhaqvDbdujd79dOBy4woYSJD7l2JOm6c8oMWB
ofF2ThnD7iMI3CigFKjXHPTEh7KZOTv+TuL2wowkhInYy11SyTOqzRcx1SDEyP3P
4UW+SA3S9Sb+WTUceeeFm9uUW8EoOgK6GBRiL+S0BlYOp5w032mdUMHeZYKwmGSz
MXUe8uNM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:12 2024 by rpki-client on console-ams.rpki-client.org