Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/Go5BPxy23so885cpJsfIaHw8wHc.roa
File: Go5BPxy23so885cpJsfIaHw8wHc.roa (raw, json)
Hash identifier: 151HbaMDgmM0uKF3Mddy0D3nARzSQm8Z9IGxVtH708I=
Subject key identifier: 1A:8E:41:3F:1C:B6:DE:CA:3C:F3:97:29:26:C7:C8:68:7C:3C:C0:77
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0188BBCA3CC04FDB3538F3E87B21C7FB1390
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/Go5BPxy23so885cpJsfIaHw8wHc.roa
Signing time: Wed 14 Jun 2023 21:22:53 +0000
ROA not before: Wed 14 Jun 2023 21:22:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
85.115.210.0/23 maxlen: 24
213.145.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Jul 2023 09:12:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:bb:ca:3c:c0:4f:db:35:38:f3:e8:7b:21:c7:fb:13:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jun 14 21:22:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a8e413f1cb6deca3cf3972926c7c8687c3cc077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c0:67:f8:87:70:fe:6d:da:d6:f6:f4:5a:78:
a2:96:a3:fd:45:64:0c:1b:39:bd:f8:cb:6f:80:49:
47:19:f0:ed:00:26:da:23:5c:78:be:a4:d7:52:95:
af:65:20:cb:19:87:89:81:88:e4:9a:6a:16:d6:d1:
4f:d2:be:0d:e1:99:58:be:c0:89:e5:78:25:a8:ce:
fa:48:36:b0:25:10:fc:f0:e4:c2:da:7b:4e:b0:ea:
89:c9:e5:0f:ae:3c:d2:2a:0b:33:76:c3:95:01:0a:
12:ac:37:a9:ec:3e:3e:c9:ce:7c:71:77:5f:5f:14:
c2:ef:dd:ad:f9:91:02:44:09:88:ff:4b:a1:a2:2a:
fe:7a:6d:1d:32:9e:ca:86:57:19:16:82:6a:b4:68:
28:cd:11:1f:84:79:8f:b4:80:b5:e6:4c:6b:c2:91:
d9:aa:f0:22:f7:54:cb:f2:cf:0f:95:61:bb:a7:f2:
8e:6d:1c:4c:c4:07:98:1f:f4:54:03:0e:07:c9:ba:
99:e4:a5:e2:2f:c0:0a:93:71:11:c0:0b:8a:75:12:
06:36:ca:43:4b:a9:6e:62:f1:dc:fc:22:01:bd:8b:
3c:9c:8a:6c:9c:b6:0f:b7:cb:71:e5:d8:f9:b4:65:
81:dd:e4:a7:71:aa:a8:66:c4:9e:44:ce:81:cf:51:
a6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:8E:41:3F:1C:B6:DE:CA:3C:F3:97:29:26:C7:C8:68:7C:3C:C0:77
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/Go5BPxy23so885cpJsfIaHw8wHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/22
213.145.88.0/21
Signature Algorithm: sha256WithRSAEncryption
8c:25:5e:f2:cd:5e:f4:86:1c:e0:45:c7:48:51:e2:26:a3:01:
7d:0e:17:64:af:01:f4:6d:c1:01:68:00:52:7c:ac:3f:b3:ae:
a9:60:0a:a3:0b:6f:e1:35:eb:7d:79:7d:cf:08:43:a1:8c:c5:
ed:07:1d:5b:0f:87:cb:af:85:88:49:e0:60:ec:ee:bf:cd:bc:
91:4e:18:4e:c6:d1:9a:fd:2d:32:e6:f7:fa:36:39:6f:f2:09:
9b:be:8f:61:f6:ee:03:53:62:f3:10:ab:87:a4:ad:9e:d0:fd:
e8:46:ed:db:83:f4:8c:96:2d:e3:4e:01:46:bb:85:e9:60:31:
fc:a6:3a:c5:e9:f9:c2:0b:24:96:f5:ad:89:6c:7b:eb:d3:47:
7f:df:aa:aa:5e:29:3e:3a:f3:4f:4a:87:88:26:25:d0:6b:6d:
dc:c5:11:7d:3f:74:ea:44:99:32:07:7b:4d:96:cc:a0:ee:54:
79:74:fc:94:55:bb:5d:96:c1:3e:8c:33:20:83:4c:06:b1:06:
ae:7c:35:23:e7:aa:b6:e0:eb:53:8b:cb:59:dd:bb:85:cc:f8:
ca:6f:b9:4f:73:bc:b6:ec:d4:95:52:8d:12:88:d2:68:ab:4c:
7f:00:8d:17:e7:25:54:5b:d4:8d:ec:54:89:d6:8b:a3:9f:f3:
f2:03:9f:bd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYi7yjzAT9s1OPPoeyHH+xOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjMwNjE0MjEyMjUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYThlNDEzZjFjYjZkZWNhM2NmMzk3MjkyNmM3Yzg2ODdjM2NjMDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcBn+Idw/m3a1vb0WniilqP9RWQM
Gzm9+MtvgElHGfDtACbaI1x4vqTXUpWvZSDLGYeJgYjkmmoW1tFP0r4N4ZlYvsCJ
5XglqM76SDawJRD88OTC2ntOsOqJyeUPrjzSKgszdsOVAQoSrDep7D4+yc58cXdf
XxTC792t+ZECRAmI/0uhoir+em0dMp7KhlcZFoJqtGgozREfhHmPtIC15kxrwpHZ
qvAi91TL8s8PlWG7p/KObRxMxAeYH/RUAw4HybqZ5KXiL8AKk3ERwAuKdRIGNspD
S6luYvHc/CIBvYs8nIpsnLYPt8tx5dj5tGWB3eSncaqoZsSeRM6Bz1Gm0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBqOQT8ctt7KPPOXKSbHyGh8PMB3MB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvR281QlB4eTIzc284ODVjcEpzZklhSHc4d0hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVXPQAwQD
1ZFYMA0GCSqGSIb3DQEBCwUAA4IBAQCMJV7yzV70hhzgRcdIUeImowF9DhdkrwH0
bcEBaABSfKw/s66pYAqjC2/hNet9eX3PCEOhjMXtBx1bD4fLr4WISeBg7O6/zbyR
ThhOxtGa/S0y5vf6Njlv8gmbvo9h9u4DU2LzEKuHpK2e0P3oRu3bg/SMli3jTgFG
u4XpYDH8pjrF6fnCCySW9a2JbHvr00d/36qqXik+OvNPSoeIJiXQa23cxRF9P3Tq
RJkyB3tNlsyg7lR5dPyUVbtdlsE+jDMgg0wGsQaufDUj56q24OtTi8tZ3buFzPjK
b7lPc7y27NSVUo0SiNJoq0x/AI0X5yVUW9SN7FSJ1oujn/PyA5+9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:12 2024 by rpki-client on console-ams.rpki-client.org