Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/HJ-boi4MSr8b1XzQFbiEyInjrrw.roa
File: HJ-boi4MSr8b1XzQFbiEyInjrrw.roa (raw, json)
Hash identifier: rqH7HBZsL5v7Uc0V+ygHSq6IWvgBO926/M2fsuhC6JQ=
Subject key identifier: 1C:9F:9B:A2:2E:0C:4A:BF:1B:D5:7C:D0:15:B8:84:C8:89:E3:AE:BC
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0192D523F794673727D9D965430D8C28955C
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/HJ-boi4MSr8b1XzQFbiEyInjrrw.roa
Signing time: Mon 28 Oct 2024 21:59:17 +0000
ROA not before: Mon 28 Oct 2024 21:59:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.70.0/23 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.82.0/23 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.86.0/23 maxlen: 23
213.145.88.0/21 maxlen: 24
213.145.88.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Nov 2024 11:11:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d5:23:f7:94:67:37:27:d9:d9:65:43:0d:8c:28:95:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Oct 28 21:59:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c9f9ba22e0c4abf1bd57cd015b884c889e3aebc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:86:d9:60:e1:f7:ce:01:32:9b:d8:80:4b:2e:
f8:1e:af:7f:21:39:b5:20:18:47:50:5b:a1:f2:ae:
2e:68:93:3b:80:51:1e:fa:99:ce:11:29:96:24:69:
ef:32:fa:2e:5a:d2:e8:06:ae:60:44:cb:08:5b:bf:
fc:2f:3f:b6:b1:bd:e4:29:51:4d:a8:48:7c:17:76:
62:80:5b:59:85:c5:f2:03:e8:c9:f1:93:1f:9f:84:
88:92:68:70:b0:2f:d4:9e:ec:c0:ca:df:1b:d3:3f:
70:0e:29:bc:e1:e8:9f:0f:9c:c5:14:d2:d4:e7:06:
9b:e9:03:51:1f:69:31:a1:90:81:4e:89:91:62:bc:
79:22:8a:97:e3:a3:50:b9:ae:87:5b:29:93:ae:0b:
e6:06:c8:ca:22:0d:57:1c:36:04:9d:22:ba:d9:14:
c1:8a:ea:7f:be:6b:48:20:50:9b:4f:6c:1f:84:89:
0d:56:c1:e4:d8:79:ac:7e:2b:7c:95:7b:95:65:f9:
7d:f4:73:9c:3e:38:c3:c0:c9:8e:00:2a:c3:cc:fb:
f2:9b:3c:fb:46:4b:fc:fb:af:02:2e:71:fd:8f:ac:
c2:61:55:0e:84:85:17:01:c2:55:93:63:22:c1:a2:
0b:d6:82:28:82:8a:af:8f:65:19:dc:d9:85:18:c4:
1c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:9F:9B:A2:2E:0C:4A:BF:1B:D5:7C:D0:15:B8:84:C8:89:E3:AE:BC
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/HJ-boi4MSr8b1XzQFbiEyInjrrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.68.0-213.145.79.255
213.145.82.0-213.145.95.255
Signature Algorithm: sha256WithRSAEncryption
c5:08:29:e8:02:f1:da:4e:60:9a:14:e3:75:46:44:7e:4b:1b:
fc:64:6b:74:68:d7:ec:2f:26:4e:7e:cd:eb:ce:60:56:d1:9e:
03:b6:bd:eb:8c:99:16:10:9a:9e:af:1e:98:10:a0:e0:39:fb:
d1:20:4a:c1:18:22:f2:79:a8:da:d7:98:93:35:eb:82:ff:1a:
a5:f9:54:3e:ee:27:fa:62:47:8f:cd:ae:fe:78:d9:6d:78:4b:
ca:ca:6d:74:49:71:cf:7e:92:05:30:43:12:bc:bb:07:96:a1:
7a:26:43:77:a1:6c:44:1c:84:b6:b9:d4:55:a2:ec:07:7a:a8:
ee:2e:82:de:18:93:22:a6:3f:10:cd:12:06:5e:72:3b:3d:46:
b2:dc:8b:75:03:18:12:fd:44:34:b5:fa:ce:c4:83:cd:97:16:
c5:03:7c:fa:a2:75:36:14:af:9e:21:98:2a:cc:d2:4f:8b:29:
29:a9:0d:f0:27:dd:a6:fa:7d:c4:d4:24:39:37:4d:c9:2b:fc:
67:4e:28:33:15:a3:ae:6c:e3:c7:9f:31:4c:13:41:c7:ec:5c:
b0:7a:15:8e:b1:46:38:e0:78:e7:08:81:8a:b5:9e:8c:12:39:
39:75:24:58:1b:39:79:89:6d:df:57:d7:72:58:6b:a9:10:ee:
23:4b:fc:c1
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZLVI/eUZzcn2dllQw2MKJVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQxMDI4MjE1OTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzlmOWJhMjJlMGM0YWJmMWJkNTdjZDAxNWI4ODRjODg5ZTNhZWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4YbZYOH3zgEym9iASy74Hq9/ITm1
IBhHUFuh8q4uaJM7gFEe+pnOESmWJGnvMvouWtLoBq5gRMsIW7/8Lz+2sb3kKVFN
qEh8F3ZigFtZhcXyA+jJ8ZMfn4SIkmhwsC/UnuzAyt8b0z9wDim84eifD5zFFNLU
5wab6QNRH2kxoZCBTomRYrx5IoqX46NQua6HWymTrgvmBsjKIg1XHDYEnSK62RTB
iup/vmtIIFCbT2wfhIkNVsHk2Hmsfit8lXuVZfl99HOcPjjDwMmOACrDzPvymzz7
Rkv8+68CLnH9j6zCYVUOhIUXAcJVk2MiwaIL1oIogoqvj2UZ3NmFGMQcfwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFByfm6IuDEq/G9V80BW4hMiJ4668MB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvSEotYm9pNE1TcjhiMVh6UUZiaUV5SW5qcnJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQBVXPQMAwD
BALVkUQDBATVkUAwDAMEAdWRUgMEBdWRQDANBgkqhkiG9w0BAQsFAAOCAQEAxQgp
6ALx2k5gmhTjdUZEfksb/GRrdGjX7C8mTn7N685gVtGeA7a964yZFhCanq8emBCg
4Dn70SBKwRgi8nmo2teYkzXrgv8apflUPu4n+mJHj82u/njZbXhLysptdElxz36S
BTBDEry7B5aheiZDd6FsRByEtrnUVaLsB3qo7i6C3hiTIqY/EM0SBl5yOz1GstyL
dQMYEv1ENLX6zsSDzZcWxQN8+qJ1NhSvniGYKszST4spKakN8Cfdpvp9xNQkOTdN
ySv8Z04oMxWjrmzjx58xTBNBx+xcsHoVjrFGOOB45wiBirWejBI5OXUkWBs5eYlt
31fXclhrqRDuI0v8wQ==
-----END CERTIFICATE-----
Generated at Fri Nov 1 14:34:51 2024 by rpki-client on console-fra.rpki-client.org