Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/HSxF6dbfaiEqU_owtzVQZjIGX20.roa
File: HSxF6dbfaiEqU_owtzVQZjIGX20.roa (raw, json)
Hash identifier: NNywDxsg+AHWgCza4pB9L/O/gtMZpYA3BRKRa9iXxyU=
Subject key identifier: 1D:2C:45:E9:D6:DF:6A:21:2A:53:FA:30:B7:35:50:66:32:06:5F:6D
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 018AC5CB1C55A7221E27F4CF93B89376ECF0
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/HSxF6dbfaiEqU_owtzVQZjIGX20.roa
Signing time: Sun 24 Sep 2023 06:05:37 +0000
ROA not before: Sun 24 Sep 2023 06:05:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
213.145.88.0/21 maxlen: 24
213.145.88.0/24 maxlen: 24
213.145.95.0/24 maxlen: 24
213.145.92.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Sep 2023 13:10:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c5:cb:1c:55:a7:22:1e:27:f4:cf:93:b8:93:76:ec:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Sep 24 06:05:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d2c45e9d6df6a212a53fa30b735506632065f6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:87:c7:87:8b:fb:40:ea:60:7c:f9:63:67:1e:
a1:d0:e1:e8:f1:fd:00:9f:c9:e3:6b:01:0e:c4:09:
4e:d6:38:eb:32:15:61:7a:a7:8e:e2:dd:b4:af:ba:
c5:24:d8:2e:d5:23:1a:08:e4:f0:b5:58:05:34:82:
ea:a0:46:2f:87:aa:f3:94:a7:3b:7d:7e:ef:e9:ac:
ce:fc:cd:ea:b1:fe:8e:06:05:34:5c:04:a5:46:1b:
8a:ab:70:00:51:81:3f:9f:26:66:28:4e:06:39:c3:
ce:d2:25:e6:08:35:27:2d:47:18:c3:b6:a2:2d:ce:
1f:d3:9b:ce:84:b8:cc:bb:53:fb:da:54:7f:d1:0e:
75:83:c8:cb:be:36:21:76:40:df:fa:29:5a:4e:63:
8d:05:c2:a1:64:7f:9b:d2:34:ad:98:f7:d7:8c:0b:
4f:5b:88:e2:cd:b6:89:4d:b3:e7:6d:c0:fe:26:f2:
f9:84:d0:de:4a:b8:47:69:64:3f:88:d2:f6:1b:ec:
82:79:74:6a:af:a7:0d:7a:44:14:e3:1d:56:54:ea:
50:49:e7:b8:46:4c:03:1c:fe:fe:08:19:3e:e7:7c:
41:99:a7:9b:81:1b:25:b7:62:f5:31:21:7f:76:9e:
31:b4:81:8b:be:22:e7:76:75:62:07:3b:e0:3e:0c:
5d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:2C:45:E9:D6:DF:6A:21:2A:53:FA:30:B7:35:50:66:32:06:5F:6D
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/HSxF6dbfaiEqU_owtzVQZjIGX20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.88.0/21
Signature Algorithm: sha256WithRSAEncryption
9e:25:f0:09:c2:df:46:a7:9f:a5:68:5c:91:d2:92:18:14:96:
9e:0f:fb:61:cf:67:97:f1:76:12:b5:5c:c0:2a:a2:4d:f9:8a:
34:39:ae:b3:e7:0c:ff:a9:f9:97:b0:ad:96:d1:26:a7:b0:60:
8b:c9:da:f7:4e:8b:d4:32:db:f8:06:f3:4b:c2:94:9c:85:e4:
87:d5:13:0a:bd:6c:83:ee:c5:dd:7c:44:88:5e:bc:a4:c1:2e:
f6:b8:5f:70:be:2f:c6:67:5e:c9:36:fb:1f:9b:a3:21:7f:c5:
08:47:30:73:7d:5c:8b:43:4d:80:b5:4c:a0:28:b1:45:9e:a4:
c3:9a:20:b1:2f:3a:0e:3c:02:f1:95:2c:70:e0:0f:93:71:ba:
82:8f:6e:4f:27:30:7c:c4:f6:de:1b:a7:04:7e:dc:1a:4e:7a:
d7:a7:03:79:16:d3:00:6f:25:6b:7a:41:46:89:14:b7:98:a0:
ba:62:dd:ba:3f:f2:e0:98:05:17:91:d8:75:73:87:b3:00:04:
99:0e:de:ed:c5:00:a6:ca:7b:16:fe:08:e0:54:84:45:b5:0d:
96:27:ab:36:b8:6c:99:e9:23:54:2a:34:db:c6:73:cb:a2:7e:
e0:5a:85:4d:9c:85:2e:cd:04:27:30:1a:0d:f8:d7:0b:49:da:
aa:36:6e:7e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrFyxxVpyIeJ/TPk7iTduzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjMwOTI0MDYwNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDJjNDVlOWQ2ZGY2YTIxMmE1M2ZhMzBiNzM1NTA2NjMyMDY1ZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYfHh4v7QOpgfPljZx6h0OHo8f0A
n8njawEOxAlO1jjrMhVheqeO4t20r7rFJNgu1SMaCOTwtVgFNILqoEYvh6rzlKc7
fX7v6azO/M3qsf6OBgU0XASlRhuKq3AAUYE/nyZmKE4GOcPO0iXmCDUnLUcYw7ai
Lc4f05vOhLjMu1P72lR/0Q51g8jLvjYhdkDf+ilaTmONBcKhZH+b0jStmPfXjAtP
W4jizbaJTbPnbcD+JvL5hNDeSrhHaWQ/iNL2G+yCeXRqr6cNekQU4x1WVOpQSee4
RkwDHP7+CBk+53xBmaebgRslt2L1MSF/dp4xtIGLviLndnViBzvgPgxdXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB0sRenW32ohKlP6MLc1UGYyBl9tMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvSFN4RjZkYmZhaUVxVV9vd3R6VlFaaklHWDIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVXPQAwQD
1ZFYMA0GCSqGSIb3DQEBCwUAA4IBAQCeJfAJwt9Gp5+laFyR0pIYFJaeD/thz2eX
8XYStVzAKqJN+Yo0Oa6z5wz/qfmXsK2W0SansGCLydr3TovUMtv4BvNLwpScheSH
1RMKvWyD7sXdfESIXrykwS72uF9wvi/GZ17JNvsfm6Mhf8UIRzBzfVyLQ02AtUyg
KLFFnqTDmiCxLzoOPALxlSxw4A+TcbqCj25PJzB8xPbeG6cEftwaTnrXpwN5FtMA
byVrekFGiRS3mKC6Yt26P/LgmAUXkdh1c4ezAASZDt7txQCmynsW/gjgVIRFtQ2W
J6s2uGyZ6SNUKjTbxnPLon7gWoVNnIUuzQQnMBoN+NcLSdqqNm5+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:12 2024 by rpki-client on console-ams.rpki-client.org