Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/Kek_oyR8O870usMqSqn8z0DraHU.roa
File: Kek_oyR8O870usMqSqn8z0DraHU.roa (raw, json)
Hash identifier: gcNgY7NO7AOB0QvUagfB2Iuymc0buRoeeEswTIg9KTk=
Subject key identifier: 29:E9:3F:A3:24:7C:3B:CE:F4:BA:C3:2A:4A:A9:FC:CF:40:EB:68:75
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 01932984CFAE45B08A79B65E8D4CCC127701
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/Kek_oyR8O870usMqSqn8z0DraHU.roa
Signing time: Thu 14 Nov 2024 07:13:09 +0000
ROA not before: Thu 14 Nov 2024 07:13:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
85.115.208.0/24 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.70.0/23 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.82.0/23 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.86.0/23 maxlen: 23
213.145.88.0/21 maxlen: 24
213.145.88.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Nov 2024 06:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:29:84:cf:ae:45:b0:8a:79:b6:5e:8d:4c:cc:12:77:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Nov 14 07:13:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29e93fa3247c3bcef4bac32a4aa9fccf40eb6875
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:98:4b:41:14:a4:2f:a4:4d:fb:e3:8b:c6:59:
0e:2e:a0:78:f1:f4:99:1a:58:90:4b:43:4e:d5:c9:
8e:e8:58:7e:62:ef:6c:fe:ce:c2:59:73:27:1c:24:
3e:16:0e:ed:2b:e1:20:0f:b5:7f:d2:4e:96:2e:37:
c8:dd:ea:18:a3:bf:fe:85:db:6d:17:13:a1:88:ae:
ad:0b:ab:4f:89:5c:ca:2b:0a:e2:f7:59:54:a8:0f:
ae:f2:a6:d9:30:5b:f4:1e:7a:5a:9e:ca:99:46:ec:
8c:fa:15:2c:62:e6:15:b1:26:cb:c5:97:91:7f:35:
ce:2f:f3:85:bb:09:15:1e:53:13:17:e4:0b:21:e8:
53:49:63:b5:e3:02:41:48:87:44:89:ad:ac:57:70:
d5:3e:e9:84:7e:b8:46:43:93:0c:8d:ce:62:01:9f:
52:60:c3:bb:ba:88:d3:a5:bd:38:34:ae:95:ba:28:
8a:bf:f9:c3:a4:1b:12:9d:da:18:9b:4f:08:8b:c3:
03:cc:7b:6d:5b:88:f7:e4:ba:77:75:e7:d8:fe:4b:
16:3c:98:5f:d1:59:1b:7f:b6:b9:ef:ba:19:c9:c9:
35:d2:98:b8:bb:c8:94:6e:ff:ad:5d:2b:50:27:00:
02:16:28:8f:3e:cf:2c:a2:ac:6d:49:a3:f5:e6:64:
e8:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E9:3F:A3:24:7C:3B:CE:F4:BA:C3:2A:4A:A9:FC:CF:40:EB:68:75
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/Kek_oyR8O870usMqSqn8z0DraHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.68.0-213.145.79.255
213.145.82.0-213.145.95.255
Signature Algorithm: sha256WithRSAEncryption
d3:02:b8:b7:cd:9c:d0:ed:4f:f8:d1:71:8c:37:e9:f0:5d:68:
11:72:4f:a0:70:72:62:5d:94:05:c6:b3:7a:ee:28:3a:a9:a0:
00:b4:5e:69:8a:39:6a:76:78:a7:7f:d7:b7:a1:4e:15:ef:7d:
70:ad:42:10:a1:8a:b5:cb:85:66:b6:02:7e:bc:45:6f:00:3f:
a6:ef:09:75:05:78:66:87:62:19:72:d0:eb:7e:a1:23:64:8e:
21:a4:0f:56:da:24:8f:2e:db:d3:26:77:2c:5a:da:dd:32:56:
e7:5e:52:17:d1:e1:aa:53:67:c3:05:9b:7e:4b:89:7d:8a:f8:
4a:41:3f:86:1d:a0:7f:16:fd:eb:cc:48:da:b8:ca:32:ab:f1:
9b:68:5a:fb:ca:6d:b0:1c:dd:24:23:5e:37:f1:4b:a8:c7:09:
d2:a9:80:3e:e6:08:32:49:d6:f9:c5:13:c0:6f:8a:c7:02:2e:
3a:0f:d4:3a:1f:5c:10:ee:84:e1:a6:28:0e:bf:d2:a7:74:25:
9e:9b:d5:7a:97:88:5a:04:b0:a0:08:92:72:db:6d:09:44:44:
a2:ec:14:cf:5b:bd:c7:9c:23:6b:c5:cb:70:ce:41:df:a1:25:
a0:5c:0d:11:c2:07:c3:bb:dc:69:95:2a:91:f0:91:f2:1b:47:
3d:70:72:e4
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZMphM+uRbCKebZejUzMEncBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQxMTE0MDcxMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWU5M2ZhMzI0N2MzYmNlZjRiYWMzMmE0YWE5ZmNjZjQwZWI2ODc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5hLQRSkL6RN++OLxlkOLqB48fSZ
GliQS0NO1cmO6Fh+Yu9s/s7CWXMnHCQ+Fg7tK+EgD7V/0k6WLjfI3eoYo7/+hdtt
FxOhiK6tC6tPiVzKKwri91lUqA+u8qbZMFv0HnpansqZRuyM+hUsYuYVsSbLxZeR
fzXOL/OFuwkVHlMTF+QLIehTSWO14wJBSIdEia2sV3DVPumEfrhGQ5MMjc5iAZ9S
YMO7uojTpb04NK6VuiiKv/nDpBsSndoYm08Ii8MDzHttW4j35Lp3defY/ksWPJhf
0Vkbf7a577oZyck10pi4u8iUbv+tXStQJwACFiiPPs8soqxtSaP15mTofwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCnpP6MkfDvO9LrDKkqp/M9A62h1MB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvS2VrX295UjhPODcwdXNNcVNxbjh6MERyYUhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQBVXPQMAwD
BALVkUQDBATVkUAwDAMEAdWRUgMEBdWRQDANBgkqhkiG9w0BAQsFAAOCAQEA0wK4
t82c0O1P+NFxjDfp8F1oEXJPoHByYl2UBcazeu4oOqmgALReaYo5anZ4p3/Xt6FO
Fe99cK1CEKGKtcuFZrYCfrxFbwA/pu8JdQV4ZodiGXLQ636hI2SOIaQPVtokjy7b
0yZ3LFra3TJW515SF9HhqlNnwwWbfkuJfYr4SkE/hh2gfxb968xI2rjKMqvxm2ha
+8ptsBzdJCNeN/FLqMcJ0qmAPuYIMknW+cUTwG+KxwIuOg/UOh9cEO6E4aYoDr/S
p3QlnpvVepeIWgSwoAiSctttCUREouwUz1u9x5wja8XLcM5B36EloFwNEcIHw7vc
aZUqkfCR8htHPXBy5A==
Generated at Fri Nov 15 08:20:12 2024 by rpki-client on console-fra.rpki-client.org