Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/M_SsfOVd9YmbtDSbLEQQzJtqxqI.roa
File: M_SsfOVd9YmbtDSbLEQQzJtqxqI.roa (raw, json)
Hash identifier: aS42ZiphVoi9LKK4ruE0g6QEXCvrc9xPN5YTH1sp3gk=
Subject key identifier: 33:F4:AC:7C:E5:5D:F5:89:9B:B4:34:9B:2C:44:10:CC:9B:6A:C6:A2
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 018A6724032B223C64BED8293E50EB6A268B
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/M_SsfOVd9YmbtDSbLEQQzJtqxqI.roa
Signing time: Tue 05 Sep 2023 20:58:47 +0000
ROA not before: Tue 05 Sep 2023 20:58:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 85.115.211.0/24 maxlen: 24
85.115.208.0/23 maxlen: 24
85.115.210.0/24 maxlen: 24
85.115.210.0/23 maxlen: 24
213.145.88.0/21 maxlen: 24
213.145.88.0/24 maxlen: 24
213.145.95.0/24 maxlen: 24
213.145.92.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 Sep 2023 06:05:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:67:24:03:2b:22:3c:64:be:d8:29:3e:50:eb:6a:26:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Sep 5 20:58:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33f4ac7ce55df5899bb4349b2c4410cc9b6ac6a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:1a:bb:08:36:82:e7:ff:15:b9:0a:c6:ab:e2:
a1:1c:19:df:7a:23:48:df:f6:f6:83:c8:c5:74:ee:
f8:77:df:28:04:e9:68:dc:6d:16:50:e8:fc:5f:2f:
8e:ab:f3:53:7d:f1:88:1b:32:31:79:ee:52:67:d5:
2e:60:ed:91:dc:d5:fd:b9:23:38:8d:39:9c:2b:4b:
5d:fc:97:30:0a:09:de:9d:26:80:8b:0d:36:ee:26:
4f:03:28:da:25:25:bd:3f:1d:9a:fb:18:d7:ed:34:
ba:a2:d3:a3:c1:d5:71:cc:23:f7:0c:49:bf:b9:a1:
e4:ca:7e:4e:14:ab:32:d1:fe:e4:23:00:fe:df:96:
22:7a:eb:72:2e:bb:8c:e5:03:3a:ff:e0:b2:c8:97:
1a:8d:82:f6:b7:b5:3c:d9:91:19:17:b6:f7:e4:70:
32:78:ba:39:55:4f:f4:25:14:47:1b:07:84:58:57:
4f:97:d3:17:58:f0:7a:d6:b2:17:ad:8f:a3:cb:4e:
62:62:16:de:62:d9:55:80:ea:dd:65:db:04:86:3a:
ad:ae:43:e3:d5:7b:91:17:ee:6b:2c:bc:8c:fe:1b:
e5:bf:d2:04:d4:96:e2:75:e7:e3:4e:87:98:c2:69:
5f:e2:2c:24:b2:da:c5:07:57:ea:b9:ba:52:bd:2a:
39:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:F4:AC:7C:E5:5D:F5:89:9B:B4:34:9B:2C:44:10:CC:9B:6A:C6:A2
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/M_SsfOVd9YmbtDSbLEQQzJtqxqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/22
213.145.88.0/21
Signature Algorithm: sha256WithRSAEncryption
ee:82:5d:8e:d1:64:51:08:14:90:e2:86:e2:65:12:5e:ab:10:
65:48:08:f0:d9:9c:bf:fe:81:da:65:19:30:ab:f3:93:21:6c:
cd:fe:19:c5:3c:c9:21:8b:0a:37:b7:02:fb:70:17:16:52:97:
7e:ac:38:d6:8e:60:47:6f:19:8c:cb:b4:63:43:6e:bc:7a:12:
eb:30:77:22:f7:55:1e:6b:4e:7c:78:eb:27:fb:40:c9:78:07:
b8:a3:b0:72:45:c4:48:f9:d0:0c:e9:b1:0a:39:6e:40:5e:19:
55:bf:a6:97:7c:be:b2:7e:9c:3a:b5:70:4b:73:4e:39:de:de:
62:fe:3f:06:aa:93:45:15:9b:f5:0a:68:ff:c4:fb:b5:d8:29:
ac:40:18:c5:8c:27:e9:cd:f1:a3:b8:ef:97:b3:3b:33:6a:7c:
a0:09:50:e7:36:9b:76:d3:f7:60:11:8e:e4:45:3d:8a:e0:24:
bb:26:7f:82:e7:fe:47:ad:6a:c0:b7:89:7b:25:9a:e2:93:f7:
58:f7:f6:11:7b:70:82:9f:c3:d4:11:9c:31:9d:69:27:55:9c:
fe:65:0a:27:41:6a:3f:fe:90:bb:f9:c6:e5:18:56:47:ec:83:
48:25:6f:98:35:e7:4b:87:5d:5a:40:0a:f1:98:4f:23:b5:90:
e2:b9:7e:76
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpnJAMrIjxkvtgpPlDraiaLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjMwOTA1MjA1ODQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2Y0YWM3Y2U1NWRmNTg5OWJiNDM0OWIyYzQ0MTBjYzliNmFjNmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Bq7CDaC5/8VuQrGq+KhHBnfeiNI
3/b2g8jFdO74d98oBOlo3G0WUOj8Xy+Oq/NTffGIGzIxee5SZ9UuYO2R3NX9uSM4
jTmcK0td/JcwCgnenSaAiw027iZPAyjaJSW9Px2a+xjX7TS6otOjwdVxzCP3DEm/
uaHkyn5OFKsy0f7kIwD+35YieutyLruM5QM6/+CyyJcajYL2t7U82ZEZF7b35HAy
eLo5VU/0JRRHGweEWFdPl9MXWPB61rIXrY+jy05iYhbeYtlVgOrdZdsEhjqtrkPj
1XuRF+5rLLyM/hvlv9IE1JbidefjToeYwmlf4iwkstrFB1fqubpSvSo5JwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDP0rHzlXfWJm7Q0myxEEMybasaiMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvTV9Tc2ZPVmQ5WW1idERTYkxFUVF6SnRxeHFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVXPQAwQD
1ZFYMA0GCSqGSIb3DQEBCwUAA4IBAQDugl2O0WRRCBSQ4obiZRJeqxBlSAjw2Zy/
/oHaZRkwq/OTIWzN/hnFPMkhiwo3twL7cBcWUpd+rDjWjmBHbxmMy7RjQ268ehLr
MHci91Uea058eOsn+0DJeAe4o7ByRcRI+dAM6bEKOW5AXhlVv6aXfL6yfpw6tXBL
c0453t5i/j8GqpNFFZv1Cmj/xPu12CmsQBjFjCfpzfGjuO+XszszanygCVDnNpt2
0/dgEY7kRT2K4CS7Jn+C5/5HrWrAt4l7JZrik/dY9/YRe3CCn8PUEZwxnWknVZz+
ZQonQWo//pC7+cblGFZH7INIJW+YNedLh11aQArxmE8jtZDiuX52
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:06 2024 by rpki-client on console-fra.rpki-client.org