Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/R7hL93dhpTjAkA73Sb_62YboEoQ.roa
File: R7hL93dhpTjAkA73Sb_62YboEoQ.roa (raw, json)
Hash identifier: 3NgH2JHxmmClVrFJbWf88B1o3cBkZ5a2AShuSgiKvzI=
Subject key identifier: 47:B8:4B:F7:77:61:A5:38:C0:90:0E:F7:49:BF:FA:D9:86:E8:12:84
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0191BBA9A401FD0EE75FEA7A25EBD758F554
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/R7hL93dhpTjAkA73Sb_62YboEoQ.roa
Signing time: Wed 04 Sep 2024 06:12:22 +0000
ROA not before: Wed 04 Sep 2024 06:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.70.0/23 maxlen: 23
213.145.70.0/24 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.82.0/23 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.86.0/23 maxlen: 23
213.145.86.0/24 maxlen: 24
213.145.88.0/21 maxlen: 24
213.145.88.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Sep 2024 05:56:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bb:a9:a4:01:fd:0e:e7:5f:ea:7a:25:eb:d7:58:f5:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Sep 4 06:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47b84bf77761a538c0900ef749bffad986e81284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f4:59:ca:5d:fd:31:4e:d3:77:b4:38:26:7b:
78:89:73:c8:f2:88:cc:ab:b8:93:c9:47:96:15:9e:
fa:9b:2e:06:4f:ed:4f:c3:b4:85:4b:be:01:fb:6e:
76:e3:24:69:e1:a3:4e:57:6f:91:7c:67:e9:a7:8d:
bf:35:d6:6f:2b:17:65:68:75:d4:24:cb:2d:65:f0:
e1:58:00:e8:1b:bf:28:44:b1:4d:9a:1a:d5:76:74:
18:6b:df:6a:a1:00:a2:21:0c:50:fb:28:d8:5b:d7:
14:d7:25:54:f7:2d:4c:5f:8a:cf:42:5a:6b:64:c1:
29:42:ef:d1:2c:df:da:40:59:63:26:85:3f:09:39:
2d:d3:11:9e:ef:8d:a4:1f:e6:53:45:7a:81:ba:f8:
e2:6e:91:04:cb:4f:88:cc:84:1a:b1:ef:ea:26:7c:
a6:a3:db:08:58:32:a5:7a:b3:b5:01:52:d3:48:76:
3f:d7:c6:68:1d:2f:e3:ea:1f:f7:89:c7:33:3a:d0:
1b:c6:76:bd:6b:15:b9:d3:7a:a2:c0:5c:c2:8d:fb:
4e:ac:d3:ba:1d:98:2e:35:0c:8e:22:49:ed:d6:65:
01:32:a2:34:7f:b2:53:84:8e:6c:bc:74:62:fd:c5:
bf:f2:bc:b4:32:8a:ae:93:6c:f9:a3:e7:fb:c5:78:
6e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:B8:4B:F7:77:61:A5:38:C0:90:0E:F7:49:BF:FA:D9:86:E8:12:84
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/R7hL93dhpTjAkA73Sb_62YboEoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.68.0-213.145.79.255
213.145.82.0-213.145.95.255
Signature Algorithm: sha256WithRSAEncryption
89:17:cd:90:eb:fc:8f:60:f9:06:cc:e2:41:4d:4e:bb:12:8b:
35:7d:b7:95:4a:af:e5:e4:e0:95:29:fc:f6:07:13:be:8e:c0:
03:18:95:6b:95:ab:44:c9:f5:f3:44:0c:af:b3:9b:40:01:66:
8b:cb:ca:c3:de:29:09:51:b4:91:f0:b1:40:bc:db:08:da:e1:
3f:3d:e0:a9:a3:e1:13:cc:43:60:53:38:69:08:48:fc:06:33:
50:9b:75:c1:b5:35:a1:0e:38:14:63:d1:e7:9d:01:be:34:73:
20:d2:1d:0b:44:99:4d:31:f5:ab:0e:42:d5:1c:3b:7f:05:19:
f7:db:02:ee:22:9f:78:5b:d5:65:2f:85:7b:6e:1c:11:67:19:
66:5d:45:d2:96:b7:47:75:94:7d:95:6d:45:d7:38:e3:17:d9:
55:40:94:f8:81:13:f0:cd:e8:86:41:d0:36:2d:b1:14:19:c4:
84:1f:65:fd:e2:a8:43:a0:ac:c4:fc:20:38:62:ac:9f:7e:9c:
17:16:6b:88:56:26:f1:5a:e7:5b:6e:77:9e:5c:4b:ea:05:37:
69:d5:ff:8f:f0:b8:d4:f0:02:06:78:eb:83:3f:e7:31:88:25:
a0:75:bf:75:d8:6e:36:ff:e7:b2:c8:e5:cd:28:a6:cd:b2:56:
4a:b0:89:d4
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZG7qaQB/Q7nX+p6JevXWPVUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwOTA0MDYxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2I4NGJmNzc3NjFhNTM4YzA5MDBlZjc0OWJmZmFkOTg2ZTgxMjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfRZyl39MU7Td7Q4Jnt4iXPI8ojM
q7iTyUeWFZ76my4GT+1Pw7SFS74B+2524yRp4aNOV2+RfGfpp42/NdZvKxdlaHXU
JMstZfDhWADoG78oRLFNmhrVdnQYa99qoQCiIQxQ+yjYW9cU1yVU9y1MX4rPQlpr
ZMEpQu/RLN/aQFljJoU/CTkt0xGe742kH+ZTRXqBuvjibpEEy0+IzIQase/qJnym
o9sIWDKlerO1AVLTSHY/18ZoHS/j6h/3icczOtAbxna9axW503qiwFzCjftOrNO6
HZguNQyOIknt1mUBMqI0f7JThI5svHRi/cW/8ry0Moquk2z5o+f7xXhuOQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFEe4S/d3YaU4wJAO90m/+tmG6BKEMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvUjdoTDkzZGhwVGpBa0E3M1NiXzYyWWJvRW9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQBVXPQMAwD
BALVkUQDBATVkUAwDAMEAdWRUgMEBdWRQDANBgkqhkiG9w0BAQsFAAOCAQEAiRfN
kOv8j2D5BsziQU1OuxKLNX23lUqv5eTglSn89gcTvo7AAxiVa5WrRMn180QMr7Ob
QAFmi8vKw94pCVG0kfCxQLzbCNrhPz3gqaPhE8xDYFM4aQhI/AYzUJt1wbU1oQ44
FGPR550BvjRzINIdC0SZTTH1qw5C1Rw7fwUZ99sC7iKfeFvVZS+Fe24cEWcZZl1F
0pa3R3WUfZVtRdc44xfZVUCU+IET8M3ohkHQNi2xFBnEhB9l/eKoQ6CsxPwgOGKs
n36cFxZriFYm8VrnW253nlxL6gU3adX/j/C41PACBnjrgz/nMYgloHW/ddhuNv/n
ssjlzSimzbJWSrCJ1A==
-----END CERTIFICATE-----
Generated at Thu Sep 5 07:58:47 2024 by rpki-client on console-fra.rpki-client.org