Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/SSef_kh31ZGWhvNbcoqLqlGIUvE.roa
File: SSef_kh31ZGWhvNbcoqLqlGIUvE.roa (raw, json)
Hash identifier: QSGzMtf4yPwN1rUcj2tXdKl3Khnq6CHj82wk463K23E=
Subject key identifier: 49:27:9F:FE:48:77:D5:91:96:86:F3:5B:72:8A:8B:AA:51:88:52:F1
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 018CC56DF357D1D99C052E3F4763FC07C3BF
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/SSef_kh31ZGWhvNbcoqLqlGIUvE.roa
Signing time: Mon 01 Jan 2024 14:29:26 +0000
ROA not before: Mon 01 Jan 2024 14:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 213.145.72.0/21 maxlen: 24
85.115.208.0/23 maxlen: 24
213.145.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 07:06:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f3:57:d1:d9:9c:05:2e:3f:47:63:fc:07:c3:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jan 1 14:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49279ffe4877d5919686f35b728a8baa518852f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ec:f8:31:c8:63:c0:0d:6d:f2:81:1f:9a:d2:
b8:06:37:af:0b:ae:0e:b2:a8:31:c3:6f:41:7f:35:
6c:44:84:08:ab:83:1a:16:5a:ac:1d:76:47:34:f1:
1e:a2:77:da:3f:d3:59:89:0c:2e:24:9a:6f:89:2c:
e7:8f:03:96:c2:fa:8d:6d:e9:46:84:5e:48:2d:ac:
9f:99:a7:99:92:4d:08:4c:02:f1:c5:34:ba:b8:de:
c3:51:c6:df:c3:4e:d0:9a:95:ae:7b:84:71:e1:ee:
f4:9c:b2:04:5b:05:85:4e:13:b8:12:b2:24:52:28:
23:b3:2a:09:4b:bb:fd:86:ed:e4:15:8d:fd:12:0d:
f2:9a:ed:16:a7:c2:5f:29:bd:45:77:52:fa:2f:95:
24:7f:3a:e1:07:fa:fc:08:6e:08:78:f1:71:b5:77:
53:69:24:40:1e:f9:92:e9:8c:d1:5e:4b:af:7d:83:
ed:8d:49:a0:c7:f2:09:82:67:49:56:67:2f:d4:fb:
0a:3f:3c:7b:1e:74:f4:84:b8:66:76:fc:c2:38:46:
58:da:5e:ee:4f:89:78:7a:ef:8b:18:4c:92:ec:bf:
cd:71:6e:fd:da:f8:c9:2a:5f:d7:52:6c:47:e7:d7:
e5:69:c6:59:aa:3a:32:b6:4d:13:f3:9c:4a:ef:1e:
6d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:27:9F:FE:48:77:D5:91:96:86:F3:5B:72:8A:8B:AA:51:88:52:F1
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/SSef_kh31ZGWhvNbcoqLqlGIUvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.72.0/21
213.145.88.0/21
Signature Algorithm: sha256WithRSAEncryption
9c:21:66:d4:db:8c:f5:f7:38:74:c4:b4:4f:4a:c7:d9:1e:d8:
fe:89:df:97:29:a9:8b:af:24:ef:97:f2:22:8f:b5:51:79:f3:
18:f8:16:e7:fc:6a:b9:fe:87:6b:77:23:12:b0:bb:4c:ce:b7:
b4:59:a4:be:fc:22:dd:78:38:a2:f6:16:34:61:a9:a0:20:71:
fc:a9:38:ee:b6:9d:e5:b8:3a:2d:03:b6:1e:11:1d:ce:d2:3a:
7d:02:b8:3e:49:06:fd:19:97:93:fc:0b:85:43:fb:3b:f4:03:
46:3e:57:49:02:f4:19:7d:f1:2f:cc:ac:70:88:2b:b1:d8:3f:
43:41:fb:04:ff:6d:38:58:3e:b5:d3:05:43:72:c8:e3:00:ac:
30:82:a5:d8:b3:a2:fc:f3:d0:ce:4d:78:d2:a5:cf:ba:d0:19:
d3:0f:9b:9b:54:6e:55:a4:ee:31:e1:71:80:78:19:19:f3:23:
70:ca:05:6f:0e:9a:0f:85:c4:cc:32:6e:f2:3d:b1:bb:c8:76:
45:19:b5:67:dc:0b:b9:91:a8:42:3d:c5:b8:5b:8d:6a:9f:e9:
7f:12:24:e2:2b:b9:05:6e:fa:e9:6f:ec:b3:72:85:0c:0c:fa:
64:6d:06:71:7e:39:77:2a:7d:90:41:b0:95:0d:27:19:4a:c7:
dc:c6:f9:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbfNX0dmcBS4/R2P8B8O/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwMTAxMTQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTI3OWZmZTQ4NzdkNTkxOTY4NmYzNWI3MjhhOGJhYTUxODg1MmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOz4MchjwA1t8oEfmtK4BjevC64O
sqgxw29BfzVsRIQIq4MaFlqsHXZHNPEeonfaP9NZiQwuJJpviSznjwOWwvqNbelG
hF5ILayfmaeZkk0ITALxxTS6uN7DUcbfw07QmpWue4Rx4e70nLIEWwWFThO4ErIk
UigjsyoJS7v9hu3kFY39Eg3ymu0Wp8JfKb1Fd1L6L5UkfzrhB/r8CG4IePFxtXdT
aSRAHvmS6YzRXkuvfYPtjUmgx/IJgmdJVmcv1PsKPzx7HnT0hLhmdvzCOEZY2l7u
T4l4eu+LGEyS7L/NcW792vjJKl/XUmxH59flacZZqjoytk0T85xK7x5tjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEknn/5Id9WRlobzW3KKi6pRiFLxMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvU1NlZl9raDMxWkdXaHZOYmNvcUxxbEdJVXZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVXPQAwQD
1ZFIAwQD1ZFYMA0GCSqGSIb3DQEBCwUAA4IBAQCcIWbU24z19zh0xLRPSsfZHtj+
id+XKamLryTvl/Iij7VRefMY+Bbn/Gq5/odrdyMSsLtMzre0WaS+/CLdeDii9hY0
YamgIHH8qTjutp3luDotA7YeER3O0jp9Arg+SQb9GZeT/AuFQ/s79ANGPldJAvQZ
ffEvzKxwiCux2D9DQfsE/204WD610wVDcsjjAKwwgqXYs6L889DOTXjSpc+60BnT
D5ubVG5VpO4x4XGAeBkZ8yNwygVvDpoPhcTMMm7yPbG7yHZFGbVn3Au5kahCPcW4
W41qn+l/EiTiK7kFbvrpb+yzcoUMDPpkbQZxfjl3Kn2QQbCVDScZSsfcxvkl
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:06 2024 by rpki-client on console-fra.rpki-client.org