Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/UanSnzjlX2Ew3cAKdz0qpDbtrmA.roa
File: UanSnzjlX2Ew3cAKdz0qpDbtrmA.roa (raw, json)
Hash identifier: jcmMRpVznlfsR+2U0kOmNOB0LOZuyHRKiiOtKDZXbBk=
Subject key identifier: 51:A9:D2:9F:38:E5:5F:61:30:DD:C0:0A:77:3D:2A:A4:36:ED:AE:60
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 018B515C286A05F892516940927222CA7E67
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/UanSnzjlX2Ew3cAKdz0qpDbtrmA.roa
Signing time: Sat 21 Oct 2023 08:31:16 +0000
ROA not before: Sat 21 Oct 2023 08:31:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 213.145.72.0/21 maxlen: 24
85.115.208.0/23 maxlen: 24
85.115.208.0/24 maxlen: 24
213.145.91.0/24 maxlen: 24
213.145.88.0/21 maxlen: 24
213.145.90.0/24 maxlen: 24
213.145.92.0/24 maxlen: 24
213.145.93.0/24 maxlen: 24
213.145.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Oct 2023 09:10:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:51:5c:28:6a:05:f8:92:51:69:40:92:72:22:ca:7e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Oct 21 08:31:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51a9d29f38e55f6130ddc00a773d2aa436edae60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:50:26:db:2d:aa:e8:45:98:8f:72:27:e0:a6:
3f:b2:bf:75:16:48:1d:46:d4:3f:9d:db:d5:98:00:
90:4d:b3:96:55:e9:c1:24:e5:86:e8:00:29:59:4f:
1d:43:25:7c:36:a4:cf:59:c7:1e:33:e3:da:d9:78:
5c:5f:b0:5f:6a:97:e3:46:32:0f:8b:d3:0e:7d:9c:
bd:4e:c3:7d:0e:c3:31:9d:e9:63:af:a0:8b:b5:ab:
c4:72:6f:cf:ad:51:7c:9a:a9:ac:a0:1c:30:7d:87:
ef:3b:78:d7:23:4b:8f:35:a7:1a:f0:47:ad:56:d2:
c8:61:4f:58:d9:12:e2:52:2f:66:50:c4:3f:42:1c:
a5:d7:bb:c4:bf:a9:ed:22:98:0e:1d:81:24:40:52:
91:f7:9e:76:8f:a6:b6:51:87:e8:5b:0c:ef:71:75:
3b:24:98:11:b8:f3:6a:80:ec:a5:f4:cf:8f:8b:60:
f9:a0:da:56:9c:b6:3f:78:88:0b:b6:41:3a:a8:66:
67:a9:50:62:cd:41:eb:80:5e:d2:51:d5:ed:0d:56:
40:10:02:6f:c8:28:ef:37:44:f4:89:b3:e5:e3:30:
cb:0b:37:ce:f6:58:3b:ce:6f:24:1d:f4:2f:3c:75:
e0:a5:66:94:c9:b5:5a:da:8d:bb:94:de:21:ab:94:
88:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:A9:D2:9F:38:E5:5F:61:30:DD:C0:0A:77:3D:2A:A4:36:ED:AE:60
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/UanSnzjlX2Ew3cAKdz0qpDbtrmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.72.0/21
213.145.88.0/21
Signature Algorithm: sha256WithRSAEncryption
d5:fa:85:f5:f8:e5:bb:5a:6c:63:99:66:53:c2:7e:4e:39:96:
d1:00:9b:31:c9:df:5e:1f:24:ad:b9:11:40:55:c2:ab:95:a6:
45:ba:74:c1:e7:0a:85:2a:bb:3d:3d:97:f3:0e:b5:8b:4a:c3:
e7:0f:86:49:38:79:f4:48:7c:02:86:37:5d:72:78:82:89:e4:
c2:02:5a:20:64:74:91:2a:97:e5:47:38:f1:cf:5b:40:6b:9d:
54:b7:19:1e:b0:c5:fb:28:c2:48:75:42:4b:3c:3b:46:9c:e6:
6f:96:e3:64:84:70:9d:24:dc:d9:1e:b8:f1:3d:43:96:a7:51:
42:78:81:eb:41:f6:8b:ae:4c:94:0b:40:dc:51:d2:f1:14:0f:
a3:b5:f0:4c:7a:55:57:d9:01:77:16:23:41:10:c0:92:53:ec:
02:4e:a9:4e:6c:b4:56:7f:29:a8:52:5a:71:06:f8:d2:66:d3:
fa:ed:78:fd:9e:09:57:ad:4d:0b:a4:9f:0b:ac:43:8b:e1:b4:
ed:7c:2d:e6:e8:3a:0a:80:d7:92:9b:1b:4c:fc:47:dc:0e:bf:
24:58:c0:ec:b9:98:b4:fe:ad:68:37:78:0a:8c:8b:fe:2f:3c:
7e:52:78:d1:3d:6e:f5:1e:4f:c4:29:0f:90:37:dd:f9:04:01:
40:5b:ff:86
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtRXChqBfiSUWlAknIiyn5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjMxMDIxMDgzMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWE5ZDI5ZjM4ZTU1ZjYxMzBkZGMwMGE3NzNkMmFhNDM2ZWRhZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlAm2y2q6EWYj3In4KY/sr91Fkgd
RtQ/ndvVmACQTbOWVenBJOWG6AApWU8dQyV8NqTPWcceM+Pa2XhcX7BfapfjRjIP
i9MOfZy9TsN9DsMxneljr6CLtavEcm/PrVF8mqmsoBwwfYfvO3jXI0uPNaca8Eet
VtLIYU9Y2RLiUi9mUMQ/Qhyl17vEv6ntIpgOHYEkQFKR9552j6a2UYfoWwzvcXU7
JJgRuPNqgOyl9M+Pi2D5oNpWnLY/eIgLtkE6qGZnqVBizUHrgF7SUdXtDVZAEAJv
yCjvN0T0ibPl4zDLCzfO9lg7zm8kHfQvPHXgpWaUybVa2o27lN4hq5SIDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFGp0p845V9hMN3ACnc9KqQ27a5gMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvVWFuU256amxYMkV3M2NBS2R6MHFwRGJ0cm1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVXPQAwQD
1ZFIAwQD1ZFYMA0GCSqGSIb3DQEBCwUAA4IBAQDV+oX1+OW7WmxjmWZTwn5OOZbR
AJsxyd9eHyStuRFAVcKrlaZFunTB5wqFKrs9PZfzDrWLSsPnD4ZJOHn0SHwChjdd
cniCieTCAlogZHSRKpflRzjxz1tAa51UtxkesMX7KMJIdUJLPDtGnOZvluNkhHCd
JNzZHrjxPUOWp1FCeIHrQfaLrkyUC0DcUdLxFA+jtfBMelVX2QF3FiNBEMCSU+wC
TqlObLRWfymoUlpxBvjSZtP67Xj9nglXrU0LpJ8LrEOL4bTtfC3m6DoKgNeSmxtM
/EfcDr8kWMDsuZi0/q1oN3gKjIv+Lzx+UnjRPW71Hk/EKQ+QN935BAFAW/+G
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:12 2024 by rpki-client on console-ams.rpki-client.org