Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/XH1UVkQ26I--BWa807z3m8hEtkY.roa
File: XH1UVkQ26I--BWa807z3m8hEtkY.roa (raw, json)
Hash identifier: 7DybKszbzkLENc1ivQL27Ak+p6cXSswfJO0bTv+Tn9s=
Subject key identifier: 5C:7D:54:56:44:36:E8:8F:BE:05:66:BC:D3:BC:F7:9B:C8:44:B6:46
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0189D4912CDCDCB5B4644DB71A356C7BA2AB
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/XH1UVkQ26I--BWa807z3m8hEtkY.roa
Signing time: Tue 08 Aug 2023 09:53:51 +0000
ROA not before: Tue 08 Aug 2023 09:53:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 85.115.211.0/24 maxlen: 24
85.115.208.0/23 maxlen: 24
85.115.209.0/24 maxlen: 24
85.115.210.0/23 maxlen: 24
85.115.210.0/24 maxlen: 24
213.145.88.0/21 maxlen: 24
213.145.88.0/24 maxlen: 24
213.145.95.0/24 maxlen: 24
213.145.92.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Sep 2023 20:58:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d4:91:2c:dc:dc:b5:b4:64:4d:b7:1a:35:6c:7b:a2:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Aug 8 09:53:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c7d54564436e88fbe0566bcd3bcf79bc844b646
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:99:63:2e:1d:99:65:50:d9:83:13:9f:eb:41:
8b:df:f9:1f:7e:14:a1:c9:c1:1f:ed:82:e4:d3:36:
ae:10:1c:5a:e7:29:76:69:3a:35:82:27:78:8a:1c:
f8:ac:81:98:f9:5e:f4:0e:1e:c6:5f:d6:90:4e:ac:
b4:1b:eb:37:2d:08:b8:2b:49:ea:5a:91:df:0c:d4:
a7:5e:a8:b4:52:10:a9:95:7e:8e:70:4c:ac:d3:f0:
4e:31:02:57:82:6d:4c:1e:94:34:90:33:30:33:2b:
d3:e3:0d:d3:8b:e2:13:60:95:cc:2d:ee:18:af:72:
3b:08:c7:ff:0a:30:64:a8:fd:69:e4:e0:d5:dc:c4:
86:ca:80:57:46:be:b2:3a:ea:9d:fc:b5:b1:5c:3e:
de:b9:9b:70:a3:1f:f6:d0:a2:87:f2:6d:ba:89:ec:
fb:d6:58:e4:6e:88:f1:02:b9:10:4e:9c:65:18:5f:
06:a9:f2:f7:2b:a6:86:29:0f:7c:82:91:ac:ee:b3:
8b:63:d8:20:be:27:40:fe:67:31:2f:44:1b:a1:09:
32:03:9d:f4:b2:57:7f:16:16:63:fc:ac:58:02:ce:
bd:6a:81:bf:b5:41:70:23:f9:0e:b8:c1:00:05:92:
a6:58:92:3a:da:f0:d7:08:55:6c:c8:10:16:15:c3:
30:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:7D:54:56:44:36:E8:8F:BE:05:66:BC:D3:BC:F7:9B:C8:44:B6:46
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/XH1UVkQ26I--BWa807z3m8hEtkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/22
213.145.88.0/21
Signature Algorithm: sha256WithRSAEncryption
03:ad:07:5b:75:02:6a:b8:6e:27:fa:d8:df:0e:e0:9e:91:0f:
ec:c5:94:8e:8b:5e:d7:2f:d7:e4:77:4b:6f:6e:29:fb:e1:6a:
e1:ec:52:c1:37:bb:a0:48:95:ef:74:9b:0e:12:50:c2:79:ad:
b1:4e:81:b5:b2:74:e5:71:84:b8:08:5b:9b:af:89:bf:b8:74:
3f:e1:84:ae:b9:1e:fb:30:27:28:f9:76:e0:61:7e:7a:ec:fc:
a7:52:6e:61:46:10:50:75:b2:f4:da:79:e7:fa:fd:9b:e0:68:
45:95:0d:6d:4c:39:4d:6a:c3:f9:eb:94:69:c6:ab:c3:a2:de:
e9:ad:5e:be:49:bb:86:ce:e7:aa:16:e5:1a:28:e8:91:bb:6c:
5f:7c:24:01:83:69:31:10:27:5c:d0:a7:c6:13:6a:c6:15:eb:
2b:b4:fa:86:1e:ea:a1:96:7d:03:bb:04:4d:6d:fa:98:83:c5:
e3:82:73:f5:5f:0c:3e:b4:c7:76:51:a2:32:a5:a6:9e:e0:57:
45:46:85:66:ae:c1:6a:50:37:f3:f8:b3:a2:5e:eb:13:0b:92:
3c:9b:f0:f1:bb:75:01:06:4d:5d:ef:d4:33:b5:14:04:b1:f7:
a4:ef:18:55:19:2a:8f:08:6b:d5:63:77:5d:c0:cc:90:60:89:
ed:a3:0b:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnUkSzc3LW0ZE23GjVse6KrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjMwODA4MDk1MzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzdkNTQ1NjQ0MzZlODhmYmUwNTY2YmNkM2JjZjc5YmM4NDRiNjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZljLh2ZZVDZgxOf60GL3/kffhSh
ycEf7YLk0zauEBxa5yl2aTo1gid4ihz4rIGY+V70Dh7GX9aQTqy0G+s3LQi4K0nq
WpHfDNSnXqi0UhCplX6OcEys0/BOMQJXgm1MHpQ0kDMwMyvT4w3Ti+ITYJXMLe4Y
r3I7CMf/CjBkqP1p5ODV3MSGyoBXRr6yOuqd/LWxXD7euZtwox/20KKH8m26iez7
1ljkbojxArkQTpxlGF8GqfL3K6aGKQ98gpGs7rOLY9ggvidA/mcxL0QboQkyA530
sld/FhZj/KxYAs69aoG/tUFwI/kOuMEABZKmWJI62vDXCFVsyBAWFcMweQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFx9VFZENuiPvgVmvNO895vIRLZGMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvWEgxVVZrUTI2SS0tQldhODA3ejNtOGhFdGtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVXPQAwQD
1ZFYMA0GCSqGSIb3DQEBCwUAA4IBAQADrQdbdQJquG4n+tjfDuCekQ/sxZSOi17X
L9fkd0tvbin74Wrh7FLBN7ugSJXvdJsOElDCea2xToG1snTlcYS4CFubr4m/uHQ/
4YSuuR77MCco+XbgYX567PynUm5hRhBQdbL02nnn+v2b4GhFlQ1tTDlNasP565Rp
xqvDot7prV6+SbuGzueqFuUaKOiRu2xffCQBg2kxECdc0KfGE2rGFesrtPqGHuqh
ln0DuwRNbfqYg8XjgnP1Xww+tMd2UaIypaae4FdFRoVmrsFqUDfz+LOiXusTC5I8
m/Dxu3UBBk1d79QztRQEsfek7xhVGSqPCGvVY3ddwMyQYIntowsZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:12 2024 by rpki-client on console-ams.rpki-client.org