Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/_cpFB0POAR5fb1jCTRljzNPYlX0.roa
File: _cpFB0POAR5fb1jCTRljzNPYlX0.roa (raw, json)
Hash identifier: 1AZA3OHPCDE3sziMuJsUyVEKbFIY4yvNgqMo75FQiUQ=
Subject key identifier: FD:CA:45:07:43:CE:01:1E:5F:6F:58:C2:4D:19:63:CC:D3:D8:95:7D
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0192E76BE76D804FE76D44C886440F2042CE
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/_cpFB0POAR5fb1jCTRljzNPYlX0.roa
Signing time: Fri 01 Nov 2024 11:11:01 +0000
ROA not before: Fri 01 Nov 2024 11:11:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.70.0/23 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.82.0/23 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.84.0/24 maxlen: 24
213.145.86.0/23 maxlen: 23
213.145.88.0/21 maxlen: 24
213.145.88.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Nov 2024 16:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e7:6b:e7:6d:80:4f:e7:6d:44:c8:86:44:0f:20:42:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Nov 1 11:11:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdca450743ce011e5f6f58c24d1963ccd3d8957d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d5:d5:1f:47:2c:55:6e:d8:e1:5b:e5:65:89:
07:d2:46:2e:f6:c2:3d:20:8e:c7:21:b7:df:44:4d:
18:02:39:75:36:b2:aa:a0:3f:a3:c7:53:04:72:67:
48:41:a1:fc:76:be:59:a5:3d:95:b5:ce:b2:d8:7e:
09:33:91:c0:06:3f:ca:4a:89:76:78:86:03:b7:c6:
2f:cc:5b:09:a6:81:3c:90:4b:a5:34:2b:a6:79:0c:
b2:0d:c4:b7:00:19:2e:ec:2f:19:75:4b:e3:fd:81:
a3:56:2b:68:84:71:0c:37:9f:61:a7:58:76:61:3d:
65:04:89:34:bb:22:e7:aa:6e:c5:de:3e:32:ca:5f:
4b:b2:28:b7:03:4f:00:bb:09:9a:8c:61:7f:e5:07:
9f:39:0f:55:f1:ba:91:7c:94:0c:b4:da:22:19:3f:
47:83:7c:f6:ac:ff:0a:b7:15:1b:d1:cd:6c:3f:5b:
b1:f0:c5:81:a8:e0:8c:67:af:23:59:8b:f2:10:49:
73:93:91:fb:1e:51:6e:f7:98:d0:61:16:f5:cd:d9:
a8:56:2a:a6:3e:b3:59:6f:c3:76:71:85:64:9a:79:
21:52:0a:2b:c7:3a:c1:4f:e5:98:57:64:30:99:64:
36:c1:34:b8:38:83:2d:01:9f:33:1e:8f:38:d9:37:
69:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:CA:45:07:43:CE:01:1E:5F:6F:58:C2:4D:19:63:CC:D3:D8:95:7D
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/_cpFB0POAR5fb1jCTRljzNPYlX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.68.0-213.145.79.255
213.145.82.0-213.145.95.255
Signature Algorithm: sha256WithRSAEncryption
64:22:57:ec:00:7f:8b:15:8e:60:48:b2:13:a0:8c:2c:11:33:
63:07:29:aa:87:30:75:3c:38:b0:6f:5e:e9:ec:8b:fb:25:e8:
9d:3a:0b:2f:9a:52:58:50:0c:43:11:3d:dc:1d:61:33:4c:af:
dc:8a:0b:1c:3b:0d:0b:37:17:03:b8:16:7f:8f:b1:31:d0:8d:
df:39:8f:ca:20:05:65:81:fa:2e:36:c4:56:94:21:dc:9f:f5:
c4:80:e7:f8:92:47:d6:ca:3d:7b:1d:eb:00:49:ee:69:eb:a3:
61:15:57:11:49:77:63:2c:67:b7:09:a2:b4:fe:84:ec:2d:db:
d0:3c:cd:d9:d7:d2:d1:ff:92:e7:be:2c:43:cb:27:83:57:3a:
31:52:fc:42:0d:98:90:23:2b:65:e8:cb:bc:ff:c7:aa:99:13:
15:55:95:21:e2:0b:1e:c5:73:6c:70:34:e5:e0:25:ab:7a:ba:
6f:b9:15:e7:0c:cf:22:1e:64:54:b4:a8:b9:4e:d0:9b:4b:68:
b5:ec:35:8b:c9:1b:ea:8f:d0:26:15:48:33:1f:a9:7a:2a:60:
2a:0b:89:16:84:3c:77:2d:1a:32:e6:f0:3a:75:8a:18:ef:63:
ef:da:04:1e:ae:ae:79:31:28:cf:f8:be:ef:99:e1:98:b9:02:
8f:0c:52:04
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZLna+dtgE/nbUTIhkQPIELOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQxMTAxMTExMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGNhNDUwNzQzY2UwMTFlNWY2ZjU4YzI0ZDE5NjNjY2QzZDg5NTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNXVH0csVW7Y4VvlZYkH0kYu9sI9
II7HIbffRE0YAjl1NrKqoD+jx1MEcmdIQaH8dr5ZpT2Vtc6y2H4JM5HABj/KSol2
eIYDt8YvzFsJpoE8kEulNCumeQyyDcS3ABku7C8ZdUvj/YGjVitohHEMN59hp1h2
YT1lBIk0uyLnqm7F3j4yyl9Lsii3A08AuwmajGF/5QefOQ9V8bqRfJQMtNoiGT9H
g3z2rP8KtxUb0c1sP1ux8MWBqOCMZ68jWYvyEElzk5H7HlFu95jQYRb1zdmoViqm
PrNZb8N2cYVkmnkhUgorxzrBT+WYV2QwmWQ2wTS4OIMtAZ8zHo842TdpmwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFP3KRQdDzgEeX29Ywk0ZY8zT2JV9MB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvX2NwRkIwUE9BUjVmYjFqQ1RSbGp6TlBZbFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQBVXPQMAwD
BALVkUQDBATVkUAwDAMEAdWRUgMEBdWRQDANBgkqhkiG9w0BAQsFAAOCAQEAZCJX
7AB/ixWOYEiyE6CMLBEzYwcpqocwdTw4sG9e6eyL+yXonToLL5pSWFAMQxE93B1h
M0yv3IoLHDsNCzcXA7gWf4+xMdCN3zmPyiAFZYH6LjbEVpQh3J/1xIDn+JJH1so9
ex3rAEnuaeujYRVXEUl3YyxntwmitP6E7C3b0DzN2dfS0f+S574sQ8sng1c6MVL8
Qg2YkCMrZejLvP/HqpkTFVWVIeILHsVzbHA05eAlq3q6b7kV5wzPIh5kVLSouU7Q
m0totew1i8kb6o/QJhVIMx+peipgKguJFoQ8dy0aMubwOnWKGO9j79oEHq6ueTEo
z/i+75nhmLkCjwxSBA==
Generated at Fri Nov 1 20:38:00 2024 by rpki-client on console-ams.rpki-client.org