Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/aXJz195055uHxIH13p1NlVRMGvk.roa
File: aXJz195055uHxIH13p1NlVRMGvk.roa (raw, json)
Hash identifier: tWAIQBTGqfRG9pBKavyOn3yza1mYGjwz/dBVuNmCxOY=
Subject key identifier: 69:72:73:D7:DE:74:E7:9B:87:C4:81:F5:DE:9D:4D:95:54:4C:1A:F9
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0191A1B951E347D9D1EFF84C9A2CC182AF37
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/aXJz195055uHxIH13p1NlVRMGvk.roa
Signing time: Fri 30 Aug 2024 05:19:22 +0000
ROA not before: Fri 30 Aug 2024 05:19:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.68.0/24 maxlen: 24
213.145.70.0/23 maxlen: 23
213.145.72.0/21 maxlen: 24
213.145.82.0/23 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.86.0/23 maxlen: 23
213.145.86.0/24 maxlen: 24
213.145.88.0/21 maxlen: 24
213.145.88.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Sep 2024 20:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a1:b9:51:e3:47:d9:d1:ef:f8:4c:9a:2c:c1:82:af:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Aug 30 05:19:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=697273d7de74e79b87c481f5de9d4d95544c1af9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5c:77:e5:e1:ab:9d:f3:fa:5c:69:2b:57:71:
46:d8:16:7c:ef:9e:05:19:99:1a:fd:40:85:cb:87:
3e:7e:47:7b:37:c1:3c:b7:f1:14:21:07:73:f7:9a:
26:35:93:26:d6:6d:29:d8:ed:be:fc:d3:15:ad:19:
1b:ad:a0:35:16:8c:8b:3e:27:71:6a:45:73:4c:80:
9a:d8:8d:f9:8f:93:f0:24:48:4c:15:37:58:88:6b:
5b:5c:a8:ca:86:92:79:13:22:f1:c5:3f:34:07:45:
36:aa:1a:93:0e:c9:35:02:86:55:e7:36:8c:d3:b2:
37:00:96:24:f7:28:ad:bf:ff:a6:9e:41:35:3b:6c:
6c:da:6a:f1:5f:c4:db:8d:29:98:dc:43:db:79:c4:
b9:41:54:ac:f3:80:ac:24:f2:58:5e:13:c5:78:32:
ba:0f:f4:6e:5c:77:07:fc:df:9e:9e:79:5a:47:88:
46:d8:05:1f:f7:2b:dd:e1:d4:66:37:3b:29:09:27:
f5:5b:67:9e:3e:8b:f3:de:2a:70:2e:b1:2e:81:07:
b1:8a:2d:db:fe:9f:c8:4a:c9:6a:13:83:1b:c7:1e:
2d:41:51:a1:f4:dc:ce:07:ac:36:73:a1:33:ad:ee:
a2:f1:f9:61:88:bd:91:7d:92:c9:03:22:10:0c:a8:
b3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:72:73:D7:DE:74:E7:9B:87:C4:81:F5:DE:9D:4D:95:54:4C:1A:F9
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/aXJz195055uHxIH13p1NlVRMGvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.68.0-213.145.79.255
213.145.82.0-213.145.95.255
Signature Algorithm: sha256WithRSAEncryption
d4:e3:35:d8:23:6e:3f:68:c4:a5:54:40:6e:f0:4a:6e:54:53:
05:4a:0a:64:56:64:e7:28:11:44:2e:ed:58:01:90:ce:0d:c4:
fc:dc:8d:ab:71:24:3b:e3:86:4f:ba:e7:bf:78:b4:2b:e9:38:
15:25:33:2b:43:48:a3:de:da:4c:93:45:a1:c6:84:a0:64:de:
cb:97:8e:9e:8c:c1:bf:8d:72:93:00:ed:05:fa:9e:08:6d:6d:
11:73:33:e6:b1:33:ae:c8:bb:86:bb:a1:30:4b:a3:15:1a:f8:
64:78:02:5a:82:96:92:c9:09:f4:96:0e:98:74:7a:50:ba:db:
b4:5d:f5:8b:7e:64:6f:ba:fb:3e:6d:12:64:fe:dd:e3:fb:d2:
48:8f:98:4e:1e:d6:ae:0d:45:8a:9f:b4:e5:cc:b7:f9:24:ab:
75:d3:e5:76:3a:cb:fd:5e:c8:e3:4c:76:aa:53:ed:2b:f9:2c:
bb:ac:24:5b:35:52:37:00:8c:e7:0a:40:2c:43:14:d0:91:4e:
ed:98:f0:99:fe:e6:8e:eb:59:20:03:4f:a2:da:2c:2a:7c:fa:
bf:6f:79:eb:14:ce:d7:89:23:5a:56:0f:ba:a1:33:e6:d0:0f:
e7:9b:b2:b1:f4:f3:56:2e:bf:e7:7d:d9:2c:20:32:fd:3d:96:
57:6f:7b:42
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZGhuVHjR9nR7/hMmizBgq83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwODMwMDUxOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTcyNzNkN2RlNzRlNzliODdjNDgxZjVkZTlkNGQ5NTU0NGMxYWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFx35eGrnfP6XGkrV3FG2BZ8754F
GZka/UCFy4c+fkd7N8E8t/EUIQdz95omNZMm1m0p2O2+/NMVrRkbraA1FoyLPidx
akVzTICa2I35j5PwJEhMFTdYiGtbXKjKhpJ5EyLxxT80B0U2qhqTDsk1AoZV5zaM
07I3AJYk9yitv/+mnkE1O2xs2mrxX8TbjSmY3EPbecS5QVSs84CsJPJYXhPFeDK6
D/RuXHcH/N+ennlaR4hG2AUf9yvd4dRmNzspCSf1W2eePovz3ipwLrEugQexii3b
/p/ISslqE4Mbxx4tQVGh9NzOB6w2c6Ezre6i8flhiL2RfZLJAyIQDKiz5wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGlyc9fedOebh8SB9d6dTZVUTBr5MB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvYVhKejE5NTA1NXVIeElIMTNwMU5sVlJNR3ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQBVXPQMAwD
BALVkUQDBATVkUAwDAMEAdWRUgMEBdWRQDANBgkqhkiG9w0BAQsFAAOCAQEA1OM1
2CNuP2jEpVRAbvBKblRTBUoKZFZk5ygRRC7tWAGQzg3E/NyNq3EkO+OGT7rnv3i0
K+k4FSUzK0NIo97aTJNFocaEoGTey5eOnozBv41ykwDtBfqeCG1tEXMz5rEzrsi7
hruhMEujFRr4ZHgCWoKWkskJ9JYOmHR6ULrbtF31i35kb7r7Pm0SZP7d4/vSSI+Y
Th7Wrg1Fip+05cy3+SSrddPldjrL/V7I40x2qlPtK/ksu6wkWzVSNwCM5wpALEMU
0JFO7Zjwmf7mjutZIANPotosKnz6v2956xTO14kjWlYPuqEz5tAP55uysfTzVi6/
533ZLCAy/T2WV297Qg==
-----END CERTIFICATE-----
Generated at Tue Sep 3 22:04:24 2024 by rpki-client on console-fra.rpki-client.org