Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/bh_UoT5moH8aBPJ2RWv7Pzt_kcY.roa
File: bh_UoT5moH8aBPJ2RWv7Pzt_kcY.roa (raw, json)
Hash identifier: blme+j/VqQ6/wGbPEP3SF1XbqPOhf6KAN+colKtVDgE=
Subject key identifier: 6E:1F:D4:A1:3E:66:A0:7F:1A:04:F2:76:45:6B:FB:3F:3B:7F:91:C6
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 018D83D81EC5FCB394D37140C5FED40B403A
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/bh_UoT5moH8aBPJ2RWv7Pzt_kcY.roa
Signing time: Wed 07 Feb 2024 13:53:15 +0000
ROA not before: Wed 07 Feb 2024 13:53:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Mar 2024 09:17:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:d8:1e:c5:fc:b3:94:d3:71:40:c5:fe:d4:0b:40:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Feb 7 13:53:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e1fd4a13e66a07f1a04f276456bfb3f3b7f91c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:e1:c8:f6:b7:0d:78:8a:59:87:f7:db:59:9e:
6d:aa:3a:b9:04:ab:21:07:ea:f4:2d:9d:cb:2a:e9:
c8:5c:9d:dc:91:cc:b6:36:39:fd:a6:e6:75:0b:b5:
74:0d:05:ac:63:34:17:b3:11:84:13:bd:4c:0b:a5:
0c:41:86:c2:9b:93:9a:86:a2:a7:9b:bd:11:64:dc:
18:c9:6e:04:b6:b2:1b:1d:01:c9:55:96:b0:5c:e2:
b0:f0:78:2a:b1:72:f2:72:00:25:66:14:a2:3b:1f:
02:1d:58:c6:f5:9d:f2:33:47:78:1c:cb:3f:0c:5c:
bd:26:1a:4c:c1:9b:51:6a:55:4b:12:ad:b7:2d:bc:
6f:2c:6f:7b:67:cc:94:9d:20:f8:70:6b:6f:0c:88:
94:f6:e9:28:ec:9e:1e:c8:c2:28:5e:5c:7a:f4:11:
13:1c:6d:d0:0b:c9:25:f7:8b:8f:d2:96:a4:00:e4:
cc:87:02:06:a5:7d:e1:19:64:ef:b5:98:76:ed:d4:
b0:ee:b6:de:90:ec:18:12:eb:19:4e:3f:ca:92:e9:
c4:b7:ac:e6:5c:f2:fe:99:44:09:01:9d:ae:73:7c:
b4:91:ea:10:42:84:12:0b:bb:91:3d:46:4a:62:ee:
5d:15:be:51:1f:84:49:2c:7d:dd:02:61:bd:5b:c7:
04:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:1F:D4:A1:3E:66:A0:7F:1A:04:F2:76:45:6B:FB:3F:3B:7F:91:C6
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/bh_UoT5moH8aBPJ2RWv7Pzt_kcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.72.0/21
213.145.88.0/21
Signature Algorithm: sha256WithRSAEncryption
22:6a:2d:87:23:a3:7d:df:fd:00:4c:86:2c:8a:75:c3:03:0e:
2d:93:12:57:c1:e1:bb:6c:c7:27:38:e4:c0:a0:90:60:af:df:
77:b4:4a:08:53:93:08:fc:55:e7:ea:4e:69:63:78:d8:c9:14:
64:c6:3a:74:7b:da:95:a5:56:bd:b0:82:e7:d6:31:64:5a:9b:
38:d6:62:ae:55:76:41:b8:45:29:1c:9e:c1:c1:1c:25:d4:38:
c2:14:73:a8:cb:be:be:84:cb:b6:09:6e:04:49:cb:2f:a9:1e:
aa:0c:db:d3:73:f7:9c:96:de:f7:5e:bc:2a:67:98:36:c2:5b:
b2:2e:b8:33:f0:a6:2b:70:86:74:2f:37:7b:f5:53:16:ff:dc:
e1:04:46:cb:87:91:2a:a4:1a:ab:43:33:76:0e:08:c3:0d:5a:
12:bb:f3:26:e0:da:12:35:ab:6f:ac:78:9a:25:d0:73:9f:08:
e6:0e:a2:f9:1d:b5:61:38:7a:03:19:b0:60:0b:4b:0a:1a:5a:
6e:99:2e:55:1c:28:90:d0:35:9a:52:42:ee:d7:39:39:29:66:
f7:d1:f9:70:91:78:a4:d4:04:bc:c8:40:6e:45:e8:a3:da:d9:
d2:f1:af:ce:f1:0f:52:90:e5:18:02:a4:67:e1:fe:38:56:2e:
89:10:9f:46
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2D2B7F/LOU03FAxf7UC0A6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwMjA3MTM1MzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTFmZDRhMTNlNjZhMDdmMWEwNGYyNzY0NTZiZmIzZjNiN2Y5MWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6uHI9rcNeIpZh/fbWZ5tqjq5BKsh
B+r0LZ3LKunIXJ3ckcy2Njn9puZ1C7V0DQWsYzQXsxGEE71MC6UMQYbCm5OahqKn
m70RZNwYyW4EtrIbHQHJVZawXOKw8HgqsXLycgAlZhSiOx8CHVjG9Z3yM0d4HMs/
DFy9JhpMwZtRalVLEq23LbxvLG97Z8yUnSD4cGtvDIiU9uko7J4eyMIoXlx69BET
HG3QC8kl94uP0pakAOTMhwIGpX3hGWTvtZh27dSw7rbekOwYEusZTj/KkunEt6zm
XPL+mUQJAZ2uc3y0keoQQoQSC7uRPUZKYu5dFb5RH4RJLH3dAmG9W8cEoQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG4f1KE+ZqB/GgTydkVr+z87f5HGMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvYmhfVW9UNW1vSDhhQlBKMlJXdjdQenRfa2NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVXPQAwQD
1ZFIAwQD1ZFYMA0GCSqGSIb3DQEBCwUAA4IBAQAiai2HI6N93/0ATIYsinXDAw4t
kxJXweG7bMcnOOTAoJBgr993tEoIU5MI/FXn6k5pY3jYyRRkxjp0e9qVpVa9sILn
1jFkWps41mKuVXZBuEUpHJ7BwRwl1DjCFHOoy76+hMu2CW4EScsvqR6qDNvTc/ec
lt73XrwqZ5g2wluyLrgz8KYrcIZ0Lzd79VMW/9zhBEbLh5EqpBqrQzN2DgjDDVoS
u/Mm4NoSNatvrHiaJdBznwjmDqL5HbVhOHoDGbBgC0sKGlpumS5VHCiQ0DWaUkLu
1zk5KWb30flwkXik1AS8yEBuReij2tnS8a/O8Q9SkOUYAqRn4f44Vi6JEJ9G
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:12 2024 by rpki-client on console-ams.rpki-client.org