Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/ckD6mq3wTgJaH9RDugMXl1V-Brs.roa
File: ckD6mq3wTgJaH9RDugMXl1V-Brs.roa (raw, json)
Hash identifier: Dsxl7ejhonqNBHxivjbVHiJzkuF7/Ldek3KIxnWwjdA=
Subject key identifier: 72:40:FA:9A:AD:F0:4E:02:5A:1F:D4:43:BA:03:17:97:55:7E:06:BB
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 018D5E63419BE92BE04DC1F9FA4109B25152
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/ckD6mq3wTgJaH9RDugMXl1V-Brs.roa
Signing time: Wed 31 Jan 2024 07:19:39 +0000
ROA not before: Wed 31 Jan 2024 07:19:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 08:47:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5e:63:41:9b:e9:2b:e0:4d:c1:f9:fa:41:09:b2:51:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jan 31 07:19:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7240fa9aadf04e025a1fd443ba031797557e06bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f5:fc:03:0c:b0:df:28:92:13:03:71:af:4f:
17:73:97:ad:c1:2a:52:01:2f:17:75:1e:1a:61:a3:
60:cf:c6:fb:f9:9f:03:4c:c5:39:68:09:72:27:2c:
0a:6d:0b:a7:7e:03:c4:63:ef:47:92:49:45:3c:cc:
18:23:b4:c3:0e:6c:6f:56:ba:b2:33:9b:cb:ee:9a:
57:76:de:51:8b:17:9b:6a:a8:7d:9b:f6:51:59:85:
9a:af:d7:65:f4:f1:d6:ef:79:dd:d9:f6:60:c4:ed:
e4:b7:f8:dc:1d:6f:eb:0c:f7:d8:d1:48:34:ea:d9:
6e:2d:bb:e4:03:6b:d9:4f:70:fe:aa:66:6a:39:c5:
17:2b:6f:84:0a:ee:5c:75:3e:c7:7e:b4:d7:21:2d:
65:ec:77:77:48:49:be:89:5f:9b:f2:ad:7f:4a:2a:
a9:28:99:c6:bb:a3:3e:a5:45:f6:17:e3:a0:37:76:
87:a1:d6:a7:7a:13:69:f8:44:54:56:12:ac:ef:0e:
fe:eb:6e:aa:7e:ba:4b:0a:47:01:f0:c7:87:b5:22:
ef:c7:26:eb:42:c4:83:e1:49:79:8e:8c:1c:a9:25:
f6:87:d9:14:5d:b1:5f:ee:63:4b:31:96:2a:06:c7:
13:4a:f3:58:c2:3b:ac:39:0d:31:79:54:d2:c1:3c:
44:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:40:FA:9A:AD:F0:4E:02:5A:1F:D4:43:BA:03:17:97:55:7E:06:BB
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/ckD6mq3wTgJaH9RDugMXl1V-Brs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.72.0/21
213.145.88.0/21
Signature Algorithm: sha256WithRSAEncryption
4d:49:86:95:3a:0f:70:e3:64:44:f6:86:57:6c:a5:87:75:df:
72:60:ae:9f:b7:dc:d4:e4:f5:a6:13:6d:b2:d3:63:43:fc:44:
f5:a4:30:df:43:d3:9a:c9:10:7a:75:36:ba:ac:19:f5:d9:d4:
fe:c6:cd:4f:8e:c5:82:db:42:ec:d4:12:73:1a:19:a3:4d:28:
a7:4b:f4:ba:a7:c9:1f:86:b7:d3:11:73:3f:00:c9:dc:68:c8:
4d:bb:1a:44:d3:23:21:af:43:b8:cd:cf:2f:ce:a9:22:98:6f:
f8:da:3d:0d:93:60:55:e9:f5:33:2f:7f:de:d2:d7:9f:7c:e9:
2d:c7:7d:c5:f3:33:89:d7:5a:e3:62:e6:2c:28:ee:92:eb:4d:
b7:4c:62:0a:71:b2:c3:a9:a3:c6:39:2b:2d:67:0d:96:2d:54:
80:d1:54:cf:19:c9:de:dc:fe:ed:ce:c4:30:9e:71:03:16:e7:
57:d1:ff:c2:bf:ff:93:de:89:06:cb:86:60:a9:bb:53:39:08:
7f:45:9d:c7:d5:0b:92:66:05:35:06:dc:17:38:55:07:a4:5c:
7c:89:4c:07:39:a1:28:0b:fa:cc:49:32:1b:2a:9e:15:09:48:
4f:3f:2c:fa:91:47:2d:32:7c:7d:57:2a:33:0f:9e:87:80:66:
82:8a:f3:8b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1eY0Gb6SvgTcH5+kEJslFSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwMTMxMDcxOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjQwZmE5YWFkZjA0ZTAyNWExZmQ0NDNiYTAzMTc5NzU1N2UwNmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfX8Awyw3yiSEwNxr08Xc5etwSpS
AS8XdR4aYaNgz8b7+Z8DTMU5aAlyJywKbQunfgPEY+9HkklFPMwYI7TDDmxvVrqy
M5vL7ppXdt5Rixebaqh9m/ZRWYWar9dl9PHW73nd2fZgxO3kt/jcHW/rDPfY0Ug0
6tluLbvkA2vZT3D+qmZqOcUXK2+ECu5cdT7HfrTXIS1l7Hd3SEm+iV+b8q1/Siqp
KJnGu6M+pUX2F+OgN3aHodanehNp+ERUVhKs7w7+626qfrpLCkcB8MeHtSLvxybr
QsSD4Ul5jowcqSX2h9kUXbFf7mNLMZYqBscTSvNYwjusOQ0xeVTSwTxElwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHJA+pqt8E4CWh/UQ7oDF5dVfga7MB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvY2tENm1xM3dUZ0phSDlSRHVnTVhsMVYtQnJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVXPQAwQD
1ZFIAwQD1ZFYMA0GCSqGSIb3DQEBCwUAA4IBAQBNSYaVOg9w42RE9oZXbKWHdd9y
YK6ft9zU5PWmE22y02ND/ET1pDDfQ9OayRB6dTa6rBn12dT+xs1PjsWC20Ls1BJz
GhmjTSinS/S6p8kfhrfTEXM/AMncaMhNuxpE0yMhr0O4zc8vzqkimG/42j0Nk2BV
6fUzL3/e0teffOktx33F8zOJ11rjYuYsKO6S6023TGIKcbLDqaPGOSstZw2WLVSA
0VTPGcne3P7tzsQwnnEDFudX0f/Cv/+T3okGy4ZgqbtTOQh/RZ3H1QuSZgU1BtwX
OFUHpFx8iUwHOaEoC/rMSTIbKp4VCUhPPyz6kUctMnx9VyozD56HgGaCivOL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:12 2024 by rpki-client on console-ams.rpki-client.org