Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/dWrGNriiOSTNRHQ2mLfi24IKjoI.roa
File: dWrGNriiOSTNRHQ2mLfi24IKjoI.roa (raw, json)
Hash identifier: ipwnMaM6sXSfhHHAi5tqJD+LCCOXwJ2NZ82XzMcHVLc=
Subject key identifier: 75:6A:C6:36:B8:A2:39:24:CD:44:74:36:98:B7:E2:DB:82:0A:8E:82
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 018D118897DD5FBB4E3352F77A49BB2A27E9
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/dWrGNriiOSTNRHQ2mLfi24IKjoI.roa
Signing time: Tue 16 Jan 2024 09:09:40 +0000
ROA not before: Tue 16 Jan 2024 09:09:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 213.145.75.0/24 maxlen: 24
85.115.209.0/24 maxlen: 24
213.145.95.0/24 maxlen: 24
213.145.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Sep 2024 04:53:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:11:88:97:dd:5f:bb:4e:33:52:f7:7a:49:bb:2a:27:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jan 16 09:09:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=756ac636b8a23924cd44743698b7e2db820a8e82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:bb:f1:6e:15:4f:1a:01:24:26:9b:2f:e5:06:
4f:0c:64:16:ad:fc:86:a3:5d:4b:a3:14:10:bd:aa:
fa:75:9b:06:3d:5b:fc:e6:90:e1:69:e9:55:58:ee:
5a:ba:b8:d1:c9:42:fe:0b:a3:3d:8d:2f:54:e8:f2:
fe:c5:3e:2c:b4:90:f6:42:73:d5:89:a1:02:8b:94:
20:7c:39:87:bc:70:1f:65:40:81:47:b6:69:86:fe:
c9:ba:ab:64:fc:e2:60:72:32:74:d5:2b:75:cf:9e:
ee:8f:d0:75:13:96:0c:fc:97:e0:17:47:45:2f:00:
23:b9:55:b5:28:ea:cd:61:55:82:b7:e3:f3:06:68:
6c:ec:28:42:06:89:57:9f:36:b6:11:d8:d3:69:ad:
d8:98:7a:73:41:db:bf:58:57:e0:c6:75:83:a0:c7:
b3:23:a0:1d:7b:58:87:7c:bc:85:98:6d:5a:d9:71:
05:90:6e:dc:a5:cc:82:e0:ba:23:0c:6f:87:89:a7:
30:f8:52:26:e7:57:2f:8c:51:66:34:a1:cd:65:3a:
2e:7f:c0:c0:d2:b8:b5:c1:f2:bc:4a:66:10:fa:eb:
87:09:cd:a7:a1:72:df:db:ff:70:04:f3:f8:3c:d3:
64:9a:b0:5c:ae:be:a9:19:14:3f:c7:23:f7:1a:83:
23:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:6A:C6:36:B8:A2:39:24:CD:44:74:36:98:B7:E2:DB:82:0A:8E:82
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/dWrGNriiOSTNRHQ2mLfi24IKjoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.209.0/24
213.145.75.0/24
213.145.94.0/23
Signature Algorithm: sha256WithRSAEncryption
59:df:18:22:50:79:a4:70:7e:89:c7:02:df:14:d7:a9:78:d7:
7d:49:1d:70:2e:f7:bf:3b:2d:d9:26:45:e5:86:d5:87:1b:3d:
56:88:d2:63:c3:eb:37:83:62:9f:b8:a6:14:a7:8d:5c:29:46:
df:2c:c8:ff:05:fc:a8:87:b5:cb:dd:66:85:33:df:d8:3d:36:
3c:f2:3d:2c:a1:ad:72:1b:20:01:56:c1:c1:e0:bb:00:15:4b:
40:4f:81:47:5e:53:4c:9e:47:27:5d:df:f4:f1:31:35:c4:56:
4f:26:a6:49:21:ee:ee:a5:ff:a4:3a:34:79:bb:8d:17:80:69:
62:5e:a4:78:7e:64:af:00:3d:8f:2d:4e:4b:d0:c6:8c:c0:90:
68:c6:cc:34:b0:d1:cf:3e:d9:8c:6b:9a:d6:ca:8c:91:dc:15:
94:eb:4b:c5:65:1e:12:95:3f:2a:88:3e:07:30:b8:6f:ae:34:
55:2e:11:3f:1e:2c:69:0d:32:f2:a3:1a:d6:87:15:66:49:60:
ac:c1:9e:6a:4e:62:04:27:c9:53:7f:57:16:a3:74:62:54:f4:
e2:fd:9b:cc:33:eb:de:a2:c2:a8:03:50:59:a6:10:02:3d:a0:
7b:25:c3:ec:c9:39:d6:c1:33:f7:fe:cc:e4:33:d5:0d:5a:ad:
a5:2b:ec:dc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0RiJfdX7tOM1L3ekm7KifpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwMTE2MDkwOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTZhYzYzNmI4YTIzOTI0Y2Q0NDc0MzY5OGI3ZTJkYjgyMGE4ZTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbvxbhVPGgEkJpsv5QZPDGQWrfyG
o11LoxQQvar6dZsGPVv85pDhaelVWO5aurjRyUL+C6M9jS9U6PL+xT4stJD2QnPV
iaECi5QgfDmHvHAfZUCBR7Zphv7Juqtk/OJgcjJ01St1z57uj9B1E5YM/JfgF0dF
LwAjuVW1KOrNYVWCt+PzBmhs7ChCBolXnza2EdjTaa3YmHpzQdu/WFfgxnWDoMez
I6Ade1iHfLyFmG1a2XEFkG7cpcyC4LojDG+Hiacw+FIm51cvjFFmNKHNZTouf8DA
0ri1wfK8SmYQ+uuHCc2noXLf2/9wBPP4PNNkmrBcrr6pGRQ/xyP3GoMjrwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHVqxja4ojkkzUR0Npi34tuCCo6CMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvZFdyR05yaWlPU1ROUkhRMm1MZmkyNElLam9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVXPRAwQA
1ZFLAwQB1ZFeMA0GCSqGSIb3DQEBCwUAA4IBAQBZ3xgiUHmkcH6JxwLfFNepeNd9
SR1wLve/Oy3ZJkXlhtWHGz1WiNJjw+s3g2KfuKYUp41cKUbfLMj/Bfyoh7XL3WaF
M9/YPTY88j0soa1yGyABVsHB4LsAFUtAT4FHXlNMnkcnXd/08TE1xFZPJqZJIe7u
pf+kOjR5u40XgGliXqR4fmSvAD2PLU5L0MaMwJBoxsw0sNHPPtmMa5rWyoyR3BWU
60vFZR4SlT8qiD4HMLhvrjRVLhE/HixpDTLyoxrWhxVmSWCswZ5qTmIEJ8lTf1cW
o3RiVPTi/ZvMM+veosKoA1BZphACPaB7JcPsyTnWwTP3/szkM9UNWq2lK+zc
-----END CERTIFICATE-----
Generated at Mon Sep 16 07:38:34 2024 by rpki-client on console-fra.rpki-client.org