Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/eR4h42DU7cd796bZjxFhI0BXCxI.roa
File: eR4h42DU7cd796bZjxFhI0BXCxI.roa (raw, json)
Hash identifier: n5vzqe3EJnvkl/4AfBKlFS/g2HpyQwmZlzS5yK5Yub4=
Subject key identifier: 79:1E:21:E3:60:D4:ED:C7:7B:F7:A6:D9:8F:11:61:23:40:57:0B:12
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0191D0279CDA3E0A3C073337B9374646AA04
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/eR4h42DU7cd796bZjxFhI0BXCxI.roa
Signing time: Sun 08 Sep 2024 05:42:22 +0000
ROA not before: Sun 08 Sep 2024 05:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.72.0/21 maxlen: 24
213.145.82.0/23 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.84.0/24 maxlen: 24
213.145.86.0/23 maxlen: 23
213.145.88.0/21 maxlen: 24
213.145.88.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 15 Sep 2024 20:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d0:27:9c:da:3e:0a:3c:07:33:37:b9:37:46:46:aa:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Sep 8 05:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=791e21e360d4edc77bf7a6d98f11612340570b12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a5:0a:2f:63:10:19:9f:bf:45:f0:ea:75:ae:
19:4a:3a:ab:53:01:3a:1c:dd:59:20:5a:51:ad:ba:
db:14:a1:88:ce:37:49:a7:2a:16:4e:e2:17:b0:b3:
4d:f1:24:ee:3c:9a:c5:f1:61:ed:5f:d5:5e:e6:46:
79:9d:3f:e0:59:ab:5b:7a:e6:10:4e:90:ec:e3:6b:
19:ea:3a:52:ea:8b:1a:72:17:30:11:aa:b7:04:bf:
67:33:99:63:16:01:a2:58:5e:f8:c6:9d:82:f0:bd:
e9:7b:02:1a:17:33:97:0a:31:ca:74:71:48:0d:29:
6c:6c:89:9a:46:55:98:80:97:6b:aa:75:74:3a:58:
c1:0e:50:66:b6:52:e2:64:0b:01:42:b8:4a:b3:8b:
3e:58:e4:57:fe:51:a9:2b:5f:92:68:93:ce:d4:98:
c4:3f:bd:e8:2f:45:fa:66:a7:9b:ab:d9:fb:6a:b6:
07:cc:48:ff:a6:ef:c9:d6:c4:a3:ee:92:46:97:9c:
d5:8f:e8:8c:0c:8b:a0:fb:80:c5:e0:85:e5:dd:8d:
0a:ea:49:1a:32:4a:9f:40:54:32:65:92:e4:e3:67:
04:bd:1e:58:b8:06:2c:2c:c6:f8:52:c1:a0:d6:76:
08:fc:7a:7b:05:3b:1f:a9:f2:9a:13:8c:7b:48:5e:
cc:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:1E:21:E3:60:D4:ED:C7:7B:F7:A6:D9:8F:11:61:23:40:57:0B:12
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/eR4h42DU7cd796bZjxFhI0BXCxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.68.0/23
213.145.72.0/21
213.145.82.0-213.145.95.255
Signature Algorithm: sha256WithRSAEncryption
64:d5:98:ca:5b:08:29:f7:12:fb:82:e0:8d:6a:d7:73:70:19:
fa:63:25:aa:77:d0:00:e7:cd:c4:70:26:1f:cc:55:d0:80:e2:
17:b2:47:4b:3d:91:b5:f7:df:85:a6:7a:16:91:dd:da:a7:d8:
f6:b1:16:97:dc:18:06:e2:2c:37:96:1c:92:4b:6b:8d:df:cb:
78:68:83:df:c4:7d:64:42:ea:9c:d7:11:79:d5:b7:c6:93:ec:
78:f1:ce:32:07:e3:2f:74:e7:63:7c:7b:58:7c:29:27:e7:1d:
12:c6:bc:9a:9b:29:2a:53:82:d8:3a:88:38:bd:f7:4f:bb:a5:
6e:d5:e3:21:f9:37:6a:c7:dc:80:95:4c:71:43:fc:f6:5c:7f:
74:36:40:39:97:ba:02:f9:1f:85:9d:f0:03:ce:31:f3:c6:65:
d6:e0:26:f8:1e:11:53:67:0d:b0:61:69:05:15:da:2a:57:6b:
e5:71:20:4b:e5:92:5e:a4:13:21:4d:e3:bc:0c:6b:b2:78:da:
c1:30:30:00:6f:eb:c2:ff:a0:60:9e:76:fd:7b:6c:07:80:d1:
42:d5:cf:53:4a:34:64:90:76:a8:8b:bb:37:2c:85:17:b0:e6:
c1:c9:d1:64:6b:bb:54:87:98:92:ef:2b:b7:f8:a2:8e:c6:83:
be:ea:cf:a6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZHQJ5zaPgo8BzM3uTdGRqoEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwOTA4MDU0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTFlMjFlMzYwZDRlZGM3N2JmN2E2ZDk4ZjExNjEyMzQwNTcwYjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaUKL2MQGZ+/RfDqda4ZSjqrUwE6
HN1ZIFpRrbrbFKGIzjdJpyoWTuIXsLNN8STuPJrF8WHtX9Ve5kZ5nT/gWatbeuYQ
TpDs42sZ6jpS6osachcwEaq3BL9nM5ljFgGiWF74xp2C8L3pewIaFzOXCjHKdHFI
DSlsbImaRlWYgJdrqnV0OljBDlBmtlLiZAsBQrhKs4s+WORX/lGpK1+SaJPO1JjE
P73oL0X6Zqebq9n7arYHzEj/pu/J1sSj7pJGl5zVj+iMDIug+4DF4IXl3Y0K6kka
MkqfQFQyZZLk42cEvR5YuAYsLMb4UsGg1nYI/Hp7BTsfqfKaE4x7SF7MvQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHkeIeNg1O3He/em2Y8RYSNAVwsSMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvZVI0aDQyRFU3Y2Q3OTZiWmp4RmhJMEJYQ3hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBVXPQAwQB
1ZFEAwQD1ZFIMAwDBAHVkVIDBAXVkUAwDQYJKoZIhvcNAQELBQADggEBAGTVmMpb
CCn3EvuC4I1q13NwGfpjJap30ADnzcRwJh/MVdCA4heyR0s9kbX334WmehaR3dqn
2PaxFpfcGAbiLDeWHJJLa43fy3hog9/EfWRC6pzXEXnVt8aT7HjxzjIH4y9052N8
e1h8KSfnHRLGvJqbKSpTgtg6iDi990+7pW7V4yH5N2rH3ICVTHFD/PZcf3Q2QDmX
ugL5H4Wd8APOMfPGZdbgJvgeEVNnDbBhaQUV2ipXa+VxIEvlkl6kEyFN47wMa7J4
2sEwMABv68L/oGCedv17bAeA0ULVz1NKNGSQdqiLuzcshRew5sHJ0WRru1SHmJLv
K7f4oo7Gg77qz6Y=
Generated at Sun Sep 15 23:58:37 2024 by rpki-client on console-ams.rpki-client.org