Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/hP7dzA5LGnLihr2d0mIN44GVQ6E.roa
File: hP7dzA5LGnLihr2d0mIN44GVQ6E.roa (raw, json)
Hash identifier: TEIi9kQqCriBRyCEnysIRhEGi7yeJdvSWikZuKNuxMU=
Subject key identifier: 84:FE:DD:CC:0E:4B:1A:72:E2:86:BD:9D:D2:62:0D:E3:81:95:43:A1
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 01894E864CBE82B00057E5C22AC0ECFC0BB8
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/hP7dzA5LGnLihr2d0mIN44GVQ6E.roa
Signing time: Thu 13 Jul 2023 09:12:51 +0000
ROA not before: Thu 13 Jul 2023 09:12:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
85.115.210.0/23 maxlen: 24
85.115.210.0/24 maxlen: 24
213.145.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Jul 2023 14:15:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4e:86:4c:be:82:b0:00:57:e5:c2:2a:c0:ec:fc:0b:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jul 13 09:12:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84feddcc0e4b1a72e286bd9dd2620de3819543a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:0e:84:f2:4e:32:db:6f:97:cc:53:ae:c7:95:
cf:d7:9f:3b:fc:0f:bb:ab:13:17:40:04:db:ac:26:
8a:99:33:e6:ac:e6:1a:c8:9b:b8:43:f0:37:9d:43:
7c:e0:46:bf:2f:41:1f:77:ba:fd:36:7a:32:07:06:
f0:64:ae:44:e0:30:bb:84:62:a4:59:2a:a4:ac:fa:
04:d3:ed:6d:5b:32:1e:a6:62:4b:27:b9:01:47:36:
ec:a3:4a:e1:b8:ec:f3:ca:10:00:83:74:eb:fe:0e:
33:84:b4:71:34:a2:1b:49:40:fe:22:e6:57:c9:6e:
06:be:2d:98:97:55:90:b8:d4:70:54:f1:a6:e1:6d:
da:6c:53:3f:ca:bd:d9:6d:e3:a9:1d:ff:7e:66:4b:
d3:6b:3f:a9:4a:ef:f3:21:aa:39:88:96:21:71:53:
2e:e1:50:0e:ee:bd:c2:23:96:d2:97:e9:5b:1d:48:
a6:d1:fa:6a:e9:8e:74:8b:30:61:3c:8f:d7:5f:1a:
49:1e:1f:d1:84:2b:3f:fe:3c:5e:96:65:9c:b9:cf:
8a:40:40:90:2a:6f:33:ef:f8:ce:0f:ca:f9:bc:46:
8f:59:a9:2e:4b:11:36:22:cd:27:f8:9d:db:51:c9:
59:5e:17:f5:e3:eb:7a:d2:9c:5c:1c:14:0a:d1:11:
9f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:FE:DD:CC:0E:4B:1A:72:E2:86:BD:9D:D2:62:0D:E3:81:95:43:A1
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/hP7dzA5LGnLihr2d0mIN44GVQ6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/22
213.145.88.0/21
Signature Algorithm: sha256WithRSAEncryption
e1:88:48:23:55:02:71:9a:59:ef:32:33:86:fb:38:64:a8:26:
23:70:0a:db:22:40:a7:b1:af:e8:eb:a9:37:9a:87:5c:94:2d:
cb:31:f9:74:cc:a3:8c:05:c9:82:6b:c8:aa:ea:be:db:b2:5e:
d1:d6:a8:67:8a:65:f5:9e:08:9a:af:70:82:69:de:b8:f9:42:
b9:27:e0:10:db:67:1c:5b:59:0f:b3:e8:e7:19:61:cb:0e:51:
95:b5:93:45:35:7a:46:1f:0f:3c:3c:0a:5f:9c:a1:a9:c6:24:
eb:83:94:fe:4e:76:ad:d6:3c:84:da:9d:54:c4:d1:13:81:90:
bf:17:09:46:14:c2:92:d1:58:5a:76:79:6c:d5:49:e7:d7:16:
e1:83:af:f7:39:c4:81:d5:8a:1b:09:fe:3d:1c:34:52:a8:c8:
fd:fe:a0:ee:86:a5:70:1f:8d:26:eb:0b:2f:66:a4:de:8e:dd:
66:10:3e:9d:a9:72:da:12:da:76:6d:49:21:3d:9d:43:d7:4a:
13:58:5f:c8:1c:94:ea:3d:aa:fe:30:c6:75:6d:a8:61:4e:05:
c3:50:9e:66:25:0a:a1:51:76:3f:3d:22:34:a9:8c:69:11:4b:
61:94:2e:2b:97:60:a6:f2:89:ef:1b:97:0d:cf:16:d1:63:67:
0b:69:7c:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlOhky+grAAV+XCKsDs/Au4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjMwNzEzMDkxMjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGZlZGRjYzBlNGIxYTcyZTI4NmJkOWRkMjYyMGRlMzgxOTU0M2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyw6E8k4y22+XzFOux5XP1587/A+7
qxMXQATbrCaKmTPmrOYayJu4Q/A3nUN84Ea/L0Efd7r9NnoyBwbwZK5E4DC7hGKk
WSqkrPoE0+1tWzIepmJLJ7kBRzbso0rhuOzzyhAAg3Tr/g4zhLRxNKIbSUD+IuZX
yW4Gvi2Yl1WQuNRwVPGm4W3abFM/yr3ZbeOpHf9+ZkvTaz+pSu/zIao5iJYhcVMu
4VAO7r3CI5bSl+lbHUim0fpq6Y50izBhPI/XXxpJHh/RhCs//jxelmWcuc+KQECQ
Km8z7/jOD8r5vEaPWakuSxE2Is0n+J3bUclZXhf14+t60pxcHBQK0RGfdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIT+3cwOSxpy4oa9ndJiDeOBlUOhMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvaFA3ZHpBNUxHbkxpaHIyZDBtSU40NEdWUTZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVXPQAwQD
1ZFYMA0GCSqGSIb3DQEBCwUAA4IBAQDhiEgjVQJxmlnvMjOG+zhkqCYjcArbIkCn
sa/o66k3modclC3LMfl0zKOMBcmCa8iq6r7bsl7R1qhnimX1ngiar3CCad64+UK5
J+AQ22ccW1kPs+jnGWHLDlGVtZNFNXpGHw88PApfnKGpxiTrg5T+Tnat1jyE2p1U
xNETgZC/FwlGFMKS0Vhadnls1Unn1xbhg6/3OcSB1YobCf49HDRSqMj9/qDuhqVw
H40m6wsvZqTejt1mED6dqXLaEtp2bUkhPZ1D10oTWF/IHJTqPar+MMZ1bahhTgXD
UJ5mJQqhUXY/PSI0qYxpEUthlC4rl2Cm8onvG5cNzxbRY2cLaXyJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:12 2024 by rpki-client on console-ams.rpki-client.org