Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/i43n7UfP6OLVzj3PEiveWPGheJQ.roa
File: i43n7UfP6OLVzj3PEiveWPGheJQ.roa (raw, json)
Hash identifier: jXdRNHd75r2Fcdk6eraGaoI5wAEdFHKP1JRTKePDZws=
Subject key identifier: 8B:8D:E7:ED:47:CF:E8:E2:D5:CE:3D:CF:12:2B:DE:58:F1:A1:78:94
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 018E1833A3569FEC7AF867297CACA714EBDB
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/i43n7UfP6OLVzj3PEiveWPGheJQ.roa
Signing time: Thu 07 Mar 2024 09:17:01 +0000
ROA not before: Thu 07 Mar 2024 09:17:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.74.0/24 maxlen: 24
213.145.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Mar 2024 17:57:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:18:33:a3:56:9f:ec:7a:f8:67:29:7c:ac:a7:14:eb:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Mar 7 09:17:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b8de7ed47cfe8e2d5ce3dcf122bde58f1a17894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f3:fb:7b:ab:ee:32:82:ea:44:e7:1f:62:a8:
ba:35:9f:88:85:96:09:33:f1:d7:b8:eb:39:05:bc:
e9:18:58:b7:de:5e:b3:6c:62:95:10:d6:ba:af:e9:
63:ab:79:b8:05:c1:03:8d:f2:01:6a:bc:a0:a7:a7:
ec:e0:55:66:c6:d1:60:f5:39:80:73:7b:8f:f0:a5:
da:83:f2:63:8f:b7:54:21:7d:a3:ff:2b:31:62:6e:
4a:d7:d4:8f:57:57:51:4e:60:14:9e:35:a6:fc:3a:
da:d4:10:ee:a6:4c:22:1b:f8:ba:12:f7:4d:7f:c8:
aa:9e:a8:41:f0:af:02:4e:ac:e8:f6:d3:d5:52:44:
f4:4f:ef:a8:65:f8:4e:16:03:2d:74:3b:d5:a0:71:
78:de:ea:e0:19:69:1e:66:0e:93:87:1d:8d:fd:1a:
ca:6a:ed:00:0c:76:9e:89:10:21:cf:a3:66:f9:d5:
27:07:af:1c:4e:71:ce:51:80:f1:1b:6c:81:3d:ef:
6c:42:6a:b2:db:47:19:9e:d3:b7:95:11:ee:14:5c:
b6:a8:f0:69:47:97:fb:e9:d1:65:82:7a:78:50:89:
f3:fa:9f:89:c1:a6:79:95:96:7f:ad:d8:d7:16:42:
31:62:10:fd:16:ec:77:0c:63:d4:6c:30:64:11:88:
a3:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:8D:E7:ED:47:CF:E8:E2:D5:CE:3D:CF:12:2B:DE:58:F1:A1:78:94
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/i43n7UfP6OLVzj3PEiveWPGheJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.72.0/21
213.145.88.0/21
Signature Algorithm: sha256WithRSAEncryption
89:26:51:22:c7:cc:17:f7:c2:a1:3a:4b:72:7d:2d:c6:a4:6b:
9e:9a:b8:f9:5a:3b:7e:e8:58:8f:fc:10:16:10:d9:af:8d:2e:
6f:ed:cb:fe:c4:7d:b9:be:5d:9d:46:bb:db:39:97:8b:74:83:
1b:0e:a9:a8:ea:3b:9d:39:21:ae:a9:76:80:2e:db:7d:16:f2:
4f:67:0a:f1:c1:be:b9:00:b1:17:91:db:04:d1:cf:b5:e1:8e:
57:11:da:b2:fa:fc:34:56:bc:0c:f6:e9:b6:f4:39:59:e7:38:
c1:b0:b8:1e:67:77:3b:ef:d5:d6:30:c2:2f:e6:8c:45:fc:81:
be:56:c5:5e:f6:1c:c7:e6:56:f0:c7:58:6f:94:3d:c0:fe:e0:
23:fd:71:f6:f1:bc:ac:c0:08:e6:ea:0e:8c:2b:9e:d1:c2:9a:
c7:20:cd:e5:33:70:bd:b8:8b:b7:3c:02:eb:e5:7b:cb:92:d9:
d5:58:9c:da:1f:a3:b6:4b:15:ed:aa:48:f1:ee:4e:f1:59:8c:
2c:3b:5b:0d:01:9f:2b:76:4f:5b:7c:8d:58:91:b5:f4:28:b2:
4d:12:2b:6f:b4:60:75:a0:22:dd:84:22:d0:d2:68:39:ad:a2:
f5:a2:d5:c0:c2:be:36:90:d5:b0:dd:16:9a:92:97:94:2e:90:
92:6d:10:0d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY4YM6NWn+x6+GcpfKynFOvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwMzA3MDkxNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjhkZTdlZDQ3Y2ZlOGUyZDVjZTNkY2YxMjJiZGU1OGYxYTE3ODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/P7e6vuMoLqROcfYqi6NZ+IhZYJ
M/HXuOs5BbzpGFi33l6zbGKVENa6r+ljq3m4BcEDjfIBarygp6fs4FVmxtFg9TmA
c3uP8KXag/Jjj7dUIX2j/ysxYm5K19SPV1dRTmAUnjWm/Dra1BDupkwiG/i6EvdN
f8iqnqhB8K8CTqzo9tPVUkT0T++oZfhOFgMtdDvVoHF43urgGWkeZg6Thx2N/RrK
au0ADHaeiRAhz6Nm+dUnB68cTnHOUYDxG2yBPe9sQmqy20cZntO3lRHuFFy2qPBp
R5f76dFlgnp4UInz+p+JwaZ5lZZ/rdjXFkIxYhD9Fux3DGPUbDBkEYijCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIuN5+1Hz+ji1c49zxIr3ljxoXiUMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvaTQzbjdVZlA2T0xWemozUEVpdmVXUEdoZUpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVXPQAwQD
1ZFIAwQD1ZFYMA0GCSqGSIb3DQEBCwUAA4IBAQCJJlEix8wX98KhOktyfS3GpGue
mrj5Wjt+6FiP/BAWENmvjS5v7cv+xH25vl2dRrvbOZeLdIMbDqmo6judOSGuqXaA
Ltt9FvJPZwrxwb65ALEXkdsE0c+14Y5XEdqy+vw0VrwM9um29DlZ5zjBsLgeZ3c7
79XWMMIv5oxF/IG+VsVe9hzH5lbwx1hvlD3A/uAj/XH28byswAjm6g6MK57RwprH
IM3lM3C9uIu3PALr5XvLktnVWJzaH6O2SxXtqkjx7k7xWYwsO1sNAZ8rdk9bfI1Y
kbX0KLJNEitvtGB1oCLdhCLQ0mg5raL1otXAwr42kNWw3RaakpeULpCSbRAN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:12 2024 by rpki-client on console-ams.rpki-client.org