Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/iNTmPqDlHx5sNJaLSqeZZ1Vh8Pw.roa
File: iNTmPqDlHx5sNJaLSqeZZ1Vh8Pw.roa (raw, json)
Hash identifier: kdYMbA5QT1DeonOE/UOgJlBxolQXsBUkS3KiAp1Om+k=
Subject key identifier: 88:D4:E6:3E:A0:E5:1F:1E:6C:34:96:8B:4A:A7:99:67:55:61:F0:FC
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0191F92E067666C5AB08EBC18F61F89FCB9E
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/iNTmPqDlHx5sNJaLSqeZZ1Vh8Pw.roa
Signing time: Mon 16 Sep 2024 04:53:48 +0000
ROA not before: Mon 16 Sep 2024 04:53:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.72.0/21 maxlen: 24
213.145.82.0/23 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.86.0/23 maxlen: 23
213.145.88.0/21 maxlen: 24
213.145.88.0/23 maxlen: 24
213.145.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Sep 2024 08:40:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f9:2e:06:76:66:c5:ab:08:eb:c1:8f:61:f8:9f:cb:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Sep 16 04:53:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88d4e63ea0e51f1e6c34968b4aa799675561f0fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:d6:7f:a9:3f:79:cd:8b:d2:48:56:fc:02:4a:
8c:9c:b9:82:ea:d5:4b:0a:84:f0:10:c9:e7:e4:48:
1c:72:88:a4:a7:bb:73:31:04:d5:b8:46:bb:33:5b:
8e:48:af:79:f6:13:45:55:42:1a:6f:d7:b9:8e:5e:
5b:46:75:cf:fa:35:05:08:26:71:7a:ca:5b:a5:91:
af:d5:51:66:fd:f3:89:17:9a:9d:82:39:b6:78:e0:
66:20:07:4e:34:81:08:eb:cb:94:ec:70:91:47:0b:
dd:20:57:48:de:a5:57:a0:3c:37:06:39:93:ca:0b:
29:0a:f4:b3:d3:49:40:e2:bf:d8:a6:13:d6:82:22:
fc:9e:ff:21:83:b6:27:91:16:c1:f4:32:c3:bd:6b:
c7:32:3d:b1:e2:f3:8a:47:9a:3a:be:4b:a9:d6:47:
0b:10:ae:f5:48:37:dc:81:bd:b8:41:19:54:78:e1:
74:0d:c2:9e:ad:a6:4c:31:e2:e0:b8:2b:1c:0d:1e:
dd:31:21:4b:4d:79:86:26:c9:a4:b9:86:68:1a:e9:
28:4d:be:0c:3b:c0:de:57:37:c5:61:c5:dc:8b:78:
86:13:da:ee:bd:38:fc:ca:bf:e8:7f:7f:25:c2:48:
e0:02:14:bd:8d:b9:70:4f:82:82:bf:f4:e6:ea:bd:
80:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D4:E6:3E:A0:E5:1F:1E:6C:34:96:8B:4A:A7:99:67:55:61:F0:FC
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/iNTmPqDlHx5sNJaLSqeZZ1Vh8Pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.68.0/23
213.145.72.0/21
213.145.82.0-213.145.95.255
Signature Algorithm: sha256WithRSAEncryption
77:53:c8:7d:cd:e6:06:92:04:3d:ee:29:ad:1e:bb:be:c8:28:
7b:7b:d9:86:66:b8:92:cb:e0:55:94:5a:1d:68:ee:2c:a2:d3:
a4:1d:5d:0a:56:2b:2b:9d:80:4d:5a:cc:99:f9:2f:b5:27:b1:
3f:90:e0:83:8e:9f:d9:ec:48:fe:d3:a2:e5:6a:81:3a:57:a7:
c3:40:69:d8:24:4b:90:f2:37:fa:fe:da:03:a9:8c:16:ea:1e:
3a:e5:e0:a1:f1:b2:50:08:be:b2:c6:71:0c:79:45:25:14:39:
87:66:9f:ca:8c:cf:6c:31:c0:9c:b0:f1:80:c1:d8:74:ad:52:
95:e5:7a:29:fb:a2:3c:35:87:34:20:00:c2:5b:24:36:3c:40:
c5:c4:9b:0e:7c:02:f5:54:b0:52:59:ad:2d:33:c8:b7:21:65:
5a:8a:f5:e8:56:6e:31:e8:71:fd:1a:7b:1d:0d:41:50:90:32:
fd:1c:74:73:2e:28:c0:14:5f:17:97:21:23:d1:5e:14:2d:f8:
54:9a:3e:42:96:b4:65:b0:06:ac:8e:e9:00:56:7d:30:71:b4:
43:11:58:0a:58:f9:2d:69:cb:2e:90:0a:85:59:87:f6:75:ce:
12:bf:77:db:87:2c:a6:ab:44:c1:fc:58:fe:bb:ef:31:ff:14:
b0:ee:f8:ed
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZH5LgZ2ZsWrCOvBj2H4n8ueMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwOTE2MDQ1MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGQ0ZTYzZWEwZTUxZjFlNmMzNDk2OGI0YWE3OTk2NzU1NjFmMGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA99Z/qT95zYvSSFb8AkqMnLmC6tVL
CoTwEMnn5Egccoikp7tzMQTVuEa7M1uOSK959hNFVUIab9e5jl5bRnXP+jUFCCZx
espbpZGv1VFm/fOJF5qdgjm2eOBmIAdONIEI68uU7HCRRwvdIFdI3qVXoDw3BjmT
ygspCvSz00lA4r/YphPWgiL8nv8hg7YnkRbB9DLDvWvHMj2x4vOKR5o6vkup1kcL
EK71SDfcgb24QRlUeOF0DcKeraZMMeLguCscDR7dMSFLTXmGJsmkuYZoGukoTb4M
O8DeVzfFYcXci3iGE9ruvTj8yr/of38lwkjgAhS9jblwT4KCv/Tm6r2ANQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIjU5j6g5R8ebDSWi0qnmWdVYfD8MB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvaU5UbVBxRGxIeDVzTkphTFNxZVpaMVZoOFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBVXPQAwQB
1ZFEAwQD1ZFIMAwDBAHVkVIDBAXVkUAwDQYJKoZIhvcNAQELBQADggEBAHdTyH3N
5gaSBD3uKa0eu77IKHt72YZmuJLL4FWUWh1o7iyi06QdXQpWKyudgE1azJn5L7Un
sT+Q4IOOn9nsSP7TouVqgTpXp8NAadgkS5DyN/r+2gOpjBbqHjrl4KHxslAIvrLG
cQx5RSUUOYdmn8qMz2wxwJyw8YDB2HStUpXlein7ojw1hzQgAMJbJDY8QMXEmw58
AvVUsFJZrS0zyLchZVqK9ehWbjHocf0aex0NQVCQMv0cdHMuKMAUXxeXISPRXhQt
+FSaPkKWtGWwBqyO6QBWfTBxtEMRWApY+S1pyy6QCoVZh/Z1zhK/d9uHLKarRMH8
WP677zH/FLDu+O0=
-----END CERTIFICATE-----
Generated at Wed Sep 25 11:48:48 2024 by rpki-client on console-fra.rpki-client.org