Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/k0ozGIsMaXccHPAnN-em1-AABrE.roa
File: k0ozGIsMaXccHPAnN-em1-AABrE.roa (raw, json)
Hash identifier: i52vDbzjNJpDxKQQbbkMtYwcKZeXNElKelzlKBJdjG4=
Subject key identifier: 93:4A:33:18:8B:0C:69:77:1C:1C:F0:27:37:E7:A6:D7:E0:00:06:B1
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 018954C2104D20DC0C7332D52AEE96B02BB5
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/k0ozGIsMaXccHPAnN-em1-AABrE.roa
Signing time: Fri 14 Jul 2023 14:15:51 +0000
ROA not before: Fri 14 Jul 2023 14:15:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 85.115.211.0/24 maxlen: 24
85.115.208.0/23 maxlen: 24
85.115.210.0/24 maxlen: 24
85.115.210.0/23 maxlen: 24
213.145.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Jul 2023 08:33:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:54:c2:10:4d:20:dc:0c:73:32:d5:2a:ee:96:b0:2b:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jul 14 14:15:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=934a33188b0c69771c1cf02737e7a6d7e00006b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d5:e4:80:fe:27:88:7f:46:e2:fa:57:10:21:
98:e5:69:8b:1f:ca:48:bf:49:d4:7f:d5:0c:ad:16:
8d:25:c7:b6:bc:14:0f:21:4a:02:e0:bf:40:85:e6:
ca:fd:6d:40:fc:3b:6a:c1:b9:0a:84:6b:49:b2:46:
e7:05:58:9b:4d:c4:fc:a2:f2:89:bc:e3:f2:e6:5f:
2f:cc:7a:95:21:2d:33:4b:88:e8:00:73:3c:42:16:
84:f4:01:65:ed:13:bf:c4:73:ee:27:37:dd:57:3b:
ca:5f:dd:2d:73:d6:65:90:74:32:f4:12:26:12:11:
da:9a:09:d4:d3:7e:f3:f4:f6:61:f3:66:a0:52:2e:
ac:29:cc:61:cc:e2:21:17:90:0d:ff:2a:6b:85:fd:
0f:b1:0f:60:79:79:e6:ff:60:f7:90:22:7f:16:e1:
1d:2a:de:84:b8:c2:56:75:5a:be:4e:bf:05:3e:a9:
40:e3:1f:78:21:a9:b5:ea:c7:e3:d4:5f:49:95:1a:
c1:f0:01:22:74:08:ee:76:e6:97:0c:e3:fe:e7:76:
60:24:9c:30:67:29:c6:f5:aa:03:20:64:7f:86:02:
ec:f5:93:66:1c:2b:8c:20:38:aa:a4:b8:b4:21:d6:
b7:bf:d9:eb:56:9c:7c:1a:cc:7d:4e:89:84:9c:7b:
c7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:4A:33:18:8B:0C:69:77:1C:1C:F0:27:37:E7:A6:D7:E0:00:06:B1
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/k0ozGIsMaXccHPAnN-em1-AABrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/22
213.145.88.0/21
Signature Algorithm: sha256WithRSAEncryption
78:eb:b3:28:0d:4e:d7:8b:e1:7e:2e:71:28:b8:30:fc:ea:f5:
89:5a:96:38:0e:23:eb:e0:ed:9a:41:ea:bf:10:b7:28:56:72:
27:c9:aa:30:8e:30:01:c5:60:06:fe:91:da:a6:e2:4b:ce:e2:
2c:05:ec:09:ef:4a:de:8d:fd:0d:c1:75:88:c1:87:bc:66:7f:
2c:f0:15:42:bb:c6:4d:28:fb:49:9a:4e:c9:cf:08:9b:3c:2c:
88:5c:ec:8d:3f:89:b4:75:eb:fb:49:e9:ad:e9:0b:5a:c5:d3:
d3:4c:7a:d6:1b:3a:c9:45:ed:f8:fb:4e:c6:2f:92:fe:36:21:
71:5d:c6:ed:39:bc:0b:7a:0f:c2:30:43:f5:d5:18:00:47:5f:
59:be:fa:c6:3c:66:5d:87:95:1f:fa:3a:f6:1b:f1:4f:d2:36:
62:44:04:c8:32:64:7f:49:73:31:12:90:e6:7c:6f:3c:9e:a1:
5d:f9:d8:7c:b3:85:54:fe:69:b0:33:ea:0e:e8:6d:61:b2:92:
e5:da:fe:3c:4e:c8:e2:b2:75:f5:0a:fe:aa:fa:6d:6a:2c:9b:
ee:0a:2c:b5:f3:21:03:85:b7:97:fb:96:f1:02:fa:76:86:9f:
15:f7:c6:d9:2f:e7:5f:f0:ce:26:1d:7b:61:4a:d5:81:4e:1e:
c9:15:bc:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlUwhBNINwMczLVKu6WsCu1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjMwNzE0MTQxNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzRhMzMxODhiMGM2OTc3MWMxY2YwMjczN2U3YTZkN2UwMDAwNmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntXkgP4niH9G4vpXECGY5WmLH8pI
v0nUf9UMrRaNJce2vBQPIUoC4L9AhebK/W1A/DtqwbkKhGtJskbnBVibTcT8ovKJ
vOPy5l8vzHqVIS0zS4joAHM8QhaE9AFl7RO/xHPuJzfdVzvKX90tc9ZlkHQy9BIm
EhHamgnU037z9PZh82agUi6sKcxhzOIhF5AN/yprhf0PsQ9geXnm/2D3kCJ/FuEd
Kt6EuMJWdVq+Tr8FPqlA4x94Iam16sfj1F9JlRrB8AEidAjuduaXDOP+53ZgJJww
ZynG9aoDIGR/hgLs9ZNmHCuMIDiqpLi0Ida3v9nrVpx8Gsx9TomEnHvHvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJNKMxiLDGl3HBzwJzfnptfgAAaxMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvazBvekdJc01hWGNjSFBBbk4tZW0xLUFBQnJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVXPQAwQD
1ZFYMA0GCSqGSIb3DQEBCwUAA4IBAQB467MoDU7Xi+F+LnEouDD86vWJWpY4DiPr
4O2aQeq/ELcoVnInyaowjjABxWAG/pHapuJLzuIsBewJ70rejf0NwXWIwYe8Zn8s
8BVCu8ZNKPtJmk7JzwibPCyIXOyNP4m0dev7Semt6QtaxdPTTHrWGzrJRe34+07G
L5L+NiFxXcbtObwLeg/CMEP11RgAR19ZvvrGPGZdh5Uf+jr2G/FP0jZiRATIMmR/
SXMxEpDmfG88nqFd+dh8s4VU/mmwM+oO6G1hspLl2v48TsjisnX1Cv6q+m1qLJvu
Ciy18yEDhbeX+5bxAvp2hp8V98bZL+df8M4mHXthStWBTh7JFbxD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:12 2024 by rpki-client on console-ams.rpki-client.org