Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/maNVdRsBNr59y0GAwGc6OolqJ18.roa
File: maNVdRsBNr59y0GAwGc6OolqJ18.roa (raw, json)
Hash identifier: QbJVIbae/s1eRj16T/495XUj4egrE9RRWnSdwgIAG5s=
Subject key identifier: 99:A3:55:75:1B:01:36:BE:7D:CB:41:80:C0:67:3A:3A:89:6A:27:5F
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 018D0BF1A06AF47466B3001EA263D239E3B4
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/maNVdRsBNr59y0GAwGc6OolqJ18.roa
Signing time: Mon 15 Jan 2024 07:06:41 +0000
ROA not before: Mon 15 Jan 2024 07:06:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 213.145.72.0/21 maxlen: 24
85.115.208.0/23 maxlen: 24
213.145.88.0/21 maxlen: 24
213.145.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 09:09:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0b:f1:a0:6a:f4:74:66:b3:00:1e:a2:63:d2:39:e3:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jan 15 07:06:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99a355751b0136be7dcb4180c0673a3a896a275f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a5:e0:0b:3b:9a:3b:15:0d:df:3c:06:ce:c8:
ea:12:21:82:dc:25:88:bf:62:d0:02:90:c8:39:51:
2d:45:2c:e1:6e:b5:3e:5e:87:bd:35:4f:2b:14:91:
b6:b1:72:a1:c3:4d:6c:93:d3:85:fc:15:4b:45:b5:
a6:1f:42:31:af:bf:1a:d2:fd:e7:6d:7c:ed:34:d5:
59:0b:1a:46:7d:e2:3e:83:fe:ba:79:2d:5b:44:38:
73:37:09:31:51:83:d1:a8:01:d8:6e:49:14:bf:79:
06:b8:e6:86:36:77:3d:31:2a:2f:ca:80:60:e8:42:
d7:63:77:18:06:40:af:39:bf:1b:fb:8c:ac:17:f2:
6f:6a:ac:4e:a0:82:1b:d7:d0:5e:b0:79:2c:59:f2:
58:fd:87:8e:f0:2e:76:33:e0:e6:01:15:3e:ed:4d:
04:e3:89:70:12:05:4c:f1:75:48:0e:b5:9d:87:11:
ca:6e:c0:3c:03:83:23:2c:f1:33:af:10:55:ec:b6:
7a:64:cd:e5:51:52:9a:c6:92:2a:46:c1:48:98:72:
fc:67:80:ff:dc:89:90:f3:da:77:16:64:5b:3d:b3:
31:50:3e:2b:77:e0:85:48:bb:3e:f0:6a:3e:61:55:
14:e4:1e:cf:a2:ed:d7:98:97:33:eb:4a:8b:42:24:
f9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:A3:55:75:1B:01:36:BE:7D:CB:41:80:C0:67:3A:3A:89:6A:27:5F
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/maNVdRsBNr59y0GAwGc6OolqJ18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.72.0/21
213.145.88.0/21
Signature Algorithm: sha256WithRSAEncryption
e9:1c:24:01:55:05:27:c1:51:49:ba:38:27:60:f9:96:ac:6b:
72:a9:a4:28:7f:5e:c7:5f:2e:3e:d5:f4:2b:78:a7:e7:06:a8:
b2:90:83:81:a6:2f:0e:8e:2f:f4:3b:10:ce:3d:02:4a:6a:f7:
0d:c2:bf:ca:c7:ad:5a:a7:e1:a8:18:b3:3e:3e:c9:65:30:65:
a8:fc:91:16:79:d2:b4:81:8c:f4:03:0f:c1:47:e4:18:6f:00:
1c:d8:b5:c4:41:4a:e9:26:86:ee:89:83:8f:22:ad:91:53:ea:
bb:e0:d9:3a:97:7c:e2:86:6a:03:9f:db:b3:cf:9d:9a:2a:86:
f2:2b:89:5a:f0:3b:88:50:a7:6a:26:75:0b:29:50:1b:4e:a2:
28:2b:22:1a:ec:2a:58:48:3b:0c:22:d9:75:6a:6f:08:87:51:
cf:d3:f7:2a:c5:ef:38:91:cd:09:3e:ed:41:8b:16:61:60:f2:
80:e9:50:9b:df:af:e0:f1:8e:9d:43:9b:e1:b8:51:67:46:ec:
0b:47:70:8a:08:4c:a2:2e:1a:6c:65:80:91:f3:21:3f:74:ca:
0a:2f:f1:28:ce:5a:28:08:7f:65:9e:a8:a5:0d:fc:6c:bc:79:
31:1c:05:17:a0:4d:56:d6:a9:d5:e0:6e:5a:1e:f0:44:b5:ef:
16:cb:74:5e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0L8aBq9HRmswAeomPSOeO0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwMTE1MDcwNjQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWEzNTU3NTFiMDEzNmJlN2RjYjQxODBjMDY3M2EzYTg5NmEyNzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqXgCzuaOxUN3zwGzsjqEiGC3CWI
v2LQApDIOVEtRSzhbrU+Xoe9NU8rFJG2sXKhw01sk9OF/BVLRbWmH0Ixr78a0v3n
bXztNNVZCxpGfeI+g/66eS1bRDhzNwkxUYPRqAHYbkkUv3kGuOaGNnc9MSovyoBg
6ELXY3cYBkCvOb8b+4ysF/JvaqxOoIIb19BesHksWfJY/YeO8C52M+DmARU+7U0E
44lwEgVM8XVIDrWdhxHKbsA8A4MjLPEzrxBV7LZ6ZM3lUVKaxpIqRsFImHL8Z4D/
3ImQ89p3FmRbPbMxUD4rd+CFSLs+8Go+YVUU5B7Pou3XmJcz60qLQiT5awIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJmjVXUbATa+fctBgMBnOjqJaidfMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvbWFOVmRSc0JOcjU5eTBHQXdHYzZPb2xxSjE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVXPQAwQD
1ZFIAwQD1ZFYMA0GCSqGSIb3DQEBCwUAA4IBAQDpHCQBVQUnwVFJujgnYPmWrGty
qaQof17HXy4+1fQreKfnBqiykIOBpi8Oji/0OxDOPQJKavcNwr/Kx61ap+GoGLM+
PsllMGWo/JEWedK0gYz0Aw/BR+QYbwAc2LXEQUrpJobuiYOPIq2RU+q74Nk6l3zi
hmoDn9uzz52aKobyK4la8DuIUKdqJnULKVAbTqIoKyIa7CpYSDsMItl1am8Ih1HP
0/cqxe84kc0JPu1BixZhYPKA6VCb36/g8Y6dQ5vhuFFnRuwLR3CKCEyiLhpsZYCR
8yE/dMoKL/EozlooCH9lnqilDfxsvHkxHAUXoE1W1qnV4G5aHvBEte8Wy3Re
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:12 2024 by rpki-client on console-ams.rpki-client.org