Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/qhNM-YE1aD_RFGeCvzBJcZ4gnDo.roa
File: qhNM-YE1aD_RFGeCvzBJcZ4gnDo.roa (raw, json)
Hash identifier: rz8ZFgv8AizjbgEYnBDDUcP9hU8WTNORfzlj//ZTM5E=
Subject key identifier: AA:13:4C:F9:81:35:68:3F:D1:14:67:82:BF:30:49:71:9E:20:9C:3A
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 018CAFB58616FF27118D307711138E46A0B7
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/qhNM-YE1aD_RFGeCvzBJcZ4gnDo.roa
Signing time: Thu 28 Dec 2023 09:15:58 +0000
ROA not before: Thu 28 Dec 2023 09:15:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 213.145.72.0/21 maxlen: 24
85.115.208.0/23 maxlen: 24
213.145.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:af:b5:86:16:ff:27:11:8d:30:77:11:13:8e:46:a0:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Dec 28 09:15:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa134cf98135683fd1146782bf3049719e209c3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:63:3f:00:32:ea:9a:e4:0e:e1:c6:62:70:6f:
2c:49:2c:94:6f:b0:d6:2f:15:55:33:07:a2:2f:6d:
8f:95:f9:a9:b8:b2:e0:55:5c:14:1a:7a:48:1e:c8:
e3:7f:0a:dc:3b:f3:38:e9:6a:cc:90:c2:d7:bb:bd:
9a:1b:99:43:5c:20:1c:97:12:1c:69:ba:ce:5f:55:
97:11:01:8f:89:ff:54:e7:58:94:4f:46:d0:a4:d0:
d6:d8:d0:b7:1b:50:cf:f6:4b:0e:ea:73:64:0f:f8:
31:df:ad:a7:57:e0:87:12:8a:b8:95:f2:4c:d7:5f:
20:72:82:2c:dc:91:1b:26:c7:9d:bf:23:0f:a3:3c:
66:0c:a2:d5:c6:35:87:e0:13:5a:24:73:45:4e:ec:
31:2a:1c:70:54:9c:e7:c6:43:e7:42:5f:09:d0:e0:
28:38:6f:66:72:0a:c9:93:28:a4:e0:b7:e8:27:35:
28:71:f5:3f:cf:d8:cc:1e:01:93:af:0b:89:28:94:
bd:12:61:75:b6:6b:59:20:1c:2d:fc:68:4e:cd:4b:
8d:9e:82:60:80:72:5a:08:d6:a4:99:20:7f:90:72:
6e:d9:6c:92:06:1c:aa:2f:05:cb:4a:66:e9:7c:c7:
a2:ed:dc:f5:ec:9f:13:5b:54:33:a9:71:91:38:25:
e0:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:13:4C:F9:81:35:68:3F:D1:14:67:82:BF:30:49:71:9E:20:9C:3A
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/qhNM-YE1aD_RFGeCvzBJcZ4gnDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.72.0/21
213.145.88.0/21
Signature Algorithm: sha256WithRSAEncryption
c4:d2:17:43:d0:47:b5:fb:69:d0:0f:0a:d1:7e:0f:08:be:65:
23:be:a8:46:54:da:fe:14:23:f2:81:6d:31:6f:42:66:b0:13:
15:da:a7:ca:89:97:08:02:ba:59:bd:9b:4d:8d:fe:d2:5d:ea:
b9:d5:96:05:10:90:46:bf:4c:01:54:79:cf:74:cd:d6:53:c4:
e8:fa:f6:d2:9b:79:9d:21:3b:c3:21:07:2d:d4:f5:f9:e6:ad:
c2:86:a8:1f:b1:f7:90:9a:8c:a6:db:9d:ff:3d:67:47:db:f1:
5d:69:c5:7f:79:f2:98:b6:9f:33:f3:31:a1:2b:b6:12:d4:92:
88:03:5a:5a:bf:76:db:ba:bd:e9:7e:cd:de:c3:6c:47:87:50:
94:8f:ec:30:6d:57:62:c6:d3:6e:19:35:e5:6b:26:ea:29:b0:
97:45:2c:77:44:31:ea:be:21:35:3e:3e:34:d2:a0:92:7e:a4:
10:8e:41:4c:81:5b:7f:d0:da:96:87:8d:6f:84:18:9d:7f:39:
42:58:c6:d5:3f:3a:90:93:d6:99:e1:14:6e:59:87:1e:39:0c:
2a:3b:38:ec:d2:1a:49:22:55:c6:11:e5:6c:26:db:3a:4f:81:
07:55:f5:84:90:5b:16:92:c3:88:27:ae:1b:bf:7d:01:c3:bb:
ad:a0:f8:f9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyvtYYW/ycRjTB3EROORqC3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjMxMjI4MDkxNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTEzNGNmOTgxMzU2ODNmZDExNDY3ODJiZjMwNDk3MTllMjA5YzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWM/ADLqmuQO4cZicG8sSSyUb7DW
LxVVMweiL22PlfmpuLLgVVwUGnpIHsjjfwrcO/M46WrMkMLXu72aG5lDXCAclxIc
abrOX1WXEQGPif9U51iUT0bQpNDW2NC3G1DP9ksO6nNkD/gx362nV+CHEoq4lfJM
118gcoIs3JEbJsedvyMPozxmDKLVxjWH4BNaJHNFTuwxKhxwVJznxkPnQl8J0OAo
OG9mcgrJkyik4LfoJzUocfU/z9jMHgGTrwuJKJS9EmF1tmtZIBwt/GhOzUuNnoJg
gHJaCNakmSB/kHJu2WySBhyqLwXLSmbpfMei7dz17J8TW1QzqXGROCXgIwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKoTTPmBNWg/0RRngr8wSXGeIJw6MB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvcWhOTS1ZRTFhRF9SRkdlQ3Z6QkpjWjRnbkRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVXPQAwQD
1ZFIAwQD1ZFYMA0GCSqGSIb3DQEBCwUAA4IBAQDE0hdD0Ee1+2nQDwrRfg8IvmUj
vqhGVNr+FCPygW0xb0JmsBMV2qfKiZcIArpZvZtNjf7SXeq51ZYFEJBGv0wBVHnP
dM3WU8To+vbSm3mdITvDIQct1PX55q3ChqgfsfeQmoym253/PWdH2/FdacV/efKY
tp8z8zGhK7YS1JKIA1pav3bbur3pfs3ew2xHh1CUj+wwbVdixtNuGTXlaybqKbCX
RSx3RDHqviE1Pj400qCSfqQQjkFMgVt/0NqWh41vhBidfzlCWMbVPzqQk9aZ4RRu
WYceOQwqOzjs0hpJIlXGEeVsJts6T4EHVfWEkFsWksOIJ64bv30Bw7utoPj5
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:06 2024 by rpki-client on console-fra.rpki-client.org