Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/sTq4soxiw3CQiiNsgHSXO6jn7z8.roa
File: sTq4soxiw3CQiiNsgHSXO6jn7z8.roa (raw, json)
Hash identifier: onr3jy3bgOqgb2GyRqy9sQHOafMXDpy1snNptcS4qDU=
Subject key identifier: B1:3A:B8:B2:8C:62:C3:70:90:8A:23:6C:80:74:97:3B:A8:E7:EF:3F
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 01910398174B4872BE437CCE79A9A8729B2C
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/sTq4soxiw3CQiiNsgHSXO6jn7z8.roa
Signing time: Tue 30 Jul 2024 12:23:04 +0000
ROA not before: Tue 30 Jul 2024 12:23:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.70.0/23 maxlen: 23
213.145.72.0/21 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.86.0/23 maxlen: 23
213.145.88.0/21 maxlen: 24
213.145.88.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 17 Aug 2024 09:19:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:03:98:17:4b:48:72:be:43:7c:ce:79:a9:a8:72:9b:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jul 30 12:23:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b13ab8b28c62c370908a236c8074973ba8e7ef3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9f:3a:43:60:54:ed:0e:95:60:ce:cf:51:e6:
f0:ab:90:3f:10:c5:5d:a9:d5:05:ef:67:4a:4a:b5:
65:d3:e2:8a:74:ee:32:41:f7:ce:54:d9:f2:a5:7a:
9f:39:6e:cf:14:3f:a1:e3:90:56:46:c0:6c:a1:f2:
98:65:b9:6f:ac:01:61:f1:3d:7b:4d:94:eb:6a:66:
5f:81:08:41:e7:de:80:b1:39:85:89:bc:be:c9:aa:
f4:c7:3f:0c:a4:ab:0f:19:db:5c:59:97:b6:cc:e1:
23:d7:aa:13:89:cc:bb:62:39:ba:95:29:cd:70:a2:
3f:e1:44:fb:ae:99:43:eb:d0:dd:09:91:47:0c:eb:
e9:41:37:eb:ed:2b:df:2b:f5:dd:c7:ce:b8:80:75:
1b:32:a6:d0:04:7a:91:51:7e:78:3a:92:48:75:9e:
53:4f:c0:53:50:ff:7a:a9:d1:f9:75:ad:94:41:47:
2b:b8:8f:5e:e3:36:a3:53:28:df:40:c1:8b:e0:ee:
32:4d:d6:71:d0:6d:da:33:4d:7b:ae:f9:0c:5e:7a:
71:a4:96:30:e7:7d:a3:8c:4b:ab:16:9b:f6:69:e1:
47:80:9b:55:73:21:98:78:1b:ac:24:3f:af:70:ae:
de:94:94:9d:e0:f4:ae:54:94:82:bf:40:75:41:7b:
22:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:3A:B8:B2:8C:62:C3:70:90:8A:23:6C:80:74:97:3B:A8:E7:EF:3F
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/sTq4soxiw3CQiiNsgHSXO6jn7z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.68.0-213.145.79.255
213.145.84.0-213.145.95.255
Signature Algorithm: sha256WithRSAEncryption
5e:15:ae:4f:f0:66:c7:28:d1:8d:51:28:67:40:20:b7:48:f6:
b7:c3:37:fc:ea:5d:ae:f3:bf:75:18:dc:87:f6:ba:1d:29:6e:
59:a4:c3:e9:3b:cc:bd:ed:f2:14:9c:90:3f:ea:80:20:39:2b:
08:2a:c4:23:b7:25:27:c4:39:ea:08:56:a7:ce:45:9f:f2:f6:
c3:10:ac:2b:69:47:22:e4:da:95:d3:a2:fe:ec:6d:d7:41:73:
db:c3:74:81:e7:c1:a3:76:bc:d4:fe:ae:e7:32:41:80:98:db:
cc:57:f5:df:e8:3e:69:92:10:ab:13:92:c1:dd:c7:27:5b:76:
d8:e2:3b:d2:3d:aa:09:66:3b:31:8f:88:34:e7:08:a9:61:73:
b1:2c:04:76:e4:b4:ce:ec:a2:bc:fb:c0:f5:29:5d:8d:c2:48:
08:c9:fc:53:eb:be:26:94:f7:ed:bd:e9:fd:42:5a:d1:77:d5:
a7:ac:9e:36:a8:97:c0:2c:bb:25:c8:32:71:43:9a:d0:8b:8b:
3e:31:16:3c:44:cc:36:f7:23:b3:9e:22:4a:1b:31:d9:3d:b2:
1a:ee:33:e7:c7:d4:a3:62:04:b1:77:ab:47:67:cd:2d:9b:a3:
85:56:32:2e:23:a6:2a:fc:ee:85:f9:de:da:49:1c:f4:2a:c2:
67:0b:e2:16
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZEDmBdLSHK+Q3zOeamocpssMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwNzMwMTIyMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTNhYjhiMjhjNjJjMzcwOTA4YTIzNmM4MDc0OTczYmE4ZTdlZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr586Q2BU7Q6VYM7PUebwq5A/EMVd
qdUF72dKSrVl0+KKdO4yQffOVNnypXqfOW7PFD+h45BWRsBsofKYZblvrAFh8T17
TZTramZfgQhB596AsTmFiby+yar0xz8MpKsPGdtcWZe2zOEj16oTicy7Yjm6lSnN
cKI/4UT7rplD69DdCZFHDOvpQTfr7SvfK/Xdx864gHUbMqbQBHqRUX54OpJIdZ5T
T8BTUP96qdH5da2UQUcruI9e4zajUyjfQMGL4O4yTdZx0G3aM017rvkMXnpxpJYw
532jjEurFpv2aeFHgJtVcyGYeBusJD+vcK7elJSd4PSuVJSCv0B1QXsi0QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLE6uLKMYsNwkIojbIB0lzuo5+8/MB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvc1RxNHNveGl3M0NRaWlOc2dIU1hPNmpuN3o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQBVXPQMAwD
BALVkUQDBATVkUAwDAMEAtWRVAMEBdWRQDANBgkqhkiG9w0BAQsFAAOCAQEAXhWu
T/BmxyjRjVEoZ0Agt0j2t8M3/OpdrvO/dRjch/a6HSluWaTD6TvMve3yFJyQP+qA
IDkrCCrEI7clJ8Q56ghWp85Fn/L2wxCsK2lHIuTaldOi/uxt10Fz28N0gefBo3a8
1P6u5zJBgJjbzFf13+g+aZIQqxOSwd3HJ1t22OI70j2qCWY7MY+INOcIqWFzsSwE
duS0zuyivPvA9SldjcJICMn8U+u+JpT37b3p/UJa0XfVp6yeNqiXwCy7JcgycUOa
0IuLPjEWPETMNvcjs54iShsx2T2yGu4z58fUo2IEsXerR2fNLZujhVYyLiOmKvzu
hfne2kkc9CrCZwviFg==
Generated at Sat Aug 17 10:30:18 2024 by rpki-client on console-fra.rpki-client.org