Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/s_iS8ONXxOHHBKJ346JKoNcePWk.roa
File: s_iS8ONXxOHHBKJ346JKoNcePWk.roa (raw, json)
Hash identifier: zcf8uPzLi4d4j3I5Uy1xVvw+l4KOeXs3kKV1Hx0DF6s=
Subject key identifier: B3:F8:92:F0:E3:57:C4:E1:C7:04:A2:77:E3:A2:4A:A0:D7:1E:3D:69
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 018D4FCAFE005103C34863AAC5ABE8F9DE8B
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/s_iS8ONXxOHHBKJ346JKoNcePWk.roa
Signing time: Sun 28 Jan 2024 11:18:39 +0000
ROA not before: Sun 28 Jan 2024 11:18:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.74.0/24 maxlen: 24
213.145.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 07:19:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:4f:ca:fe:00:51:03:c3:48:63:aa:c5:ab:e8:f9:de:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jan 28 11:18:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3f892f0e357c4e1c704a277e3a24aa0d71e3d69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e2:5c:fd:cf:1f:0b:fb:60:bb:ee:d6:06:1a:
80:ff:d6:7a:15:4e:4a:70:9a:cc:98:91:75:25:c1:
81:66:96:6e:70:d4:bb:78:0d:08:c5:29:81:be:31:
cc:fd:8a:ff:00:d8:a8:d2:f1:31:8b:c6:ac:55:62:
2d:d7:e7:98:8f:fc:2f:0c:b5:ee:62:cf:d6:f9:23:
7e:47:f5:e8:d4:c4:2c:c1:9d:d5:0b:80:88:72:65:
07:37:80:06:68:83:33:76:b0:f0:8a:74:a4:4b:fa:
6e:8c:97:40:80:39:d9:61:9b:34:f8:b4:a0:01:cc:
f2:5c:aa:47:33:a7:b9:47:da:04:3c:20:21:bd:e5:
25:14:1f:0f:e3:a6:01:e4:e4:7a:f2:dd:ec:1f:4f:
a2:be:b8:25:d5:c9:6c:dd:6d:c4:53:21:73:d9:14:
9b:8d:88:3f:d0:36:a1:d4:93:fa:b5:c5:99:40:bf:
9e:ee:ed:42:b5:bd:1b:26:ef:77:58:66:fd:c1:a0:
28:b1:97:f5:ee:fd:a1:bf:b0:08:5f:3c:a3:78:e4:
e8:f9:84:fa:ba:df:86:bf:87:de:dc:25:cb:96:c9:
33:a4:d8:42:17:99:93:0e:0d:f6:0a:14:c3:fd:d5:
71:78:ce:4b:d2:5a:66:7a:61:20:a7:6a:a2:b7:f5:
2b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:F8:92:F0:E3:57:C4:E1:C7:04:A2:77:E3:A2:4A:A0:D7:1E:3D:69
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/s_iS8ONXxOHHBKJ346JKoNcePWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.72.0/21
213.145.88.0/21
Signature Algorithm: sha256WithRSAEncryption
be:6b:5c:8d:1f:e2:a7:6f:34:1d:22:50:46:e5:ff:52:8f:29:
09:20:7c:85:27:15:22:f4:40:b8:a0:ec:59:6e:d0:d5:a7:bd:
5b:80:9e:8e:a6:39:54:ce:50:9c:46:ce:00:9c:2e:46:61:62:
2b:69:36:6e:05:8f:46:90:c8:9d:9e:d6:19:d5:a0:ea:97:1c:
9f:a8:b5:85:0b:b7:be:d3:10:88:59:9a:20:0c:21:7c:b4:5b:
67:0c:e8:e1:d6:c9:d4:7d:ad:e9:af:ee:26:5d:28:a2:d5:6c:
91:50:52:85:85:c8:6a:43:39:81:5f:74:ca:a1:02:f6:92:d1:
f9:08:f4:5a:51:02:22:77:d0:8e:ce:2f:f5:f8:da:51:20:c6:
05:72:ff:d8:e0:cf:3f:c0:44:50:42:75:ba:77:32:8f:21:e8:
d0:b5:e3:f6:cf:ec:80:4b:4c:f8:8f:58:10:c5:44:f7:8e:1a:
51:34:6b:e2:6e:34:45:e7:fc:59:41:cc:e1:15:38:5c:7f:66:
88:e4:c1:01:a1:0f:a5:37:f0:17:92:ba:f1:c7:ba:4d:7d:11:
c9:02:d3:78:9c:81:4d:a8:fd:ad:93:45:b5:da:1d:c6:92:a1:
60:b2:9a:05:1b:91:e6:13:86:f2:31:d2:d0:e9:b2:e4:e4:6f:
56:03:b8:91
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1Pyv4AUQPDSGOqxavo+d6LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwMTI4MTExODM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2Y4OTJmMGUzNTdjNGUxYzcwNGEyNzdlM2EyNGFhMGQ3MWUzZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneJc/c8fC/tgu+7WBhqA/9Z6FU5K
cJrMmJF1JcGBZpZucNS7eA0IxSmBvjHM/Yr/ANio0vExi8asVWIt1+eYj/wvDLXu
Ys/W+SN+R/Xo1MQswZ3VC4CIcmUHN4AGaIMzdrDwinSkS/pujJdAgDnZYZs0+LSg
AczyXKpHM6e5R9oEPCAhveUlFB8P46YB5OR68t3sH0+ivrgl1cls3W3EUyFz2RSb
jYg/0Dah1JP6tcWZQL+e7u1Ctb0bJu93WGb9waAosZf17v2hv7AIXzyjeOTo+YT6
ut+Gv4fe3CXLlskzpNhCF5mTDg32ChTD/dVxeM5L0lpmemEgp2qit/UrmQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLP4kvDjV8ThxwSid+OiSqDXHj1pMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvc19pUzhPTlh4T0hIQktKMzQ2SktvTmNlUFdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVXPQAwQD
1ZFIAwQD1ZFYMA0GCSqGSIb3DQEBCwUAA4IBAQC+a1yNH+KnbzQdIlBG5f9SjykJ
IHyFJxUi9EC4oOxZbtDVp71bgJ6OpjlUzlCcRs4AnC5GYWIraTZuBY9GkMidntYZ
1aDqlxyfqLWFC7e+0xCIWZogDCF8tFtnDOjh1snUfa3pr+4mXSii1WyRUFKFhchq
QzmBX3TKoQL2ktH5CPRaUQIid9COzi/1+NpRIMYFcv/Y4M8/wERQQnW6dzKPIejQ
teP2z+yAS0z4j1gQxUT3jhpRNGvibjRF5/xZQczhFThcf2aI5MEBoQ+lN/AXkrrx
x7pNfRHJAtN4nIFNqP2tk0W12h3GkqFgspoFG5HmE4byMdLQ6bLk5G9WA7iR
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:06 2024 by rpki-client on console-fra.rpki-client.org