Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/ucI3lOBJQ9n_mdt0aDxY1VMVXTc.roa
File: ucI3lOBJQ9n_mdt0aDxY1VMVXTc.roa (raw, json)
Hash identifier: CCNggRnnQPbkH0SW1SVjI7Omgb1GxTCqjok9jAJRPXk=
Subject key identifier: B9:C2:37:94:E0:49:43:D9:FF:99:DB:74:68:3C:58:D5:53:15:5D:37
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0187F6D3C18764212D116DBB8E725DF3FF13
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/ucI3lOBJQ9n_mdt0aDxY1VMVXTc.roa
Signing time: Sun 07 May 2023 15:28:05 +0000
ROA not before: Sun 07 May 2023 15:28:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211585
IP address blocks: 85.115.210.0/23 maxlen: 23
85.115.208.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 11 May 2023 05:11:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f6:d3:c1:87:64:21:2d:11:6d:bb:8e:72:5d:f3:ff:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: May 7 15:28:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9c23794e04943d9ff99db74683c58d553155d37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:4d:b6:59:14:c9:ff:b6:e9:ac:5f:8b:97:41:
5c:f9:2e:66:e7:2b:ca:4a:f9:75:a5:5d:41:89:de:
2c:21:0d:e3:d6:68:47:c6:f1:81:a1:60:f9:6d:46:
15:3b:e7:57:d4:7c:c6:6f:4f:86:bf:b7:f6:dd:38:
b7:40:dd:ed:45:5d:18:d0:e4:bc:9c:db:4b:a5:19:
73:12:cf:2d:81:99:37:0c:0a:84:76:f9:0b:14:63:
79:15:c3:71:f9:ea:b5:83:1b:71:88:88:85:83:1b:
5d:c9:28:02:2f:13:37:c3:75:49:6f:1d:7f:61:1b:
1e:67:54:6d:d0:a3:9d:1b:89:68:41:9a:3b:8a:9b:
28:79:85:ff:15:30:76:56:de:61:59:2e:81:39:9c:
c5:51:68:0c:a6:9c:fd:4b:7b:1b:d4:53:84:08:20:
6f:51:9f:fe:ab:70:7e:8c:2c:68:54:72:62:d3:51:
be:78:2f:49:29:4f:8d:14:22:62:78:25:c3:89:fa:
89:d9:66:c8:7c:67:50:0c:7c:0b:91:d5:97:2d:68:
d0:ef:75:e3:9c:32:00:55:60:3e:aa:bd:a1:c0:f4:
86:5d:72:03:99:dd:14:d4:73:b2:ed:94:85:78:c7:
a9:98:ac:4b:a3:3a:eb:21:c2:33:d0:04:12:0f:72:
aa:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:C2:37:94:E0:49:43:D9:FF:99:DB:74:68:3C:58:D5:53:15:5D:37
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/ucI3lOBJQ9n_mdt0aDxY1VMVXTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/22
Signature Algorithm: sha256WithRSAEncryption
85:89:ab:32:1c:05:eb:30:a9:4a:19:1c:bb:98:84:42:b2:2c:
62:e8:65:a1:be:8d:d1:5e:fb:fa:51:b5:f5:1f:c7:05:07:e3:
ef:19:9a:8a:5b:5c:e6:2d:50:65:20:0b:f6:b8:5b:e9:2c:83:
0c:7c:25:26:ba:0e:2a:0e:08:36:18:ae:98:7d:51:b4:8f:d7:
69:9d:5c:51:c6:90:a9:b7:24:1a:92:60:4e:0f:0d:58:c4:26:
fb:8d:f1:28:b0:c1:01:70:21:80:0a:e3:47:92:7f:6f:84:ba:
90:a4:9e:fe:07:cc:20:00:3b:80:3b:15:b3:c5:56:5f:f3:88:
f0:ee:ff:47:c6:fc:c6:e3:09:20:27:62:35:9d:62:b2:3e:00:
b7:2a:25:7e:3f:13:84:fa:fc:7a:a1:ee:f0:ab:a9:1e:cc:d7:
dc:da:4f:35:e2:09:4e:17:8b:5c:dd:3d:90:57:62:5d:cc:37:
7d:95:d1:fd:25:14:dd:04:9d:c7:b4:83:41:2e:1e:3f:28:0d:
87:04:d2:90:56:e5:2e:b0:56:e7:5b:5e:77:8d:0d:d3:c9:27:
da:b6:ca:21:33:46:85:66:95:05:8a:23:2c:94:47:bf:b0:36:
e4:84:5e:fc:15:54:b7:4d:35:1a:52:97:66:c5:22:ec:8d:7b:
61:9a:a8:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYf208GHZCEtEW27jnJd8/8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjMwNTA3MTUyODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWMyMzc5NGUwNDk0M2Q5ZmY5OWRiNzQ2ODNjNThkNTUzMTU1ZDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlE22WRTJ/7bprF+Ll0Fc+S5m5yvK
Svl1pV1Bid4sIQ3j1mhHxvGBoWD5bUYVO+dX1HzGb0+Gv7f23Ti3QN3tRV0Y0OS8
nNtLpRlzEs8tgZk3DAqEdvkLFGN5FcNx+eq1gxtxiIiFgxtdySgCLxM3w3VJbx1/
YRseZ1Rt0KOdG4loQZo7ipsoeYX/FTB2Vt5hWS6BOZzFUWgMppz9S3sb1FOECCBv
UZ/+q3B+jCxoVHJi01G+eC9JKU+NFCJieCXDifqJ2WbIfGdQDHwLkdWXLWjQ73Xj
nDIAVWA+qr2hwPSGXXIDmd0U1HOy7ZSFeMepmKxLozrrIcIz0AQSD3KqnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLnCN5TgSUPZ/5nbdGg8WNVTFV03MB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvdWNJM2xPQkpROW5fbWR0MGFEeFkxVk1WWFRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVXPQMA0G
CSqGSIb3DQEBCwUAA4IBAQCFiasyHAXrMKlKGRy7mIRCsixi6GWhvo3RXvv6UbX1
H8cFB+PvGZqKW1zmLVBlIAv2uFvpLIMMfCUmug4qDgg2GK6YfVG0j9dpnVxRxpCp
tyQakmBODw1YxCb7jfEosMEBcCGACuNHkn9vhLqQpJ7+B8wgADuAOxWzxVZf84jw
7v9HxvzG4wkgJ2I1nWKyPgC3KiV+PxOE+vx6oe7wq6kezNfc2k814glOF4tc3T2Q
V2JdzDd9ldH9JRTdBJ3HtINBLh4/KA2HBNKQVuUusFbnW153jQ3TySfatsohM0aF
ZpUFiiMslEe/sDbkhF78FVS3TTUaUpdmxSLsjXthmqiz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:12 2024 by rpki-client on console-ams.rpki-client.org