Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/v-g-h-QWGRXm6af-yNf6-BX510I.roa
File: v-g-h-QWGRXm6af-yNf6-BX510I.roa (raw, json)
Hash identifier: YA+1jHexIniE9AqgTsQwaKB8E8AMRrWLdPh7mpDfvr4=
Subject key identifier: BF:E8:3E:87:E4:16:19:15:E6:E9:A7:FE:C8:D7:FA:F8:15:F9:D7:42
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 01915FA2603CF22E122050C4306AA86BEC64
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/v-g-h-QWGRXm6af-yNf6-BX510I.roa
Signing time: Sat 17 Aug 2024 09:19:22 +0000
ROA not before: Sat 17 Aug 2024 09:19:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.70.0/23 maxlen: 23
213.145.72.0/21 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.86.0/23 maxlen: 23
213.145.88.0/21 maxlen: 24
213.145.88.0/23 maxlen: 24
213.145.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Aug 2024 21:09:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5f:a2:60:3c:f2:2e:12:20:50:c4:30:6a:a8:6b:ec:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Aug 17 09:19:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfe83e87e4161915e6e9a7fec8d7faf815f9d742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:81:37:03:d9:65:3a:a2:ce:34:48:34:21:3c:
e0:85:03:63:ce:69:1c:fd:53:32:46:4d:83:a7:6d:
fd:e1:ba:27:3e:14:ed:d5:7a:b0:2e:17:f0:40:79:
7c:cb:14:d0:4f:aa:26:9b:35:40:81:3a:c5:31:f4:
56:4e:2b:2b:3f:61:f4:7c:ca:99:f6:77:48:6c:0a:
3e:e4:f6:7e:46:ad:80:d4:24:fd:60:78:da:c8:4b:
5f:65:9d:ac:5f:04:4b:b5:be:d0:d2:5e:be:52:17:
f9:b0:c9:57:45:49:33:17:b5:1a:4a:1a:91:7f:63:
7c:11:2c:38:95:26:c0:6b:df:e9:0a:3a:a5:c4:14:
e8:c0:38:5a:bc:9e:b4:9e:92:02:b0:c0:36:a6:58:
85:c8:ae:c8:ff:99:dc:90:68:ca:a3:cc:2b:24:e3:
e2:d5:48:d9:f2:da:71:3e:ab:72:f2:5e:84:87:6d:
7c:3d:b7:cf:25:35:7d:f1:1d:a2:b5:eb:cf:4c:b6:
66:0d:3f:17:a2:cb:91:1c:00:18:8d:8a:62:7d:82:
be:64:e6:c3:ca:95:12:15:d2:8c:3d:98:7a:b1:33:
f9:7d:8c:77:19:2e:69:4a:ea:57:fc:b9:df:0d:53:
4d:52:85:de:06:12:de:a3:7a:36:3c:20:f7:91:61:
1f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:E8:3E:87:E4:16:19:15:E6:E9:A7:FE:C8:D7:FA:F8:15:F9:D7:42
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/v-g-h-QWGRXm6af-yNf6-BX510I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.68.0-213.145.79.255
213.145.84.0-213.145.95.255
Signature Algorithm: sha256WithRSAEncryption
2b:00:e0:6b:e2:09:cf:1d:37:67:d2:dd:98:dc:e4:ef:2d:aa:
2e:e8:79:a8:5d:af:72:80:a9:57:3f:80:6f:9d:d0:c7:35:68:
17:a6:14:82:d2:2b:c3:37:b5:1d:67:f2:67:99:a0:73:d8:55:
8c:1b:8b:a9:8e:5b:8f:29:b5:4d:9d:1e:e3:f2:33:8a:97:36:
f9:d1:28:54:38:4b:0b:8b:86:91:75:43:54:09:e7:94:dc:23:
89:5c:46:4b:09:30:74:8f:dd:f1:6d:76:72:be:98:19:39:b9:
1f:47:3d:ba:63:a5:35:6d:6d:73:b3:82:b5:04:37:e4:00:d3:
76:a9:22:ea:0f:8e:02:b9:e1:e3:0a:66:5d:bb:90:33:07:93:
9b:d2:b4:5d:8d:7a:93:b6:3d:6d:25:96:a5:1f:f7:76:b1:7b:
af:79:31:71:13:81:07:7a:6e:01:3e:87:e8:ad:01:e8:57:87:
1f:f2:f7:20:92:ff:41:e8:07:a6:0f:64:6f:b3:f7:7c:e8:62:
f1:0c:cf:69:f9:58:b1:09:9d:c7:8c:a0:3f:80:b6:b4:16:7f:
8f:f4:6d:9a:a7:4f:2b:aa:3f:57:de:04:2b:b1:5b:38:1a:eb:
aa:b1:f9:40:c9:6e:e1:8d:98:d8:fc:b5:df:37:bc:98:5f:67:
59:c8:6e:38
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZFfomA88i4SIFDEMGqoa+xkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwODE3MDkxOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmU4M2U4N2U0MTYxOTE1ZTZlOWE3ZmVjOGQ3ZmFmODE1ZjlkNzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoE3A9llOqLONEg0ITzghQNjzmkc
/VMyRk2Dp2394bonPhTt1XqwLhfwQHl8yxTQT6ommzVAgTrFMfRWTisrP2H0fMqZ
9ndIbAo+5PZ+Rq2A1CT9YHjayEtfZZ2sXwRLtb7Q0l6+Uhf5sMlXRUkzF7UaShqR
f2N8ESw4lSbAa9/pCjqlxBTowDhavJ60npICsMA2pliFyK7I/5nckGjKo8wrJOPi
1UjZ8tpxPqty8l6Eh218PbfPJTV98R2itevPTLZmDT8XosuRHAAYjYpifYK+ZObD
ypUSFdKMPZh6sTP5fYx3GS5pSupX/LnfDVNNUoXeBhLeo3o2PCD3kWEfFQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFL/oPofkFhkV5umn/sjX+vgV+ddCMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvdi1nLWgtUVdHUlhtNmFmLXlOZjYtQlg1MTBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQBVXPQMAwD
BALVkUQDBATVkUAwDAMEAtWRVAMEBdWRQDANBgkqhkiG9w0BAQsFAAOCAQEAKwDg
a+IJzx03Z9LdmNzk7y2qLuh5qF2vcoCpVz+Ab53QxzVoF6YUgtIrwze1HWfyZ5mg
c9hVjBuLqY5bjym1TZ0e4/Izipc2+dEoVDhLC4uGkXVDVAnnlNwjiVxGSwkwdI/d
8W12cr6YGTm5H0c9umOlNW1tc7OCtQQ35ADTdqki6g+OArnh4wpmXbuQMweTm9K0
XY16k7Y9bSWWpR/3drF7r3kxcROBB3puAT6H6K0B6FeHH/L3IJL/QegHpg9kb7P3
fOhi8QzPaflYsQmdx4ygP4C2tBZ/j/RtmqdPK6o/V94EK7FbOBrrqrH5QMlu4Y2Y
2Py13ze8mF9nWchuOA==
Generated at Tue Aug 20 23:49:46 2024 by rpki-client on console-fra.rpki-client.org