Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/xT0QuQbiqiHrkoZIHTl_cCBSpxI.roa
File: xT0QuQbiqiHrkoZIHTl_cCBSpxI.roa (raw, json)
Hash identifier: sOFYMsZ4WYwXY+YWa+LBrccbKn64coGQ1DCAfk5mqs4=
Subject key identifier: C5:3D:10:B9:06:E2:AA:21:EB:92:86:48:1D:39:7F:70:20:52:A7:12
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 018D63D9D39CCA6E0FA2F9055A8B94BF84F7
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/xT0QuQbiqiHrkoZIHTl_cCBSpxI.roa
Signing time: Thu 01 Feb 2024 08:47:16 +0000
ROA not before: Thu 01 Feb 2024 08:47:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.74.0/24 maxlen: 24
213.145.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Feb 2024 13:53:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:63:d9:d3:9c:ca:6e:0f:a2:f9:05:5a:8b:94:bf:84:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Feb 1 08:47:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c53d10b906e2aa21eb9286481d397f702052a712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e3:2a:29:f9:e6:48:c3:09:ce:0a:f0:32:55:
51:c1:2e:e6:1f:ca:ca:d5:62:70:94:1d:c4:76:91:
1d:1a:3e:c0:43:e0:f2:f0:52:ea:a9:8e:77:25:ed:
e2:1b:e8:0b:86:20:20:99:02:ec:69:50:31:b3:b8:
22:8b:74:51:c1:9e:36:50:a5:34:c4:34:19:42:17:
d4:d1:98:d4:0c:44:cc:c5:0d:bc:42:0d:e7:0a:12:
80:13:26:0c:85:24:87:a8:ed:88:b5:2f:a1:f2:1a:
c7:ac:00:ef:aa:a6:4e:90:4e:14:31:a6:96:62:a6:
db:33:07:a0:b5:b9:7a:b1:80:70:7b:04:3c:63:19:
b5:47:7c:64:0c:84:a0:95:1c:03:11:ec:03:f8:78:
ef:f7:c6:b6:64:81:a0:06:6f:bb:25:f3:bd:dd:fa:
51:c0:78:66:2d:3e:99:73:1c:e4:6e:49:5b:89:68:
85:ff:9e:c9:1f:ac:64:54:1a:cb:a4:7e:91:31:75:
da:9b:cc:5e:af:6c:96:8e:45:17:f0:20:3f:64:6b:
e5:bc:69:b1:26:42:97:b9:b4:08:3a:30:5c:18:2c:
f7:b4:32:8b:05:83:7d:c0:59:dd:71:c6:50:84:9b:
78:46:5c:d5:c5:f6:c8:67:6e:ac:56:57:3f:2b:e8:
e0:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:3D:10:B9:06:E2:AA:21:EB:92:86:48:1D:39:7F:70:20:52:A7:12
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/xT0QuQbiqiHrkoZIHTl_cCBSpxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.72.0/21
213.145.88.0/21
Signature Algorithm: sha256WithRSAEncryption
56:8b:86:cf:94:61:c3:e0:11:2b:a3:02:b3:17:06:6a:c6:21:
0a:ea:d9:89:20:b5:ca:8b:49:4e:33:43:c4:c5:18:32:ff:c1:
31:03:02:1e:32:7b:2a:d9:45:a7:52:9d:51:0e:b7:60:c4:a3:
43:f0:e1:37:9b:2c:0e:58:7e:fd:53:6f:89:97:fe:d9:82:a0:
68:eb:2b:7c:6a:f2:fe:10:38:00:71:81:d3:72:63:5c:52:4c:
cb:a1:cf:14:65:20:de:30:29:6a:0a:de:88:5c:d9:78:f8:94:
dd:db:a4:5f:66:5f:09:9c:01:60:a8:45:d6:7d:1c:77:24:a9:
7b:ee:52:00:dc:89:62:46:72:a7:15:0e:bf:77:95:15:bb:ea:
d7:e7:56:72:a7:1f:21:02:8c:04:91:11:d1:7b:ed:d6:bf:35:
4d:66:e7:de:ed:8b:f2:af:60:10:b6:bb:0f:a5:46:47:72:76:
54:12:91:db:d9:2a:2d:5f:aa:ae:98:20:16:40:3f:90:21:49:
98:2d:3a:e2:91:ad:32:cd:c3:7d:42:f3:18:9a:f3:16:52:09:
be:09:fd:7c:41:8f:3a:01:e0:ae:8f:25:f6:fa:7e:fa:ca:f7:
af:da:74:23:5e:32:53:d1:94:1a:0e:79:04:d6:f0:ba:7a:63:
c3:be:26:a4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1j2dOcym4PovkFWouUv4T3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwMjAxMDg0NzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTNkMTBiOTA2ZTJhYTIxZWI5Mjg2NDgxZDM5N2Y3MDIwNTJhNzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+MqKfnmSMMJzgrwMlVRwS7mH8rK
1WJwlB3EdpEdGj7AQ+Dy8FLqqY53Je3iG+gLhiAgmQLsaVAxs7gii3RRwZ42UKU0
xDQZQhfU0ZjUDETMxQ28Qg3nChKAEyYMhSSHqO2ItS+h8hrHrADvqqZOkE4UMaaW
YqbbMwegtbl6sYBwewQ8Yxm1R3xkDISglRwDEewD+Hjv98a2ZIGgBm+7JfO93fpR
wHhmLT6ZcxzkbklbiWiF/57JH6xkVBrLpH6RMXXam8xer2yWjkUX8CA/ZGvlvGmx
JkKXubQIOjBcGCz3tDKLBYN9wFndccZQhJt4RlzVxfbIZ26sVlc/K+jguwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMU9ELkG4qoh65KGSB05f3AgUqcSMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEveFQwUXVRYmlxaUhya29aSUhUbF9jQ0JTcHhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVXPQAwQD
1ZFIAwQD1ZFYMA0GCSqGSIb3DQEBCwUAA4IBAQBWi4bPlGHD4BErowKzFwZqxiEK
6tmJILXKi0lOM0PExRgy/8ExAwIeMnsq2UWnUp1RDrdgxKND8OE3mywOWH79U2+J
l/7ZgqBo6yt8avL+EDgAcYHTcmNcUkzLoc8UZSDeMClqCt6IXNl4+JTd26RfZl8J
nAFgqEXWfRx3JKl77lIA3IliRnKnFQ6/d5UVu+rX51Zypx8hAowEkRHRe+3WvzVN
Zufe7Yvyr2AQtrsPpUZHcnZUEpHb2SotX6qumCAWQD+QIUmYLTrika0yzcN9QvMY
mvMWUgm+Cf18QY86AeCujyX2+n76yvev2nQjXjJT0ZQaDnkE1vC6emPDviak
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:06 2024 by rpki-client on console-fra.rpki-client.org