Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/yz2BvwUIl0NhRtUk2Hfnfl5HGfI.roa
File: yz2BvwUIl0NhRtUk2Hfnfl5HGfI.roa (raw, json)
Hash identifier: CZCR1UbDvDjNqek1z4GOvVw0xQ89LruBtmgjRyJXpDA=
Subject key identifier: CB:3D:81:BF:05:08:97:43:61:46:D5:24:D8:77:E7:7E:5E:47:19:F2
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 018B99BAC4FE43201D7D626B27ECA1C5B673
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/yz2BvwUIl0NhRtUk2Hfnfl5HGfI.roa
Signing time: Sat 04 Nov 2023 09:47:16 +0000
ROA not before: Sat 04 Nov 2023 09:47:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64267
IP address blocks: 85.115.209.0/24 maxlen: 24
213.145.75.0/24 maxlen: 24
213.145.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:99:ba:c4:fe:43:20:1d:7d:62:6b:27:ec:a1:c5:b6:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Nov 4 09:47:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb3d81bf050897436146d524d877e77e5e4719f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b0:79:2d:86:5c:fb:27:39:dd:43:de:97:04:
86:54:0a:e2:48:0b:80:24:a6:3f:5f:16:12:39:2c:
1e:1d:99:a7:83:5a:2f:df:47:86:89:e9:d9:a4:b9:
a4:15:a1:57:2a:4b:d8:06:be:5d:1d:04:29:07:c4:
2f:02:bb:1e:c7:c5:79:f7:9a:1f:00:94:ff:29:9a:
19:29:c4:3d:ff:8d:78:b0:40:0c:8a:b1:6a:ed:7b:
60:52:63:42:4c:c9:28:de:c5:b3:62:98:4f:90:40:
d9:5e:fd:83:f8:a2:b6:05:29:7e:02:97:03:d6:fb:
c3:2d:2d:d8:86:cc:d0:d5:22:88:35:7f:39:4f:27:
64:92:99:af:63:7f:fc:45:2e:aa:a4:3d:e9:72:cb:
60:d4:86:f3:85:a9:12:65:f7:ef:33:f5:31:bb:c9:
be:93:2d:2d:0e:ec:41:cb:f9:c1:78:87:e8:89:79:
bb:64:1e:73:dd:47:01:ad:47:8d:fa:ca:28:70:e8:
a0:01:60:b3:88:c7:09:7a:79:96:e0:3c:51:7b:04:
11:20:e3:7d:24:5b:40:19:65:ec:b8:2e:61:e4:4b:
9a:72:8b:73:f9:da:bb:d5:de:df:c6:c4:fc:66:16:
21:66:78:8e:a1:35:c9:3e:49:d1:5e:3c:5c:d0:57:
98:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:3D:81:BF:05:08:97:43:61:46:D5:24:D8:77:E7:7E:5E:47:19:F2
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/yz2BvwUIl0NhRtUk2Hfnfl5HGfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.209.0/24
213.145.75.0/24
213.145.95.0/24
Signature Algorithm: sha256WithRSAEncryption
dd:ed:3d:56:79:5d:90:32:80:0f:f9:d7:f7:2d:55:d0:c2:85:
2b:97:d6:18:fb:b0:78:15:1d:5d:f8:eb:f1:cf:38:6e:f3:9b:
f9:1f:08:69:b8:bd:9e:82:a5:54:1e:71:fc:60:5e:81:48:ff:
7a:fd:40:f3:7b:ad:ea:44:dc:fd:e7:5c:0c:be:94:cc:80:f8:
e8:19:13:e7:0d:35:5f:3f:95:a5:8d:f8:8a:66:b3:a0:b7:11:
26:bd:6b:9f:ad:ff:31:d5:cf:6f:46:67:e0:bb:be:a6:0f:f8:
7a:8b:37:07:b6:a5:3c:6c:32:e1:51:75:3a:16:c2:7c:c7:3c:
da:1c:04:1e:fa:85:fc:85:9d:92:ea:df:51:68:61:72:a0:a7:
e7:9a:11:35:f0:40:47:c0:17:3c:99:74:f0:06:30:b8:55:f0:
66:d6:a4:42:19:ff:63:3b:7d:ed:b1:25:e1:70:90:5f:dc:23:
31:da:51:2d:38:17:48:d6:c3:2e:95:08:85:2f:48:b9:47:b4:
57:97:10:e8:6f:7e:c8:e8:f0:80:0f:53:b6:32:2c:63:8a:b2:
d9:3d:cc:75:a2:5f:3d:e8:fa:a2:cd:7e:48:ca:9d:bf:4f:cf:
fa:2e:a5:95:1f:db:52:40:d0:d8:fd:6d:52:d0:12:6c:aa:09:
ba:74:3c:e9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYuZusT+QyAdfWJrJ+yhxbZzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjMxMTA0MDk0NzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjNkODFiZjA1MDg5NzQzNjE0NmQ1MjRkODc3ZTc3ZTVlNDcxOWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLB5LYZc+yc53UPelwSGVAriSAuA
JKY/XxYSOSweHZmng1ov30eGienZpLmkFaFXKkvYBr5dHQQpB8QvArsex8V595of
AJT/KZoZKcQ9/414sEAMirFq7XtgUmNCTMko3sWzYphPkEDZXv2D+KK2BSl+ApcD
1vvDLS3YhszQ1SKINX85TydkkpmvY3/8RS6qpD3pcstg1IbzhakSZffvM/Uxu8m+
ky0tDuxBy/nBeIfoiXm7ZB5z3UcBrUeN+soocOigAWCziMcJenmW4DxRewQRION9
JFtAGWXsuC5h5Euacotz+dq71d7fxsT8ZhYhZniOoTXJPknRXjxc0FeYZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMs9gb8FCJdDYUbVJNh3535eRxnyMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEveXoyQnZ3VUlsME5oUnRVazJIZm5mbDVIR2ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVXPRAwQA
1ZFLAwQA1ZFfMA0GCSqGSIb3DQEBCwUAA4IBAQDd7T1WeV2QMoAP+df3LVXQwoUr
l9YY+7B4FR1d+Ovxzzhu85v5HwhpuL2egqVUHnH8YF6BSP96/UDze63qRNz951wM
vpTMgPjoGRPnDTVfP5WljfiKZrOgtxEmvWufrf8x1c9vRmfgu76mD/h6izcHtqU8
bDLhUXU6FsJ8xzzaHAQe+oX8hZ2S6t9RaGFyoKfnmhE18EBHwBc8mXTwBjC4VfBm
1qRCGf9jO33tsSXhcJBf3CMx2lEtOBdI1sMulQiFL0i5R7RXlxDob37I6PCAD1O2
MixjirLZPcx1ol896PqizX5Iyp2/T8/6LqWVH9tSQNDY/W1S0BJsqgm6dDzp
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:06 2024 by rpki-client on console-fra.rpki-client.org