Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/e0580d-048a-4e6d-bec6-b5bbd0b5e0aa/1/l_KVq9a0gDg3pspzOWW1s8IymUE.roa
File: l_KVq9a0gDg3pspzOWW1s8IymUE.roa (raw, json)
Hash identifier: /RwEM0trUdoNED4jDlwDpk2QI3CzJJezLwc8+dZ+at4=
Subject key identifier: 97:F2:95:AB:D6:B4:80:38:37:A6:CA:73:39:65:B5:B3:C2:32:99:41
Certificate issuer: /CN=3c2c854011140a10947da7b53bbb350f3c54b33e
Certificate serial: 018CBD19436B03EE7BF698EE87A8B2D26FEA
Authority key identifier: 3C:2C:85:40:11:14:0A:10:94:7D:A7:B5:3B:BB:35:0F:3C:54:B3:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PCyFQBEUChCUfae1O7s1DzxUsz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/e0580d-048a-4e6d-bec6-b5bbd0b5e0aa/1/l_KVq9a0gDg3pspzOWW1s8IymUE.roa
Signing time: Sat 30 Dec 2023 23:39:58 +0000
ROA not before: Sat 30 Dec 2023 23:39:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213333
IP address blocks: 85.209.36.0/23 maxlen: 23
85.209.36.0/24 maxlen: 24
85.209.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:bd:19:43:6b:03:ee:7b:f6:98:ee:87:a8:b2:d2:6f:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c2c854011140a10947da7b53bbb350f3c54b33e
Validity
Not Before: Dec 30 23:39:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97f295abd6b4803837a6ca733965b5b3c2329941
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:51:79:61:58:bd:e3:53:fe:a4:e4:6c:0f:e3:
35:75:c3:14:65:05:18:43:37:11:39:d5:42:58:3e:
36:1f:40:5b:84:61:83:b2:cd:09:e9:02:67:fd:b0:
ea:a6:0f:a9:98:6b:8f:e3:bf:08:2c:fd:4d:77:d7:
ac:9a:db:13:91:6c:44:09:13:61:64:54:c0:b6:89:
46:f0:46:6c:30:7e:97:2a:1b:0d:58:ba:ee:61:f5:
54:16:af:61:0e:2c:b9:a9:ea:73:4c:93:ce:7c:3e:
1a:1a:2c:94:bb:04:90:20:58:90:1f:b7:74:a9:0a:
97:17:6f:6e:64:f6:0b:ce:30:34:8b:23:a7:2b:87:
6e:38:46:8d:50:ce:78:29:11:5c:db:62:e7:70:25:
82:b0:44:69:93:49:86:3d:d5:a2:ab:1b:2f:b6:c2:
12:95:34:8d:a1:63:47:41:e8:f6:b5:84:25:1e:78:
81:54:97:67:1a:1d:a8:f1:3e:6a:13:52:31:76:f2:
d0:43:e6:5a:28:31:ec:d3:d9:fb:a6:97:d5:6f:ba:
b4:1e:1f:ee:0e:fc:63:34:27:9e:99:11:8e:ea:7c:
71:01:89:39:c7:5f:49:c6:14:13:f0:90:f1:9f:78:
dd:b5:17:c6:b5:70:17:f0:fa:03:db:4a:3b:f2:4e:
df:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F2:95:AB:D6:B4:80:38:37:A6:CA:73:39:65:B5:B3:C2:32:99:41
X509v3 Authority Key Identifier:
keyid:3C:2C:85:40:11:14:0A:10:94:7D:A7:B5:3B:BB:35:0F:3C:54:B3:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PCyFQBEUChCUfae1O7s1DzxUsz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/e0580d-048a-4e6d-bec6-b5bbd0b5e0aa/1/l_KVq9a0gDg3pspzOWW1s8IymUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/e0580d-048a-4e6d-bec6-b5bbd0b5e0aa/1/PCyFQBEUChCUfae1O7s1DzxUsz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.36.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:70:c5:f6:27:be:c4:05:b9:b2:41:d6:65:2e:3c:db:e5:ba:
e1:30:32:4d:ad:19:8e:22:4f:43:ac:7e:55:95:30:d4:4b:78:
99:a1:a4:b7:e1:58:ac:70:6b:cc:86:0c:0f:6d:d2:40:72:33:
e4:70:90:3f:28:9b:5b:50:65:de:a3:3d:5b:66:b3:6f:8d:7c:
8b:d9:98:43:3c:22:42:37:4c:02:cc:eb:b1:52:35:24:cc:0c:
0c:8c:6c:6a:24:84:19:9a:ef:e9:b5:8a:31:63:34:62:16:74:
18:f5:ac:93:11:69:e4:0c:8e:af:25:39:94:10:72:a9:38:b3:
1a:58:08:9b:81:e1:d1:3b:d1:2d:88:32:ec:f4:a4:79:ee:9e:
bc:73:4c:35:8d:7e:9a:99:b5:b0:07:88:dc:46:fc:ac:1b:e9:
76:28:25:99:cd:c5:d7:61:f6:c7:30:67:82:ab:f6:23:3e:b4:
c5:27:3a:95:97:5f:b8:bd:39:39:15:28:39:62:80:de:3c:cb:
fb:ca:64:df:4a:0f:82:8b:aa:91:8e:df:a5:c1:e9:84:8b:77:
01:00:ef:d3:56:7a:88:65:54:ce:cf:9b:d8:7d:a6:2c:e9:24:
0c:ac:b9:4b:3e:b3:b1:2b:82:ad:d0:a0:02:2f:ba:cd:40:a1:
ce:8d:eb:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYy9GUNrA+579pjuh6iy0m/qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMmM4NTQwMTExNDBhMTA5NDdkYTdiNTNiYmIzNTBmM2M1
NGIzM2UwHhcNMjMxMjMwMjMzOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2YyOTVhYmQ2YjQ4MDM4MzdhNmNhNzMzOTY1YjViM2MyMzI5OTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlF5YVi941P+pORsD+M1dcMUZQUY
QzcROdVCWD42H0BbhGGDss0J6QJn/bDqpg+pmGuP478ILP1Nd9esmtsTkWxECRNh
ZFTAtolG8EZsMH6XKhsNWLruYfVUFq9hDiy5qepzTJPOfD4aGiyUuwSQIFiQH7d0
qQqXF29uZPYLzjA0iyOnK4duOEaNUM54KRFc22LncCWCsERpk0mGPdWiqxsvtsIS
lTSNoWNHQej2tYQlHniBVJdnGh2o8T5qE1IxdvLQQ+ZaKDHs09n7ppfVb7q0Hh/u
DvxjNCeemRGO6nxxAYk5x19JxhQT8JDxn3jdtRfGtXAX8PoD20o78k7fGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJfylavWtIA4N6bKczlltbPCMplBMB8GA1UdIwQY
MBaAFDwshUARFAoQlH2ntTu7NQ88VLM+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEN5RlFCRVVDaENVZmFlMU83czFEenhVc3o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9lMDU4MGQtMDQ4YS00ZTZkLWJlYzYt
YjViYmQwYjVlMGFhLzEvbF9LVnE5YTBnRGczcHNwek9XVzFzOEl5bVVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9lMDU4MGQtMDQ4YS00ZTZkLWJlYzYtYjViYmQwYjVlMGFh
LzEvUEN5RlFCRVVDaENVZmFlMU83czFEenhVc3o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVdEkMA0G
CSqGSIb3DQEBCwUAA4IBAQAfcMX2J77EBbmyQdZlLjzb5brhMDJNrRmOIk9DrH5V
lTDUS3iZoaS34ViscGvMhgwPbdJAcjPkcJA/KJtbUGXeoz1bZrNvjXyL2ZhDPCJC
N0wCzOuxUjUkzAwMjGxqJIQZmu/ptYoxYzRiFnQY9ayTEWnkDI6vJTmUEHKpOLMa
WAibgeHRO9EtiDLs9KR57p68c0w1jX6ambWwB4jcRvysG+l2KCWZzcXXYfbHMGeC
q/YjPrTFJzqVl1+4vTk5FSg5YoDePMv7ymTfSg+Ci6qRjt+lwemEi3cBAO/TVnqI
ZVTOz5vYfaYs6SQMrLlLPrOxK4Kt0KACL7rNQKHOjetl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:30 2024 by rpki-client on console-ams.rpki-client.org