Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/r0vEw4yHhgmxmEuSdAKs160E97g.roa
File: r0vEw4yHhgmxmEuSdAKs160E97g.roa (raw, json)
Hash identifier: t8BsTxNaruLhDrxdj15qdzBvgqYfmeRmPCj18B1jELs=
Subject key identifier: AF:4B:C4:C3:8C:87:86:09:B1:98:4B:92:74:02:AC:D7:AD:04:F7:B8
Certificate issuer: /CN=15fd3804e00b9e06a82ced9f07b34fe3fd80394e
Certificate serial: 018CC2DADC7212D6B50488F003F38A194B1C
Authority key identifier: 15:FD:38:04:E0:0B:9E:06:A8:2C:ED:9F:07:B3:4F:E3:FD:80:39:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ff04BOALngaoLO2fB7NP4_2AOU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/r0vEw4yHhgmxmEuSdAKs160E97g.roa
Signing time: Mon 01 Jan 2024 02:29:32 +0000
ROA not before: Mon 01 Jan 2024 02:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212036
IP address blocks: 85.208.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 May 2024 11:49:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:dc:72:12:d6:b5:04:88:f0:03:f3:8a:19:4b:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15fd3804e00b9e06a82ced9f07b34fe3fd80394e
Validity
Not Before: Jan 1 02:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af4bc4c38c878609b1984b927402acd7ad04f7b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:00:3f:bc:ec:01:81:21:9d:e3:cc:9d:e1:28:
2e:a4:e3:b1:6d:7e:3a:d1:2a:56:3b:89:e8:fa:82:
ca:d8:e0:ae:42:44:76:77:a2:85:04:31:de:0f:8f:
6e:06:08:90:e4:41:9e:99:92:d8:99:d5:3c:e1:2d:
58:a5:3b:a3:c0:f5:7a:7b:e5:72:23:eb:ff:b1:e6:
79:f1:06:26:76:b4:5e:74:bc:49:c7:53:38:c9:ee:
51:2b:95:3b:b8:b1:ce:22:4a:35:68:bf:ba:fa:fc:
71:db:a8:df:57:4e:93:ce:4d:62:b1:be:1e:37:77:
ef:d1:a5:d3:3e:fc:d1:bc:b9:f8:91:a1:86:a0:50:
f1:06:07:3a:d0:d8:e8:d7:19:de:ec:10:c7:07:6b:
bf:8d:a8:80:2b:d1:d2:85:ef:91:34:80:79:88:71:
0e:79:04:03:8b:c7:93:52:be:93:6f:8e:0f:84:8f:
5a:67:e0:70:51:e1:00:d2:bb:6e:d1:1e:8f:da:b7:
09:7e:b7:9d:55:f7:df:5c:7d:a9:47:58:ad:15:89:
70:57:f9:00:ce:81:7a:ce:65:8d:79:c6:40:4c:a1:
26:2e:9a:6d:31:fa:77:ac:af:27:d3:b0:85:8d:99:
31:26:6d:75:26:32:35:7a:78:a9:bc:79:91:49:3c:
e2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:4B:C4:C3:8C:87:86:09:B1:98:4B:92:74:02:AC:D7:AD:04:F7:B8
X509v3 Authority Key Identifier:
keyid:15:FD:38:04:E0:0B:9E:06:A8:2C:ED:9F:07:B3:4F:E3:FD:80:39:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ff04BOALngaoLO2fB7NP4_2AOU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/r0vEw4yHhgmxmEuSdAKs160E97g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/Ff04BOALngaoLO2fB7NP4_2AOU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.252.0/24
Signature Algorithm: sha256WithRSAEncryption
55:06:cf:fa:70:51:aa:27:9d:5b:76:6e:61:b2:c2:a0:b9:4c:
5a:21:d3:df:bd:d1:f7:f7:15:ac:e1:7e:09:e3:5f:51:10:6c:
73:88:bb:88:2a:46:86:5a:78:8e:80:84:d7:58:e5:7b:94:0a:
bb:0c:3d:ce:9d:77:59:b6:31:7e:22:0e:82:7b:88:90:80:61:
13:2e:d6:ef:d6:46:02:8f:4c:d4:8e:6e:e2:c0:0d:52:ce:cd:
ce:23:e0:60:fc:ec:87:c8:cb:f4:3c:d2:46:ef:70:96:08:f2:
f9:18:cd:a9:7e:04:75:e8:4b:d8:79:36:89:c5:5c:3b:9d:80:
dd:c0:02:35:ca:36:e8:bd:d0:e9:5e:06:e0:52:8b:f5:e6:5c:
e5:86:42:06:14:a1:f3:54:de:07:71:24:86:34:c6:ae:f5:1c:
6d:e4:02:34:24:11:02:84:29:8c:6c:6d:71:61:ba:97:fb:d0:
96:df:90:3e:c4:a9:b2:16:70:13:21:fe:1f:64:5b:b6:11:97:
bd:33:14:3b:bb:fa:aa:24:3c:fd:66:a2:a4:1e:48:91:a0:70:
a8:ab:8f:3e:d4:b5:b6:a5:d1:b2:88:4e:df:2d:e5:54:4d:ca:
77:d0:9d:8f:21:e6:e2:ca:ee:e1:52:73:28:1b:67:55:ea:21:
44:9f:8b:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2txyEta1BIjwA/OKGUscMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZmQzODA0ZTAwYjllMDZhODJjZWQ5ZjA3YjM0ZmUzZmQ4
MDM5NGUwHhcNMjQwMTAxMDIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjRiYzRjMzhjODc4NjA5YjE5ODRiOTI3NDAyYWNkN2FkMDRmN2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQA/vOwBgSGd48yd4SgupOOxbX46
0SpWO4no+oLK2OCuQkR2d6KFBDHeD49uBgiQ5EGemZLYmdU84S1YpTujwPV6e+Vy
I+v/seZ58QYmdrRedLxJx1M4ye5RK5U7uLHOIko1aL+6+vxx26jfV06Tzk1isb4e
N3fv0aXTPvzRvLn4kaGGoFDxBgc60Njo1xne7BDHB2u/jaiAK9HShe+RNIB5iHEO
eQQDi8eTUr6Tb44PhI9aZ+BwUeEA0rtu0R6P2rcJfredVfffXH2pR1itFYlwV/kA
zoF6zmWNecZATKEmLpptMfp3rK8n07CFjZkxJm11JjI1enipvHmRSTzioQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK9LxMOMh4YJsZhLknQCrNetBPe4MB8GA1UdIwQY
MBaAFBX9OATgC54GqCztnwezT+P9gDlOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmYwNEJPQUxuZ2FvTE8yZkI3TlA0XzJBT1U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iZTNjNDAtMTIxMC00MjcyLWE1ZWEt
NzgzNWQzMjA4Mzk2LzEvcjB2RXc0eUhoZ214bUV1U2RBS3MxNjBFOTdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iZTNjNDAtMTIxMC00MjcyLWE1ZWEtNzgzNWQzMjA4Mzk2
LzEvRmYwNEJPQUxuZ2FvTE8yZkI3TlA0XzJBT1U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdD8MA0G
CSqGSIb3DQEBCwUAA4IBAQBVBs/6cFGqJ51bdm5hssKguUxaIdPfvdH39xWs4X4J
419REGxziLuIKkaGWniOgITXWOV7lAq7DD3OnXdZtjF+Ig6Ce4iQgGETLtbv1kYC
j0zUjm7iwA1Szs3OI+Bg/OyHyMv0PNJG73CWCPL5GM2pfgR16EvYeTaJxVw7nYDd
wAI1yjbovdDpXgbgUov15lzlhkIGFKHzVN4HcSSGNMau9Rxt5AI0JBEChCmMbG1x
YbqX+9CW35A+xKmyFnATIf4fZFu2EZe9MxQ7u/qqJDz9ZqKkHkiRoHCoq48+1LW2
pdGyiE7fLeVUTcp30J2PIebiyu7hUnMoG2dV6iFEn4ux
-----END CERTIFICATE-----
Generated at Tue May 14 15:20:44 2024 by rpki-client on console-ams.rpki-client.org