Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/0c07BmBwoatPLDmJ8LxbUPtURps.roa
File: 0c07BmBwoatPLDmJ8LxbUPtURps.roa (raw, json)
Hash identifier: +uIEihmazOC0ire1B3qBkmAYCJX1Ey48wclD/eMN+ok=
Subject key identifier: D1:CD:3B:06:60:70:A1:AB:4F:2C:39:89:F0:BC:5B:50:FB:54:46:9B
Certificate issuer: /CN=b143fa703fbee04bbd91ce63a32148b36b8e55aa
Certificate serial: 01857139E03B8D3C18C3187627E8112EC223
Authority key identifier: B1:43:FA:70:3F:BE:E0:4B:BD:91:CE:63:A3:21:48:B3:6B:8E:55:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUP6cD--4Eu9kc5joyFIs2uOVao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/0c07BmBwoatPLDmJ8LxbUPtURps.roa
Signing time: Mon 02 Jan 2023 06:44:56 +0000
ROA not before: Mon 02 Jan 2023 06:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25478
IP address blocks: 85.112.96.0/19 maxlen: 24
2a00:1b30:8000::/33 maxlen: 33
2a00:1b30::/33 maxlen: 33
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:e0:3b:8d:3c:18:c3:18:76:27:e8:11:2e:c2:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b143fa703fbee04bbd91ce63a32148b36b8e55aa
Validity
Not Before: Jan 2 06:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1cd3b066070a1ab4f2c3989f0bc5b50fb54469b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9b:36:f4:4c:5e:f7:ca:8c:a1:35:10:d6:2e:
57:42:33:3c:df:1b:ca:25:68:2b:f2:3d:d7:1c:4d:
62:e7:af:1e:8f:97:c4:59:c8:2f:1f:7e:9e:b2:da:
a1:bb:18:59:bb:73:1a:d2:77:93:e9:44:92:d1:d2:
92:4e:c2:7b:34:bb:dc:d1:b2:47:02:a2:73:ae:04:
2e:88:8b:6c:bc:a5:d3:62:1c:28:d4:01:98:21:bc:
03:51:5b:5f:71:19:b3:46:a1:31:cc:9b:ae:e3:fa:
a8:81:b8:0f:06:6c:66:8a:4b:0e:df:7f:41:ad:76:
64:f0:21:0e:eb:f6:a2:03:f3:dc:9b:45:e0:4f:a2:
b3:e6:74:ca:6d:c9:f5:91:54:72:2c:14:6f:7a:07:
4a:cc:7d:f7:3d:43:47:02:12:05:00:bc:35:a5:ad:
ee:b5:1b:9d:83:9f:f6:de:e6:5a:a7:6f:00:91:6e:
2a:f2:ba:46:fc:92:42:17:cb:78:88:12:5a:d0:1a:
6f:46:f6:41:17:da:f5:de:98:32:d8:3e:27:74:89:
84:03:64:36:d3:20:eb:c1:ab:67:6f:3a:9e:4e:89:
6c:a7:d1:6d:6a:90:4d:ec:12:1a:21:cf:21:19:ea:
64:5e:89:b9:0a:cf:90:c5:dd:95:42:7c:4b:15:d9:
af:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:CD:3B:06:60:70:A1:AB:4F:2C:39:89:F0:BC:5B:50:FB:54:46:9B
X509v3 Authority Key Identifier:
keyid:B1:43:FA:70:3F:BE:E0:4B:BD:91:CE:63:A3:21:48:B3:6B:8E:55:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUP6cD--4Eu9kc5joyFIs2uOVao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/0c07BmBwoatPLDmJ8LxbUPtURps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/sUP6cD--4Eu9kc5joyFIs2uOVao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.112.96.0/19
IPv6:
2a00:1b30::/32
Signature Algorithm: sha256WithRSAEncryption
3c:12:68:a8:c6:56:02:eb:29:7b:44:a0:9c:4d:c4:6b:bb:25:
e1:6e:19:9b:53:88:5c:d5:50:2b:04:53:63:1a:25:00:57:25:
c1:a1:4f:23:e2:27:11:a0:aa:60:ac:02:51:68:09:3d:24:9b:
b2:cc:2e:63:0f:1e:42:84:c8:70:ac:f1:56:53:bd:e4:a4:7a:
88:2d:0b:c5:ff:d0:16:88:07:f6:d1:cf:29:f7:72:e9:01:d5:
be:4f:98:86:52:63:e9:36:58:8c:99:26:5d:0e:26:28:38:bf:
81:b5:43:a8:03:0a:31:d0:12:b2:56:9d:93:80:40:3a:eb:88:
06:9b:e6:58:20:75:dd:31:ff:e0:db:6b:3c:68:47:05:cb:d2:
ef:33:ef:1e:02:e8:51:39:6a:95:a0:78:67:1f:5a:84:23:90:
ee:f8:34:43:61:bb:5a:e7:de:7d:69:ad:95:bd:2a:aa:0a:d1:
2b:9c:a1:5e:fa:61:ca:2b:48:9c:79:ec:f1:53:99:23:cc:58:
06:63:9a:29:ef:ac:03:f8:26:6e:60:51:d4:7d:af:11:db:0f:
eb:41:11:30:6e:c6:66:0a:78:b5:80:a6:6e:47:7b:f1:93:95:
40:59:8e:df:6a:08:31:d5:ec:cc:77:11:bf:3e:49:87:46:d8:
56:96:69:b6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxOeA7jTwYwxh2J+gRLsIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNDNmYTcwM2ZiZWUwNGJiZDkxY2U2M2EzMjE0OGIzNmI4
ZTU1YWEwHhcNMjMwMTAyMDY0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWNkM2IwNjYwNzBhMWFiNGYyYzM5ODlmMGJjNWI1MGZiNTQ0NjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZs29Exe98qMoTUQ1i5XQjM83xvK
JWgr8j3XHE1i568ej5fEWcgvH36estqhuxhZu3Ma0neT6USS0dKSTsJ7NLvc0bJH
AqJzrgQuiItsvKXTYhwo1AGYIbwDUVtfcRmzRqExzJuu4/qogbgPBmxmiksO339B
rXZk8CEO6/aiA/Pcm0XgT6Kz5nTKbcn1kVRyLBRvegdKzH33PUNHAhIFALw1pa3u
tRudg5/23uZap28AkW4q8rpG/JJCF8t4iBJa0BpvRvZBF9r13pgy2D4ndImEA2Q2
0yDrwatnbzqeTolsp9FtapBN7BIaIc8hGepkXom5Cs+Qxd2VQnxLFdmvSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNHNOwZgcKGrTyw5ifC8W1D7VEabMB8GA1UdIwQY
MBaAFLFD+nA/vuBLvZHOY6MhSLNrjlWqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VQNmNELS00RXU5a2M1am95RklzMnVPVmFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iOTM0MmYtNTkxNi00NjQ0LWIxYWEt
MDBkMWU3YTE3MGEyLzEvMGMwN0JtQndvYXRQTERtSjhMeGJVUHRVUnBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iOTM0MmYtNTkxNi00NjQ0LWIxYWEtMDBkMWU3YTE3MGEy
LzEvc1VQNmNELS00RXU5a2M1am95RklzMnVPVmFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFVXBgMA0E
AgACMAcDBQAqABswMA0GCSqGSIb3DQEBCwUAA4IBAQA8EmioxlYC6yl7RKCcTcRr
uyXhbhmbU4hc1VArBFNjGiUAVyXBoU8j4icRoKpgrAJRaAk9JJuyzC5jDx5ChMhw
rPFWU73kpHqILQvF/9AWiAf20c8p93LpAdW+T5iGUmPpNliMmSZdDiYoOL+BtUOo
Awox0BKyVp2TgEA664gGm+ZYIHXdMf/g22s8aEcFy9LvM+8eAuhROWqVoHhnH1qE
I5Du+DRDYbta5959aa2VvSqqCtErnKFe+mHKK0iceezxU5kjzFgGY5op76wD+CZu
YFHUfa8R2w/rQREwbsZmCni1gKZuR3vxk5VAWY7faggx1ezMdxG/PkmHRthWlmm2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:53 2024 by rpki-client on console-ams.rpki-client.org