Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/0eg9jHvgnsrwEvqL-fCjgECfht0.roa
File: 0eg9jHvgnsrwEvqL-fCjgECfht0.roa (raw, json)
Hash identifier: V9ODvQqNd6LCfvGPeTeWXJH+2F26kHSBWR27rsadlT4=
Subject key identifier: D1:E8:3D:8C:7B:E0:9E:CA:F0:12:FA:8B:F9:F0:A3:80:40:9F:86:DD
Certificate issuer: /CN=86e99134171b5863f62f22b7d7abf740349528ec
Certificate serial: 018FB98BD310A9EE8171D1BB5DCC31881999
Authority key identifier: 86:E9:91:34:17:1B:58:63:F6:2F:22:B7:D7:AB:F7:40:34:95:28:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/humRNBcbWGP2LyK316v3QDSVKOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/0eg9jHvgnsrwEvqL-fCjgECfht0.roa
Signing time: Mon 27 May 2024 10:14:59 +0000
ROA not before: Mon 27 May 2024 10:14:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60439
IP address blocks: 85.208.196.0/24 maxlen: 24
85.208.197.0/24 maxlen: 24
85.208.198.0/24 maxlen: 24
85.208.199.0/24 maxlen: 24
193.160.30.0/24 maxlen: 24
193.160.31.0/24 maxlen: 24
2a13:8240::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 17 Sep 2024 14:05:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b9:8b:d3:10:a9:ee:81:71:d1:bb:5d:cc:31:88:19:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86e99134171b5863f62f22b7d7abf740349528ec
Validity
Not Before: May 27 10:14:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1e83d8c7be09ecaf012fa8bf9f0a380409f86dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:03:80:61:59:47:63:f8:45:6b:8b:a3:eb:74:
12:4b:90:6a:d5:65:43:ac:1f:6d:a5:ed:7a:2c:91:
d4:9f:37:7f:e5:dc:99:36:b1:69:da:1c:27:8b:e2:
42:2b:61:8b:3a:e6:a4:e3:46:0a:f0:1b:a0:f4:34:
b6:07:63:d4:aa:dd:39:99:97:19:f8:5f:9f:3b:a0:
79:cd:52:80:42:f6:ef:2e:ec:6c:1b:ea:02:7d:83:
cf:58:32:64:f5:66:c8:79:23:19:d7:0a:da:85:cd:
1b:92:10:0f:de:65:2c:a1:69:b5:cf:aa:05:fa:2c:
09:a5:3e:cb:e2:dc:91:4b:ec:0e:81:f4:33:2e:14:
bc:aa:87:2f:06:dd:c5:08:8f:de:af:a9:9b:a1:b5:
e4:a7:9a:1f:9b:d5:fa:5d:40:ed:14:1c:23:f1:2b:
dc:08:37:0a:38:1a:94:48:d2:5b:5f:02:c5:17:5a:
e6:6b:c3:52:28:9e:5d:c9:0a:65:43:28:93:4e:2d:
ac:7a:7b:bb:03:78:00:94:8c:92:13:a5:aa:1b:e1:
e8:3a:16:df:7b:11:53:f2:6a:90:a4:bc:76:10:41:
46:1a:e3:69:9a:bc:ea:c2:fa:02:08:94:96:32:c5:
af:cd:d0:d6:18:a1:2d:9d:29:46:70:b4:71:d2:77:
5a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:E8:3D:8C:7B:E0:9E:CA:F0:12:FA:8B:F9:F0:A3:80:40:9F:86:DD
X509v3 Authority Key Identifier:
keyid:86:E9:91:34:17:1B:58:63:F6:2F:22:B7:D7:AB:F7:40:34:95:28:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/humRNBcbWGP2LyK316v3QDSVKOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/0eg9jHvgnsrwEvqL-fCjgECfht0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/humRNBcbWGP2LyK316v3QDSVKOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.196.0/22
193.160.30.0/23
IPv6:
2a13:8240::/40
Signature Algorithm: sha256WithRSAEncryption
68:6f:55:ea:76:14:6f:ab:b9:59:94:58:48:3f:70:8c:75:a3:
0e:b5:e1:fb:8f:7d:d3:47:19:51:2c:f6:de:f1:ef:8c:56:44:
0e:28:48:85:95:61:c5:b2:c7:17:74:c8:0d:b2:1a:e0:79:5b:
09:c6:3f:27:12:2d:58:8b:98:1a:85:be:09:eb:71:3c:27:e6:
7f:a4:ff:60:4c:38:f3:68:66:b9:87:6d:f5:0c:32:c2:97:19:
08:92:88:f9:88:7c:09:5f:27:a4:13:33:67:12:be:a6:90:fe:
da:aa:41:64:b5:10:54:81:9b:1c:56:5d:63:87:97:e8:11:09:
12:9f:1e:d4:f3:7d:f9:b6:ef:60:8c:76:8e:73:a3:20:d9:ab:
36:35:94:e8:18:85:ad:d4:2e:00:fc:8b:72:4f:be:7e:5a:44:
a2:73:26:ce:72:f9:12:48:19:56:bf:fd:44:6d:1d:c5:1c:49:
5c:73:50:cd:17:2c:c2:8c:ad:53:84:89:22:cf:3a:68:06:a1:
05:e8:d6:5d:f1:c3:00:26:bd:0a:3a:95:00:eb:b7:98:2a:b0:
bc:97:ab:48:3d:ba:e4:60:8b:75:51:db:f2:8c:f3:70:aa:61:
69:0f:83:68:53:d7:32:a7:fc:90:86:68:85:1b:25:ad:b4:d8:
ef:27:17:03
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY+5i9MQqe6BcdG7XcwxiBmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZTk5MTM0MTcxYjU4NjNmNjJmMjJiN2Q3YWJmNzQwMzQ5
NTI4ZWMwHhcNMjQwNTI3MTAxNDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWU4M2Q4YzdiZTA5ZWNhZjAxMmZhOGJmOWYwYTM4MDQwOWY4NmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwOAYVlHY/hFa4uj63QSS5Bq1WVD
rB9tpe16LJHUnzd/5dyZNrFp2hwni+JCK2GLOuak40YK8Bug9DS2B2PUqt05mZcZ
+F+fO6B5zVKAQvbvLuxsG+oCfYPPWDJk9WbIeSMZ1wrahc0bkhAP3mUsoWm1z6oF
+iwJpT7L4tyRS+wOgfQzLhS8qocvBt3FCI/er6mbobXkp5ofm9X6XUDtFBwj8Svc
CDcKOBqUSNJbXwLFF1rma8NSKJ5dyQplQyiTTi2senu7A3gAlIySE6WqG+HoOhbf
exFT8mqQpLx2EEFGGuNpmrzqwvoCCJSWMsWvzdDWGKEtnSlGcLRx0ndadQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFNHoPYx74J7K8BL6i/nwo4BAn4bdMB8GA1UdIwQY
MBaAFIbpkTQXG1hj9i8it9er90A0lSjsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHVtUk5CY2JXR1AyTHlLMzE2djNRRFNWS093LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jMWI1ZWMtNTJmZi00ZWNiLWIzZmQt
ZGE5NTgwOGJhMmMxLzEvMGVnOWpIdmduc3J3RXZxTC1mQ2pnRUNmaHQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jMWI1ZWMtNTJmZi00ZWNiLWIzZmQtZGE5NTgwOGJhMmMx
LzEvaHVtUk5CY2JXR1AyTHlLMzE2djNRRFNWS093LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCVdDEAwQB
waAeMA4EAgACMAgDBgAqE4JAADANBgkqhkiG9w0BAQsFAAOCAQEAaG9V6nYUb6u5
WZRYSD9wjHWjDrXh+49900cZUSz23vHvjFZEDihIhZVhxbLHF3TIDbIa4HlbCcY/
JxItWIuYGoW+CetxPCfmf6T/YEw482hmuYdt9QwywpcZCJKI+Yh8CV8npBMzZxK+
ppD+2qpBZLUQVIGbHFZdY4eX6BEJEp8e1PN9+bbvYIx2jnOjINmrNjWU6BiFrdQu
APyLck++flpEonMmznL5EkgZVr/9RG0dxRxJXHNQzRcswoytU4SJIs86aAahBejW
XfHDACa9CjqVAOu3mCqwvJerSD265GCLdVHb8ozzcKphaQ+DaFPXMqf8kIZohRsl
rbTY7ycXAw==
-----END CERTIFICATE-----
Generated at Tue Sep 17 18:26:53 2024 by rpki-client on console-ams.rpki-client.org