Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/rqQSCNO75Yq0NVx9Oscw7lxTPlI.roa
File: rqQSCNO75Yq0NVx9Oscw7lxTPlI.roa (raw, json)
Hash identifier: itx5LC6Qq1rjeqsInn5w2f9bkHoOMJVl8BoTuFSdj1k=
Subject key identifier: AE:A4:12:08:D3:BB:E5:8A:B4:35:5C:7D:3A:C7:30:EE:5C:53:3E:52
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018CCA2985750A18164B082842ADFB91FAA7
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/rqQSCNO75Yq0NVx9Oscw7lxTPlI.roa
Signing time: Tue 02 Jan 2024 12:32:47 +0000
ROA not before: Tue 02 Jan 2024 12:32:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48806
IP address blocks: 85.203.8.0/24 maxlen: 24
85.203.24.0/24 maxlen: 24
85.203.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 May 2024 14:35:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:85:75:0a:18:16:4b:08:28:42:ad:fb:91:fa:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 12:32:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aea41208d3bbe58ab4355c7d3ac730ee5c533e52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c9:e0:2c:4f:b1:9a:01:9b:a0:b2:b1:86:28:
36:f2:13:8a:00:41:8d:41:fe:16:a5:ae:a2:b7:eb:
84:f7:d4:49:41:30:ab:49:b9:0d:d6:70:53:8c:36:
49:17:27:f8:d9:74:3b:1f:f1:e6:55:88:2f:d3:72:
d9:23:a5:c4:bb:5f:e9:34:16:aa:dc:ab:29:9f:56:
4e:2a:27:ef:d6:fe:ab:67:89:8c:d9:0b:c0:f7:d4:
6f:e9:c8:4e:c0:00:0c:aa:f8:86:12:c7:61:fa:96:
3a:88:9c:5b:81:67:64:90:c2:01:4a:d8:da:fd:ef:
43:11:24:50:1c:65:04:51:ee:9d:46:16:cb:0d:e7:
e1:f9:84:07:a7:b2:81:ed:63:fe:57:9f:6a:ba:5c:
a7:79:69:2f:38:18:85:1d:dc:e8:62:6c:81:a2:36:
51:2e:e2:90:81:7a:c4:21:73:1d:84:d5:d1:89:35:
5d:de:40:93:02:0f:51:38:6a:7c:16:98:34:7b:bf:
39:87:4d:e4:b5:c0:1d:74:dc:b8:45:86:72:81:a0:
30:2e:9d:75:ef:0f:b7:f9:01:44:3a:60:16:b1:6f:
16:60:b6:92:e4:38:09:55:20:5d:42:af:79:1f:2f:
21:77:9b:c3:64:de:ca:0c:45:fd:2d:6e:63:64:1f:
9b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:A4:12:08:D3:BB:E5:8A:B4:35:5C:7D:3A:C7:30:EE:5C:53:3E:52
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/rqQSCNO75Yq0NVx9Oscw7lxTPlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.8.0/24
85.203.24.0/24
85.203.35.0/24
Signature Algorithm: sha256WithRSAEncryption
74:b1:9c:d2:47:36:e6:9e:b9:16:a8:4e:75:49:f8:f1:89:6c:
fb:26:47:cc:71:5a:53:0f:a8:b5:e0:13:80:5d:f0:39:0b:e9:
d2:66:b3:58:13:04:90:b6:81:81:10:d7:bb:a6:61:84:b9:0f:
c9:3e:85:d5:ed:82:ab:29:22:e9:3c:ff:5e:d3:3a:2b:18:f4:
1a:5f:df:9c:2e:a1:ff:e4:db:ca:ad:a7:75:30:a8:4e:0a:af:
4f:39:d4:b3:b1:c4:83:a2:07:ae:74:67:ec:a5:ec:ab:63:92:
67:c2:71:31:bf:d1:ae:4d:f5:87:06:58:97:2b:a1:31:14:22:
33:d3:51:36:87:9b:2a:bc:90:27:82:0d:4e:2e:a0:04:11:52:
68:f0:51:84:8e:68:5a:40:61:3f:fd:96:6b:e2:a8:00:75:da:
62:30:45:61:0f:74:e4:87:84:f3:27:6d:13:a6:aa:f5:94:b7:
3f:33:47:74:7d:04:7b:55:6e:c8:40:1d:9d:b9:7f:cd:36:b6:
27:1f:83:1a:4c:99:c7:a1:54:d3:68:a2:1a:cc:ce:44:5a:ce:
60:c7:69:86:07:12:a3:fc:3c:52:eb:ff:21:54:80:95:02:74:
22:bb:a7:9c:75:c1:16:29:d2:b8:10:0a:27:8e:e2:4a:be:70:
01:22:1d:18
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKYV1ChgWSwgoQq37kfqnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjQwMTAyMTIzMjQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWE0MTIwOGQzYmJlNThhYjQzNTVjN2QzYWM3MzBlZTVjNTMzZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksngLE+xmgGboLKxhig28hOKAEGN
Qf4Wpa6it+uE99RJQTCrSbkN1nBTjDZJFyf42XQ7H/HmVYgv03LZI6XEu1/pNBaq
3Kspn1ZOKifv1v6rZ4mM2QvA99Rv6chOwAAMqviGEsdh+pY6iJxbgWdkkMIBStja
/e9DESRQHGUEUe6dRhbLDefh+YQHp7KB7WP+V59qulyneWkvOBiFHdzoYmyBojZR
LuKQgXrEIXMdhNXRiTVd3kCTAg9ROGp8Fpg0e785h03ktcAddNy4RYZygaAwLp11
7w+3+QFEOmAWsW8WYLaS5DgJVSBdQq95Hy8hd5vDZN7KDEX9LW5jZB+bIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK6kEgjTu+WKtDVcfTrHMO5cUz5SMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvcnFRU0NOTzc1WXEwTlZ4OU9zY3c3bHhUUGxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVcsIAwQA
VcsYAwQAVcsjMA0GCSqGSIb3DQEBCwUAA4IBAQB0sZzSRzbmnrkWqE51SfjxiWz7
JkfMcVpTD6i14BOAXfA5C+nSZrNYEwSQtoGBENe7pmGEuQ/JPoXV7YKrKSLpPP9e
0zorGPQaX9+cLqH/5NvKrad1MKhOCq9POdSzscSDogeudGfspeyrY5JnwnExv9Gu
TfWHBliXK6ExFCIz01E2h5sqvJAngg1OLqAEEVJo8FGEjmhaQGE//ZZr4qgAddpi
MEVhD3Tkh4TzJ20Tpqr1lLc/M0d0fQR7VW7IQB2duX/NNrYnH4MaTJnHoVTTaKIa
zM5EWs5gx2mGBxKj/DxS6/8hVICVAnQiu6ecdcEWKdK4EAonjuJKvnABIh0Y
-----END CERTIFICATE-----
Generated at Sat May 11 02:53:22 2024 by rpki-client on console.sobornost.net