Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/4umLkVOuytbzktd4aexSbsRY-7g.roa
File: 4umLkVOuytbzktd4aexSbsRY-7g.roa (raw, json)
Hash identifier: 1On5wx/JZXucGBGOxHBPwF3kOCm2VWjs1J69EPO1XOc=
Subject key identifier: E2:E9:8B:91:53:AE:CA:D6:F3:92:D7:78:69:EC:52:6E:C4:58:FB:B8
Certificate issuer: /CN=64347465bc925c8e756ddfaa609eda02cc52d031
Certificate serial: 018CC348DAD73104264F43F44EA493BC8860
Authority key identifier: 64:34:74:65:BC:92:5C:8E:75:6D:DF:AA:60:9E:DA:02:CC:52:D0:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/4umLkVOuytbzktd4aexSbsRY-7g.roa
Signing time: Mon 01 Jan 2024 04:29:40 +0000
ROA not before: Mon 01 Jan 2024 04:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51396
IP address blocks: 85.114.120.0/21 maxlen: 21
2a01:8b20::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 May 2024 16:51:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:da:d7:31:04:26:4f:43:f4:4e:a4:93:bc:88:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64347465bc925c8e756ddfaa609eda02cc52d031
Validity
Not Before: Jan 1 04:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2e98b9153aecad6f392d77869ec526ec458fbb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c5:ef:57:59:f1:88:0a:a0:d9:04:a8:35:6d:
b0:6a:be:b1:36:2e:8c:ef:8f:ab:a6:2a:37:0e:8e:
28:92:5d:16:2b:43:5a:ef:48:21:93:7b:05:4a:f9:
b7:26:39:6d:a4:8b:75:d9:f4:57:4d:40:a6:4b:2c:
ab:90:f1:bc:11:3c:ef:72:96:67:97:82:97:67:ed:
77:29:a4:02:48:5d:83:35:c9:63:d7:48:49:7b:22:
00:9e:33:a4:44:b7:8c:51:75:16:54:54:db:df:fb:
5c:67:4a:f7:96:af:be:9b:0b:be:63:af:93:aa:0c:
d2:f6:99:96:3a:4d:52:78:df:f3:1d:ec:8a:d2:98:
fc:cb:3b:93:24:2e:7e:17:0d:02:cf:e5:31:23:44:
ee:36:bc:77:f1:61:c2:81:9c:7d:1d:6f:d7:6e:ff:
4e:67:ba:96:d9:97:e8:52:38:41:93:c7:44:56:50:
da:53:31:93:43:a5:e4:5f:db:57:4d:9f:fd:0c:5a:
46:70:2f:cd:f5:d5:ba:09:99:17:da:e6:ee:74:33:
a2:6c:16:72:02:b8:2f:d6:96:85:c5:60:6f:5a:4b:
2b:fe:54:2d:fc:e9:86:d4:98:96:80:a3:a0:58:fc:
85:7c:91:fc:ef:bd:f6:5e:b9:38:14:ec:b6:a2:cc:
60:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:E9:8B:91:53:AE:CA:D6:F3:92:D7:78:69:EC:52:6E:C4:58:FB:B8
X509v3 Authority Key Identifier:
keyid:64:34:74:65:BC:92:5C:8E:75:6D:DF:AA:60:9E:DA:02:CC:52:D0:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/4umLkVOuytbzktd4aexSbsRY-7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.114.120.0/21
IPv6:
2a01:8b20::/29
Signature Algorithm: sha256WithRSAEncryption
68:4e:be:c5:85:fb:32:08:af:29:30:ee:bd:a6:7f:13:e9:3e:
40:9b:22:e0:87:cd:bb:56:76:ce:7d:75:d0:da:60:ab:c5:8c:
48:64:db:a9:8b:9f:0a:9d:b7:6b:33:04:f1:0c:dc:d9:95:2c:
95:8d:99:1e:84:ca:8a:fb:58:3c:b3:53:1a:d2:87:dd:33:bd:
cd:36:95:a1:6f:d7:76:a3:68:d7:ed:55:a0:b0:c9:34:8a:d0:
13:bc:a6:70:06:8d:17:28:0d:d5:e9:f8:f8:1b:fe:23:dc:87:
06:6e:c7:09:7a:f1:bd:f4:4c:c1:c3:70:c7:36:9b:9e:51:24:
0f:42:79:3d:b1:c9:26:4e:4d:b2:d7:83:af:2d:c5:34:9e:af:
11:00:93:7e:e9:a3:ec:bf:fe:0c:dd:39:f1:df:e6:4f:a4:25:
80:2a:3f:ab:bc:a0:f7:c6:49:ed:2d:dc:55:69:72:71:18:86:
4d:da:5f:a2:55:f7:01:b4:42:57:77:8b:fe:59:64:65:b7:2d:
02:45:2c:61:01:cc:61:71:24:ef:05:7d:9d:af:5c:71:ea:0b:
b5:15:1e:13:9a:7c:8c:c4:38:a0:a5:cb:d0:13:89:58:00:a3:
2d:e1:79:75:3b:1f:aa:44:47:91:4d:d0:ab:ee:0e:c1:13:a1:
a0:2e:83:be
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSNrXMQQmT0P0TqSTvIhgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MzQ3NDY1YmM5MjVjOGU3NTZkZGZhYTYwOWVkYTAyY2M1
MmQwMzEwHhcNMjQwMTAxMDQyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmU5OGI5MTUzYWVjYWQ2ZjM5MmQ3Nzg2OWVjNTI2ZWM0NThmYmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcXvV1nxiAqg2QSoNW2war6xNi6M
74+rpio3Do4okl0WK0Na70ghk3sFSvm3JjltpIt12fRXTUCmSyyrkPG8ETzvcpZn
l4KXZ+13KaQCSF2DNclj10hJeyIAnjOkRLeMUXUWVFTb3/tcZ0r3lq++mwu+Y6+T
qgzS9pmWOk1SeN/zHeyK0pj8yzuTJC5+Fw0Cz+UxI0TuNrx38WHCgZx9HW/Xbv9O
Z7qW2ZfoUjhBk8dEVlDaUzGTQ6XkX9tXTZ/9DFpGcC/N9dW6CZkX2ubudDOibBZy
Argv1paFxWBvWksr/lQt/OmG1JiWgKOgWPyFfJH87732Xrk4FOy2osxgowIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOLpi5FTrsrW85LXeGnsUm7EWPu4MB8GA1UdIwQY
MBaAFGQ0dGW8klyOdW3fqmCe2gLMUtAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkRSMFpieVNYSTUxYmQtcVlKN2FBc3hTMERFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMWZmN2ItYjc2Ni00N2M3LWJlMGQt
YzBhN2I3Mzc3ZWFiLzEvNHVtTGtWT3V5dGJ6a3RkNGFleFNic1JZLTdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMWZmN2ItYjc2Ni00N2M3LWJlMGQtYzBhN2I3Mzc3ZWFi
LzEvWkRSMFpieVNYSTUxYmQtcVlKN2FBc3hTMERFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDVXJ4MA0E
AgACMAcDBQMqAYsgMA0GCSqGSIb3DQEBCwUAA4IBAQBoTr7FhfsyCK8pMO69pn8T
6T5AmyLgh827VnbOfXXQ2mCrxYxIZNupi58KnbdrMwTxDNzZlSyVjZkehMqK+1g8
s1Ma0ofdM73NNpWhb9d2o2jX7VWgsMk0itATvKZwBo0XKA3V6fj4G/4j3IcGbscJ
evG99EzBw3DHNpueUSQPQnk9sckmTk2y14OvLcU0nq8RAJN+6aPsv/4M3Tnx3+ZP
pCWAKj+rvKD3xkntLdxVaXJxGIZN2l+iVfcBtEJXd4v+WWRlty0CRSxhAcxhcSTv
BX2dr1xx6gu1FR4TmnyMxDigpcvQE4lYAKMt4Xl1Ox+qREeRTdCr7g7BE6GgLoO+
-----END CERTIFICATE-----
Generated at Wed May 1 20:19:10 2024 by rpki-client on console.sobornost.net