Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/U75Qsruthv81ins_b9g2HuvSl40.roa
File: U75Qsruthv81ins_b9g2HuvSl40.roa (raw, json)
Hash identifier: fznm2BC+1TE655iool6Er79m7F7CumKnMxqbK4KviOw=
Subject key identifier: 53:BE:50:B2:BB:AD:86:FF:35:8A:7B:3F:6F:D8:36:1E:EB:D2:97:8D
Certificate issuer: /CN=3474210c28413e26284822abe83ad6d7c0f764fa
Certificate serial: 01856C6EE81E6A09E1EBE974D63A3462220B
Authority key identifier: 34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/U75Qsruthv81ins_b9g2HuvSl40.roa
Signing time: Sun 01 Jan 2023 08:24:45 +0000
ROA not before: Sun 01 Jan 2023 08:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47557
IP address blocks: 185.68.44.0/24 maxlen: 24
185.68.46.0/24 maxlen: 24
185.68.45.0/24 maxlen: 24
91.206.20.0/24 maxlen: 24
2a07:c880::/29 maxlen: 29
2a07:c883::/32 maxlen: 32
2a07:c881::/32 maxlen: 32
2a07:c882::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:e8:1e:6a:09:e1:eb:e9:74:d6:3a:34:62:22:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3474210c28413e26284822abe83ad6d7c0f764fa
Validity
Not Before: Jan 1 08:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53be50b2bbad86ff358a7b3f6fd8361eebd2978d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b9:a0:82:82:11:06:4f:6a:b4:50:6f:1c:30:
dd:df:40:87:9c:6d:06:6e:7b:c8:e5:4b:0c:59:95:
7a:26:b1:77:2b:f0:3e:b8:a1:15:08:85:1f:a2:ca:
25:c8:9b:4e:8f:2d:82:ce:1c:56:16:ec:ca:5e:4e:
8d:3c:34:ce:64:95:a6:e7:34:1b:4e:46:78:c3:f1:
91:18:3e:d2:d6:5e:e8:7c:e8:d7:48:7c:88:aa:47:
8d:ef:a5:1f:83:20:6c:b5:50:c4:1c:7f:72:ae:d2:
d4:65:1c:3b:e4:97:2c:f0:73:d1:9f:b3:be:2a:2b:
13:01:09:9e:6f:b7:47:44:a4:15:66:45:87:56:8d:
55:12:c2:70:61:ba:e6:86:d1:55:57:17:97:cc:bd:
de:4c:28:09:ca:cb:9b:e7:c8:90:ba:f7:82:32:39:
53:fd:5e:8a:3a:54:54:97:32:bc:63:46:4f:b3:a9:
f6:48:0e:01:0b:dd:b5:09:e5:3e:ec:0c:8f:d9:07:
bd:82:a1:74:9a:61:9a:12:d9:2b:94:c3:15:a1:35:
d7:d3:c9:68:ce:47:79:f6:42:f2:9d:80:97:67:29:
ae:ac:13:a3:08:be:7a:60:b6:cd:bb:30:0b:ed:93:
f6:52:0e:2e:c5:4e:91:7b:26:25:f2:57:bb:93:b8:
94:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:BE:50:B2:BB:AD:86:FF:35:8A:7B:3F:6F:D8:36:1E:EB:D2:97:8D
X509v3 Authority Key Identifier:
keyid:34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/U75Qsruthv81ins_b9g2HuvSl40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.20.0/24
185.68.44.0-185.68.46.255
IPv6:
2a07:c880::/29
Signature Algorithm: sha256WithRSAEncryption
69:d9:04:a1:37:ea:f1:3e:a7:60:68:3e:92:b2:2a:26:a7:c4:
ba:04:4a:33:28:d1:9b:ec:aa:17:53:ae:58:e8:7f:43:01:4f:
04:33:56:ef:4b:12:d5:f2:a6:70:ce:36:10:dc:a1:b7:b2:66:
7c:bf:15:11:bc:97:cc:a4:2e:45:1b:d0:83:3d:44:73:ac:21:
91:14:69:e6:4c:86:24:7d:78:2b:5a:85:58:0a:d1:9d:20:2a:
8c:b2:9c:b2:97:b5:b8:92:30:01:0e:c6:2b:6a:c8:c7:1c:71:
e0:57:09:3d:ff:b9:2c:ed:d4:a3:6f:13:ce:cd:27:47:b4:c2:
b9:6f:85:f1:ab:27:ba:71:c8:72:d0:52:9c:e9:c3:07:cb:78:
19:67:ca:46:c2:5f:08:5f:40:e8:3f:1c:56:96:db:9b:e3:b3:
99:53:e7:f8:63:b2:82:b5:e1:96:b6:45:0d:bd:f5:da:5a:33:
12:36:5d:32:14:1a:79:13:21:0b:b1:04:f0:42:b5:b9:49:99:
b8:d4:e2:a9:66:bc:c9:6b:30:f8:07:94:05:31:3c:72:86:55:
1e:a4:ce:fc:9b:14:14:aa:e0:ab:af:67:f4:79:b4:49:55:9c:
0a:4d:35:af:07:b9:8a:26:db:54:cc:8d:67:f2:39:50:9d:78:
32:26:d3:75
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVsbugeagnh6+l01jo0YiILMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzQyMTBjMjg0MTNlMjYyODQ4MjJhYmU4M2FkNmQ3YzBm
NzY0ZmEwHhcNMjMwMTAxMDgyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2JlNTBiMmJiYWQ4NmZmMzU4YTdiM2Y2ZmQ4MzYxZWViZDI5NzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7mggoIRBk9qtFBvHDDd30CHnG0G
bnvI5UsMWZV6JrF3K/A+uKEVCIUfosolyJtOjy2CzhxWFuzKXk6NPDTOZJWm5zQb
TkZ4w/GRGD7S1l7ofOjXSHyIqkeN76UfgyBstVDEHH9yrtLUZRw75Jcs8HPRn7O+
KisTAQmeb7dHRKQVZkWHVo1VEsJwYbrmhtFVVxeXzL3eTCgJysub58iQuveCMjlT
/V6KOlRUlzK8Y0ZPs6n2SA4BC921CeU+7AyP2Qe9gqF0mmGaEtkrlMMVoTXX08lo
zkd59kLynYCXZymurBOjCL56YLbNuzAL7ZP2Ug4uxU6ReyYl8le7k7iU7QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFFO+ULK7rYb/NYp7P2/YNh7r0peNMB8GA1UdIwQY
MBaAFDR0IQwoQT4mKEgiq+g61tfA92T6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5Yzkt
YjBjNzRiNzZlMTgyLzEvVTc1UXNydXRodjgxaW5zX2I5ZzJIdXZTbDQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5YzktYjBjNzRiNzZlMTgy
LzEvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQAW84UMAwD
BAK5RCwDBAC5RC4wDQQCAAIwBwMFAyoHyIAwDQYJKoZIhvcNAQELBQADggEBAGnZ
BKE36vE+p2BoPpKyKianxLoESjMo0ZvsqhdTrljof0MBTwQzVu9LEtXypnDONhDc
obeyZny/FRG8l8ykLkUb0IM9RHOsIZEUaeZMhiR9eCtahVgK0Z0gKoyynLKXtbiS
MAEOxitqyMccceBXCT3/uSzt1KNvE87NJ0e0wrlvhfGrJ7pxyHLQUpzpwwfLeBln
ykbCXwhfQOg/HFaW25vjs5lT5/hjsoK14Za2RQ299dpaMxI2XTIUGnkTIQuxBPBC
tblJmbjU4qlmvMlrMPgHlAUxPHKGVR6kzvybFBSq4KuvZ/R5tElVnApNNa8HuYom
21TMjWfyOVCdeDIm03U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:39 2024 by rpki-client on console-fra.rpki-client.org