Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/047oUsivQRqwk87eLup9ENWricM.roa
File: 047oUsivQRqwk87eLup9ENWricM.roa (raw, json)
Hash identifier: n8r05ZrkjCdvwlMyWVbcD5C0Vdatu7BVFbA8+VY5eh0=
Subject key identifier: D3:8E:E8:52:C8:AF:41:1A:B0:93:CE:DE:2E:EA:7D:10:D5:AB:89:C3
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018CC802077AC8D89B89DAC72C27B85A010F
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/047oUsivQRqwk87eLup9ENWricM.roa
Signing time: Tue 02 Jan 2024 02:30:25 +0000
ROA not before: Tue 02 Jan 2024 02:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43132
IP address blocks: 178.34.208.0/20 maxlen: 20
85.173.96.0/19 maxlen: 19
85.172.174.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 16 Apr 2024 11:03:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:07:7a:c8:d8:9b:89:da:c7:2c:27:b8:5a:01:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 02:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d38ee852c8af411ab093cede2eea7d10d5ab89c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:02:a6:44:f9:c3:00:6d:88:26:4b:69:47:ff:
16:e4:11:6e:b5:0e:66:a9:a5:7e:7e:c0:b7:37:25:
4d:97:81:23:be:aa:18:e7:ad:1e:ef:36:b5:a3:a8:
29:39:2a:f6:a4:99:c3:09:23:3c:22:bf:f8:fb:f0:
ef:91:8f:f7:86:77:89:bc:d9:67:a7:23:be:1f:a2:
22:60:66:96:85:6b:ca:1a:ca:41:91:b2:9b:83:2e:
c7:93:44:a4:83:d0:be:ad:8f:c1:00:4c:26:da:96:
71:20:cd:2e:d4:1b:b2:09:51:1f:c0:fa:26:02:66:
b1:ec:1d:cb:e5:57:3e:08:cf:8a:cc:0a:73:ab:2e:
ee:9e:96:97:65:9b:b7:74:1b:fe:cc:02:59:0c:0e:
19:44:9c:1a:d8:56:44:7c:fe:b0:21:f4:8c:f5:52:
cb:39:71:5b:1c:c6:a2:17:20:0f:af:3a:49:05:63:
b1:0c:3a:d5:34:95:70:e9:fd:93:3f:86:94:ec:88:
9e:9f:4a:05:ba:68:2d:e0:72:de:41:6f:05:f4:6e:
f2:30:ca:28:c2:a6:95:c5:e3:7f:d5:75:8c:dd:af:
2c:ff:05:9c:95:94:fc:b4:43:52:e8:a2:34:ad:e7:
b6:ca:80:74:6a:ed:09:ec:ba:44:89:51:4f:76:22:
a4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:8E:E8:52:C8:AF:41:1A:B0:93:CE:DE:2E:EA:7D:10:D5:AB:89:C3
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/047oUsivQRqwk87eLup9ENWricM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.172.174.0/23
85.173.96.0/19
178.34.208.0/20
Signature Algorithm: sha256WithRSAEncryption
08:1b:9a:4b:96:86:66:cc:3d:6c:8d:1d:47:8e:34:16:90:ce:
ac:ba:66:a2:48:ae:a7:39:03:2b:9b:5e:01:85:77:0a:1c:8a:
fd:27:37:da:e8:f8:37:82:a3:6e:5b:1d:49:3c:f4:71:f4:68:
f8:f8:f3:87:34:8a:3d:12:b0:05:9d:c0:9b:72:5f:48:e7:8b:
c2:a5:26:88:fb:32:e3:02:26:d1:76:9e:ee:8a:64:fb:31:24:
e3:ac:9e:30:91:55:b3:10:5a:68:6b:63:ce:92:10:97:ad:06:
fb:5e:79:0e:9f:11:bf:04:f4:50:72:69:cb:4c:2f:e7:27:7f:
ef:2b:52:0e:08:8f:81:8f:2c:41:ab:e8:16:ba:cd:76:36:60:
ec:55:7e:92:a1:24:39:81:3b:8d:c6:ad:00:a1:bb:20:8a:d7:
a0:63:26:a3:05:c6:c9:31:9f:1f:e7:27:f7:26:80:fa:ef:13:
78:ae:37:3d:49:90:d6:6e:86:33:1f:d9:a2:1a:02:5a:f1:5e:
76:1d:39:b8:97:e8:0c:e7:31:b3:6b:5d:b1:5e:35:5a:b2:31:
09:ad:2b:66:22:e2:25:82:63:17:a2:75:a8:74:74:df:0c:89:
cd:83:3b:36:c8:71:7f:f1:3a:70:0e:63:dd:7f:84:36:be:86:
3e:12:b0:7c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAgd6yNibidrHLCe4WgEPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMTAyMDIzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzhlZTg1MmM4YWY0MTFhYjA5M2NlZGUyZWVhN2QxMGQ1YWI4OWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAKmRPnDAG2IJktpR/8W5BFutQ5m
qaV+fsC3NyVNl4EjvqoY560e7za1o6gpOSr2pJnDCSM8Ir/4+/DvkY/3hneJvNln
pyO+H6IiYGaWhWvKGspBkbKbgy7Hk0Skg9C+rY/BAEwm2pZxIM0u1BuyCVEfwPom
Amax7B3L5Vc+CM+KzApzqy7unpaXZZu3dBv+zAJZDA4ZRJwa2FZEfP6wIfSM9VLL
OXFbHMaiFyAPrzpJBWOxDDrVNJVw6f2TP4aU7Iien0oFumgt4HLeQW8F9G7yMMoo
wqaVxeN/1XWM3a8s/wWclZT8tENS6KI0ree2yoB0au0J7LpEiVFPdiKkoQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNOO6FLIr0EasJPO3i7qfRDVq4nDMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvMDQ3b1VzaXZRUnF3azg3ZUx1cDlFTldyaWNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVayuAwQF
Va1gAwQEsiLQMA0GCSqGSIb3DQEBCwUAA4IBAQAIG5pLloZmzD1sjR1HjjQWkM6s
umaiSK6nOQMrm14BhXcKHIr9Jzfa6Pg3gqNuWx1JPPRx9Gj4+POHNIo9ErAFncCb
cl9I54vCpSaI+zLjAibRdp7uimT7MSTjrJ4wkVWzEFpoa2POkhCXrQb7XnkOnxG/
BPRQcmnLTC/nJ3/vK1IOCI+BjyxBq+gWus12NmDsVX6SoSQ5gTuNxq0Aobsgiteg
YyajBcbJMZ8f5yf3JoD67xN4rjc9SZDWboYzH9miGgJa8V52HTm4l+gM5zGza12x
XjVasjEJrStmIuIlgmMXonWodHTfDInNgzs2yHF/8TpwDmPdf4Q2voY+ErB8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:55 2024 by rpki-client on console-fra.rpki-client.org