Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/888a04-77f4-4159-986c-3cef593d16b4/1/2j1Zi5bTKaQLGtjzUOMvAIjfmt8.roa
File: 2j1Zi5bTKaQLGtjzUOMvAIjfmt8.roa (raw, json)
Hash identifier: KtaPK8a6v+5jays9Vr1OYhEriN1A7MTAsDHM0np0z3Q=
Subject key identifier: DA:3D:59:8B:96:D3:29:A4:0B:1A:D8:F3:50:E3:2F:00:88:DF:9A:DF
Certificate issuer: /CN=614f5665059abc7be3475ef9e77a9797b716fc87
Certificate serial: 01856B40FC067EDF11E6E1685573BD78F699
Authority key identifier: 61:4F:56:65:05:9A:BC:7B:E3:47:5E:F9:E7:7A:97:97:B7:16:FC:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YU9WZQWavHvjR17553qXl7cW_Ic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/888a04-77f4-4159-986c-3cef593d16b4/1/2j1Zi5bTKaQLGtjzUOMvAIjfmt8.roa
Signing time: Sun 01 Jan 2023 02:54:58 +0000
ROA not before: Sun 01 Jan 2023 02:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42493
IP address blocks: 77.73.40.0/21 maxlen: 24
5.35.216.0/21 maxlen: 24
185.40.148.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:40:fc:06:7e:df:11:e6:e1:68:55:73:bd:78:f6:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=614f5665059abc7be3475ef9e77a9797b716fc87
Validity
Not Before: Jan 1 02:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da3d598b96d329a40b1ad8f350e32f0088df9adf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:22:4e:0e:27:7b:c8:02:89:d7:e1:b0:0b:c5:
fe:07:2f:dc:d1:43:04:e7:d4:d0:46:e5:23:23:6c:
73:41:c2:57:e4:c9:24:a0:81:89:ec:86:eb:ed:8d:
82:73:9e:ff:33:31:d2:d2:41:cd:41:ab:35:73:7b:
8e:7f:24:af:9b:33:16:47:18:ba:98:6f:3d:af:23:
0b:24:6e:00:25:89:a8:6c:8a:8d:69:98:7c:ab:d5:
42:83:8c:ac:8d:cf:85:2a:00:dc:f9:37:56:d1:72:
49:84:0d:16:36:40:1c:4a:31:4c:da:96:18:85:a1:
fd:09:fb:39:b8:d1:16:4e:52:66:bc:05:9e:ec:88:
4e:ae:e6:6c:06:1e:66:b6:ec:b3:7e:1e:4f:3f:7d:
ba:a7:24:2e:67:0e:84:02:90:cf:38:1d:ea:9b:b7:
0e:c0:13:1b:13:21:c9:92:3b:84:39:b5:8c:5f:79:
fd:9e:1c:eb:d7:b2:37:1f:46:81:16:f8:85:2c:0c:
af:84:b8:f9:1f:c7:c6:de:13:2b:e6:6f:7e:7a:c5:
b5:87:e9:16:2b:de:5e:1d:2b:f7:e0:42:5e:c2:a7:
21:d0:db:b7:ab:17:1b:cc:d3:13:5f:92:13:7b:5d:
a4:b6:b1:82:99:97:c8:79:da:39:2d:67:de:af:85:
88:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:3D:59:8B:96:D3:29:A4:0B:1A:D8:F3:50:E3:2F:00:88:DF:9A:DF
X509v3 Authority Key Identifier:
keyid:61:4F:56:65:05:9A:BC:7B:E3:47:5E:F9:E7:7A:97:97:B7:16:FC:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YU9WZQWavHvjR17553qXl7cW_Ic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/888a04-77f4-4159-986c-3cef593d16b4/1/2j1Zi5bTKaQLGtjzUOMvAIjfmt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/888a04-77f4-4159-986c-3cef593d16b4/1/YU9WZQWavHvjR17553qXl7cW_Ic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.216.0/21
77.73.40.0/21
185.40.148.0/22
Signature Algorithm: sha256WithRSAEncryption
47:66:88:d4:ac:c2:6e:23:cf:c9:7f:c2:2b:37:7c:b4:ed:ef:
98:8b:61:db:e5:60:14:69:aa:f6:fa:00:f0:21:c9:db:ed:88:
95:a8:d3:49:f7:4d:24:d2:b8:11:8b:5e:a4:bd:49:31:86:13:
d4:08:df:04:57:bf:1f:ea:fa:59:a8:ad:e3:07:44:be:15:63:
1d:d2:5c:5b:c2:0a:c7:1e:db:d1:78:43:20:b7:aa:ff:1e:34:
88:1b:2e:c8:b3:e8:ff:e2:ed:b1:48:2d:48:82:f8:e8:3e:2f:
c0:3e:4a:dc:85:1e:b0:97:83:18:e5:55:bd:63:37:45:68:18:
53:31:b3:c9:bb:0c:a2:79:4d:6d:38:e9:80:da:03:0f:95:24:
ef:5f:2b:9e:7a:4f:32:84:3d:c0:45:a0:7b:67:f0:f1:ab:71:
3c:89:5b:40:37:63:c2:94:96:5e:ed:29:43:a2:5d:fa:01:2f:
b6:33:81:ad:10:a4:94:ab:9d:b2:19:30:61:66:28:e7:67:d3:
68:71:ec:ce:1a:79:20:5e:4c:ec:3a:4e:82:e6:ed:cc:b5:30:
96:23:bb:8f:da:b0:a2:f5:6d:c2:27:67:7a:ce:19:1e:9f:38:
7e:31:1e:f3:e9:d0:3e:87:de:6c:bc:67:16:e2:09:0b:b0:07:
f5:c9:7c:bf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVrQPwGft8R5uFoVXO9ePaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNGY1NjY1MDU5YWJjN2JlMzQ3NWVmOWU3N2E5Nzk3Yjcx
NmZjODcwHhcNMjMwMTAxMDI1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTNkNTk4Yjk2ZDMyOWE0MGIxYWQ4ZjM1MGUzMmYwMDg4ZGY5YWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSJODid7yAKJ1+GwC8X+By/c0UME
59TQRuUjI2xzQcJX5MkkoIGJ7Ibr7Y2Cc57/MzHS0kHNQas1c3uOfySvmzMWRxi6
mG89ryMLJG4AJYmobIqNaZh8q9VCg4ysjc+FKgDc+TdW0XJJhA0WNkAcSjFM2pYY
haH9Cfs5uNEWTlJmvAWe7IhOruZsBh5mtuyzfh5PP326pyQuZw6EApDPOB3qm7cO
wBMbEyHJkjuEObWMX3n9nhzr17I3H0aBFviFLAyvhLj5H8fG3hMr5m9+esW1h+kW
K95eHSv34EJewqch0Nu3qxcbzNMTX5ITe12ktrGCmZfIedo5LWfer4WILQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNo9WYuW0ymkCxrY81DjLwCI35rfMB8GA1UdIwQY
MBaAFGFPVmUFmrx740de+ed6l5e3FvyHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVU5V1pRV2F2SHZqUjE3NTUzcVhsN2NXX0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS84ODhhMDQtNzdmNC00MTU5LTk4NmMt
M2NlZjU5M2QxNmI0LzEvMmoxWmk1YlRLYVFMR3RqelVPTXZBSWpmbXQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS84ODhhMDQtNzdmNC00MTU5LTk4NmMtM2NlZjU5M2QxNmI0
LzEvWVU5V1pRV2F2SHZqUjE3NTUzcVhsN2NXX0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBSPYAwQD
TUkoAwQCuSiUMA0GCSqGSIb3DQEBCwUAA4IBAQBHZojUrMJuI8/Jf8IrN3y07e+Y
i2Hb5WAUaar2+gDwIcnb7YiVqNNJ900k0rgRi16kvUkxhhPUCN8EV78f6vpZqK3j
B0S+FWMd0lxbwgrHHtvReEMgt6r/HjSIGy7Is+j/4u2xSC1IgvjoPi/APkrchR6w
l4MY5VW9YzdFaBhTMbPJuwyieU1tOOmA2gMPlSTvXyueek8yhD3ARaB7Z/Dxq3E8
iVtAN2PClJZe7SlDol36AS+2M4GtEKSUq52yGTBhZijnZ9NocezOGnkgXkzsOk6C
5u3MtTCWI7uP2rCi9W3CJ2d6zhkenzh+MR7z6dA+h95svGcW4gkLsAf1yXy/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:47 2024 by rpki-client on console-fra.rpki-client.org