Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/dbd951-259b-4759-a519-9c5e1deb2c33/1/1Z5bmRiECCK70OYQ2C1j10LkdKE.roa
File: 1Z5bmRiECCK70OYQ2C1j10LkdKE.roa (raw, json)
Hash identifier: pFSXuTOPjqs8/tKAAkJ1wHJ9kWVp/5wBs7VbBqMSlmY=
Subject key identifier: D5:9E:5B:99:18:84:08:22:BB:D0:E6:10:D8:2D:63:D7:42:E4:74:A1
Certificate issuer: /CN=2400b20606314858a7b3f2a975e8e9d919ec753a
Certificate serial: 018CC72765C5B51A9B1CC450987CBEAA818F
Authority key identifier: 24:00:B2:06:06:31:48:58:A7:B3:F2:A9:75:E8:E9:D9:19:EC:75:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JACyBgYxSFins_Kpdejp2RnsdTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/dbd951-259b-4759-a519-9c5e1deb2c33/1/1Z5bmRiECCK70OYQ2C1j10LkdKE.roa
Signing time: Mon 01 Jan 2024 22:31:37 +0000
ROA not before: Mon 01 Jan 2024 22:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43578
IP address blocks: 185.74.81.0/24 maxlen: 24
185.74.80.0/24 maxlen: 24
77.246.186.96/27 maxlen: 27
77.246.190.160/27 maxlen: 27
77.246.187.0/24 maxlen: 24
77.246.188.0/24 maxlen: 24
77.246.190.0/24 maxlen: 24
77.246.191.0/24 maxlen: 24
77.246.182.128/29 maxlen: 29
77.246.178.0/24 maxlen: 24
77.246.179.0/24 maxlen: 24
77.246.176.0/24 maxlen: 24
77.246.177.0/24 maxlen: 24
77.246.182.0/24 maxlen: 24
77.246.180.0/24 maxlen: 24
77.246.181.0/24 maxlen: 24
77.246.185.0/24 maxlen: 24
77.246.186.0/24 maxlen: 24
77.246.183.0/24 maxlen: 24
2a05:4700:101::/48 maxlen: 48
2a05:4700:100::/48 maxlen: 48
2a05:4700:200::/48 maxlen: 48
2a05:4700:50::/48 maxlen: 48
2a05:4700:b::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 08 Jan 2024 06:17:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:65:c5:b5:1a:9b:1c:c4:50:98:7c:be:aa:81:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2400b20606314858a7b3f2a975e8e9d919ec753a
Validity
Not Before: Jan 1 22:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d59e5b9918840822bbd0e610d82d63d742e474a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0b:8b:85:58:1d:a4:16:07:da:95:47:40:d8:
9e:8a:13:fe:f0:29:fd:a5:fd:f3:c1:e3:b1:4d:cb:
65:cf:2b:1c:ec:58:aa:f0:50:4a:6e:67:99:fe:d4:
5a:d3:40:1e:46:06:3e:80:a7:0a:b8:aa:62:f3:4b:
d9:7b:7d:0a:da:45:d4:28:a5:02:59:c5:56:d4:7e:
19:74:48:85:80:7c:4b:cd:2d:f4:7e:cb:60:b7:c9:
1a:03:f5:c3:07:09:02:c7:d7:7f:b3:ce:c0:5d:7e:
d8:8f:ab:43:26:e4:4c:d9:6c:f3:66:92:74:76:54:
e6:02:b5:48:22:2b:ab:cc:42:02:be:28:15:d5:5e:
ce:a1:6a:a1:3d:df:99:23:aa:fb:9d:ac:d1:61:d9:
ae:8b:2d:81:27:e2:bd:ee:21:84:14:74:07:df:d0:
bd:43:d2:4e:86:70:02:92:3a:2f:a0:be:a3:6e:72:
7a:83:1f:04:c7:a2:0b:77:9c:f4:89:be:b2:59:e6:
dc:1f:a9:01:83:2c:c7:de:37:08:85:03:0a:b6:36:
ba:3d:ea:43:13:ca:26:9a:ef:03:70:8a:42:be:9b:
e9:b2:d3:cc:27:e7:cf:0c:a3:b3:47:ab:fe:12:78:
a7:41:20:69:11:3a:0d:7f:47:82:75:da:28:f4:dc:
83:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:9E:5B:99:18:84:08:22:BB:D0:E6:10:D8:2D:63:D7:42:E4:74:A1
X509v3 Authority Key Identifier:
keyid:24:00:B2:06:06:31:48:58:A7:B3:F2:A9:75:E8:E9:D9:19:EC:75:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JACyBgYxSFins_Kpdejp2RnsdTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dbd951-259b-4759-a519-9c5e1deb2c33/1/1Z5bmRiECCK70OYQ2C1j10LkdKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dbd951-259b-4759-a519-9c5e1deb2c33/1/JACyBgYxSFins_Kpdejp2RnsdTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.176.0/21
77.246.185.0-77.246.188.255
77.246.190.0/23
185.74.80.0/23
IPv6:
2a05:4700:b::/48
2a05:4700:50::/48
2a05:4700:100::/47
2a05:4700:200::/48
Signature Algorithm: sha256WithRSAEncryption
2b:a5:8c:b3:db:8f:b3:b4:fe:d2:bd:68:b7:2a:15:fb:1b:65:
80:2d:26:94:43:fc:d7:c2:cb:f6:f6:79:05:fc:8a:99:83:4b:
16:d2:32:64:2c:b8:02:b6:58:2d:37:db:dc:8a:fd:06:11:cc:
39:5f:81:a4:22:fe:fc:59:17:d0:cf:e0:3b:82:94:f8:82:e5:
d6:ba:df:23:c3:03:66:b5:eb:be:33:0d:9d:d7:6a:18:0b:f1:
32:ba:ff:84:5b:15:5c:00:16:3b:b2:42:72:79:16:cf:1a:ff:
c1:2f:d4:b1:70:e9:c8:dd:9a:9e:e6:ad:ac:a8:fd:49:9b:1b:
c5:79:e8:28:31:63:3f:c6:1f:bc:09:be:e1:4a:7d:38:b7:d7:
2f:af:c3:9e:e9:37:f8:5e:4d:0c:6b:5d:dc:93:6c:d7:26:65:
a2:55:2d:f4:b8:0e:05:ca:64:9a:36:bf:54:08:a1:4a:24:83:
9d:e4:f3:3f:33:9c:bb:43:d0:4d:12:ff:f5:ec:94:b0:7c:b4:
95:65:70:b9:af:89:01:75:ce:f8:a9:93:27:11:d9:17:f9:14:
70:7a:e2:68:ce:d3:42:76:3f:68:d7:89:56:66:35:ca:8d:66:
ed:fa:20:1a:d5:30:45:45:5c:41:20:f5:cc:97:5e:3a:68:19:
d0:1e:b9:33
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYzHJ2XFtRqbHMRQmHy+qoGPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MDBiMjA2MDYzMTQ4NThhN2IzZjJhOTc1ZThlOWQ5MTll
Yzc1M2EwHhcNMjQwMTAxMjIzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTllNWI5OTE4ODQwODIyYmJkMGU2MTBkODJkNjNkNzQyZTQ3NGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvguLhVgdpBYH2pVHQNieihP+8Cn9
pf3zweOxTctlzysc7Fiq8FBKbmeZ/tRa00AeRgY+gKcKuKpi80vZe30K2kXUKKUC
WcVW1H4ZdEiFgHxLzS30fstgt8kaA/XDBwkCx9d/s87AXX7Yj6tDJuRM2WzzZpJ0
dlTmArVIIiurzEICvigV1V7OoWqhPd+ZI6r7nazRYdmuiy2BJ+K97iGEFHQH39C9
Q9JOhnACkjovoL6jbnJ6gx8Ex6ILd5z0ib6yWebcH6kBgyzH3jcIhQMKtja6PepD
E8ommu8DcIpCvpvpstPMJ+fPDKOzR6v+EninQSBpEToNf0eCddoo9NyDWwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFNWeW5kYhAgiu9DmENgtY9dC5HShMB8GA1UdIwQY
MBaAFCQAsgYGMUhYp7PyqXXo6dkZ7HU6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkFDeUJnWXhTRmluc19LcGRlanAyUm5zZFRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9kYmQ5NTEtMjU5Yi00NzU5LWE1MTkt
OWM1ZTFkZWIyYzMzLzEvMVo1Ym1SaUVDQ0s3ME9ZUTJDMWoxMExrZEtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9kYmQ5NTEtMjU5Yi00NzU5LWE1MTktOWM1ZTFkZWIyYzMz
LzEvSkFDeUJnWXhTRmluc19LcGRlanAyUm5zZFRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDAmBAIAATAgAwQDTfawMAwD
BABN9rkDBABN9rwDBAFN9r4DBAG5SlAwKgQCAAIwJAMHACoFRwAACwMHACoFRwAA
UAMHASoFRwABAAMHACoFRwACADANBgkqhkiG9w0BAQsFAAOCAQEAK6WMs9uPs7T+
0r1otyoV+xtlgC0mlEP818LL9vZ5BfyKmYNLFtIyZCy4ArZYLTfb3Ir9BhHMOV+B
pCL+/FkX0M/gO4KU+ILl1rrfI8MDZrXrvjMNnddqGAvxMrr/hFsVXAAWO7JCcnkW
zxr/wS/UsXDpyN2anuatrKj9SZsbxXnoKDFjP8YfvAm+4Up9OLfXL6/Dnuk3+F5N
DGtd3JNs1yZlolUt9LgOBcpkmja/VAihSiSDneTzPzOcu0PQTRL/9eyUsHy0lWVw
ua+JAXXO+KmTJxHZF/kUcHriaM7TQnY/aNeJVmY1yo1m7fogGtUwRUVcQSD1zJde
OmgZ0B65Mw==
-----END CERTIFICATE-----
Generated at Mon Jan 8 07:25:59 2024 by rpki-client on console-fra.rpki-client.org