Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/884356-7e2a-4c2a-8ff4-3568e1d29d4a/1/__j7ZrLuWHwgvH2GSZvNMX8dmRo.roa
File: __j7ZrLuWHwgvH2GSZvNMX8dmRo.roa (raw, json)
Hash identifier: ObY5detZlTgjX5KPK+OPVLIIstXK23aKd01/98DWCbM=
Subject key identifier: FF:F8:FB:66:B2:EE:58:7C:20:BC:7D:86:49:9B:CD:31:7F:1D:99:1A
Certificate issuer: /CN=767c1766fbbdcff68bbc34a3c6be69a0c8a03ab9
Certificate serial: 01856D5CE1FEFC62AB09A98EC9C76D2CFE10
Authority key identifier: 76:7C:17:66:FB:BD:CF:F6:8B:BC:34:A3:C6:BE:69:A0:C8:A0:3A:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dnwXZvu9z_aLvDSjxr5poMigOrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/884356-7e2a-4c2a-8ff4-3568e1d29d4a/1/__j7ZrLuWHwgvH2GSZvNMX8dmRo.roa
Signing time: Sun 01 Jan 2023 12:44:41 +0000
ROA not before: Sun 01 Jan 2023 12:44:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49110
IP address blocks: 185.143.43.0/24 maxlen: 24
185.143.41.0/24 maxlen: 24
185.143.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5c:e1:fe:fc:62:ab:09:a9:8e:c9:c7:6d:2c:fe:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=767c1766fbbdcff68bbc34a3c6be69a0c8a03ab9
Validity
Not Before: Jan 1 12:44:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fff8fb66b2ee587c20bc7d86499bcd317f1d991a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a8:83:58:0b:e2:c0:54:03:88:d7:81:23:1f:
18:bd:32:c4:ea:40:84:28:e3:28:27:57:59:df:1b:
43:5f:c9:b7:b0:a9:96:4c:f4:85:06:10:49:21:76:
65:06:d6:d5:17:1e:14:48:22:ef:c0:b5:34:35:c6:
95:18:62:6e:b3:9c:6b:3d:9d:e0:05:b4:bb:8e:07:
e0:e6:97:59:89:93:56:c3:40:37:7d:e8:8e:60:24:
e9:9b:87:9e:d5:72:1c:f5:c4:26:ac:29:ab:71:9c:
30:bb:8c:6b:7e:bf:fe:3b:be:70:9d:42:3c:d0:83:
43:89:be:c5:94:67:86:ee:56:3a:5a:40:89:26:6a:
61:21:aa:ff:fe:54:76:6c:05:9d:6c:3b:e9:3d:07:
e3:bc:a6:92:c1:d3:0a:e2:74:0a:32:08:4f:bd:f9:
b5:d5:4f:e8:fe:c6:52:c2:43:9b:ff:66:19:3b:d4:
63:02:10:72:1c:58:5f:3a:2f:3e:27:ea:6a:35:f9:
c9:5e:ef:be:f5:f5:83:55:d7:1e:20:df:eb:97:7f:
5d:a4:c3:b2:b7:60:60:cc:db:49:8a:e4:ff:eb:9d:
b9:43:3d:36:f2:4c:45:a2:3f:57:20:97:0c:e0:4a:
14:b9:84:d4:37:a6:2c:40:a9:c8:4c:2a:81:98:7c:
21:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:F8:FB:66:B2:EE:58:7C:20:BC:7D:86:49:9B:CD:31:7F:1D:99:1A
X509v3 Authority Key Identifier:
keyid:76:7C:17:66:FB:BD:CF:F6:8B:BC:34:A3:C6:BE:69:A0:C8:A0:3A:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dnwXZvu9z_aLvDSjxr5poMigOrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/884356-7e2a-4c2a-8ff4-3568e1d29d4a/1/__j7ZrLuWHwgvH2GSZvNMX8dmRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/884356-7e2a-4c2a-8ff4-3568e1d29d4a/1/dnwXZvu9z_aLvDSjxr5poMigOrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.40.0/23
185.143.43.0/24
Signature Algorithm: sha256WithRSAEncryption
86:3c:d1:f1:99:21:ec:c3:8d:f5:7d:e0:50:81:2b:af:a4:9e:
b4:f0:b8:f2:b8:59:e4:e4:b4:22:af:b4:27:d7:54:f8:c8:03:
93:ee:05:b6:ff:32:c5:a4:48:ab:a0:c9:fe:ab:e7:02:0c:47:
ad:d8:17:f5:da:40:4e:3e:71:59:53:59:c9:2f:c2:4e:bd:64:
b4:a8:32:8f:6e:01:a9:37:b2:db:5b:de:9f:e2:3b:98:95:36:
c3:75:b8:ae:c0:08:02:85:2c:5a:2d:58:aa:6a:cb:c7:9b:fe:
98:07:7a:fa:75:e9:76:28:e7:b4:a2:48:c6:9e:06:b4:61:2f:
8c:c4:f8:05:d8:57:ab:0c:8f:58:3b:67:89:ca:7d:f7:98:8d:
7a:57:6d:0b:2b:4e:01:87:7f:89:e8:bd:0f:e2:cc:85:a7:60:
a8:4f:39:4f:3d:ca:ec:96:73:3b:f3:6f:43:2b:53:1f:85:e4:
70:63:1d:80:00:99:5b:27:29:ca:96:30:61:07:d2:95:2a:02:
32:2a:7d:a7:fa:c8:42:47:f7:c3:3b:97:6d:33:34:1a:2a:32:
74:7c:6f:8c:d0:99:7a:29:1b:8f:78:62:2c:ca:6f:95:2b:0a:
2b:1b:7d:65:47:ab:92:1c:a4:26:b8:c3:e7:fa:b7:0e:7d:13:
61:0d:50:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtXOH+/GKrCamOycdtLP4QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2MxNzY2ZmJiZGNmZjY4YmJjMzRhM2M2YmU2OWEwYzhh
MDNhYjkwHhcNMjMwMTAxMTI0NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmY4ZmI2NmIyZWU1ODdjMjBiYzdkODY0OTliY2QzMTdmMWQ5OTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqiDWAviwFQDiNeBIx8YvTLE6kCE
KOMoJ1dZ3xtDX8m3sKmWTPSFBhBJIXZlBtbVFx4USCLvwLU0NcaVGGJus5xrPZ3g
BbS7jgfg5pdZiZNWw0A3feiOYCTpm4ee1XIc9cQmrCmrcZwwu4xrfr/+O75wnUI8
0INDib7FlGeG7lY6WkCJJmphIar//lR2bAWdbDvpPQfjvKaSwdMK4nQKMghPvfm1
1U/o/sZSwkOb/2YZO9RjAhByHFhfOi8+J+pqNfnJXu++9fWDVdceIN/rl39dpMOy
t2BgzNtJiuT/6525Qz028kxFoj9XIJcM4EoUuYTUN6YsQKnITCqBmHwhqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP/4+2ay7lh8ILx9hkmbzTF/HZkaMB8GA1UdIwQY
MBaAFHZ8F2b7vc/2i7w0o8a+aaDIoDq5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG53WFp2dTl6X2FMdkRTanhyNXBvTWlnT3JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84ODQzNTYtN2UyYS00YzJhLThmZjQt
MzU2OGUxZDI5ZDRhLzEvX19qN1pyTHVXSHdndkgyR1Nadk5NWDhkbVJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84ODQzNTYtN2UyYS00YzJhLThmZjQtMzU2OGUxZDI5ZDRh
LzEvZG53WFp2dTl6X2FMdkRTanhyNXBvTWlnT3JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuY8oAwQA
uY8rMA0GCSqGSIb3DQEBCwUAA4IBAQCGPNHxmSHsw431feBQgSuvpJ608LjyuFnk
5LQir7Qn11T4yAOT7gW2/zLFpEiroMn+q+cCDEet2Bf12kBOPnFZU1nJL8JOvWS0
qDKPbgGpN7LbW96f4juYlTbDdbiuwAgChSxaLViqasvHm/6YB3r6del2KOe0okjG
nga0YS+MxPgF2FerDI9YO2eJyn33mI16V20LK04Bh3+J6L0P4syFp2CoTzlPPcrs
lnM7829DK1MfheRwYx2AAJlbJynKljBhB9KVKgIyKn2n+shCR/fDO5dtMzQaKjJ0
fG+M0Jl6KRuPeGIsym+VKworG31lR6uSHKQmuMPn+rcOfRNhDVAr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:47 2024 by rpki-client on console-fra.rpki-client.org