Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/dbec1f-07c5-49f2-ba66-2b1fafccdd0b/1/y3NJmgFLF32MEnyAs0G5WTsERqM.roa
File: y3NJmgFLF32MEnyAs0G5WTsERqM.roa (raw, json)
Hash identifier: 9EldVQ6OvftEmU7GYmuuF++d3MsO8zT+vOaYi2V4Lm4=
Subject key identifier: CB:73:49:9A:01:4B:17:7D:8C:12:7C:80:B3:41:B9:59:3B:04:46:A3
Certificate issuer: /CN=dfa7e00738d3f7b8de48de38627567768e2f89b6
Certificate serial: 018CE5895060C605BF40A9138567A4FFD3FB
Authority key identifier: DF:A7:E0:07:38:D3:F7:B8:DE:48:DE:38:62:75:67:76:8E:2F:89:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/36fgBzjT97jeSN44YnVndo4vibY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/dbec1f-07c5-49f2-ba66-2b1fafccdd0b/1/y3NJmgFLF32MEnyAs0G5WTsERqM.roa
Signing time: Sun 07 Jan 2024 20:07:10 +0000
ROA not before: Sun 07 Jan 2024 20:07:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199987
IP address blocks: 185.40.35.0/24 maxlen: 24
185.40.34.0/24 maxlen: 24
2a01:4ba0::/29 maxlen: 29
2a01:4ba0:2::/48 maxlen: 48
2a01:4ba0::/48 maxlen: 48
2a01:4ba0:3::/48 maxlen: 48
2a01:4ba0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 24 Mar 2024 12:43:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e5:89:50:60:c6:05:bf:40:a9:13:85:67:a4:ff:d3:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfa7e00738d3f7b8de48de38627567768e2f89b6
Validity
Not Before: Jan 7 20:07:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb73499a014b177d8c127c80b341b9593b0446a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:47:c4:1b:06:b2:4c:b9:d8:94:17:8f:94:96:
8b:ce:bf:14:e9:c6:23:c8:d4:17:db:bf:9f:0e:5d:
d9:43:33:12:fe:55:5b:18:fa:8f:86:b4:eb:fd:75:
35:a4:3e:d3:fe:44:59:1d:87:0f:75:36:48:ee:ba:
1f:9f:0c:09:7e:60:ff:f1:ed:49:8b:a7:01:af:78:
0d:c0:76:7f:b4:e7:3a:f0:13:f5:ac:75:fb:c0:a0:
94:a2:15:85:41:94:6c:97:75:97:bb:7a:ce:53:20:
78:6f:2e:08:d1:43:c3:44:4c:fe:c7:d0:91:62:39:
51:e2:82:4f:2e:21:01:a1:1f:24:24:0c:dc:6b:33:
e9:85:b1:64:d2:b0:3b:5f:e6:da:b3:79:a6:f1:be:
8c:c4:0e:19:ba:c1:2e:0e:5a:ae:70:43:b4:df:b9:
61:7b:7c:a4:32:6c:cb:69:aa:58:43:1b:17:45:ef:
f7:bb:1f:c2:29:fe:49:38:56:dd:c8:ca:17:00:20:
e7:4d:fe:97:51:b2:c1:57:90:50:31:40:b9:9d:06:
20:1a:b8:e9:0a:ef:61:9d:aa:46:17:2a:b0:e9:99:
c9:2c:d4:85:19:51:b2:0f:2b:e4:cf:12:df:50:7f:
ea:32:73:23:f3:69:a0:89:17:47:67:c1:1b:38:ab:
a3:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:73:49:9A:01:4B:17:7D:8C:12:7C:80:B3:41:B9:59:3B:04:46:A3
X509v3 Authority Key Identifier:
keyid:DF:A7:E0:07:38:D3:F7:B8:DE:48:DE:38:62:75:67:76:8E:2F:89:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/36fgBzjT97jeSN44YnVndo4vibY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/dbec1f-07c5-49f2-ba66-2b1fafccdd0b/1/y3NJmgFLF32MEnyAs0G5WTsERqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/dbec1f-07c5-49f2-ba66-2b1fafccdd0b/1/36fgBzjT97jeSN44YnVndo4vibY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.34.0/23
IPv6:
2a01:4ba0::/29
Signature Algorithm: sha256WithRSAEncryption
95:31:85:82:f2:9f:53:fe:40:ff:4f:96:45:9a:56:3b:d7:c4:
3e:c3:43:83:ed:8b:6e:14:68:e4:0d:36:7e:22:7e:1e:4f:2a:
59:b3:3e:57:54:96:73:6e:f5:e9:16:bb:a8:8e:4b:33:bf:69:
38:76:94:af:15:f6:0e:d3:5f:3f:bf:c7:85:96:76:c2:5f:14:
9b:95:92:30:70:db:62:8c:8f:c4:19:27:98:cd:7b:ef:ac:91:
93:63:de:67:83:db:7d:9c:16:73:58:bc:48:42:47:51:b7:98:
cb:42:2f:c9:62:24:14:15:be:dd:90:49:cb:5d:b8:b6:8c:42:
9e:04:bd:3b:7f:85:9e:07:5b:97:31:01:54:8b:93:3a:d5:54:
87:5b:95:48:78:f8:92:c6:48:de:14:5f:8b:a8:b0:eb:e9:b6:
70:f4:6c:9b:b1:47:24:6b:61:20:97:7d:7c:bb:71:51:81:7c:
1b:fe:79:85:f0:4f:8f:40:36:d1:bc:7c:b2:4a:09:b5:7e:03:
6a:18:e8:ca:a8:16:00:1e:34:7f:96:f3:f4:e7:5b:1b:13:12:
e1:2e:57:5b:ff:9c:71:92:7f:07:19:63:97:40:1a:3b:f8:36:
52:63:bb:d1:58:b6:ba:e0:a5:04:e9:44:f7:06:4b:a6:6d:f9:
07:b1:ee:ec
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzliVBgxgW/QKkThWek/9P7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYTdlMDA3MzhkM2Y3YjhkZTQ4ZGUzODYyNzU2Nzc2OGUy
Zjg5YjYwHhcNMjQwMTA3MjAwNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjczNDk5YTAxNGIxNzdkOGMxMjdjODBiMzQxYjk1OTNiMDQ0NmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEfEGwayTLnYlBePlJaLzr8U6cYj
yNQX27+fDl3ZQzMS/lVbGPqPhrTr/XU1pD7T/kRZHYcPdTZI7rofnwwJfmD/8e1J
i6cBr3gNwHZ/tOc68BP1rHX7wKCUohWFQZRsl3WXu3rOUyB4by4I0UPDREz+x9CR
YjlR4oJPLiEBoR8kJAzcazPphbFk0rA7X+bas3mm8b6MxA4ZusEuDlqucEO037lh
e3ykMmzLaapYQxsXRe/3ux/CKf5JOFbdyMoXACDnTf6XUbLBV5BQMUC5nQYgGrjp
Cu9hnapGFyqw6ZnJLNSFGVGyDyvkzxLfUH/qMnMj82mgiRdHZ8EbOKujkwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMtzSZoBSxd9jBJ8gLNBuVk7BEajMB8GA1UdIwQY
MBaAFN+n4Ac40/e43kjeOGJ1Z3aOL4m2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzZmZ0J6alQ5N2plU040NFluVm5kbzR2aWJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9kYmVjMWYtMDdjNS00OWYyLWJhNjYt
MmIxZmFmY2NkZDBiLzEveTNOSm1nRkxGMzJNRW55QXMwRzVXVHNFUnFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9kYmVjMWYtMDdjNS00OWYyLWJhNjYtMmIxZmFmY2NkZDBi
LzEvMzZmZ0J6alQ5N2plU040NFluVm5kbzR2aWJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuSgiMA0E
AgACMAcDBQMqAUugMA0GCSqGSIb3DQEBCwUAA4IBAQCVMYWC8p9T/kD/T5ZFmlY7
18Q+w0OD7YtuFGjkDTZ+In4eTypZsz5XVJZzbvXpFruojkszv2k4dpSvFfYO018/
v8eFlnbCXxSblZIwcNtijI/EGSeYzXvvrJGTY95ng9t9nBZzWLxIQkdRt5jLQi/J
YiQUFb7dkEnLXbi2jEKeBL07f4WeB1uXMQFUi5M61VSHW5VIePiSxkjeFF+LqLDr
6bZw9GybsUcka2Egl318u3FRgXwb/nmF8E+PQDbRvHyySgm1fgNqGOjKqBYAHjR/
lvP051sbExLhLldb/5xxkn8HGWOXQBo7+DZSY7vRWLa64KUE6UT3BkumbfkHse7s
-----END CERTIFICATE-----
Generated at Sun Mar 24 13:37:23 2024 by rpki-client on console-fra.rpki-client.org