Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/d19f2d-9659-48b1-b1e8-de13a552df63/1/9BnmLmefp8GAiFUaEGqlrMUyk_4.roa
File: 9BnmLmefp8GAiFUaEGqlrMUyk_4.roa (raw, json)
Hash identifier: WUggLRA7fIu8fiiMDjWTxIrm6eSgVtmnpsLlolfU5Ks=
Subject key identifier: F4:19:E6:2E:67:9F:A7:C1:80:88:55:1A:10:6A:A5:AC:C5:32:93:FE
Certificate issuer: /CN=5140b5cb5986084126f68d6032316d3b1b57696e
Certificate serial: 018616DDA3CE65A2A6E046B8C7E33E6EFBAD
Authority key identifier: 51:40:B5:CB:59:86:08:41:26:F6:8D:60:32:31:6D:3B:1B:57:69:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UUC1y1mGCEEm9o1gMjFtOxtXaW4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/d19f2d-9659-48b1-b1e8-de13a552df63/1/9BnmLmefp8GAiFUaEGqlrMUyk_4.roa
Signing time: Fri 03 Feb 2023 10:41:09 +0000
ROA not before: Fri 03 Feb 2023 10:41:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199462
IP address blocks: 185.101.77.0/24 maxlen: 24
185.101.76.0/24 maxlen: 24
185.101.78.0/24 maxlen: 24
185.101.79.0/24 maxlen: 24
2a06:1b87:400::/48 maxlen: 48
2a06:1b87:500::/48 maxlen: 48
2a06:1b87:300::/48 maxlen: 48
2a06:1b87:600::/48 maxlen: 48
2a06:1b87::/32 maxlen: 32
2001:67c:11bc::/48 maxlen: 48
2a06:1b80::/29 maxlen: 29
2a06:1b80::/32 maxlen: 32
2a06:1b86::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 06 Feb 2023 21:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:16:dd:a3:ce:65:a2:a6:e0:46:b8:c7:e3:3e:6e:fb:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5140b5cb5986084126f68d6032316d3b1b57696e
Validity
Not Before: Feb 3 10:41:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f419e62e679fa7c18088551a106aa5acc53293fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7b:6c:6a:9c:cd:7f:8a:d6:24:f7:c3:b7:b8:
ed:96:06:fe:88:85:0a:c2:75:83:a3:3d:66:c8:f6:
70:d1:ff:d9:cb:d1:4f:7c:7f:69:d7:44:39:31:10:
5f:0b:16:f3:82:3f:8b:92:48:f0:cd:76:62:4e:37:
d1:3f:a2:f8:07:7d:2c:c7:69:7d:aa:73:d3:6f:98:
46:18:cc:c0:52:c2:eb:c6:a4:fe:6c:79:16:73:22:
42:9f:28:83:16:64:e2:ed:0d:af:e1:2c:37:7e:47:
0f:12:e7:6d:7c:95:65:a3:b1:58:77:9d:6d:9e:b6:
b0:f4:5e:85:47:be:48:c6:30:c7:84:a1:c1:0f:ab:
01:b0:5d:af:91:2a:0d:4b:dc:08:95:78:aa:6e:c8:
a9:87:44:15:0d:fa:ee:9b:49:19:18:e0:35:03:ad:
19:ca:b4:3a:35:03:17:31:35:48:13:5b:fb:e1:de:
c3:8f:44:f9:69:b4:92:c6:cc:34:7f:e8:60:df:bf:
46:e9:e0:ac:1e:85:53:fd:19:7b:56:f8:b9:71:33:
7e:2e:29:17:dd:1c:7e:6d:ed:d0:46:b1:9e:8f:ee:
cb:70:29:75:76:e3:0e:e4:1f:b0:48:a6:a1:95:6b:
05:96:e5:3f:7e:6d:79:9b:9e:e0:30:56:44:4e:6a:
af:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:19:E6:2E:67:9F:A7:C1:80:88:55:1A:10:6A:A5:AC:C5:32:93:FE
X509v3 Authority Key Identifier:
keyid:51:40:B5:CB:59:86:08:41:26:F6:8D:60:32:31:6D:3B:1B:57:69:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UUC1y1mGCEEm9o1gMjFtOxtXaW4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d19f2d-9659-48b1-b1e8-de13a552df63/1/9BnmLmefp8GAiFUaEGqlrMUyk_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d19f2d-9659-48b1-b1e8-de13a552df63/1/UUC1y1mGCEEm9o1gMjFtOxtXaW4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.76.0/22
IPv6:
2001:67c:11bc::/48
2a06:1b80::/29
Signature Algorithm: sha256WithRSAEncryption
4a:4c:0b:13:40:11:5c:59:5b:14:86:c0:fc:a1:af:1d:d6:ed:
62:b3:c2:ae:c2:47:95:29:0e:f3:10:9a:9e:29:10:11:8b:dc:
e5:dd:b3:57:48:45:9d:fa:3a:aa:8e:34:4a:dd:8a:c6:7b:1e:
5a:65:44:41:a3:8a:5c:e0:fc:0b:a9:ec:f0:89:06:32:e6:49:
1e:cf:60:65:b4:ee:54:c1:17:4c:fb:e8:61:ea:3c:99:72:a6:
9f:53:cd:f7:45:79:e0:4f:a7:c8:7b:72:b6:79:25:49:2f:15:
ed:ce:45:8d:d8:58:83:19:54:0b:63:b6:d3:cf:f9:f5:b5:90:
d3:47:4a:30:8b:80:5a:f0:30:30:9a:ef:cc:82:2e:dd:3b:31:
31:57:01:03:24:cf:af:d1:b2:49:81:ee:d7:74:de:28:e6:e6:
13:4e:b1:0e:19:b7:4d:b0:9f:a5:27:af:bb:12:4b:58:87:12:
39:3d:52:40:35:76:0d:6d:21:5b:56:43:ce:16:b2:51:6f:6d:
5c:d6:f5:03:82:29:c1:30:92:cd:f4:9d:48:9d:e7:f5:36:48:
44:51:57:20:73:a0:8d:9e:4c:b4:cf:2a:e2:bf:85:0f:57:c9:
c8:60:e7:99:fb:8d:f5:ef:a8:78:09:80:73:7f:f4:72:cc:10:
47:7b:ff:15
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYYW3aPOZaKm4Ea4x+M+bvutMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxNDBiNWNiNTk4NjA4NDEyNmY2OGQ2MDMyMzE2ZDNiMWI1
NzY5NmUwHhcNMjMwMjAzMTA0MTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDE5ZTYyZTY3OWZhN2MxODA4ODU1MWExMDZhYTVhY2M1MzI5M2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3tsapzNf4rWJPfDt7jtlgb+iIUK
wnWDoz1myPZw0f/Zy9FPfH9p10Q5MRBfCxbzgj+LkkjwzXZiTjfRP6L4B30sx2l9
qnPTb5hGGMzAUsLrxqT+bHkWcyJCnyiDFmTi7Q2v4Sw3fkcPEudtfJVlo7FYd51t
nraw9F6FR75IxjDHhKHBD6sBsF2vkSoNS9wIlXiqbsiph0QVDfrum0kZGOA1A60Z
yrQ6NQMXMTVIE1v74d7Dj0T5abSSxsw0f+hg379G6eCsHoVT/Rl7Vvi5cTN+LikX
3Rx+be3QRrGej+7LcCl1duMO5B+wSKahlWsFluU/fm15m57gMFZETmqvVQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPQZ5i5nn6fBgIhVGhBqpazFMpP+MB8GA1UdIwQY
MBaAFFFAtctZhghBJvaNYDIxbTsbV2luMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVVDMXkxbUdDRUVtOW8xZ01qRnRPeHRYYVc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9kMTlmMmQtOTY1OS00OGIxLWIxZTgt
ZGUxM2E1NTJkZjYzLzEvOUJubUxtZWZwOEdBaUZVYUVHcWxyTVV5a180LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9kMTlmMmQtOTY1OS00OGIxLWIxZTgtZGUxM2E1NTJkZjYz
LzEvVVVDMXkxbUdDRUVtOW8xZ01qRnRPeHRYYVc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuWVMMBYE
AgACMBADBwAgAQZ8EbwDBQMqBhuAMA0GCSqGSIb3DQEBCwUAA4IBAQBKTAsTQBFc
WVsUhsD8oa8d1u1is8KuwkeVKQ7zEJqeKRARi9zl3bNXSEWd+jqqjjRK3YrGex5a
ZURBo4pc4PwLqezwiQYy5kkez2BltO5UwRdM++hh6jyZcqafU833RXngT6fIe3K2
eSVJLxXtzkWN2FiDGVQLY7bTz/n1tZDTR0owi4Ba8DAwmu/Mgi7dOzExVwEDJM+v
0bJJge7XdN4o5uYTTrEOGbdNsJ+lJ6+7EktYhxI5PVJANXYNbSFbVkPOFrJRb21c
1vUDginBMJLN9J1Inef1NkhEUVcgc6CNnky0zyriv4UPV8nIYOeZ+43176h4CYBz
f/RyzBBHe/8V
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:07 2024 by rpki-client on console-ams.rpki-client.org