Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/GrqsjikUIHjJgl0kDB4x3wKlq_I.roa
File: GrqsjikUIHjJgl0kDB4x3wKlq_I.roa (raw, json)
Hash identifier: rU5KJGDIZa04C2eVXaOmNBgdoMO8B4rwA7i17VNxqgw=
Subject key identifier: 1A:BA:AC:8E:29:14:20:78:C9:82:5D:24:0C:1E:31:DF:02:A5:AB:F2
Certificate issuer: /CN=7736a5c85a08d80749041cb9cfa517fb7d589ba8
Certificate serial: 018E9E4CEC51FD2A257733914AF3A8990D0F
Authority key identifier: 77:36:A5:C8:5A:08:D8:07:49:04:1C:B9:CF:A5:17:FB:7D:58:9B:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dzalyFoI2AdJBBy5z6UX-31Ym6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/GrqsjikUIHjJgl0kDB4x3wKlq_I.roa
Signing time: Tue 02 Apr 2024 10:13:45 +0000
ROA not before: Tue 02 Apr 2024 10:13:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62371
IP address blocks: 79.135.106.0/24 maxlen: 24
79.135.107.0/24 maxlen: 24
185.70.40.0/22 maxlen: 22
185.70.40.0/24 maxlen: 24
185.70.41.0/24 maxlen: 24
185.70.42.0/24 maxlen: 24
185.70.43.0/24 maxlen: 24
2a05:2700::/29 maxlen: 29
2a05:2700::/32 maxlen: 32
2a05:2701::/32 maxlen: 32
2a05:2701:f00::/40 maxlen: 40
2a05:2701:f00::/44 maxlen: 44
2a05:2701:f10::/44 maxlen: 44
2a05:2701:f30::/44 maxlen: 44
2a05:2701:f40::/44 maxlen: 44
Validation: Failed, certificate revoked on Fri 26 Jul 2024 12:38:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:4c:ec:51:fd:2a:25:77:33:91:4a:f3:a8:99:0d:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7736a5c85a08d80749041cb9cfa517fb7d589ba8
Validity
Not Before: Apr 2 10:13:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1abaac8e29142078c9825d240c1e31df02a5abf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:17:35:a4:34:80:0f:54:11:9e:59:03:ca:d0:
b1:8a:d0:99:4a:23:a0:af:3d:02:f9:85:8f:1e:09:
ff:4b:18:8b:bd:be:e3:b1:69:f1:54:68:69:21:6b:
90:57:eb:87:9b:59:a3:28:22:e9:b2:77:de:65:67:
78:15:b5:b0:7d:67:a4:33:82:07:30:87:49:15:6f:
29:83:aa:c9:79:1a:68:12:8b:95:2f:73:12:19:06:
5f:ce:40:5d:5b:77:ad:c5:a3:65:97:f1:19:b9:16:
a3:69:d1:67:71:42:80:4f:6f:25:03:99:80:39:ec:
31:37:08:ad:36:0c:7e:cd:40:6e:e2:50:25:4d:62:
de:9c:f6:cb:6e:3c:54:6f:8e:d9:9a:86:fd:0a:0f:
23:7e:a4:c3:de:69:84:16:c8:6e:dc:86:4e:56:f0:
65:7d:6f:67:fd:a8:10:6a:06:e6:69:c8:78:d5:a2:
36:09:3d:fd:b0:52:3b:1f:93:36:9a:91:9d:f7:7e:
43:b5:d8:01:85:0d:05:24:c3:1a:4f:3c:cf:9e:62:
68:73:1d:91:35:1b:8a:aa:82:f0:ae:6c:2f:34:a2:
c9:ba:39:48:3b:c8:91:75:fb:54:a9:3b:ac:f4:53:
5c:ee:c9:84:ba:ed:49:e1:67:c2:a4:cf:14:0d:9a:
e9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:BA:AC:8E:29:14:20:78:C9:82:5D:24:0C:1E:31:DF:02:A5:AB:F2
X509v3 Authority Key Identifier:
keyid:77:36:A5:C8:5A:08:D8:07:49:04:1C:B9:CF:A5:17:FB:7D:58:9B:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzalyFoI2AdJBBy5z6UX-31Ym6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/GrqsjikUIHjJgl0kDB4x3wKlq_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/dzalyFoI2AdJBBy5z6UX-31Ym6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.135.106.0/23
185.70.40.0/22
IPv6:
2a05:2700::/29
Signature Algorithm: sha256WithRSAEncryption
7f:8c:ba:5e:17:e2:a9:b4:56:ad:b1:b4:49:54:26:45:90:75:
c5:3d:ad:af:25:94:cc:27:36:0f:59:55:46:14:97:ca:d2:0a:
7c:15:be:97:20:12:25:e8:31:37:f0:ea:6f:4b:e9:6f:d2:a3:
fe:54:47:0b:94:b6:5a:fa:d4:3a:20:c6:57:8a:f1:38:27:0e:
8d:90:60:47:6b:25:5a:20:11:9a:88:a6:2f:f0:a1:72:36:58:
b9:d5:22:9c:4a:44:42:a9:1a:d4:a6:61:6f:ca:82:4e:b7:ce:
dc:ed:e0:06:c3:cb:2b:c8:53:24:fb:c4:88:47:cd:58:16:45:
9a:55:10:d0:4a:b1:21:fd:88:07:80:56:74:6b:db:c2:22:7f:
15:9d:33:49:2b:a5:4f:b8:cc:56:f6:8e:78:b2:13:55:fb:58:
21:2d:17:6c:c6:7b:44:ff:a1:d9:d6:2b:80:18:cb:e4:ab:af:
fe:b4:f1:18:af:51:40:36:63:b8:65:8c:4b:37:4a:6c:f8:11:
47:32:99:98:61:21:b5:ec:93:03:e9:7a:f2:44:44:72:2c:c0:
ae:36:6a:b9:34:05:b7:ad:89:b9:7b:9d:13:ec:9e:84:27:5a:
07:c5:2f:c0:17:4c:34:70:cb:7a:45:76:ec:11:aa:5f:e9:dc:
3f:40:e7:ea
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY6eTOxR/SoldzORSvOomQ0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzZhNWM4NWEwOGQ4MDc0OTA0MWNiOWNmYTUxN2ZiN2Q1
ODliYTgwHhcNMjQwNDAyMTAxMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWJhYWM4ZTI5MTQyMDc4Yzk4MjVkMjQwYzFlMzFkZjAyYTVhYmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxc1pDSAD1QRnlkDytCxitCZSiOg
rz0C+YWPHgn/SxiLvb7jsWnxVGhpIWuQV+uHm1mjKCLpsnfeZWd4FbWwfWekM4IH
MIdJFW8pg6rJeRpoEouVL3MSGQZfzkBdW3etxaNll/EZuRajadFncUKAT28lA5mA
OewxNwitNgx+zUBu4lAlTWLenPbLbjxUb47Zmob9Cg8jfqTD3mmEFshu3IZOVvBl
fW9n/agQagbmach41aI2CT39sFI7H5M2mpGd935DtdgBhQ0FJMMaTzzPnmJocx2R
NRuKqoLwrmwvNKLJujlIO8iRdftUqTus9FNc7smEuu1J4WfCpM8UDZrpvQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBq6rI4pFCB4yYJdJAweMd8CpavyMB8GA1UdIwQY
MBaAFHc2pchaCNgHSQQcuc+lF/t9WJuoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHphbHlGb0kyQWRKQkJ5NXo2VVgtMzFZbTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82ZGEyODktYWJlYy00OWY1LWE3NTkt
Y2YxZjRjN2M5MjIyLzEvR3Jxc2ppa1VJSGpKZ2wwa0RCNHgzd0tscV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82ZGEyODktYWJlYy00OWY1LWE3NTktY2YxZjRjN2M5MjIy
LzEvZHphbHlGb0kyQWRKQkJ5NXo2VVgtMzFZbTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBT4dqAwQC
uUYoMA0EAgACMAcDBQMqBScAMA0GCSqGSIb3DQEBCwUAA4IBAQB/jLpeF+KptFat
sbRJVCZFkHXFPa2vJZTMJzYPWVVGFJfK0gp8Fb6XIBIl6DE38OpvS+lv0qP+VEcL
lLZa+tQ6IMZXivE4Jw6NkGBHayVaIBGaiKYv8KFyNli51SKcSkRCqRrUpmFvyoJO
t87c7eAGw8sryFMk+8SIR81YFkWaVRDQSrEh/YgHgFZ0a9vCIn8VnTNJK6VPuMxW
9o54shNV+1ghLRdsxntE/6HZ1iuAGMvkq6/+tPEYr1FANmO4ZYxLN0ps+BFHMpmY
YSG17JMD6XryRERyLMCuNmq5NAW3rYm5e50T7J6EJ1oHxS/AF0w0cMt6RXbsEapf
6dw/QOfq
-----END CERTIFICATE-----
Generated at Fri Jul 26 14:45:33 2024 by rpki-client on console-ams.rpki-client.org