Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/XB-3FMRErBzgaUuDzDfsa9LTFKo.roa
File: XB-3FMRErBzgaUuDzDfsa9LTFKo.roa (raw, json)
Hash identifier: X8SIkIWpjLawGvfRBGafewSDkGsY7LsSxwPIeDNNstY=
Subject key identifier: 5C:1F:B7:14:C4:44:AC:1C:E0:69:4B:83:CC:37:EC:6B:D2:D3:14:AA
Certificate issuer: /CN=7736a5c85a08d80749041cb9cfa517fb7d589ba8
Certificate serial: 018CC80112332CB67DFB8542247E6A1B425A
Authority key identifier: 77:36:A5:C8:5A:08:D8:07:49:04:1C:B9:CF:A5:17:FB:7D:58:9B:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dzalyFoI2AdJBBy5z6UX-31Ym6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/XB-3FMRErBzgaUuDzDfsa9LTFKo.roa
Signing time: Tue 02 Jan 2024 02:29:22 +0000
ROA not before: Tue 02 Jan 2024 02:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62371
IP address blocks: 185.70.40.0/24 maxlen: 24
185.70.40.0/22 maxlen: 22
185.70.41.0/24 maxlen: 24
185.70.42.0/24 maxlen: 24
185.70.43.0/24 maxlen: 24
2a05:2701::/32 maxlen: 32
2a05:2701:f00::/40 maxlen: 40
2a05:2700::/29 maxlen: 29
2a05:2701:f40::/44 maxlen: 44
2a05:2701:f30::/44 maxlen: 44
2a05:2701:f10::/44 maxlen: 44
2a05:2701:f00::/44 maxlen: 44
2a05:2700::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Apr 2024 10:13:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:12:33:2c:b6:7d:fb:85:42:24:7e:6a:1b:42:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7736a5c85a08d80749041cb9cfa517fb7d589ba8
Validity
Not Before: Jan 2 02:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c1fb714c444ac1ce0694b83cc37ec6bd2d314aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ef:4d:3b:7e:65:44:6a:6d:d6:81:ab:08:17:
d5:08:bc:e2:b6:bb:cf:87:f4:20:f0:88:57:22:94:
4d:e4:7d:67:ce:e1:e8:32:9f:29:3d:72:88:7a:c9:
01:09:35:99:74:65:9a:8b:0d:6a:6c:42:fe:a7:ce:
4e:bc:ad:ab:55:95:c5:fc:3c:80:cc:d1:10:02:4e:
fc:15:13:57:f9:c6:eb:5a:ca:3f:dd:af:27:44:8a:
3c:67:b3:df:ca:27:28:09:8c:b3:dd:57:f8:61:71:
8c:33:81:c4:92:38:40:e2:22:99:02:12:a3:a4:09:
bb:d7:ec:d2:97:7c:77:95:c9:18:84:ac:3e:9c:c2:
e6:41:f7:d5:cb:29:8c:eb:74:1b:8a:c4:f1:a5:5f:
08:49:90:5d:f4:cb:f8:85:be:48:72:2c:14:70:1a:
42:8b:7a:b7:ce:f2:b7:b4:fc:16:9a:83:68:47:39:
23:c7:a6:00:ac:10:55:2b:57:f1:31:fa:38:93:c4:
8d:25:e4:3d:fb:b9:6c:aa:d5:f9:f1:97:c1:5f:94:
46:d3:28:5f:4e:c1:be:d0:e8:1e:ca:4e:1a:6e:2c:
e9:15:19:f9:e1:8a:d1:d1:6d:76:f1:d3:72:dd:44:
56:5d:d1:08:3f:90:98:5a:0e:fe:2a:fe:c6:ad:cc:
73:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:1F:B7:14:C4:44:AC:1C:E0:69:4B:83:CC:37:EC:6B:D2:D3:14:AA
X509v3 Authority Key Identifier:
keyid:77:36:A5:C8:5A:08:D8:07:49:04:1C:B9:CF:A5:17:FB:7D:58:9B:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzalyFoI2AdJBBy5z6UX-31Ym6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/XB-3FMRErBzgaUuDzDfsa9LTFKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/dzalyFoI2AdJBBy5z6UX-31Ym6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.40.0/22
IPv6:
2a05:2700::/29
Signature Algorithm: sha256WithRSAEncryption
79:97:ba:89:99:d3:1d:37:e0:6e:89:13:e5:81:28:72:0b:9c:
7e:46:86:2b:84:4a:a6:dc:fb:b6:7d:d5:44:b0:d8:dd:e1:65:
af:95:0d:86:80:2b:66:84:c4:23:be:b7:3a:b6:1e:ae:df:5c:
14:8d:65:67:67:66:03:f4:15:62:12:2d:8a:66:25:80:1f:ec:
6e:e9:43:01:d8:af:c0:14:db:32:32:37:95:4b:86:36:26:5e:
0f:c1:02:6b:ac:79:f2:6f:b2:5b:84:95:de:c2:04:92:63:78:
10:eb:f4:21:31:43:ce:28:63:76:7b:12:5f:7d:69:03:af:be:
4b:0c:a8:b2:06:86:c6:a9:85:2b:21:87:42:99:7b:47:97:7c:
10:8e:0c:ec:f1:81:d7:4b:75:5d:02:33:d4:bc:00:46:d8:d0:
4a:c3:84:60:94:d6:72:3e:f4:09:b9:f3:cd:8a:d0:ee:64:eb:
7e:8e:c4:f3:7c:28:8d:17:b8:9a:70:bb:a0:61:a6:51:9f:40:
8a:06:68:6d:9b:9f:50:92:a4:c4:14:d9:cb:ed:72:18:e2:17:
be:62:bb:37:37:43:26:c7:e3:e2:4c:b1:d1:38:be:15:94:f3:
89:8d:e0:1d:42:59:7e:80:86:ca:d4:b9:d8:95:84:a9:3d:80:
c6:02:91:8c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIARIzLLZ9+4VCJH5qG0JaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzZhNWM4NWEwOGQ4MDc0OTA0MWNiOWNmYTUxN2ZiN2Q1
ODliYTgwHhcNMjQwMTAyMDIyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzFmYjcxNGM0NDRhYzFjZTA2OTRiODNjYzM3ZWM2YmQyZDMxNGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+9NO35lRGpt1oGrCBfVCLzitrvP
h/Qg8IhXIpRN5H1nzuHoMp8pPXKIeskBCTWZdGWaiw1qbEL+p85OvK2rVZXF/DyA
zNEQAk78FRNX+cbrWso/3a8nRIo8Z7PfyicoCYyz3Vf4YXGMM4HEkjhA4iKZAhKj
pAm71+zSl3x3lckYhKw+nMLmQffVyymM63QbisTxpV8ISZBd9Mv4hb5IciwUcBpC
i3q3zvK3tPwWmoNoRzkjx6YArBBVK1fxMfo4k8SNJeQ9+7lsqtX58ZfBX5RG0yhf
TsG+0Ogeyk4abizpFRn54YrR0W128dNy3URWXdEIP5CYWg7+Kv7GrcxzFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFwftxTERKwc4GlLg8w37GvS0xSqMB8GA1UdIwQY
MBaAFHc2pchaCNgHSQQcuc+lF/t9WJuoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHphbHlGb0kyQWRKQkJ5NXo2VVgtMzFZbTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82ZGEyODktYWJlYy00OWY1LWE3NTkt
Y2YxZjRjN2M5MjIyLzEvWEItM0ZNUkVyQnpnYVV1RHpEZnNhOUxURktvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82ZGEyODktYWJlYy00OWY1LWE3NTktY2YxZjRjN2M5MjIy
LzEvZHphbHlGb0kyQWRKQkJ5NXo2VVgtMzFZbTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUYoMA0E
AgACMAcDBQMqBScAMA0GCSqGSIb3DQEBCwUAA4IBAQB5l7qJmdMdN+BuiRPlgShy
C5x+RoYrhEqm3Pu2fdVEsNjd4WWvlQ2GgCtmhMQjvrc6th6u31wUjWVnZ2YD9BVi
Ei2KZiWAH+xu6UMB2K/AFNsyMjeVS4Y2Jl4PwQJrrHnyb7JbhJXewgSSY3gQ6/Qh
MUPOKGN2exJffWkDr75LDKiyBobGqYUrIYdCmXtHl3wQjgzs8YHXS3VdAjPUvABG
2NBKw4RglNZyPvQJufPNitDuZOt+jsTzfCiNF7iacLugYaZRn0CKBmhtm59QkqTE
FNnL7XIY4he+Yrs3N0Mmx+PiTLHROL4VlPOJjeAdQll+gIbK1LnYlYSpPYDGApGM
-----END CERTIFICATE-----
Generated at Tue Apr 2 14:44:01 2024 by rpki-client on console-ams.rpki-client.org