Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/cx-FdJHP2QAgPS_M0ZmEoBQYjNc.roa
File: cx-FdJHP2QAgPS_M0ZmEoBQYjNc.roa (raw, json)
Hash identifier: IyjhNOPyFI+gDsiadc6RaijCwJGgbAxBm8fOp7utgmc=
Subject key identifier: 73:1F:85:74:91:CF:D9:00:20:3D:2F:CC:D1:99:84:A0:14:18:8C:D7
Certificate issuer: /CN=7736a5c85a08d80749041cb9cfa517fb7d589ba8
Certificate serial: 018BD379076E863F097476CCD5FF59D165C2
Authority key identifier: 77:36:A5:C8:5A:08:D8:07:49:04:1C:B9:CF:A5:17:FB:7D:58:9B:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dzalyFoI2AdJBBy5z6UX-31Ym6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/cx-FdJHP2QAgPS_M0ZmEoBQYjNc.roa
Signing time: Wed 15 Nov 2023 14:53:26 +0000
ROA not before: Wed 15 Nov 2023 14:53:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62371
IP address blocks: 185.70.40.0/24 maxlen: 24
185.70.40.0/22 maxlen: 22
185.70.41.0/24 maxlen: 24
185.70.42.0/24 maxlen: 24
185.70.43.0/24 maxlen: 24
2a05:2701::/32 maxlen: 32
2a05:2701:f00::/40 maxlen: 40
2a05:2700::/29 maxlen: 29
2a05:2701:f40::/44 maxlen: 44
2a05:2701:f30::/44 maxlen: 44
2a05:2701:f10::/44 maxlen: 44
2a05:2701:f00::/44 maxlen: 44
2a05:2700::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d3:79:07:6e:86:3f:09:74:76:cc:d5:ff:59:d1:65:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7736a5c85a08d80749041cb9cfa517fb7d589ba8
Validity
Not Before: Nov 15 14:53:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=731f857491cfd900203d2fccd19984a014188cd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:0f:94:60:12:56:db:ed:07:73:bb:45:83:0c:
b7:d7:b3:40:9f:d0:c4:d3:7d:04:d7:d8:9a:61:82:
f7:c7:a3:66:72:0a:7c:32:e1:ce:62:fa:a1:85:44:
87:e8:23:2b:95:67:93:7a:48:f0:ba:c9:43:69:ba:
40:6d:14:80:36:a1:74:77:1b:36:4d:af:02:c1:0c:
b4:1b:2f:01:5d:d7:69:74:74:df:65:1d:db:eb:7c:
a2:7e:c3:26:a8:ba:23:c8:aa:97:fc:ed:e0:4e:96:
b5:4d:9d:d1:89:ec:b1:da:ce:66:25:1b:b3:7b:59:
ac:01:8a:12:70:a9:30:28:13:dc:5d:bb:09:9a:2c:
e3:ef:3f:ef:4c:09:b7:f1:74:b3:8c:17:37:04:68:
48:4e:d2:bb:43:7d:48:81:6a:9c:f7:ed:1c:70:3d:
d4:21:f9:fb:a3:bd:04:67:fd:06:95:10:43:10:c7:
0e:c4:f6:a7:0b:92:95:be:2f:cd:e1:ed:e7:bc:32:
10:47:13:cd:ea:bd:4f:2a:22:cc:62:aa:b8:89:a3:
f9:c3:77:b4:81:c7:29:59:a1:e7:39:4d:66:7f:82:
1b:25:9c:b8:8a:27:0e:c0:33:64:16:e3:7e:3f:cd:
fa:61:4b:2a:0a:cb:4b:c6:37:a4:a2:cc:64:82:82:
ce:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:1F:85:74:91:CF:D9:00:20:3D:2F:CC:D1:99:84:A0:14:18:8C:D7
X509v3 Authority Key Identifier:
keyid:77:36:A5:C8:5A:08:D8:07:49:04:1C:B9:CF:A5:17:FB:7D:58:9B:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzalyFoI2AdJBBy5z6UX-31Ym6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/cx-FdJHP2QAgPS_M0ZmEoBQYjNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/dzalyFoI2AdJBBy5z6UX-31Ym6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.40.0/22
IPv6:
2a05:2700::/29
Signature Algorithm: sha256WithRSAEncryption
15:5b:16:a3:d8:73:6d:47:60:db:f6:26:c2:42:54:38:83:11:
12:8c:d5:ce:82:d5:e0:4d:8c:b7:4e:15:84:0a:20:4e:da:aa:
80:4c:61:68:fd:08:6a:1c:85:b7:9b:f6:72:a8:f2:7b:1c:de:
09:f3:d2:6f:9b:7e:73:77:3a:fd:04:39:5b:5f:1a:1e:39:89:
ec:a0:20:cb:7c:36:9a:de:ff:b1:83:d8:4e:68:5b:83:1d:b1:
61:4a:03:ce:d1:b0:f9:07:ca:53:c4:80:97:29:88:9c:e8:6b:
64:1b:0f:1b:37:83:f0:bf:d2:1d:0d:05:30:d8:8c:8c:78:ef:
7d:9f:53:fa:17:00:b9:be:3e:2e:da:54:eb:34:10:7b:4d:43:
22:1f:55:06:c4:eb:ed:20:39:07:bb:48:f8:07:21:43:12:7d:
e1:8e:6a:89:03:ec:9b:62:5c:0c:6d:f7:df:4a:ae:4d:09:24:
07:80:38:3c:6b:32:4f:5b:f0:98:97:d8:6c:98:73:29:34:0d:
43:13:ce:24:05:78:98:09:72:41:0c:fe:c7:62:69:6d:ba:54:
b8:fe:ed:03:a1:6a:05:49:d7:8c:ae:d4:db:a2:99:a7:bb:77:
d7:3e:a7:11:ef:3a:db:c8:db:28:d9:df:42:5c:2a:1b:29:89:
0b:34:ef:da
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYvTeQduhj8JdHbM1f9Z0WXCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzZhNWM4NWEwOGQ4MDc0OTA0MWNiOWNmYTUxN2ZiN2Q1
ODliYTgwHhcNMjMxMTE1MTQ1MzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzFmODU3NDkxY2ZkOTAwMjAzZDJmY2NkMTk5ODRhMDE0MTg4Y2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7w+UYBJW2+0Hc7tFgwy317NAn9DE
030E19iaYYL3x6Nmcgp8MuHOYvqhhUSH6CMrlWeTekjwuslDabpAbRSANqF0dxs2
Ta8CwQy0Gy8BXddpdHTfZR3b63yifsMmqLojyKqX/O3gTpa1TZ3Rieyx2s5mJRuz
e1msAYoScKkwKBPcXbsJmizj7z/vTAm38XSzjBc3BGhITtK7Q31IgWqc9+0ccD3U
Ifn7o70EZ/0GlRBDEMcOxPanC5KVvi/N4e3nvDIQRxPN6r1PKiLMYqq4iaP5w3e0
gccpWaHnOU1mf4IbJZy4iicOwDNkFuN+P836YUsqCstLxjekosxkgoLOkQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHMfhXSRz9kAID0vzNGZhKAUGIzXMB8GA1UdIwQY
MBaAFHc2pchaCNgHSQQcuc+lF/t9WJuoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHphbHlGb0kyQWRKQkJ5NXo2VVgtMzFZbTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82ZGEyODktYWJlYy00OWY1LWE3NTkt
Y2YxZjRjN2M5MjIyLzEvY3gtRmRKSFAyUUFnUFNfTTBabUVvQlFZak5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82ZGEyODktYWJlYy00OWY1LWE3NTktY2YxZjRjN2M5MjIy
LzEvZHphbHlGb0kyQWRKQkJ5NXo2VVgtMzFZbTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUYoMA0E
AgACMAcDBQMqBScAMA0GCSqGSIb3DQEBCwUAA4IBAQAVWxaj2HNtR2Db9ibCQlQ4
gxESjNXOgtXgTYy3ThWECiBO2qqATGFo/QhqHIW3m/ZyqPJ7HN4J89Jvm35zdzr9
BDlbXxoeOYnsoCDLfDaa3v+xg9hOaFuDHbFhSgPO0bD5B8pTxICXKYic6GtkGw8b
N4Pwv9IdDQUw2IyMeO99n1P6FwC5vj4u2lTrNBB7TUMiH1UGxOvtIDkHu0j4ByFD
En3hjmqJA+ybYlwMbfffSq5NCSQHgDg8azJPW/CYl9hsmHMpNA1DE84kBXiYCXJB
DP7HYmltulS4/u0DoWoFSdeMrtTbopmnu3fXPqcR7zrbyNso2d9CXCobKYkLNO/a
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:13 2024 by rpki-client on console-ams.rpki-client.org