Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/pu-8Jgbsl67atq1rp0DfYoBEXPc.roa
File: pu-8Jgbsl67atq1rp0DfYoBEXPc.roa (raw, json)
Hash identifier: 2uRA5/Gy0afHj9pQFFzD9QBLwnM+vpvhRMucFwy3gTk=
Subject key identifier: A6:EF:BC:26:06:EC:97:AE:DA:B6:AD:6B:A7:40:DF:62:80:44:5C:F7
Certificate issuer: /CN=7736a5c85a08d80749041cb9cfa517fb7d589ba8
Certificate serial: 01856BC0F8313FA8A16B6DFC5BED7765F62C
Authority key identifier: 77:36:A5:C8:5A:08:D8:07:49:04:1C:B9:CF:A5:17:FB:7D:58:9B:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dzalyFoI2AdJBBy5z6UX-31Ym6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/pu-8Jgbsl67atq1rp0DfYoBEXPc.roa
Signing time: Sun 01 Jan 2023 05:14:46 +0000
ROA not before: Sun 01 Jan 2023 05:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62371
IP address blocks: 185.70.40.0/24 maxlen: 24
185.70.43.0/24 maxlen: 24
185.70.41.0/24 maxlen: 24
185.70.42.0/24 maxlen: 24
2a05:2701:f00::/44 maxlen: 44
2a05:2701:f10::/44 maxlen: 44
2a05:2701:f30::/44 maxlen: 44
2a05:2701:f40::/44 maxlen: 44
Validation: Failed, certificate revoked on Wed 15 Nov 2023 14:53:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c0:f8:31:3f:a8:a1:6b:6d:fc:5b:ed:77:65:f6:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7736a5c85a08d80749041cb9cfa517fb7d589ba8
Validity
Not Before: Jan 1 05:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6efbc2606ec97aedab6ad6ba740df6280445cf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1f:d4:02:41:d6:d4:f0:7d:59:1a:35:b0:fe:
55:ad:92:f0:83:a8:7c:48:30:a6:cb:e9:3b:10:fe:
e7:a9:90:2a:a9:56:66:58:93:91:6e:89:0b:b3:13:
66:33:94:1c:a6:d0:42:a1:cf:1b:70:08:ad:59:0a:
47:30:bd:d7:43:61:0a:24:b6:f2:01:50:b2:fa:dc:
23:28:97:4a:1b:43:92:d4:46:7a:f5:04:29:7f:db:
d6:9b:32:58:d8:81:10:05:92:f8:5e:5b:df:05:50:
ff:d4:79:5e:6e:14:16:06:77:98:39:6b:7a:3d:6c:
fd:95:9a:bc:cc:4c:7a:0b:11:1a:ad:fc:25:04:7b:
ad:87:8e:62:d6:cb:9e:72:34:13:9e:ba:d3:45:9f:
8b:30:5c:73:7e:b7:9d:ae:80:4d:ea:50:25:a2:59:
2c:e6:40:05:1b:71:93:1a:9c:07:6b:fb:95:59:0d:
fe:48:a1:0e:fa:12:49:04:1b:07:bd:14:a2:5a:30:
fc:80:e0:7c:e5:f6:f6:44:2e:5f:4f:54:14:56:24:
0c:53:a9:ee:5c:3a:14:22:57:58:a4:1b:37:6d:a2:
1b:43:27:64:8e:de:1a:3f:e2:34:38:68:99:ac:75:
53:71:09:4d:a1:26:99:54:a1:ab:db:5f:b6:40:02:
c1:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:EF:BC:26:06:EC:97:AE:DA:B6:AD:6B:A7:40:DF:62:80:44:5C:F7
X509v3 Authority Key Identifier:
keyid:77:36:A5:C8:5A:08:D8:07:49:04:1C:B9:CF:A5:17:FB:7D:58:9B:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzalyFoI2AdJBBy5z6UX-31Ym6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/pu-8Jgbsl67atq1rp0DfYoBEXPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/dzalyFoI2AdJBBy5z6UX-31Ym6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.40.0/22
IPv6:
2a05:2701:f00::/43
2a05:2701:f30::-2a05:2701:f4f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
96:c7:ee:3d:d9:66:9a:8e:85:29:0f:47:59:71:10:72:c7:f6:
2b:30:d5:5b:78:a5:4b:fe:c7:f3:ce:85:35:3d:97:aa:1d:5e:
cc:db:7e:6e:42:0e:04:5d:64:a2:e4:96:b6:06:9c:b4:1f:bb:
56:66:0a:b0:6b:c9:16:e9:24:97:37:4d:a7:80:f9:e5:fb:d0:
fe:61:6a:28:b7:d9:64:a8:dc:2c:37:60:62:26:15:60:f0:a4:
e2:b9:a6:8a:67:f3:6c:f8:ae:bd:f0:0b:20:c2:b5:a1:b2:f1:
eb:3a:2c:26:14:09:03:04:c9:27:c3:54:65:74:51:4a:de:e1:
f3:08:56:a7:54:37:aa:0f:e0:cb:34:83:b5:ce:db:f2:2b:f9:
ea:2e:41:5e:68:8a:58:c7:01:ea:39:b6:fe:de:15:a9:b1:ed:
b6:61:b2:66:c0:00:a4:81:94:a4:ec:bd:0c:1a:7b:3c:07:df:
79:4f:72:67:36:16:2f:82:c4:f4:e8:eb:02:6f:85:cd:ad:63:
d8:1a:6f:9d:c0:c3:6a:24:8f:55:04:c7:f5:dc:6f:92:d8:fd:
39:3f:0d:a8:e1:92:24:36:5b:e6:6c:f5:69:6c:fe:ac:95:c9:
4f:9b:6a:41:b2:bb:09:e7:13:42:82:d6:f0:7d:29:11:ba:ce:
1d:37:08:49
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYVrwPgxP6iha238W+13ZfYsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzZhNWM4NWEwOGQ4MDc0OTA0MWNiOWNmYTUxN2ZiN2Q1
ODliYTgwHhcNMjMwMTAxMDUxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmVmYmMyNjA2ZWM5N2FlZGFiNmFkNmJhNzQwZGY2MjgwNDQ1Y2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmR/UAkHW1PB9WRo1sP5VrZLwg6h8
SDCmy+k7EP7nqZAqqVZmWJORbokLsxNmM5QcptBCoc8bcAitWQpHML3XQ2EKJLby
AVCy+twjKJdKG0OS1EZ69QQpf9vWmzJY2IEQBZL4XlvfBVD/1HlebhQWBneYOWt6
PWz9lZq8zEx6CxEarfwlBHuth45i1suecjQTnrrTRZ+LMFxzfredroBN6lAlolks
5kAFG3GTGpwHa/uVWQ3+SKEO+hJJBBsHvRSiWjD8gOB85fb2RC5fT1QUViQMU6nu
XDoUIldYpBs3baIbQydkjt4aP+I0OGiZrHVTcQlNoSaZVKGr21+2QALBYQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFKbvvCYG7Jeu2rata6dA32KARFz3MB8GA1UdIwQY
MBaAFHc2pchaCNgHSQQcuc+lF/t9WJuoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHphbHlGb0kyQWRKQkJ5NXo2VVgtMzFZbTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82ZGEyODktYWJlYy00OWY1LWE3NTkt
Y2YxZjRjN2M5MjIyLzEvcHUtOEpnYnNsNjdhdHExcnAwRGZZb0JFWFBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82ZGEyODktYWJlYy00OWY1LWE3NTktY2YxZjRjN2M5MjIy
LzEvZHphbHlGb0kyQWRKQkJ5NXo2VVgtMzFZbTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAMBAIAATAGAwQCuUYoMCME
AgACMB0DBwUqBScBDwAwEgMHBCoFJwEPMAMHBCoFJwEPQDANBgkqhkiG9w0BAQsF
AAOCAQEAlsfuPdlmmo6FKQ9HWXEQcsf2KzDVW3ilS/7H886FNT2Xqh1ezNt+bkIO
BF1kouSWtgactB+7VmYKsGvJFukklzdNp4D55fvQ/mFqKLfZZKjcLDdgYiYVYPCk
4rmmimfzbPiuvfALIMK1obLx6zosJhQJAwTJJ8NUZXRRSt7h8whWp1Q3qg/gyzSD
tc7b8iv56i5BXmiKWMcB6jm2/t4VqbHttmGyZsAApIGUpOy9DBp7PAffeU9yZzYW
L4LE9OjrAm+Fza1j2BpvncDDaiSPVQTH9dxvktj9OT8NqOGSJDZb5mz1aWz+rJXJ
T5tqQbK7CecTQoLW8H0pEbrOHTcISQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:23 2024 by rpki-client on console-fra.rpki-client.org