Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/f33379-63d9-4f2b-8e65-30a6c3af9095/1/pyujikVEW3q7cjmVMt7mjz73kjk.roa
File: pyujikVEW3q7cjmVMt7mjz73kjk.roa (raw, json)
Hash identifier: T8DhdG7QDXc7CQzKsaaWJlNckSy4s+pdDm87zMF3hJ4=
Subject key identifier: A7:2B:A3:8A:45:44:5B:7A:BB:72:39:95:32:DE:E6:8F:3E:F7:92:39
Certificate issuer: /CN=3b477a62607fb94c8e23b5a062c78d93df9cbd69
Certificate serial: 0185723101FB3B6804061C65C6C4B97AFE02
Authority key identifier: 3B:47:7A:62:60:7F:B9:4C:8E:23:B5:A0:62:C7:8D:93:DF:9C:BD:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0d6YmB_uUyOI7WgYseNk9-cvWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/f33379-63d9-4f2b-8e65-30a6c3af9095/1/pyujikVEW3q7cjmVMt7mjz73kjk.roa
Signing time: Mon 02 Jan 2023 11:14:52 +0000
ROA not before: Mon 02 Jan 2023 11:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57495
IP address blocks: 91.231.0.0/24 maxlen: 24
85.158.220.0/24 maxlen: 24
85.158.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:01:fb:3b:68:04:06:1c:65:c6:c4:b9:7a:fe:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b477a62607fb94c8e23b5a062c78d93df9cbd69
Validity
Not Before: Jan 2 11:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a72ba38a45445b7abb72399532dee68f3ef79239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:55:26:35:a5:44:25:e5:25:ba:39:10:01:71:
f7:e8:e5:54:27:b9:fc:f6:5a:d3:3c:da:67:fd:85:
78:7c:6e:1f:a1:a0:cd:f4:80:91:77:af:50:07:06:
ef:a5:4b:c0:ce:00:51:af:d4:c9:18:f6:ba:d2:5a:
53:19:77:d9:97:6b:a1:21:99:ba:b3:ea:e3:8f:4f:
32:fd:7c:fe:04:e7:77:9b:49:34:42:9d:82:45:fc:
d9:87:db:5c:46:8c:3f:9f:a2:d8:49:65:34:e4:96:
1a:99:4c:82:26:a4:9d:4e:49:a3:2b:21:a1:92:e0:
8e:b9:eb:f0:01:78:06:0c:4a:17:4c:b1:d0:b0:6b:
b7:a3:f6:a7:ad:f5:4a:46:71:55:d2:0c:44:94:c6:
b8:40:7f:68:03:0f:ea:66:9d:52:f7:8c:b3:74:b7:
b9:05:9f:a6:57:34:52:b6:0c:27:0f:d8:6b:5e:23:
e5:b4:b0:ae:79:fb:b4:d9:49:8d:2a:1f:1a:06:2a:
e8:b4:b4:bf:3b:e3:9a:8c:a0:6a:27:fe:33:5a:71:
e8:45:8a:e5:1c:4c:b7:3b:2a:b1:11:c1:05:2b:34:
8d:f1:3c:d5:d3:68:4f:05:41:65:69:62:c0:31:4e:
f4:fa:da:ed:58:47:c5:0d:4e:7c:f5:5f:92:26:20:
b9:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:2B:A3:8A:45:44:5B:7A:BB:72:39:95:32:DE:E6:8F:3E:F7:92:39
X509v3 Authority Key Identifier:
keyid:3B:47:7A:62:60:7F:B9:4C:8E:23:B5:A0:62:C7:8D:93:DF:9C:BD:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0d6YmB_uUyOI7WgYseNk9-cvWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/f33379-63d9-4f2b-8e65-30a6c3af9095/1/pyujikVEW3q7cjmVMt7mjz73kjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/f33379-63d9-4f2b-8e65-30a6c3af9095/1/O0d6YmB_uUyOI7WgYseNk9-cvWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.220.0/23
91.231.0.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:03:dd:07:cf:10:9b:77:a8:d0:c7:ae:cd:31:5f:fa:09:e7:
ba:05:0b:27:85:9b:9b:3d:02:5f:89:c0:0f:a2:94:c0:90:83:
fc:c3:9a:df:9d:ac:ab:8a:f9:62:0c:84:7f:14:e7:5b:97:86:
6f:25:18:14:8b:aa:ba:77:fe:4e:a0:a6:2c:75:25:ad:a1:a5:
87:5d:96:20:9f:22:a5:d4:2f:13:4a:06:70:13:45:33:32:01:
d6:3e:74:fc:61:24:6b:d0:ca:e5:ca:71:89:10:0c:78:3e:ae:
20:59:f2:28:4c:d9:c9:be:12:aa:1f:3b:a7:31:cc:8e:d9:1c:
85:b7:5d:47:5c:74:c2:ec:17:88:c6:a9:09:bf:68:b6:a4:9e:
dd:48:8e:5d:34:d9:d4:cb:55:55:10:7a:6a:d4:58:fb:f4:5f:
b2:d7:de:0a:00:8d:aa:11:a4:6a:a6:11:44:4c:8f:5f:25:24:
e5:25:64:02:6c:fc:0d:fe:88:09:07:ad:0d:e6:15:39:d7:24:
78:84:cf:69:2e:ad:9a:83:9f:af:e9:2b:65:ea:39:64:4a:96:
44:d1:27:57:a8:29:c9:16:eb:7b:cd:58:97:9a:c3:71:ae:95:
f2:f1:9c:ab:97:76:80:59:4a:1d:52:49:10:ed:6a:ce:dd:70:
06:1f:19:62
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyMQH7O2gEBhxlxsS5ev4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc3YTYyNjA3ZmI5NGM4ZTIzYjVhMDYyYzc4ZDkzZGY5
Y2JkNjkwHhcNMjMwMTAyMTExNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzJiYTM4YTQ1NDQ1YjdhYmI3MjM5OTUzMmRlZTY4ZjNlZjc5MjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1UmNaVEJeUlujkQAXH36OVUJ7n8
9lrTPNpn/YV4fG4foaDN9ICRd69QBwbvpUvAzgBRr9TJGPa60lpTGXfZl2uhIZm6
s+rjj08y/Xz+BOd3m0k0Qp2CRfzZh9tcRow/n6LYSWU05JYamUyCJqSdTkmjKyGh
kuCOuevwAXgGDEoXTLHQsGu3o/anrfVKRnFV0gxElMa4QH9oAw/qZp1S94yzdLe5
BZ+mVzRStgwnD9hrXiPltLCuefu02UmNKh8aBirotLS/O+OajKBqJ/4zWnHoRYrl
HEy3OyqxEcEFKzSN8TzV02hPBUFlaWLAMU70+trtWEfFDU589V+SJiC5xwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKcro4pFRFt6u3I5lTLe5o8+95I5MB8GA1UdIwQY
MBaAFDtHemJgf7lMjiO1oGLHjZPfnL1pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkNlltQl91VXlPSTdXZ1lzZU5rOS1jdldrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9mMzMzNzktNjNkOS00ZjJiLThlNjUt
MzBhNmMzYWY5MDk1LzEvcHl1amlrVkVXM3E3Y2ptVk10N21qejcza2prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9mMzMzNzktNjNkOS00ZjJiLThlNjUtMzBhNmMzYWY5MDk1
LzEvTzBkNlltQl91VXlPSTdXZ1lzZU5rOS1jdldrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVZ7cAwQA
W+cAMA0GCSqGSIb3DQEBCwUAA4IBAQAbA90HzxCbd6jQx67NMV/6Cee6BQsnhZub
PQJficAPopTAkIP8w5rfnayrivliDIR/FOdbl4ZvJRgUi6q6d/5OoKYsdSWtoaWH
XZYgnyKl1C8TSgZwE0UzMgHWPnT8YSRr0MrlynGJEAx4Pq4gWfIoTNnJvhKqHzun
McyO2RyFt11HXHTC7BeIxqkJv2i2pJ7dSI5dNNnUy1VVEHpq1Fj79F+y194KAI2q
EaRqphFETI9fJSTlJWQCbPwN/ogJB60N5hU51yR4hM9pLq2ag5+v6Stl6jlkSpZE
0SdXqCnJFut7zViXmsNxrpXy8Zyrl3aAWUodUkkQ7WrO3XAGHxli
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:25 2024 by rpki-client on console-ams.rpki-client.org