Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/eb4c6e-a2b0-4e5b-9aea-8b7cf9b86764/1/Us2_5_BNvtHaJPxkT4gdkkRTyrQ.roa
File: Us2_5_BNvtHaJPxkT4gdkkRTyrQ.roa (raw, json)
Hash identifier: JqmdE+LGLE5/vRblWmmaf1v/s+44tWFl6g68zgZM6lg=
Subject key identifier: 52:CD:BF:E7:F0:4D:BE:D1:DA:24:FC:64:4F:88:1D:92:44:53:CA:B4
Certificate issuer: /CN=76b8ec733b9f994d5a858c5e555178e8ae8aa2ed
Certificate serial: 018572CCA75FB2C2957A72505EFA2AA22C6B
Authority key identifier: 76:B8:EC:73:3B:9F:99:4D:5A:85:8C:5E:55:51:78:E8:AE:8A:A2:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/drjsczufmU1ahYxeVVF46K6Kou0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/eb4c6e-a2b0-4e5b-9aea-8b7cf9b86764/1/Us2_5_BNvtHaJPxkT4gdkkRTyrQ.roa
Signing time: Mon 02 Jan 2023 14:04:52 +0000
ROA not before: Mon 02 Jan 2023 14:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201283
IP address blocks: 185.79.124.0/24 maxlen: 24
185.79.127.0/24 maxlen: 24
185.79.126.0/24 maxlen: 24
2a05:7380::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:a7:5f:b2:c2:95:7a:72:50:5e:fa:2a:a2:2c:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76b8ec733b9f994d5a858c5e555178e8ae8aa2ed
Validity
Not Before: Jan 2 14:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52cdbfe7f04dbed1da24fc644f881d924453cab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:77:ef:7a:b9:e1:26:07:93:35:58:e3:f8:ae:
ee:11:0c:7a:a1:8f:e1:ed:5d:e6:1d:1a:48:65:b2:
5d:71:0b:5d:f7:de:70:d8:fe:3d:59:aa:30:96:36:
51:a4:77:27:5d:b6:b4:0d:58:42:b2:fa:46:6c:0c:
9c:ec:b8:39:52:38:3c:55:ee:0c:6d:9a:f0:14:10:
33:9c:3c:70:20:87:83:26:e8:0a:46:d3:52:8c:93:
6b:51:e3:09:1c:ea:7a:6f:c0:d7:6b:60:60:96:e5:
4d:df:46:eb:7f:ef:57:fe:6a:00:7b:ac:fc:01:8b:
f5:15:3f:13:a8:f2:15:11:c6:60:04:4c:8f:64:8c:
4c:45:18:f5:2a:63:35:2e:c0:98:f3:ed:48:b4:59:
57:01:a5:a8:48:fc:0f:bb:99:52:ac:8c:f0:ba:de:
12:1d:38:73:d3:b8:a8:df:7b:d4:72:de:a8:44:0b:
70:6d:96:20:c7:2c:00:5b:60:3d:17:dd:1a:b4:ac:
52:fa:1b:8c:c1:43:8a:07:59:84:e3:8f:e4:c6:de:
ec:9f:d2:9d:61:fa:d8:ce:f0:43:20:6d:5b:4f:fb:
9c:6c:88:d4:c6:9c:e8:21:d7:cd:a3:f1:59:58:8c:
38:b8:01:bd:ff:fb:3b:98:10:b2:b9:1d:c8:8f:1e:
30:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:CD:BF:E7:F0:4D:BE:D1:DA:24:FC:64:4F:88:1D:92:44:53:CA:B4
X509v3 Authority Key Identifier:
keyid:76:B8:EC:73:3B:9F:99:4D:5A:85:8C:5E:55:51:78:E8:AE:8A:A2:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/drjsczufmU1ahYxeVVF46K6Kou0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/eb4c6e-a2b0-4e5b-9aea-8b7cf9b86764/1/Us2_5_BNvtHaJPxkT4gdkkRTyrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/eb4c6e-a2b0-4e5b-9aea-8b7cf9b86764/1/drjsczufmU1ahYxeVVF46K6Kou0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.124.0/24
185.79.126.0/23
IPv6:
2a05:7380::/29
Signature Algorithm: sha256WithRSAEncryption
57:97:a4:b2:2d:93:37:93:08:95:41:a3:b2:80:5c:4f:ed:65:
ef:7a:e9:0f:d0:6d:0f:2b:0f:6f:e6:9e:53:43:e0:cb:9c:a9:
e6:cc:71:06:27:3c:a8:c8:f1:0a:75:96:6d:cb:e5:c1:6e:75:
2f:e4:67:cf:10:d2:ef:53:45:92:ca:80:c8:99:19:2a:72:32:
fa:46:5e:67:4b:61:a4:90:01:de:80:48:2c:74:79:1a:9d:1d:
c6:fd:c1:da:80:3b:dc:4e:5d:22:83:15:a6:47:5f:65:80:96:
d7:87:57:56:73:3e:fa:25:3e:31:94:2f:71:e8:09:a2:11:00:
11:0a:18:d6:0b:96:9a:25:92:bd:a0:62:27:01:4d:9a:24:c5:
d3:e0:2f:76:f6:a5:0e:16:d3:1f:db:7c:d6:28:dd:7d:3f:82:
94:dd:f8:e9:63:88:5d:75:22:e4:7a:1c:9f:77:5d:0a:82:b4:
00:f7:d1:fd:e3:33:43:2d:ad:ce:e0:66:9c:1f:e9:c4:95:37:
9b:84:4d:31:52:63:fe:90:1f:bb:c5:2a:61:0a:47:00:19:8d:
55:07:26:e1:d1:18:53:ed:60:53:f6:9a:fe:5d:86:c2:57:14:
35:9b:af:4d:02:b9:57:4a:d7:3d:87:48:d2:b5:4f:f7:1e:3d:
47:a7:2e:4f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyzKdfssKVenJQXvoqoixrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YjhlYzczM2I5Zjk5NGQ1YTg1OGM1ZTU1NTE3OGU4YWU4
YWEyZWQwHhcNMjMwMTAyMTQwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmNkYmZlN2YwNGRiZWQxZGEyNGZjNjQ0Zjg4MWQ5MjQ0NTNjYWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3fvernhJgeTNVjj+K7uEQx6oY/h
7V3mHRpIZbJdcQtd995w2P49WaowljZRpHcnXba0DVhCsvpGbAyc7Lg5Ujg8Ve4M
bZrwFBAznDxwIIeDJugKRtNSjJNrUeMJHOp6b8DXa2BgluVN30brf+9X/moAe6z8
AYv1FT8TqPIVEcZgBEyPZIxMRRj1KmM1LsCY8+1ItFlXAaWoSPwPu5lSrIzwut4S
HThz07io33vUct6oRAtwbZYgxywAW2A9F90atKxS+huMwUOKB1mE44/kxt7sn9Kd
YfrYzvBDIG1bT/ucbIjUxpzoIdfNo/FZWIw4uAG9//s7mBCyuR3Ijx4wwwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFLNv+fwTb7R2iT8ZE+IHZJEU8q0MB8GA1UdIwQY
MBaAFHa47HM7n5lNWoWMXlVReOiuiqLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHJqc2N6dWZtVTFhaFl4ZVZWRjQ2SzZLb3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9lYjRjNmUtYTJiMC00ZTViLTlhZWEt
OGI3Y2Y5Yjg2NzY0LzEvVXMyXzVfQk52dEhhSlB4a1Q0Z2Rra1JUeXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9lYjRjNmUtYTJiMC00ZTViLTlhZWEtOGI3Y2Y5Yjg2NzY0
LzEvZHJqc2N6dWZtVTFhaFl4ZVZWRjQ2SzZLb3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuU98AwQB
uU9+MA0EAgACMAcDBQMqBXOAMA0GCSqGSIb3DQEBCwUAA4IBAQBXl6SyLZM3kwiV
QaOygFxP7WXveukP0G0PKw9v5p5TQ+DLnKnmzHEGJzyoyPEKdZZty+XBbnUv5GfP
ENLvU0WSyoDImRkqcjL6Rl5nS2GkkAHegEgsdHkanR3G/cHagDvcTl0igxWmR19l
gJbXh1dWcz76JT4xlC9x6AmiEQARChjWC5aaJZK9oGInAU2aJMXT4C929qUOFtMf
23zWKN19P4KU3fjpY4hddSLkehyfd10KgrQA99H94zNDLa3O4GacH+nElTebhE0x
UmP+kB+7xSphCkcAGY1VBybh0RhT7WBT9pr+XYbCVxQ1m69NArlXStc9h0jStU/3
Hj1Hpy5P
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:24 2024 by rpki-client on console-fra.rpki-client.org