Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/doyDgfxEmjssMO3IRtvXEt4BII8.roa
File: doyDgfxEmjssMO3IRtvXEt4BII8.roa (raw, json)
Hash identifier: ddryYwGArBDuk4L9acmyJ/j4iWI7x5EsYtgMcvgREDU=
Subject key identifier: 76:8C:83:81:FC:44:9A:3B:2C:30:ED:C8:46:DB:D7:12:DE:01:20:8F
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018FBA063F90690CCC76F0BC66AF077E5D37
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/doyDgfxEmjssMO3IRtvXEt4BII8.roa
Signing time: Mon 27 May 2024 12:28:42 +0000
ROA not before: Mon 27 May 2024 12:28:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49074
IP address blocks: 85.255.112.0/22 maxlen: 22
91.228.140.0/22 maxlen: 22
91.234.56.0/22 maxlen: 22
151.248.95.0/24 maxlen: 24
176.113.104.0/22 maxlen: 22
194.40.204.0/22 maxlen: 22
2a04:2041::/32 maxlen: 32
2a04:2043::/32 maxlen: 32
2a04:2045::/32 maxlen: 32
2a04:2047::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 26 Jul 2024 14:45:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ba:06:3f:90:69:0c:cc:76:f0:bc:66:af:07:7e:5d:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: May 27 12:28:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=768c8381fc449a3b2c30edc846dbd712de01208f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:75:dd:27:15:02:5a:fc:56:04:83:0b:f5:5c:
66:12:2f:8d:cd:a5:96:fb:0d:70:cd:df:64:2d:9d:
fc:27:25:c4:a8:0a:9a:12:11:68:12:e3:53:f6:da:
9b:67:dd:41:5f:31:2c:13:de:20:fd:68:55:e1:30:
66:e0:56:d7:3c:c4:c8:9f:ce:30:a9:6a:99:97:a4:
60:ef:34:b8:62:b1:7e:89:66:71:36:61:da:8b:5f:
85:ea:29:82:09:0d:f2:9e:dc:97:1a:dc:96:8a:c2:
f4:21:a3:1d:47:e3:c7:7e:06:7e:d4:f0:88:7a:50:
80:54:fe:55:16:9b:e5:1f:24:f2:6f:bd:46:05:c8:
be:b8:89:d0:ea:a0:c5:a6:fd:ad:3e:45:8f:95:2e:
29:11:4a:25:e8:92:63:91:78:27:52:3d:dc:23:6b:
11:95:ea:e8:de:ec:f7:00:f8:8e:1d:f1:00:ec:c2:
e7:06:2d:7e:76:7a:0b:88:d4:e4:3f:3e:3a:89:af:
df:d5:76:ab:e0:09:5e:7a:ad:4a:8e:c7:5f:e1:f0:
34:41:45:12:ba:bc:93:fd:92:cb:58:61:05:55:66:
44:7f:6d:11:b8:f1:d6:79:15:d5:44:7c:31:4d:52:
d3:de:49:e5:14:c9:ac:a3:52:ac:ea:25:ce:46:2b:
10:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:8C:83:81:FC:44:9A:3B:2C:30:ED:C8:46:DB:D7:12:DE:01:20:8F
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/doyDgfxEmjssMO3IRtvXEt4BII8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.112.0/22
91.228.140.0/22
91.234.56.0/22
151.248.95.0/24
176.113.104.0/22
194.40.204.0/22
IPv6:
2a04:2041::/32
2a04:2043::/32
2a04:2045::/32
2a04:2047::/32
Signature Algorithm: sha256WithRSAEncryption
08:b8:56:ab:0c:c8:50:fa:55:70:ce:7b:e2:84:5b:1e:57:51:
e8:14:52:89:c3:1e:1e:73:b3:da:c5:28:b2:d3:b5:8f:42:c8:
b0:e9:d5:33:62:54:0d:13:61:79:16:3c:5e:fc:66:02:07:9e:
e7:eb:a1:89:7a:dc:06:b6:56:74:1c:e4:f4:ed:56:2e:14:c6:
db:7d:35:97:66:43:6c:b5:5d:fc:a8:4d:33:4c:6f:d6:e5:ef:
51:c8:5d:47:39:0c:b0:b1:93:d1:23:30:e0:fb:cf:65:e0:0f:
c0:20:d8:03:86:9f:1d:5a:e9:af:08:99:2a:e7:a4:b5:8d:a6:
91:1d:a1:14:05:81:ae:34:a6:99:cf:dc:0c:15:84:3c:87:f1:
cd:b1:a4:9e:db:cd:d1:1d:22:f6:41:78:79:2c:0a:c7:c8:aa:
47:0e:b1:49:6b:0c:f3:cf:aa:17:8f:97:b0:25:2a:5f:f7:4c:
95:44:b3:78:fb:10:93:3f:bd:9b:f8:9b:9a:39:c7:f8:43:61:
4b:40:b8:4d:f7:95:1a:35:3f:fb:2d:4d:cb:04:b9:ed:d3:53:
b2:72:4d:24:6c:12:c0:03:41:65:e0:1c:f5:88:9e:ab:52:87:
02:4a:07:26:c1:19:75:28:92:5b:42:ca:73:78:0a:07:77:54:
7c:e0:3b:10
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAY+6Bj+QaQzMdvC8Zq8Hfl03MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjQwNTI3MTIyODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjhjODM4MWZjNDQ5YTNiMmMzMGVkYzg0NmRiZDcxMmRlMDEyMDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXXdJxUCWvxWBIML9VxmEi+NzaWW
+w1wzd9kLZ38JyXEqAqaEhFoEuNT9tqbZ91BXzEsE94g/WhV4TBm4FbXPMTIn84w
qWqZl6Rg7zS4YrF+iWZxNmHai1+F6imCCQ3yntyXGtyWisL0IaMdR+PHfgZ+1PCI
elCAVP5VFpvlHyTyb71GBci+uInQ6qDFpv2tPkWPlS4pEUol6JJjkXgnUj3cI2sR
lero3uz3APiOHfEA7MLnBi1+dnoLiNTkPz46ia/f1Xar4Aleeq1Kjsdf4fA0QUUS
uryT/ZLLWGEFVWZEf20RuPHWeRXVRHwxTVLT3knlFMmso1Ks6iXORisQzQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFHaMg4H8RJo7LDDtyEbb1xLeASCPMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvZG95RGdmeEVtanNzTU8zSVJ0dlhFdDRCSUk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDAqBAIAATAkAwQCVf9wAwQC
W+SMAwQCW+o4AwQAl/hfAwQCsHFoAwQCwijMMCIEAgACMBwDBQAqBCBBAwUAKgQg
QwMFACoEIEUDBQAqBCBHMA0GCSqGSIb3DQEBCwUAA4IBAQAIuFarDMhQ+lVwznvi
hFseV1HoFFKJwx4ec7PaxSiy07WPQsiw6dUzYlQNE2F5Fjxe/GYCB57n66GJetwG
tlZ0HOT07VYuFMbbfTWXZkNstV38qE0zTG/W5e9RyF1HOQywsZPRIzDg+89l4A/A
INgDhp8dWumvCJkq56S1jaaRHaEUBYGuNKaZz9wMFYQ8h/HNsaSe283RHSL2QXh5
LArHyKpHDrFJawzzz6oXj5ewJSpf90yVRLN4+xCTP72b+JuaOcf4Q2FLQLhN95Ua
NT/7LU3LBLnt01Oyck0kbBLAA0Fl4Bz1iJ6rUocCSgcmwRl1KJJbQspzeAoHd1R8
4DsQ
-----END CERTIFICATE-----
Generated at Fri Jul 26 18:15:48 2024 by rpki-client on console-fra.rpki-client.org