Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/ae5b5f-e748-4fd5-b1de-c79a3fa71d34/1/540cglfXoY3z4EIuR12la3OnO-4.roa
File: 540cglfXoY3z4EIuR12la3OnO-4.roa (raw, json)
Hash identifier: A4S++/KHzXoSJCIpn6L0996amuRqnltXNCaawJYJo1M=
Subject key identifier: E7:8D:1C:82:57:D7:A1:8D:F3:E0:42:2E:47:5D:A5:6B:73:A7:3B:EE
Certificate issuer: /CN=77e839ea59b975824fd708a0ad735550017cbf7c
Certificate serial: 0185707076F7F20B63D68A7165797E089D6D
Authority key identifier: 77:E8:39:EA:59:B9:75:82:4F:D7:08:A0:AD:73:55:50:01:7C:BF:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d-g56lm5dYJP1wigrXNVUAF8v3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/ae5b5f-e748-4fd5-b1de-c79a3fa71d34/1/540cglfXoY3z4EIuR12la3OnO-4.roa
Signing time: Mon 02 Jan 2023 03:04:56 +0000
ROA not before: Mon 02 Jan 2023 03:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49920
IP address blocks: 185.234.53.0/24 maxlen: 24
185.234.54.0/23 maxlen: 23
185.149.60.0/22 maxlen: 24
2a05:c0c0::/29 maxlen: 30
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:76:f7:f2:0b:63:d6:8a:71:65:79:7e:08:9d:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77e839ea59b975824fd708a0ad735550017cbf7c
Validity
Not Before: Jan 2 03:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e78d1c8257d7a18df3e0422e475da56b73a73bee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6b:6b:6b:b8:8b:e4:4d:ce:7b:ff:38:c9:5d:
db:24:00:61:d4:29:6e:55:20:02:45:bb:28:35:4d:
df:ef:a2:8e:d2:46:d2:bf:57:6f:8b:d0:51:2f:29:
4c:7a:fe:2a:d5:5d:e1:10:fe:d1:12:6f:cb:fc:d0:
00:32:21:11:00:fd:e6:d4:97:7d:58:03:73:15:63:
d0:28:e3:3a:b8:a9:39:93:d8:7a:f6:aa:9b:42:f1:
ad:99:b7:89:b2:85:ff:ac:85:4a:47:46:bd:23:77:
cb:1d:3e:60:cb:6a:37:6b:1e:32:3a:c0:aa:92:cc:
6c:33:18:00:09:21:22:81:11:d2:85:84:1c:13:08:
ec:af:48:be:19:2e:ed:72:3e:03:b5:79:7d:8c:59:
7b:96:ce:16:dc:b6:9c:e6:88:8b:0d:ec:d4:b2:ef:
b7:bb:4b:83:c7:59:55:2e:c1:11:b6:a8:0b:b2:74:
58:39:c5:7f:37:8c:03:d7:0e:ea:a9:69:df:b3:77:
4b:ac:fe:e1:2a:27:ab:07:c2:75:2e:36:f1:98:4b:
33:75:a1:6d:a1:56:a9:89:97:ca:5e:3e:08:f5:a8:
ca:9b:9b:bb:8a:21:bc:5a:35:a8:7e:8e:1d:04:27:
67:65:13:47:c8:71:76:e3:7a:83:1d:ae:a0:4a:cc:
c8:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:8D:1C:82:57:D7:A1:8D:F3:E0:42:2E:47:5D:A5:6B:73:A7:3B:EE
X509v3 Authority Key Identifier:
keyid:77:E8:39:EA:59:B9:75:82:4F:D7:08:A0:AD:73:55:50:01:7C:BF:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-g56lm5dYJP1wigrXNVUAF8v3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/ae5b5f-e748-4fd5-b1de-c79a3fa71d34/1/540cglfXoY3z4EIuR12la3OnO-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/ae5b5f-e748-4fd5-b1de-c79a3fa71d34/1/d-g56lm5dYJP1wigrXNVUAF8v3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.60.0/22
185.234.53.0-185.234.55.255
IPv6:
2a05:c0c0::/29
Signature Algorithm: sha256WithRSAEncryption
8f:41:a5:5b:b7:92:31:34:c1:86:00:f2:2b:db:37:0c:22:88:
05:76:96:fe:e7:20:b2:8f:8b:d6:8c:85:74:6a:9b:5a:e7:62:
65:cc:c6:69:3f:1a:d1:b4:23:2f:74:2d:e7:36:61:18:40:b4:
e9:b6:57:ea:ed:c0:b3:09:8f:ba:18:3d:92:23:2b:af:9a:d5:
72:43:21:5e:19:20:1e:fe:75:e8:c7:0a:9a:50:48:b4:fa:03:
66:eb:b1:23:1e:5a:e4:08:56:9f:10:f8:10:09:7f:d4:79:98:
ce:ea:a1:bb:3a:3f:de:cf:8b:d6:0a:35:c4:61:7b:e8:65:49:
76:d8:eb:b5:4b:0e:60:2a:78:a3:15:42:02:71:41:a4:b3:13:
d2:e8:9b:27:1e:e6:19:59:48:1f:a7:21:20:c6:a6:bd:0c:47:
f2:33:04:c9:f4:46:34:08:a3:45:64:73:9f:89:14:3e:c8:db:
9a:52:86:f4:2f:e5:fb:0a:b5:07:77:d0:1d:a9:0d:a8:fa:8b:
e6:ce:ab:cc:81:87:e5:4d:fe:2e:79:52:ba:9f:e8:67:8e:22:
73:b8:5b:81:9f:23:3c:3e:07:8e:bf:df:d1:f5:b9:0a:64:aa:
36:1c:78:25:da:a4:fb:c3:69:ee:8c:7d:ef:bc:08:2b:6d:76:
2d:37:b9:91
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVwcHb38gtj1opxZXl+CJ1tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZTgzOWVhNTliOTc1ODI0ZmQ3MDhhMGFkNzM1NTUwMDE3
Y2JmN2MwHhcNMjMwMTAyMDMwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzhkMWM4MjU3ZDdhMThkZjNlMDQyMmU0NzVkYTU2YjczYTczYmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGtra7iL5E3Oe/84yV3bJABh1Clu
VSACRbsoNU3f76KO0kbSv1dvi9BRLylMev4q1V3hEP7REm/L/NAAMiERAP3m1Jd9
WANzFWPQKOM6uKk5k9h69qqbQvGtmbeJsoX/rIVKR0a9I3fLHT5gy2o3ax4yOsCq
ksxsMxgACSEigRHShYQcEwjsr0i+GS7tcj4DtXl9jFl7ls4W3Lac5oiLDezUsu+3
u0uDx1lVLsERtqgLsnRYOcV/N4wD1w7qqWnfs3dLrP7hKierB8J1LjbxmEszdaFt
oVapiZfKXj4I9ajKm5u7iiG8WjWofo4dBCdnZRNHyHF243qDHa6gSszIGQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFOeNHIJX16GN8+BCLkddpWtzpzvuMB8GA1UdIwQY
MBaAFHfoOepZuXWCT9cIoK1zVVABfL98MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZC1nNTZsbTVkWUpQMXdpZ3JYTlZVQUY4djN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9hZTViNWYtZTc0OC00ZmQ1LWIxZGUt
Yzc5YTNmYTcxZDM0LzEvNTQwY2dsZlhvWTN6NEVJdVIxMmxhM09uTy00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9hZTViNWYtZTc0OC00ZmQ1LWIxZGUtYzc5YTNmYTcxZDM0
LzEvZC1nNTZsbTVkWUpQMXdpZ3JYTlZVQUY4djN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCuZU8MAwD
BAC56jUDBAO56jAwDQQCAAIwBwMFAyoFwMAwDQYJKoZIhvcNAQELBQADggEBAI9B
pVu3kjE0wYYA8ivbNwwiiAV2lv7nILKPi9aMhXRqm1rnYmXMxmk/GtG0Iy90Lec2
YRhAtOm2V+rtwLMJj7oYPZIjK6+a1XJDIV4ZIB7+dejHCppQSLT6A2brsSMeWuQI
Vp8Q+BAJf9R5mM7qobs6P97Pi9YKNcRhe+hlSXbY67VLDmAqeKMVQgJxQaSzE9Lo
myce5hlZSB+nISDGpr0MR/IzBMn0RjQIo0Vkc5+JFD7I25pShvQv5fsKtQd30B2p
Daj6i+bOq8yBh+VN/i55Urqf6GeOInO4W4GfIzw+B46/39H1uQpkqjYceCXapPvD
ae6Mfe+8CCttdi03uZE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:43 2024 by rpki-client on console-fra.rpki-client.org