Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/u_5qG_JbSI7CVoNJQLyDVKOIPRM.roa
File: u_5qG_JbSI7CVoNJQLyDVKOIPRM.roa (raw, json)
Hash identifier: nQY+LTt798SsQybWiuXvfNdmWaLesAtN78dIelAUOf8=
Subject key identifier: BB:FE:6A:1B:F2:5B:48:8E:C2:56:83:49:40:BC:83:54:A3:88:3D:13
Certificate issuer: /CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Certificate serial: 018C866AF7CE8CB541F345CF9494469485B2
Authority key identifier: 17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/u_5qG_JbSI7CVoNJQLyDVKOIPRM.roa
Signing time: Wed 20 Dec 2023 08:50:06 +0000
ROA not before: Wed 20 Dec 2023 08:50:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39855
IP address blocks: 84.54.35.0/24 maxlen: 24
178.212.142.0/24 maxlen: 24
185.65.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:86:6a:f7:ce:8c:b5:41:f3:45:cf:94:94:46:94:85:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Validity
Not Before: Dec 20 08:50:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbfe6a1bf25b488ec256834940bc8354a3883d13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:8e:44:a4:2f:c4:d3:3e:04:a9:13:49:06:6d:
ad:88:ee:a9:b3:b3:e5:5a:0a:30:5a:c8:84:a4:1e:
c1:f1:cf:9c:20:71:83:59:ff:68:4d:ce:ab:56:de:
2b:37:20:32:6f:83:c8:17:c3:e4:5b:96:14:da:7f:
cd:93:1a:59:fe:fd:21:b1:fd:34:a0:2d:18:89:19:
bc:80:62:9f:25:f2:4b:0b:6f:01:40:ee:2c:b4:8f:
cf:5c:1c:6c:1f:0c:f3:4b:d8:d3:13:d1:b7:b6:b1:
c7:ed:8b:44:4a:ee:54:e5:0d:3f:13:29:c8:9d:70:
db:1b:93:d6:1a:13:7e:4e:9c:7c:f5:29:94:a6:e4:
8e:37:fc:0a:24:77:a2:0f:40:42:00:3e:d2:4f:7a:
b4:18:04:01:2a:38:ec:9c:74:25:a3:e0:67:b5:46:
5a:36:30:b6:b2:85:fe:16:d9:da:e2:60:cd:5a:a9:
20:de:81:c3:06:42:d5:da:64:ff:72:8d:ca:1e:b4:
2c:4e:51:34:ec:d8:8d:10:d5:a2:3a:19:69:d3:f8:
b7:f2:0e:70:15:e0:53:0a:90:ef:cd:d8:7f:2f:ad:
2e:4f:9b:a0:de:69:ee:94:bf:b3:09:2b:ac:91:b4:
c7:d4:2d:23:44:50:0b:6b:a8:cc:3c:30:65:fc:42:
fc:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:FE:6A:1B:F2:5B:48:8E:C2:56:83:49:40:BC:83:54:A3:88:3D:13
X509v3 Authority Key Identifier:
keyid:17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/u_5qG_JbSI7CVoNJQLyDVKOIPRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.35.0/24
178.212.142.0/24
185.65.70.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:a6:3f:d2:35:52:32:e2:04:09:dc:5c:05:d4:4d:c7:f8:fd:
13:99:1b:36:fb:b0:11:e3:1b:02:4d:9c:ca:62:e3:ba:e1:54:
28:c4:3f:d2:51:0c:1a:13:06:e7:de:8a:08:2a:be:c7:1f:d9:
ca:22:b8:84:4a:43:db:0b:ec:5d:e8:80:bd:bf:b6:24:e2:40:
b7:14:6e:fe:bc:0e:0e:33:fd:3a:04:98:3b:10:a0:0a:69:c9:
8f:c0:20:67:99:f9:46:72:8b:21:21:d2:3c:d3:94:3a:d6:6d:
20:7f:8e:30:93:72:df:77:b7:34:07:fa:ac:94:ef:3b:92:75:
af:6d:d3:b3:2d:9c:b9:a6:41:58:0a:42:68:24:2a:11:5c:28:
af:41:ff:ec:6c:a4:99:96:79:40:1b:cb:6f:10:d5:09:50:75:
de:3c:41:26:6d:99:5e:5c:e5:28:a7:68:ce:06:a6:5b:c9:48:
dd:db:1a:03:8d:a6:15:20:55:2d:54:2e:bc:98:94:ab:db:96:
81:a1:56:94:8f:11:6c:04:81:f7:6a:49:c9:6e:9b:da:ee:cd:
ef:17:b9:6c:9a:33:0b:67:7b:b0:0b:a3:22:a7:d6:e7:41:e5:
85:1c:39:e5:02:38:46:ad:b2:3f:83:79:cd:30:b1:65:84:3d:
b0:0c:87:3e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyGavfOjLVB80XPlJRGlIWyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YjUwNDJmYzIwZDliYWIxNjc2ZTA5YWY3ZmYxYmE1YmZh
ZGFlNzUwHhcNMjMxMjIwMDg1MDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmZlNmExYmYyNWI0ODhlYzI1NjgzNDk0MGJjODM1NGEzODgzZDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Y5EpC/E0z4EqRNJBm2tiO6ps7Pl
WgowWsiEpB7B8c+cIHGDWf9oTc6rVt4rNyAyb4PIF8PkW5YU2n/NkxpZ/v0hsf00
oC0YiRm8gGKfJfJLC28BQO4stI/PXBxsHwzzS9jTE9G3trHH7YtESu5U5Q0/EynI
nXDbG5PWGhN+Tpx89SmUpuSON/wKJHeiD0BCAD7ST3q0GAQBKjjsnHQlo+BntUZa
NjC2soX+Ftna4mDNWqkg3oHDBkLV2mT/co3KHrQsTlE07NiNENWiOhlp0/i38g5w
FeBTCpDvzdh/L60uT5ug3mnulL+zCSuskbTH1C0jRFALa6jMPDBl/EL8AQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLv+ahvyW0iOwlaDSUC8g1SjiD0TMB8GA1UdIwQY
MBaAFBe1BC/CDZurFnbgmvf/G6W/ra51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQt
YmM2Nzk0ZTk1ZTVhLzEvdV81cUdfSmJTSTdDVm9OSlFMeURWS09JUFJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQtYmM2Nzk0ZTk1ZTVh
LzEvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVDYjAwQA
stSOAwQAuUFGMA0GCSqGSIb3DQEBCwUAA4IBAQC0pj/SNVIy4gQJ3FwF1E3H+P0T
mRs2+7AR4xsCTZzKYuO64VQoxD/SUQwaEwbn3ooIKr7HH9nKIriESkPbC+xd6IC9
v7Yk4kC3FG7+vA4OM/06BJg7EKAKacmPwCBnmflGcoshIdI805Q61m0gf44wk3Lf
d7c0B/qslO87knWvbdOzLZy5pkFYCkJoJCoRXCivQf/sbKSZlnlAG8tvENUJUHXe
PEEmbZleXOUop2jOBqZbyUjd2xoDjaYVIFUtVC68mJSr25aBoVaUjxFsBIH3aknJ
bpva7s3vF7lsmjMLZ3uwC6Mip9bnQeWFHDnlAjhGrbI/g3nNMLFlhD2wDIc+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:07 2024 by rpki-client on console-ams.rpki-client.org