Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/y5gOtepzWIdZ9CwON7MxMa6h-_s.roa
File: y5gOtepzWIdZ9CwON7MxMa6h-_s.roa (raw, json)
Hash identifier: U8TfdDa9NLVVITpT/L9LURM/XpQB5lOzqVbUEjZ5x6g=
Subject key identifier: CB:98:0E:B5:EA:73:58:87:59:F4:2C:0E:37:B3:31:31:AE:A1:FB:FB
Certificate issuer: /CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Certificate serial: 019102882E8D7268B76CFF3D1885AD3AF2DE
Authority key identifier: 41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/y5gOtepzWIdZ9CwON7MxMa6h-_s.roa
Signing time: Tue 30 Jul 2024 07:26:04 +0000
ROA not before: Tue 30 Jul 2024 07:26:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205516
IP address blocks: 5.35.80.0/24 maxlen: 24
5.35.81.0/24 maxlen: 24
91.218.140.0/24 maxlen: 24
91.218.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 14:53:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:02:88:2e:8d:72:68:b7:6c:ff:3d:18:85:ad:3a:f2:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Validity
Not Before: Jul 30 07:26:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb980eb5ea73588759f42c0e37b33131aea1fbfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:24:d8:61:ef:31:a1:24:bb:5b:d5:fd:bb:6f:
a8:35:50:fa:00:e6:75:9f:30:ae:e9:30:a6:35:e6:
01:95:3f:af:68:05:9c:90:6d:43:2e:7b:26:bf:a4:
ee:86:ef:ab:8a:52:9c:f9:6f:0c:49:d0:17:82:e9:
15:de:0c:c5:02:91:5b:d7:cd:a6:f7:a3:d3:1b:c6:
78:83:2b:97:1a:67:cf:0a:76:63:f0:7f:c6:e5:5b:
1d:70:dc:21:bd:f8:7f:2b:4a:55:a4:dc:f7:fa:64:
bd:37:45:34:06:84:78:a2:a2:dd:2e:5f:57:43:2b:
81:64:84:90:90:df:20:7c:c8:9b:d0:10:74:6e:7c:
ea:25:be:ce:1c:9f:1e:bf:dd:65:9a:c6:2f:97:80:
24:68:60:f6:fa:e1:19:d9:54:42:38:74:29:ff:d8:
ac:47:da:e0:da:5a:bb:3b:ae:fa:1f:d7:8a:28:6e:
16:49:fe:e6:e0:65:0e:a7:40:a7:00:94:6e:bc:e5:
16:b6:e8:22:13:40:27:ae:27:ae:91:19:08:25:01:
20:4f:5a:86:e7:51:f9:bf:10:94:b2:9d:18:f8:25:
20:2f:aa:da:b9:96:61:90:86:f4:83:aa:aa:24:67:
46:3b:43:79:ba:3b:5b:1d:dd:9d:b8:b2:9b:6f:ae:
92:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:98:0E:B5:EA:73:58:87:59:F4:2C:0E:37:B3:31:31:AE:A1:FB:FB
X509v3 Authority Key Identifier:
keyid:41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/y5gOtepzWIdZ9CwON7MxMa6h-_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.80.0/23
91.218.140.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:b1:21:c6:88:6a:e6:db:f5:e2:a1:22:2f:4b:69:c9:b4:06:
d0:59:1e:e4:d7:cf:62:1c:6f:ff:4a:7f:98:9f:7e:b3:2f:54:
2e:c8:4f:cf:50:af:fe:b9:8a:ab:4f:d3:f4:a4:52:0e:1f:ac:
be:b2:1a:ae:85:fc:c8:7e:e5:5a:76:3b:cd:1b:07:25:d6:67:
c5:1f:46:ce:fc:e4:75:35:4b:d5:93:27:59:77:0a:4d:55:23:
2d:38:6f:e4:95:2b:93:42:b3:5e:51:86:83:83:c1:aa:da:74:
d5:19:00:81:d1:7d:8a:0d:6a:28:18:ef:8e:e3:7a:35:49:1e:
a8:69:29:6a:03:f1:4a:87:c9:fd:93:73:b3:b6:37:e1:97:44:
9d:a1:e0:78:bf:b6:8a:2d:bb:f1:a8:d2:b3:ee:9c:8a:0f:4a:
5a:36:a6:99:7a:50:ee:e1:94:37:58:00:6a:d3:64:c1:b5:e7:
bd:b7:78:6d:42:2d:ea:19:63:7e:53:99:fa:5e:03:32:fb:5c:
81:c6:0f:5a:09:5f:b6:f0:c1:9a:f0:9a:e1:76:d1:b8:01:87:
55:34:88:10:d1:07:1d:8d:10:d9:ff:72:72:57:9d:bc:aa:5d:
57:de:23:3a:12:f9:0d:39:7e:b2:de:dd:b5:16:ca:58:b3:3c:
d8:bd:21:20
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZECiC6Ncmi3bP89GIWtOvLeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzNlZWI4ZDAyZjVmNjQ3ODhiM2ZkYzc4ZDZiYWI4YTU1
ZmQxNmEwHhcNMjQwNzMwMDcyNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjk4MGViNWVhNzM1ODg3NTlmNDJjMGUzN2IzMzEzMWFlYTFmYmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCTYYe8xoSS7W9X9u2+oNVD6AOZ1
nzCu6TCmNeYBlT+vaAWckG1DLnsmv6Tuhu+rilKc+W8MSdAXgukV3gzFApFb182m
96PTG8Z4gyuXGmfPCnZj8H/G5VsdcNwhvfh/K0pVpNz3+mS9N0U0BoR4oqLdLl9X
QyuBZISQkN8gfMib0BB0bnzqJb7OHJ8ev91lmsYvl4AkaGD2+uEZ2VRCOHQp/9is
R9rg2lq7O676H9eKKG4WSf7m4GUOp0CnAJRuvOUWtugiE0AnrieukRkIJQEgT1qG
51H5vxCUsp0Y+CUgL6rauZZhkIb0g6qqJGdGO0N5ujtbHd2duLKbb66StQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMuYDrXqc1iHWfQsDjezMTGuofv7MB8GA1UdIwQY
MBaAFEFz7rjQL19keIs/3HjWurilX9FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmIt
ZDgzZWQxNDBkMjhkLzEveTVnT3RlcHpXSWRaOUN3T043TXhNYTZoLV9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmItZDgzZWQxNDBkMjhk
LzEvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBSNQAwQB
W9qMMA0GCSqGSIb3DQEBCwUAA4IBAQA7sSHGiGrm2/XioSIvS2nJtAbQWR7k189i
HG//Sn+Yn36zL1QuyE/PUK/+uYqrT9P0pFIOH6y+shquhfzIfuVadjvNGwcl1mfF
H0bO/OR1NUvVkydZdwpNVSMtOG/klSuTQrNeUYaDg8Gq2nTVGQCB0X2KDWooGO+O
43o1SR6oaSlqA/FKh8n9k3Oztjfhl0SdoeB4v7aKLbvxqNKz7pyKD0paNqaZelDu
4ZQ3WABq02TBtee9t3htQi3qGWN+U5n6XgMy+1yBxg9aCV+28MGa8JrhdtG4AYdV
NIgQ0QcdjRDZ/3JyV528ql1X3iM6EvkNOX6y3t21FspYszzYvSEg
-----END CERTIFICATE-----
Generated at Tue Aug 13 17:04:47 2024 by rpki-client on console-fra.rpki-client.org