Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/RJ7PSzUFfDLLEK-NAy91xfjwfcY.roa
File: RJ7PSzUFfDLLEK-NAy91xfjwfcY.roa (raw, json)
Hash identifier: pYdzct0OQxkTZ/6x8hqs1ojqLa9rcufHw8ZeqDgSG2E=
Subject key identifier: 44:9E:CF:4B:35:05:7C:32:CB:10:AF:8D:03:2F:75:C5:F8:F0:7D:C6
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 018BDE9754D79C5B225DA8EB8D22B472DFA2
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/RJ7PSzUFfDLLEK-NAy91xfjwfcY.roa
Signing time: Fri 17 Nov 2023 18:42:21 +0000
ROA not before: Fri 17 Nov 2023 18:42:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5089
IP address blocks: 79.139.52.0/22 maxlen: 24
93.119.184.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:de:97:54:d7:9c:5b:22:5d:a8:eb:8d:22:b4:72:df:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Nov 17 18:42:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=449ecf4b35057c32cb10af8d032f75c5f8f07dc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c0:fb:4b:7c:ba:a5:cf:58:1a:09:48:b3:16:
01:bf:a9:38:8b:70:5a:e9:4d:15:68:bd:d5:47:b1:
06:a9:2c:f5:4a:e5:4c:9a:bb:99:fc:fd:d4:f2:58:
eb:7e:b3:c9:42:d1:03:90:b2:6f:62:f3:98:4c:16:
4f:8b:58:50:f3:b8:ad:90:85:79:ba:96:74:1e:5a:
e4:ff:09:3b:d9:25:5e:d0:84:bf:0d:a2:f6:7f:2f:
8f:a1:8f:7a:29:c8:46:e1:27:f3:bf:c0:45:c7:b9:
b4:fd:f4:68:59:84:b3:b0:9b:5b:de:22:7c:a2:ab:
07:03:07:3b:1b:04:68:74:9d:28:88:34:ed:67:96:
7a:cc:b1:10:ef:40:22:47:83:ca:15:bb:52:1b:9d:
a0:a1:82:37:bc:55:32:cf:6e:0b:b6:71:69:8c:59:
43:4a:e0:7b:0f:81:ed:50:ee:37:f8:f3:bd:8d:3a:
57:fd:b1:12:cb:96:94:10:12:db:f0:6f:a8:0b:b2:
c1:7c:f9:d9:0a:96:38:7a:1a:bd:f6:8f:64:fa:0b:
be:95:40:57:b3:96:2a:ff:4f:7c:73:45:63:16:62:
54:79:9d:9a:c0:01:1e:5f:29:2f:2c:0b:d6:47:3e:
a9:ad:88:72:37:f7:f0:b6:7a:e9:cc:5d:2e:13:35:
5b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:9E:CF:4B:35:05:7C:32:CB:10:AF:8D:03:2F:75:C5:F8:F0:7D:C6
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/RJ7PSzUFfDLLEK-NAy91xfjwfcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.139.52.0/22
93.119.184.0/21
Signature Algorithm: sha256WithRSAEncryption
85:e5:56:2e:c3:d5:97:f1:95:28:f3:f5:f3:95:de:c7:78:ff:
f5:74:db:52:20:81:1c:a4:c8:7a:a6:f5:ba:f4:88:4c:9e:94:
8d:f3:0e:3d:7e:57:86:b9:68:13:cf:e4:a4:94:85:e7:7f:e0:
1b:41:86:88:22:58:40:51:ef:6d:9b:f7:d0:28:f6:bc:5d:63:
6b:58:cb:2e:81:57:d2:f4:17:70:ef:c6:29:cd:27:53:28:6f:
42:33:23:4d:a4:79:00:62:58:ae:bc:b5:ac:54:1e:2c:c5:c6:
08:1a:51:12:1a:09:62:c0:db:b8:5d:75:32:d7:b0:36:52:04:
17:f4:67:5a:a3:0c:9d:89:1b:a7:a9:80:07:3e:de:ea:03:8e:
93:ec:a7:7a:97:98:df:c9:0e:0f:bc:a5:18:e9:1c:0f:3e:71:
61:bf:60:c3:12:ca:71:dd:52:ad:b8:17:8e:0e:9d:c2:68:96:
84:4c:b9:42:91:05:20:63:e9:9e:42:50:1f:88:cd:b4:05:5e:
e7:9b:16:e0:65:35:eb:14:77:a6:b0:40:87:0d:47:0b:83:48:
79:dc:fd:e2:4d:c7:6d:59:a3:ba:28:2f:6f:3c:c3:c8:c5:cd:
a6:c2:7b:96:d9:b3:f9:e1:8a:cc:65:29:e9:90:75:30:86:fc:
f4:f0:06:f8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvel1TXnFsiXajrjSK0ct+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjMxMTE3MTg0MjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDllY2Y0YjM1MDU3YzMyY2IxMGFmOGQwMzJmNzVjNWY4ZjA3ZGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcD7S3y6pc9YGglIsxYBv6k4i3Ba
6U0VaL3VR7EGqSz1SuVMmruZ/P3U8ljrfrPJQtEDkLJvYvOYTBZPi1hQ87itkIV5
upZ0Hlrk/wk72SVe0IS/DaL2fy+PoY96KchG4Sfzv8BFx7m0/fRoWYSzsJtb3iJ8
oqsHAwc7GwRodJ0oiDTtZ5Z6zLEQ70AiR4PKFbtSG52goYI3vFUyz24LtnFpjFlD
SuB7D4HtUO43+PO9jTpX/bESy5aUEBLb8G+oC7LBfPnZCpY4ehq99o9k+gu+lUBX
s5Yq/098c0VjFmJUeZ2awAEeXykvLAvWRz6prYhyN/fwtnrpzF0uEzVbSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFESez0s1BXwyyxCvjQMvdcX48H3GMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvUko3UFN6VUZmRExMRUstTkF5OTF4Zmp3ZmNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCT4s0AwQD
XXe4MA0GCSqGSIb3DQEBCwUAA4IBAQCF5VYuw9WX8ZUo8/Xzld7HeP/1dNtSIIEc
pMh6pvW69IhMnpSN8w49fleGuWgTz+SklIXnf+AbQYaIIlhAUe9tm/fQKPa8XWNr
WMsugVfS9Bdw78YpzSdTKG9CMyNNpHkAYliuvLWsVB4sxcYIGlESGgliwNu4XXUy
17A2UgQX9GdaowydiRunqYAHPt7qA46T7Kd6l5jfyQ4PvKUY6RwPPnFhv2DDEspx
3VKtuBeODp3CaJaETLlCkQUgY+meQlAfiM20BV7nmxbgZTXrFHemsECHDUcLg0h5
3P3iTcdtWaO6KC9vPMPIxc2mwnuW2bP54YrMZSnpkHUwhvz08Ab4
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:35 2024 by rpki-client on console-fra.rpki-client.org