Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/j8fzNcveJX0e07edeOXRqgZ2Ryc.roa
File: j8fzNcveJX0e07edeOXRqgZ2Ryc.roa (raw, json)
Hash identifier: rrajiX2IAo1Gy3m0rWMzVZ5OVWDR/gPtcTJ068D2m0A=
Subject key identifier: 8F:C7:F3:35:CB:DE:25:7D:1E:D3:B7:9D:78:E5:D1:AA:06:76:47:27
Certificate issuer: /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Certificate serial: 01857079717F44581A0DB157D81169F052DC
Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/j8fzNcveJX0e07edeOXRqgZ2Ryc.roa
Signing time: Mon 02 Jan 2023 03:14:45 +0000
ROA not before: Mon 02 Jan 2023 03:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59741
IP address blocks: 185.73.240.0/24 maxlen: 24
185.73.241.0/24 maxlen: 24
45.155.78.0/24 maxlen: 24
45.155.79.0/24 maxlen: 24
45.141.52.0/22 maxlen: 24
2a05:4740::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 31 Jul 2023 12:52:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:71:7f:44:58:1a:0d:b1:57:d8:11:69:f0:52:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Validity
Not Before: Jan 2 03:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8fc7f335cbde257d1ed3b79d78e5d1aa06764727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:4a:9e:1a:66:bb:ab:24:31:91:6a:8c:eb:62:
c3:86:a9:da:d7:4a:74:39:bd:f2:2a:73:0c:65:d5:
50:cd:f1:ad:46:e8:b5:d0:a0:7b:c4:14:07:51:75:
fc:f6:32:7a:84:5f:6a:f6:96:dd:9a:3f:62:18:d5:
f2:58:38:2d:8e:0b:57:af:af:d7:54:5b:65:cd:b1:
bb:72:87:3a:e9:cb:3e:12:fc:f1:81:b9:82:70:73:
eb:42:8f:14:c4:bf:63:50:fe:f7:05:6f:17:e0:ba:
a4:14:1f:ca:26:c4:bf:dd:e1:f3:74:6e:0d:69:1f:
b5:8f:04:66:97:c9:9f:17:c1:69:5d:be:dd:45:75:
e4:30:67:f9:71:18:b8:6f:f0:40:92:d9:13:ef:80:
67:e5:d8:36:10:90:67:77:a1:f6:6e:6a:d3:44:51:
58:67:db:8d:8c:53:c0:81:ef:92:1a:f7:35:4b:5e:
a9:f6:7f:bd:6e:3b:de:75:69:50:8e:22:da:e0:1b:
d9:3e:60:e9:1b:f2:3f:99:71:bc:47:3f:d0:b1:e0:
34:95:28:1e:2c:56:61:cc:b6:7f:cb:cc:55:e0:f0:
4a:06:a3:4b:18:88:1a:60:c3:e9:20:56:56:78:b4:
8f:09:13:5f:7f:84:20:06:4f:0f:93:60:1c:77:5b:
83:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:C7:F3:35:CB:DE:25:7D:1E:D3:B7:9D:78:E5:D1:AA:06:76:47:27
X509v3 Authority Key Identifier:
keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/j8fzNcveJX0e07edeOXRqgZ2Ryc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.52.0/22
45.155.78.0/23
185.73.240.0/23
IPv6:
2a05:4740::/32
Signature Algorithm: sha256WithRSAEncryption
06:a3:1b:de:5c:0c:d9:8c:62:50:81:b4:ac:ba:2a:24:0f:85:
a0:c4:37:1d:8a:06:11:0d:9c:9e:01:f9:e6:64:11:f5:3d:e7:
5a:9c:bc:3e:32:ff:ac:e8:76:a5:b0:22:ed:1e:b0:df:aa:d6:
53:91:6f:01:b9:9b:af:9b:d3:a5:41:1e:b3:ca:bd:63:5c:95:
59:71:1d:14:98:78:67:57:62:8a:43:f4:a8:e5:bd:54:4e:d7:
19:0b:4e:3a:86:7e:82:55:63:45:89:1f:14:84:d4:f2:fa:9a:
0b:ff:07:5c:b2:43:29:b4:e1:fb:7d:ad:87:26:ca:ac:52:4e:
2a:2d:5a:ac:03:3e:37:ce:13:35:bd:03:8c:0c:41:b3:94:53:
3b:8c:6d:71:f0:ab:84:0d:89:94:db:12:22:a9:0a:3c:aa:f4:
84:a8:d7:93:6f:cc:88:df:01:de:9a:99:5f:0f:5e:5d:30:da:
db:66:db:bd:a9:39:61:6e:90:43:15:35:66:56:62:c2:52:f1:
40:1f:39:52:ae:48:4c:ea:79:ab:1a:41:71:c7:e2:ee:c9:3c:
64:72:0f:57:4e:36:f6:66:e2:f5:5f:5e:11:da:1d:b7:bc:29:
9c:a4:e3:ce:13:b1:72:26:46:85:8c:48:4c:bc:60:ce:96:d6:
c6:a5:bc:83
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVweXF/RFgaDbFX2BFp8FLcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNDc0YWM3Y2E4NWUwOWMyZDQ4YjMzZTdiZjY2ZjhlZDc2
NGRlMGYwHhcNMjMwMTAyMDMxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmM3ZjMzNWNiZGUyNTdkMWVkM2I3OWQ3OGU1ZDFhYTA2NzY0NzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUqeGma7qyQxkWqM62LDhqna10p0
Ob3yKnMMZdVQzfGtRui10KB7xBQHUXX89jJ6hF9q9pbdmj9iGNXyWDgtjgtXr6/X
VFtlzbG7coc66cs+EvzxgbmCcHPrQo8UxL9jUP73BW8X4LqkFB/KJsS/3eHzdG4N
aR+1jwRml8mfF8FpXb7dRXXkMGf5cRi4b/BAktkT74Bn5dg2EJBnd6H2bmrTRFFY
Z9uNjFPAge+SGvc1S16p9n+9bjvedWlQjiLa4BvZPmDpG/I/mXG8Rz/QseA0lSge
LFZhzLZ/y8xV4PBKBqNLGIgaYMPpIFZWeLSPCRNff4QgBk8Pk2Acd1uD7wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFI/H8zXL3iV9HtO3nXjl0aoGdkcnMB8GA1UdIwQY
MBaAFDJHSsfKheCcLUizPnv2b47XZN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzkt
MTJlYzIyYzljNWEyLzEvajhmek5jdmVKWDBlMDdlZGVPWFJxZ1oyUnljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzktMTJlYzIyYzljNWEy
LzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLY00AwQB
LZtOAwQBuUnwMA0EAgACMAcDBQAqBUdAMA0GCSqGSIb3DQEBCwUAA4IBAQAGoxve
XAzZjGJQgbSsuiokD4WgxDcdigYRDZyeAfnmZBH1PedanLw+Mv+s6HalsCLtHrDf
qtZTkW8BuZuvm9OlQR6zyr1jXJVZcR0UmHhnV2KKQ/So5b1UTtcZC046hn6CVWNF
iR8UhNTy+poL/wdcskMptOH7fa2HJsqsUk4qLVqsAz43zhM1vQOMDEGzlFM7jG1x
8KuEDYmU2xIiqQo8qvSEqNeTb8yI3wHemplfD15dMNrbZtu9qTlhbpBDFTVmVmLC
UvFAHzlSrkhM6nmrGkFxx+LuyTxkcg9XTjb2ZuL1X14R2h23vCmcpOPOE7FyJkaF
jEhMvGDOltbGpbyD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:53 2024 by rpki-client on console-fra.rpki-client.org