Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/1aa69f-db55-4fba-bce9-c1ebe61549cc/1/rYKk0X0ow1650QEwD-xwSu9yegI.roa
File: rYKk0X0ow1650QEwD-xwSu9yegI.roa (raw, json)
Hash identifier: drqF+ukZVjTIPeMrspVqGpJHL8gESm6FiF5XtxIso+s=
Subject key identifier: AD:82:A4:D1:7D:28:C3:5E:B9:D1:01:30:0F:EC:70:4A:EF:72:7A:02
Certificate issuer: /CN=cc40d96242b082efe5b4f2258820b3059396198d
Certificate serial: 018570151FE6EBE55F49F699DF0284E19D07
Authority key identifier: CC:40:D9:62:42:B0:82:EF:E5:B4:F2:25:88:20:B3:05:93:96:19:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zEDZYkKwgu_ltPIliCCzBZOWGY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/1aa69f-db55-4fba-bce9-c1ebe61549cc/1/rYKk0X0ow1650QEwD-xwSu9yegI.roa
Signing time: Mon 02 Jan 2023 01:25:10 +0000
ROA not before: Mon 02 Jan 2023 01:25:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8412
IP address blocks: 81.223.0.0/16 maxlen: 17
85.124.0.0/14 maxlen: 15
213.229.0.0/18 maxlen: 19
83.64.0.0/15 maxlen: 16
195.58.160.0/19 maxlen: 20
62.99.128.0/17 maxlen: 18
91.118.0.0/15 maxlen: 16
212.41.224.0/19 maxlen: 20
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:1f:e6:eb:e5:5f:49:f6:99:df:02:84:e1:9d:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc40d96242b082efe5b4f2258820b3059396198d
Validity
Not Before: Jan 2 01:25:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad82a4d17d28c35eb9d101300fec704aef727a02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a2:59:7a:1c:0d:c8:cb:b0:f2:65:65:d6:60:
94:f3:2c:21:3e:8f:73:eb:c2:ff:de:aa:8a:f6:48:
47:2b:8f:c0:26:65:aa:58:b5:ea:3e:c0:7b:56:b2:
4b:21:e2:b6:0f:86:47:10:35:a6:19:7a:e1:0d:b5:
f6:4f:bb:9a:87:83:f7:fa:c4:40:44:6f:b4:c4:1d:
5b:65:9b:c0:d5:d4:43:ac:8b:a2:ac:15:d2:bd:55:
24:37:ea:58:37:f1:80:3d:4e:42:de:73:b8:6e:f9:
9b:33:cf:da:f1:23:84:18:97:85:a1:46:50:2b:dd:
f9:72:f8:9b:80:85:89:32:dd:11:82:95:76:2c:c8:
ba:1d:ac:73:84:70:7f:91:8b:5c:01:25:f6:9c:f9:
90:70:32:0a:ed:a4:c7:99:96:52:03:22:7d:52:5b:
4a:70:90:b8:08:06:e7:15:f8:88:02:c8:40:c7:ad:
77:95:92:c7:8c:c7:94:44:5b:e4:e1:65:eb:f9:ef:
c0:a7:bb:c5:46:13:91:d0:30:c8:72:b3:68:a4:40:
75:f3:60:73:b0:83:8b:06:ed:e8:b2:65:50:91:fa:
f8:de:3f:c6:24:9b:cd:c2:fb:c8:e7:ad:10:20:c9:
34:72:a5:f2:39:f0:bb:5d:9c:57:a8:33:f4:5a:3f:
dd:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:82:A4:D1:7D:28:C3:5E:B9:D1:01:30:0F:EC:70:4A:EF:72:7A:02
X509v3 Authority Key Identifier:
keyid:CC:40:D9:62:42:B0:82:EF:E5:B4:F2:25:88:20:B3:05:93:96:19:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zEDZYkKwgu_ltPIliCCzBZOWGY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/1aa69f-db55-4fba-bce9-c1ebe61549cc/1/rYKk0X0ow1650QEwD-xwSu9yegI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/1aa69f-db55-4fba-bce9-c1ebe61549cc/1/zEDZYkKwgu_ltPIliCCzBZOWGY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.99.128.0/17
81.223.0.0/16
83.64.0.0/15
85.124.0.0/14
91.118.0.0/15
195.58.160.0/19
212.41.224.0/19
213.229.0.0/18
Signature Algorithm: sha256WithRSAEncryption
76:e1:4f:b1:81:5d:bd:58:36:05:c1:31:0e:54:81:45:4a:9f:
52:02:f7:df:4e:07:b0:b8:82:d2:90:2b:36:5b:db:25:a7:84:
66:6a:7f:28:71:e5:11:9c:08:ec:6c:99:5f:8f:26:6e:da:4a:
c6:ab:57:5c:d1:33:80:e6:a5:26:26:63:bc:78:c6:7b:ce:6d:
72:45:cd:fa:7d:85:1f:b2:96:7c:1e:54:11:c4:50:65:79:6e:
45:e1:8c:cd:29:3a:da:6c:08:a9:f7:0a:5c:65:eb:b5:26:67:
14:7f:d4:00:60:b5:0f:79:5d:ab:80:71:6c:b9:86:7a:06:f9:
03:b5:04:27:47:2c:cc:df:6e:fe:ed:e3:20:08:ac:84:b7:c0:
89:04:77:73:13:04:37:cd:e8:41:86:78:6a:01:ce:1a:56:c3:
8f:41:d7:32:0b:d9:13:83:75:10:3c:dd:f3:ec:60:dc:0b:fb:
f4:64:ce:2f:b6:38:0d:ef:d1:02:f1:25:c1:17:7f:cb:46:31:
62:76:93:0e:b1:57:48:3e:af:32:0c:23:b1:08:91:68:07:da:
0f:59:2a:a3:05:15:67:e6:66:6d:3f:a6:f9:f3:db:d7:85:05:
74:92:19:28:e3:c6:e4:c8:ad:2f:fa:5e:4f:b9:33:0a:b7:70:
ab:da:fc:8e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVwFR/m6+VfSfaZ3wKE4Z0HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNDBkOTYyNDJiMDgyZWZlNWI0ZjIyNTg4MjBiMzA1OTM5
NjE5OGQwHhcNMjMwMTAyMDEyNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDgyYTRkMTdkMjhjMzVlYjlkMTAxMzAwZmVjNzA0YWVmNzI3YTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqJZehwNyMuw8mVl1mCU8ywhPo9z
68L/3qqK9khHK4/AJmWqWLXqPsB7VrJLIeK2D4ZHEDWmGXrhDbX2T7uah4P3+sRA
RG+0xB1bZZvA1dRDrIuirBXSvVUkN+pYN/GAPU5C3nO4bvmbM8/a8SOEGJeFoUZQ
K935cvibgIWJMt0RgpV2LMi6HaxzhHB/kYtcASX2nPmQcDIK7aTHmZZSAyJ9UltK
cJC4CAbnFfiIAshAx613lZLHjMeURFvk4WXr+e/Ap7vFRhOR0DDIcrNopEB182Bz
sIOLBu3osmVQkfr43j/GJJvNwvvI560QIMk0cqXyOfC7XZxXqDP0Wj/dvwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFK2CpNF9KMNeudEBMA/scErvcnoCMB8GA1UdIwQY
MBaAFMxA2WJCsILv5bTyJYggswWTlhmNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekVEWllrS3dndV9sdFBJbGlDQ3pCWk9XR1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8xYWE2OWYtZGI1NS00ZmJhLWJjZTkt
YzFlYmU2MTU0OWNjLzEvcllLazBYMG93MTY1MFFFd0QteHdTdTl5ZWdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8xYWE2OWYtZGI1NS00ZmJhLWJjZTktYzFlYmU2MTU0OWNj
LzEvekVEWllrS3dndV9sdFBJbGlDQ3pCWk9XR1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQHPmOAAwMA
Ud8DAwFTQAMDAlV8AwMBW3YDBAXDOqADBAXUKeADBAbV5QAwDQYJKoZIhvcNAQEL
BQADggEBAHbhT7GBXb1YNgXBMQ5UgUVKn1IC999OB7C4gtKQKzZb2yWnhGZqfyhx
5RGcCOxsmV+PJm7aSsarV1zRM4DmpSYmY7x4xnvObXJFzfp9hR+ylnweVBHEUGV5
bkXhjM0pOtpsCKn3Clxl67UmZxR/1ABgtQ95XauAcWy5hnoG+QO1BCdHLMzfbv7t
4yAIrIS3wIkEd3MTBDfN6EGGeGoBzhpWw49B1zIL2RODdRA83fPsYNwL+/Rkzi+2
OA3v0QLxJcEXf8tGMWJ2kw6xV0g+rzIMI7EIkWgH2g9ZKqMFFWfmZm0/pvnz29eF
BXSSGSjjxuTIrS/6Xk+5Mwq3cKva/I4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:03 2024 by rpki-client on console-fra.rpki-client.org