Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/fUyTx6GJtUBzGNpLlSrpCx64zvM.roa
File: fUyTx6GJtUBzGNpLlSrpCx64zvM.roa (raw, json)
Hash identifier: hnEzqobS2QX9EgZGa/QRZHSZCsxnMyZBAxPo9kXPPo8=
Subject key identifier: 7D:4C:93:C7:A1:89:B5:40:73:18:DA:4B:95:2A:E9:0B:1E:B8:CE:F3
Certificate issuer: /CN=d535f8fac7062f77f24b98cd5c3b54a89bad4838
Certificate serial: 0185710BF6AEF54CE72390CB4F13B9B4F6DD
Authority key identifier: D5:35:F8:FA:C7:06:2F:77:F2:4B:98:CD:5C:3B:54:A8:9B:AD:48:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TX4-scGL3fyS5jNXDtUqJutSDg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/fUyTx6GJtUBzGNpLlSrpCx64zvM.roa
Signing time: Mon 02 Jan 2023 05:54:47 +0000
ROA not before: Mon 02 Jan 2023 05:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200561
IP address blocks: 185.79.24.0/22 maxlen: 22
185.79.24.0/24 maxlen: 24
185.79.25.0/24 maxlen: 24
185.175.29.0/24 maxlen: 24
185.175.28.0/24 maxlen: 24
185.175.28.0/22 maxlen: 24
2a0b:cb00::/29 maxlen: 29
2a03:20::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0b:f6:ae:f5:4c:e7:23:90:cb:4f:13:b9:b4:f6:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d535f8fac7062f77f24b98cd5c3b54a89bad4838
Validity
Not Before: Jan 2 05:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d4c93c7a189b5407318da4b952ae90b1eb8cef3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:52:cb:ab:4b:36:46:6e:1d:74:8d:88:54:4d:
42:96:c7:f5:14:a2:2a:34:ef:48:35:0f:3b:40:ec:
dd:86:41:40:db:84:79:47:58:c0:f4:1d:c4:01:2b:
4e:20:dc:f4:08:44:be:24:ee:58:49:bd:d1:a6:84:
f7:28:07:f6:bc:02:9a:61:ae:bc:9c:64:13:42:f3:
73:2f:dc:b1:a5:8f:a6:59:d1:7f:b1:da:8c:7e:43:
ab:a7:f4:5d:1c:f6:b0:19:f5:c8:21:e6:84:58:78:
4e:0f:84:be:90:52:c9:dd:dc:ec:c4:da:3b:ad:16:
84:4f:ec:96:1a:26:3f:93:00:eb:22:16:38:0d:9b:
36:fa:d8:17:10:00:b8:02:cc:a3:44:f8:e0:0f:3b:
6a:e6:9a:d2:41:6a:33:d5:d8:03:8b:be:19:76:a8:
61:f5:d2:9b:54:d0:92:a3:89:aa:3e:df:52:2c:cd:
48:66:ff:50:7e:30:8d:98:a8:fd:b9:2f:61:c0:ec:
f3:24:28:36:3a:1c:44:55:03:74:3c:e7:d7:6b:2b:
5b:b5:4b:f6:6b:a5:b7:06:8a:f2:9e:4b:b3:c6:54:
94:00:df:2d:4c:b1:4c:c0:d0:31:53:40:23:6e:69:
11:c0:41:ee:76:b0:d7:06:5e:60:4d:72:d9:74:b1:
48:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:4C:93:C7:A1:89:B5:40:73:18:DA:4B:95:2A:E9:0B:1E:B8:CE:F3
X509v3 Authority Key Identifier:
keyid:D5:35:F8:FA:C7:06:2F:77:F2:4B:98:CD:5C:3B:54:A8:9B:AD:48:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TX4-scGL3fyS5jNXDtUqJutSDg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/fUyTx6GJtUBzGNpLlSrpCx64zvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/1TX4-scGL3fyS5jNXDtUqJutSDg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.24.0/22
185.175.28.0/22
IPv6:
2a03:20::/32
2a0b:cb00::/29
Signature Algorithm: sha256WithRSAEncryption
77:55:83:f1:0c:a6:83:52:95:a3:5a:ce:49:f8:9c:fc:8b:53:
e3:e8:ad:11:71:5a:b6:bb:c0:bb:f7:3e:3e:87:10:1f:8a:a5:
2d:c6:9e:aa:0b:14:68:b2:b7:74:6f:72:c9:0b:e0:94:9d:77:
d5:a4:19:81:c2:e4:e2:1f:b7:a2:4e:2f:9e:d6:26:f0:95:3c:
ef:b6:b3:84:b5:48:8e:1e:be:5f:c3:75:99:b3:4e:32:7f:b7:
af:13:3d:9a:f6:5e:f1:20:cd:5b:17:a2:f2:64:9d:b1:7d:b9:
c8:e9:8f:28:18:6c:59:d1:7b:e4:7c:22:78:29:03:a2:88:bb:
7d:8a:5c:78:6c:d0:08:7a:d1:d4:b5:e2:94:bc:c6:8e:a6:a4:
41:3a:5e:e7:25:9c:2a:08:1e:9a:ee:e3:b4:c6:32:8e:e8:a8:
39:d0:dc:0b:c5:4d:fd:8c:3a:da:5b:54:c2:c3:9a:12:06:3a:
e2:a2:5f:47:45:bf:1c:66:b5:2c:bb:c8:c7:c9:41:ee:a8:3b:
26:d3:0d:25:98:4a:66:be:a0:3e:e7:cb:83:c4:67:33:e2:30:
25:53:e1:1c:fe:64:ce:16:36:79:2a:ab:b9:82:a0:de:73:a8:
fe:19:d3:e1:c2:eb:9b:70:ac:75:e7:5b:c4:55:47:eb:00:5b:
83:b2:5b:41
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVxC/au9UznI5DLTxO5tPbdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MzVmOGZhYzcwNjJmNzdmMjRiOThjZDVjM2I1NGE4OWJh
ZDQ4MzgwHhcNMjMwMTAyMDU1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDRjOTNjN2ExODliNTQwNzMxOGRhNGI5NTJhZTkwYjFlYjhjZWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1LLq0s2Rm4ddI2IVE1Clsf1FKIq
NO9INQ87QOzdhkFA24R5R1jA9B3EAStOINz0CES+JO5YSb3RpoT3KAf2vAKaYa68
nGQTQvNzL9yxpY+mWdF/sdqMfkOrp/RdHPawGfXIIeaEWHhOD4S+kFLJ3dzsxNo7
rRaET+yWGiY/kwDrIhY4DZs2+tgXEAC4AsyjRPjgDztq5prSQWoz1dgDi74Zdqhh
9dKbVNCSo4mqPt9SLM1IZv9QfjCNmKj9uS9hwOzzJCg2OhxEVQN0POfXaytbtUv2
a6W3BorynkuzxlSUAN8tTLFMwNAxU0AjbmkRwEHudrDXBl5gTXLZdLFIvQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFH1Mk8ehibVAcxjaS5Uq6QseuM7zMB8GA1UdIwQY
MBaAFNU1+PrHBi938kuYzVw7VKibrUg4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVRYNC1zY0dMM2Z5UzVqTlhEdFVxSnV0U0RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8wOTdkYTEtN2NjOS00MzQzLTgwMjQt
YjMxMGQ3MWMyY2FkLzEvZlV5VHg2R0p0VUJ6R05wTGxTcnBDeDY0enZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8wOTdkYTEtN2NjOS00MzQzLTgwMjQtYjMxMGQ3MWMyY2Fk
LzEvMVRYNC1zY0dMM2Z5UzVqTlhEdFVxSnV0U0RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuU8YAwQC
ua8cMBQEAgACMA4DBQAqAwAgAwUDKgvLADANBgkqhkiG9w0BAQsFAAOCAQEAd1WD
8Qymg1KVo1rOSfic/ItT4+itEXFatrvAu/c+PocQH4qlLcaeqgsUaLK3dG9yyQvg
lJ131aQZgcLk4h+3ok4vntYm8JU877azhLVIjh6+X8N1mbNOMn+3rxM9mvZe8SDN
Wxei8mSdsX25yOmPKBhsWdF75HwieCkDooi7fYpceGzQCHrR1LXilLzGjqakQTpe
5yWcKggemu7jtMYyjuioOdDcC8VN/Yw62ltUwsOaEgY64qJfR0W/HGa1LLvIx8lB
7qg7JtMNJZhKZr6gPufLg8RnM+IwJVPhHP5kzhY2eSqruYKg3nOo/hnT4cLrm3Cs
dedbxFVH6wBbg7JbQQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:23 2024 by rpki-client on console-ams.rpki-client.org