Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/84s1_mTk4Xx4GPj5sCuuAeIq35s.roa
File: 84s1_mTk4Xx4GPj5sCuuAeIq35s.roa (raw, json)
Hash identifier: CfQcRyIyOuzBfam3Dm/Pw6FifZ+KKLgVVPQ4lw5gbhg=
Subject key identifier: F3:8B:35:FE:64:E4:E1:7C:78:18:F8:F9:B0:2B:AE:01:E2:2A:DF:9B
Certificate issuer: /CN=785b490d766f4b1c211d7dadd6efa770f6eb9e25
Certificate serial: 0185708CD4FEA7B78AE4386A2112E647849D
Authority key identifier: 78:5B:49:0D:76:6F:4B:1C:21:1D:7D:AD:D6:EF:A7:70:F6:EB:9E:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/84s1_mTk4Xx4GPj5sCuuAeIq35s.roa
Signing time: Mon 02 Jan 2023 03:35:55 +0000
ROA not before: Mon 02 Jan 2023 03:35:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41275
IP address blocks: 89.207.216.0/21 maxlen: 21
89.207.221.0/24 maxlen: 24
185.136.76.0/22 maxlen: 22
62.217.184.0/21 maxlen: 21
185.155.17.0/24 maxlen: 24
185.155.18.0/23 maxlen: 23
95.131.144.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 14 Nov 2023 16:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:d4:fe:a7:b7:8a:e4:38:6a:21:12:e6:47:84:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=785b490d766f4b1c211d7dadd6efa770f6eb9e25
Validity
Not Before: Jan 2 03:35:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f38b35fe64e4e17c7818f8f9b02bae01e22adf9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3c:a2:95:d4:6c:38:2b:b2:4e:14:8a:0c:55:
72:cc:9f:0b:54:cd:e0:1a:3c:59:9a:d1:20:ab:e6:
39:9c:4f:b4:38:ea:53:29:86:84:15:61:20:da:78:
bd:45:eb:7f:1b:20:6b:a8:11:d6:68:8d:49:30:e5:
bf:c3:20:ed:a9:f2:a8:6e:74:10:2f:16:2b:47:ed:
7d:73:b9:28:3a:ea:34:60:e8:b0:c3:32:73:25:2a:
12:aa:ae:52:a5:97:5d:00:ca:f9:36:52:68:43:0b:
84:7c:f3:4a:68:22:ef:92:f8:f7:2f:ee:3f:1c:26:
3a:99:6c:1c:37:24:55:b8:3d:f2:b5:62:1d:3b:66:
96:2a:01:97:b7:c0:42:8b:4c:f5:34:8b:e0:4c:45:
75:7d:9e:af:bf:be:67:4d:d7:e2:2b:fa:a2:9f:6f:
4d:ac:c8:ee:06:91:e3:e1:86:06:5b:97:e0:e8:97:
7a:b6:ad:6f:ef:8e:b5:a5:e8:5f:f5:8d:31:6d:49:
b6:a0:60:5d:87:11:45:4c:ae:98:2f:0c:1a:9f:a8:
5c:62:35:7d:11:c4:24:93:64:4f:4d:82:d0:09:a2:
8b:92:69:af:45:ee:90:ba:62:45:cd:0e:8b:67:6a:
c1:31:bf:59:d7:7f:0c:93:bf:e0:eb:6c:f2:50:cd:
b8:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:8B:35:FE:64:E4:E1:7C:78:18:F8:F9:B0:2B:AE:01:E2:2A:DF:9B
X509v3 Authority Key Identifier:
keyid:78:5B:49:0D:76:6F:4B:1C:21:1D:7D:AD:D6:EF:A7:70:F6:EB:9E:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/84s1_mTk4Xx4GPj5sCuuAeIq35s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/eFtJDXZvSxwhHX2t1u-ncPbrniU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.217.184.0/21
89.207.216.0/21
95.131.144.0/21
185.136.76.0/22
185.155.17.0-185.155.19.255
Signature Algorithm: sha256WithRSAEncryption
4a:91:08:94:26:92:da:09:9d:8e:f0:62:25:3f:81:f5:c9:bf:
d3:4a:e4:cd:dc:81:94:df:36:f5:64:24:4e:2d:dd:f1:05:1b:
ea:59:67:19:19:10:26:65:77:24:71:0b:8a:89:8a:0b:fa:36:
6c:73:61:37:32:ad:0e:f4:51:b9:f8:09:27:21:f4:18:5d:11:
4f:a9:c0:22:30:ee:f8:37:6e:20:39:d7:18:b4:db:73:28:c7:
13:36:7e:22:2b:7f:29:f3:51:5e:3f:5e:c0:46:28:3c:bc:4d:
7a:06:27:80:d3:ed:d9:0c:16:4a:f9:b3:58:ad:15:06:72:17:
02:5f:93:0f:b4:bd:da:64:a8:e1:6c:44:a9:6c:49:36:7e:64:
21:36:ef:ff:d9:f3:94:29:62:8b:8f:2b:17:d1:84:78:71:7a:
ec:b3:e9:b7:40:ff:3e:08:02:f0:44:d7:46:1d:a2:b1:6d:ab:
e1:76:9c:40:65:9c:98:70:3f:4c:62:f7:b3:10:17:63:f4:55:
2a:ed:aa:98:a0:7d:91:90:3d:b8:90:44:c7:40:3b:67:b1:c6:
43:57:61:1f:46:18:cf:31:2a:8c:6f:56:b3:1a:28:dd:9e:59:
5e:d6:6d:a4:51:ce:fb:b6:88:1c:8c:bc:44:d4:22:82:9a:96:
04:c7:6d:85
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVwjNT+p7eK5DhqIRLmR4SdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NWI0OTBkNzY2ZjRiMWMyMTFkN2RhZGQ2ZWZhNzcwZjZl
YjllMjUwHhcNMjMwMTAyMDMzNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzhiMzVmZTY0ZTRlMTdjNzgxOGY4ZjliMDJiYWUwMWUyMmFkZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDyildRsOCuyThSKDFVyzJ8LVM3g
GjxZmtEgq+Y5nE+0OOpTKYaEFWEg2ni9Ret/GyBrqBHWaI1JMOW/wyDtqfKobnQQ
LxYrR+19c7koOuo0YOiwwzJzJSoSqq5SpZddAMr5NlJoQwuEfPNKaCLvkvj3L+4/
HCY6mWwcNyRVuD3ytWIdO2aWKgGXt8BCi0z1NIvgTEV1fZ6vv75nTdfiK/qin29N
rMjuBpHj4YYGW5fg6Jd6tq1v7461pehf9Y0xbUm2oGBdhxFFTK6YLwwan6hcYjV9
EcQkk2RPTYLQCaKLkmmvRe6QumJFzQ6LZ2rBMb9Z138Mk7/g62zyUM24DQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPOLNf5k5OF8eBj4+bArrgHiKt+bMB8GA1UdIwQY
MBaAFHhbSQ12b0scIR19rdbvp3D2654lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUZ0SkRYWnZTeHdoSFgydDF1LW5jUGJybmlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZjM0M2QtOWI0Mi00NGI0LTkwNjct
N2NhZTA0MGU0OWU4LzEvODRzMV9tVGs0WHg0R1BqNXNDdXVBZUlxMzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81ZjM0M2QtOWI0Mi00NGI0LTkwNjctN2NhZTA0MGU0OWU4
LzEvZUZ0SkRYWnZTeHdoSFgydDF1LW5jUGJybmlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQDPtm4AwQD
Wc/YAwQDX4OQAwQCuYhMMAwDBAC5mxEDBAK5mxAwDQYJKoZIhvcNAQELBQADggEB
AEqRCJQmktoJnY7wYiU/gfXJv9NK5M3cgZTfNvVkJE4t3fEFG+pZZxkZECZldyRx
C4qJigv6NmxzYTcyrQ70Ubn4CSch9BhdEU+pwCIw7vg3biA51xi023MoxxM2fiIr
fynzUV4/XsBGKDy8TXoGJ4DT7dkMFkr5s1itFQZyFwJfkw+0vdpkqOFsRKlsSTZ+
ZCE27//Z85QpYouPKxfRhHhxeuyz6bdA/z4IAvBE10YdorFtq+F2nEBlnJhwP0xi
97MQF2P0VSrtqpigfZGQPbiQRMdAO2exxkNXYR9GGM8xKoxvVrMaKN2eWV7WbaRR
zvu2iByMvETUIoKalgTHbYU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:55 2024 by rpki-client on console-ams.rpki-client.org