Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/9FkUfgdV8twpsXyaRVRDFDNLaZw.roa
File: 9FkUfgdV8twpsXyaRVRDFDNLaZw.roa (raw, json)
Hash identifier: PB1zt+ww193GZCS1Hd1VYr+JUqQ/gKQLIywPwE4Qx6A=
Subject key identifier: F4:59:14:7E:07:55:F2:DC:29:B1:7C:9A:45:54:43:14:33:4B:69:9C
Certificate issuer: /CN=785b490d766f4b1c211d7dadd6efa770f6eb9e25
Certificate serial: 018BCE90CBDCD16FD3C08604A0F085FDFE3F
Authority key identifier: 78:5B:49:0D:76:6F:4B:1C:21:1D:7D:AD:D6:EF:A7:70:F6:EB:9E:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/9FkUfgdV8twpsXyaRVRDFDNLaZw.roa
Signing time: Tue 14 Nov 2023 16:01:17 +0000
ROA not before: Tue 14 Nov 2023 16:01:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41275
IP address blocks: 89.207.216.0/21 maxlen: 21
89.207.221.0/24 maxlen: 24
185.136.76.0/22 maxlen: 22
62.217.184.0/21 maxlen: 21
5.35.112.0/22 maxlen: 22
185.155.17.0/24 maxlen: 24
185.155.18.0/23 maxlen: 23
95.131.144.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ce:90:cb:dc:d1:6f:d3:c0:86:04:a0:f0:85:fd:fe:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=785b490d766f4b1c211d7dadd6efa770f6eb9e25
Validity
Not Before: Nov 14 16:01:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f459147e0755f2dc29b17c9a45544314334b699c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:dd:fa:2c:ff:a6:d8:2b:7d:c7:0a:7a:39:f9:
4b:fc:e9:77:6b:a9:15:46:d1:03:4a:80:6c:5b:65:
fc:d7:3c:ae:22:c8:43:df:d6:5e:15:84:cb:c5:1c:
67:f7:1f:8f:e5:be:50:38:05:47:2a:46:45:44:85:
c4:be:28:62:59:cd:22:6d:b1:cd:2d:ff:58:59:50:
50:b5:12:d1:cc:c5:94:f2:52:f6:48:d7:3a:48:01:
83:7b:78:b7:16:01:f8:49:73:f4:66:dd:46:eb:96:
90:0d:3c:f5:4b:68:bc:d1:56:ef:b1:b7:b0:9b:dc:
4c:71:98:e2:fc:73:59:79:ea:c8:d6:e2:e1:52:ac:
25:75:b6:c0:24:94:2b:23:a5:7a:98:94:f5:97:e4:
42:26:30:4e:d6:fe:0a:27:2d:04:4a:1a:f6:de:a3:
b6:72:27:7c:b9:a1:81:34:95:99:40:3a:a7:52:be:
42:be:68:7b:21:27:9b:3f:26:40:15:77:49:4f:d6:
09:90:67:ca:39:27:58:07:2b:09:a8:9b:91:7c:74:
4c:b2:27:29:85:81:87:e7:c7:42:04:c4:3a:82:8f:
be:00:d0:67:d3:0a:c4:14:d9:77:31:df:d1:52:b4:
6d:42:46:3c:ec:85:89:ad:d0:6a:53:ed:01:02:8a:
83:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:59:14:7E:07:55:F2:DC:29:B1:7C:9A:45:54:43:14:33:4B:69:9C
X509v3 Authority Key Identifier:
keyid:78:5B:49:0D:76:6F:4B:1C:21:1D:7D:AD:D6:EF:A7:70:F6:EB:9E:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/9FkUfgdV8twpsXyaRVRDFDNLaZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/eFtJDXZvSxwhHX2t1u-ncPbrniU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.112.0/22
62.217.184.0/21
89.207.216.0/21
95.131.144.0/21
185.136.76.0/22
185.155.17.0-185.155.19.255
Signature Algorithm: sha256WithRSAEncryption
91:6c:5a:58:32:68:95:c4:8d:6c:a6:ec:a4:99:3a:5d:a0:d4:
21:9e:0d:e0:4a:b8:5f:5b:51:d6:7f:8e:f4:e6:5c:05:ea:a5:
00:e6:ec:dd:e5:74:5e:5f:70:10:c0:6a:0b:ff:92:fa:8f:ce:
b9:90:8a:7b:46:b9:53:43:4f:36:63:48:32:ab:18:5f:95:fc:
5c:83:1d:77:a4:44:f0:4e:a3:ab:f9:12:e0:a1:f4:6c:58:45:
d2:b8:ff:d1:e2:ba:a1:c9:df:92:e2:2d:9e:2b:92:09:38:96:
a8:27:b6:0f:5a:8d:a6:70:ea:6d:e6:b2:e1:05:9e:13:af:2a:
2f:1e:f1:8e:34:1e:f0:85:a5:c3:30:4a:70:69:77:d1:27:f7:
ab:6a:a7:de:1a:95:a2:f9:06:86:a3:7e:89:a6:50:85:b5:b5:
42:40:9e:39:87:42:57:4c:48:d5:d5:28:ea:b6:cf:6f:b2:40:
57:83:7e:57:50:20:ff:9b:5f:58:09:a1:db:05:14:6f:54:96:
40:e6:0f:69:e3:8e:54:5f:3f:90:0f:f2:39:13:6f:95:a5:69:
7a:20:e2:56:ba:7c:e6:26:68:65:b1:aa:00:7e:fe:d8:84:f7:
c1:86:85:26:9b:c6:b9:ea:ef:a4:f5:94:83:63:fa:3d:4b:50:
ee:7e:3b:89
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYvOkMvc0W/TwIYEoPCF/f4/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NWI0OTBkNzY2ZjRiMWMyMTFkN2RhZGQ2ZWZhNzcwZjZl
YjllMjUwHhcNMjMxMTE0MTYwMTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDU5MTQ3ZTA3NTVmMmRjMjliMTdjOWE0NTU0NDMxNDMzNGI2OTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmt36LP+m2Ct9xwp6OflL/Ol3a6kV
RtEDSoBsW2X81zyuIshD39ZeFYTLxRxn9x+P5b5QOAVHKkZFRIXEvihiWc0ibbHN
Lf9YWVBQtRLRzMWU8lL2SNc6SAGDe3i3FgH4SXP0Zt1G65aQDTz1S2i80Vbvsbew
m9xMcZji/HNZeerI1uLhUqwldbbAJJQrI6V6mJT1l+RCJjBO1v4KJy0EShr23qO2
cid8uaGBNJWZQDqnUr5Cvmh7ISebPyZAFXdJT9YJkGfKOSdYBysJqJuRfHRMsicp
hYGH58dCBMQ6go++ANBn0wrEFNl3Md/RUrRtQkY87IWJrdBqU+0BAoqD0wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFPRZFH4HVfLcKbF8mkVUQxQzS2mcMB8GA1UdIwQY
MBaAFHhbSQ12b0scIR19rdbvp3D2654lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUZ0SkRYWnZTeHdoSFgydDF1LW5jUGJybmlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZjM0M2QtOWI0Mi00NGI0LTkwNjct
N2NhZTA0MGU0OWU4LzEvOUZrVWZnZFY4dHdwc1h5YVJWUkRGRE5MYVp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81ZjM0M2QtOWI0Mi00NGI0LTkwNjctN2NhZTA0MGU0OWU4
LzEvZUZ0SkRYWnZTeHdoSFgydDF1LW5jUGJybmlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCBSNwAwQD
Ptm4AwQDWc/YAwQDX4OQAwQCuYhMMAwDBAC5mxEDBAK5mxAwDQYJKoZIhvcNAQEL
BQADggEBAJFsWlgyaJXEjWym7KSZOl2g1CGeDeBKuF9bUdZ/jvTmXAXqpQDm7N3l
dF5fcBDAagv/kvqPzrmQintGuVNDTzZjSDKrGF+V/FyDHXekRPBOo6v5EuCh9GxY
RdK4/9HiuqHJ35LiLZ4rkgk4lqgntg9ajaZw6m3msuEFnhOvKi8e8Y40HvCFpcMw
SnBpd9En96tqp94alaL5BoajfommUIW1tUJAnjmHQldMSNXVKOq2z2+yQFeDfldQ
IP+bX1gJodsFFG9UlkDmD2njjlRfP5AP8jkTb5WlaXog4la6fOYmaGWxqgB+/tiE
98GGhSabxrnq76T1lINj+j1LUO5+O4k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:01 2024 by rpki-client on console-fra.rpki-client.org