Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/e4912b-5484-4ac0-8768-535bf9b1e8b7/1/UZFEwNmYcX2Bop0hj76Ec6JxmNA.roa
File: UZFEwNmYcX2Bop0hj76Ec6JxmNA.roa (raw, json)
Hash identifier: PPoiYPggFkf2OsI4YKI8QxjMaTK7X49J0qc/3VRTx0k=
Subject key identifier: 51:91:44:C0:D9:98:71:7D:81:A2:9D:21:8F:BE:84:73:A2:71:98:D0
Certificate issuer: /CN=278f62f3a5f84722852fc70f052cf13dea2374d0
Certificate serial: 01877AA93350D5E351B6824364C885DA9BDB
Authority key identifier: 27:8F:62:F3:A5:F8:47:22:85:2F:C7:0F:05:2C:F1:3D:EA:23:74:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J49i86X4RyKFL8cPBSzxPeojdNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/e4912b-5484-4ac0-8768-535bf9b1e8b7/1/UZFEwNmYcX2Bop0hj76Ec6JxmNA.roa
Signing time: Thu 13 Apr 2023 12:48:41 +0000
ROA not before: Thu 13 Apr 2023 12:48:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205741
IP address blocks: 185.141.67.0/24 maxlen: 24
185.141.66.0/24 maxlen: 24
185.141.65.0/24 maxlen: 24
185.207.209.0/24 maxlen: 24
185.207.211.0/24 maxlen: 24
185.207.208.0/24 maxlen: 24
185.207.210.0/24 maxlen: 24
185.141.64.0/24 maxlen: 24
2a0b:2c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 13 Apr 2023 14:19:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7a:a9:33:50:d5:e3:51:b6:82:43:64:c8:85:da:9b:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278f62f3a5f84722852fc70f052cf13dea2374d0
Validity
Not Before: Apr 13 12:48:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=519144c0d998717d81a29d218fbe8473a27198d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:01:56:3b:f7:1d:53:24:e8:d3:e0:84:58:a6:
26:6a:88:4c:22:d1:84:f1:fe:b1:94:eb:b5:98:2e:
7a:16:3d:bb:ae:b2:23:2b:a8:8a:f3:1c:4b:65:00:
ee:fa:71:96:12:25:00:cf:76:ce:f8:e1:57:c3:cf:
82:93:54:d7:35:98:df:f6:cf:f1:84:7c:62:bb:10:
89:84:dd:1e:66:b9:1a:36:05:05:b4:5d:33:91:4f:
9b:07:7c:8b:44:94:d8:b5:68:48:ec:8a:6e:55:fc:
2d:91:47:7e:1a:4b:73:41:1c:7c:86:25:e8:53:eb:
5e:72:04:3d:d8:79:02:08:15:cc:eb:79:8b:11:b3:
bc:c2:f9:fb:79:23:5b:3d:d8:7d:47:18:19:02:66:
da:0a:13:5c:99:92:1f:34:0d:d7:8a:69:a2:6a:b9:
d5:9f:b9:cb:7d:40:07:70:de:a3:ad:ce:81:ac:f3:
38:68:d9:f8:bf:9b:38:75:30:b7:5f:d5:b9:90:5d:
91:bd:ea:76:db:6d:be:33:4e:8c:70:85:54:a3:5f:
7d:4a:b5:71:dd:e9:0b:56:fb:b9:52:dd:3a:5b:69:
b3:26:c8:26:0f:cc:3e:0b:64:ec:28:f0:da:da:44:
64:e4:5c:dc:30:93:ed:23:6b:cf:e8:a4:1e:7f:0b:
3a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:91:44:C0:D9:98:71:7D:81:A2:9D:21:8F:BE:84:73:A2:71:98:D0
X509v3 Authority Key Identifier:
keyid:27:8F:62:F3:A5:F8:47:22:85:2F:C7:0F:05:2C:F1:3D:EA:23:74:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J49i86X4RyKFL8cPBSzxPeojdNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e4912b-5484-4ac0-8768-535bf9b1e8b7/1/UZFEwNmYcX2Bop0hj76Ec6JxmNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e4912b-5484-4ac0-8768-535bf9b1e8b7/1/J49i86X4RyKFL8cPBSzxPeojdNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.64.0/22
185.207.208.0/22
IPv6:
2a0b:2c40::/29
Signature Algorithm: sha256WithRSAEncryption
04:66:ac:42:d6:20:65:3f:65:8c:de:34:83:28:64:9b:b6:a1:
f7:cd:c1:20:bf:89:5f:da:71:77:4f:d0:e6:98:95:96:54:3f:
f7:60:96:d1:a9:80:04:0e:64:08:b9:e4:be:e0:92:96:7e:c1:
52:47:0c:61:01:15:28:f5:fb:52:8d:2b:ab:5d:97:d6:8f:0e:
31:18:53:79:e7:f1:13:8f:c9:15:5e:38:a7:af:a4:70:e8:d2:
08:3a:2e:a4:ab:ff:fd:8c:8a:7c:8f:c9:03:1a:88:27:b7:ef:
6c:3e:e7:74:3c:68:f0:69:08:ec:7d:af:f2:cc:77:ea:44:04:
b7:a0:3e:0b:2a:79:bf:ee:0b:99:c7:95:2f:24:89:55:77:4f:
87:93:2b:56:fc:f3:50:75:a9:71:dc:51:5b:1f:43:60:34:5a:
2b:8c:e9:80:68:c1:62:d6:22:33:78:9f:ed:30:b2:01:6b:f4:
b0:ea:dd:ab:35:3a:0d:88:2f:f0:c6:23:ef:c9:50:3f:41:93:
7f:2c:ef:d0:41:a3:ed:86:86:b7:b8:80:5a:80:2d:dc:8f:c7:
9f:37:fc:7a:7a:db:40:77:e9:5e:3c:0d:c8:0a:b4:6b:db:33:
69:81:b2:2c:80:46:21:ba:39:21:83:4b:e0:29:a2:ee:f6:93:
78:00:f2:ac
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYd6qTNQ1eNRtoJDZMiF2pvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OGY2MmYzYTVmODQ3MjI4NTJmYzcwZjA1MmNmMTNkZWEy
Mzc0ZDAwHhcNMjMwNDEzMTI0ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTkxNDRjMGQ5OTg3MTdkODFhMjlkMjE4ZmJlODQ3M2EyNzE5OGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAFWO/cdUyTo0+CEWKYmaohMItGE
8f6xlOu1mC56Fj27rrIjK6iK8xxLZQDu+nGWEiUAz3bO+OFXw8+Ck1TXNZjf9s/x
hHxiuxCJhN0eZrkaNgUFtF0zkU+bB3yLRJTYtWhI7IpuVfwtkUd+GktzQRx8hiXo
U+tecgQ92HkCCBXM63mLEbO8wvn7eSNbPdh9RxgZAmbaChNcmZIfNA3XimmiarnV
n7nLfUAHcN6jrc6BrPM4aNn4v5s4dTC3X9W5kF2Rvep2222+M06McIVUo199SrVx
3ekLVvu5Ut06W2mzJsgmD8w+C2TsKPDa2kRk5FzcMJPtI2vP6KQefws6ywIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFGRRMDZmHF9gaKdIY++hHOicZjQMB8GA1UdIwQY
MBaAFCePYvOl+EcihS/HDwUs8T3qI3TQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjQ5aTg2WDRSeUtGTDhjUEJTenhQZW9qZE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9lNDkxMmItNTQ4NC00YWMwLTg3Njgt
NTM1YmY5YjFlOGI3LzEvVVpGRXdObVljWDJCb3AwaGo3NkVjNkp4bU5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9lNDkxMmItNTQ4NC00YWMwLTg3NjgtNTM1YmY5YjFlOGI3
LzEvSjQ5aTg2WDRSeUtGTDhjUEJTenhQZW9qZE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuY1AAwQC
uc/QMA0EAgACMAcDBQMqCyxAMA0GCSqGSIb3DQEBCwUAA4IBAQAEZqxC1iBlP2WM
3jSDKGSbtqH3zcEgv4lf2nF3T9DmmJWWVD/3YJbRqYAEDmQIueS+4JKWfsFSRwxh
ARUo9ftSjSurXZfWjw4xGFN55/ETj8kVXjinr6Rw6NIIOi6kq//9jIp8j8kDGogn
t+9sPud0PGjwaQjsfa/yzHfqRAS3oD4LKnm/7guZx5UvJIlVd0+HkytW/PNQdalx
3FFbH0NgNForjOmAaMFi1iIzeJ/tMLIBa/Sw6t2rNToNiC/wxiPvyVA/QZN/LO/Q
QaPthoa3uIBagC3cj8efN/x6ettAd+lePA3ICrRr2zNpgbIsgEYhujkhg0vgKaLu
9pN4APKs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:44 2024 by rpki-client on console-fra.rpki-client.org