Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/73d5ad-a3f2-46cb-8582-215dbc89c2b9/1/dJ2YLAEFtAkkXNIDlxEFvxao3Vg.roa
File: dJ2YLAEFtAkkXNIDlxEFvxao3Vg.roa (raw, json)
Hash identifier: vxAEP7v4lC8pV29BH/VccpAn7+cKQUrLBvNzWk96j4Y=
Subject key identifier: 74:9D:98:2C:01:05:B4:09:24:5C:D2:03:97:11:05:BF:16:A8:DD:58
Certificate issuer: /CN=5eedd6f53bcb49e4b9b0706dfd074259c9b8a408
Certificate serial: 0185723A00AE2B7C5317228C4CCA65C2FF3F
Authority key identifier: 5E:ED:D6:F5:3B:CB:49:E4:B9:B0:70:6D:FD:07:42:59:C9:B8:A4:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xu3W9TvLSeS5sHBt_QdCWcm4pAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/73d5ad-a3f2-46cb-8582-215dbc89c2b9/1/dJ2YLAEFtAkkXNIDlxEFvxao3Vg.roa
Signing time: Mon 02 Jan 2023 11:24:41 +0000
ROA not before: Mon 02 Jan 2023 11:24:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31394
IP address blocks: 185.100.240.0/22 maxlen: 22
83.137.40.0/21 maxlen: 21
2a00:11d0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:00:ae:2b:7c:53:17:22:8c:4c:ca:65:c2:ff:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eedd6f53bcb49e4b9b0706dfd074259c9b8a408
Validity
Not Before: Jan 2 11:24:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=749d982c0105b409245cd203971105bf16a8dd58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:48:3f:76:7a:9b:f9:d2:e1:60:47:d6:a3:5a:
38:a0:db:a8:7f:77:e2:fc:e9:f9:e8:a8:c1:8f:73:
13:f0:9b:50:6c:7d:18:ab:cc:c8:fc:55:92:73:65:
06:ae:ea:01:2c:69:5f:eb:47:6b:a2:74:48:29:0e:
13:84:70:fb:b6:a4:25:77:31:e7:77:8c:6e:75:10:
d9:83:00:9b:87:21:b9:4e:39:28:ac:54:00:d3:71:
79:db:e7:de:3e:c4:97:05:d3:c9:0e:48:24:15:56:
8f:f2:da:f0:ac:77:23:7f:eb:9f:4d:46:4b:cb:04:
a7:2d:e5:45:d5:6e:e8:76:60:80:28:a6:8a:b3:fb:
5d:ce:61:63:6f:a2:40:2f:61:88:87:3f:91:41:df:
8c:de:6a:19:f0:95:ea:7e:1e:91:57:df:62:09:d6:
de:f0:b3:6f:73:9c:aa:38:80:84:9d:ed:2c:04:44:
ed:81:6e:4e:56:f3:4d:0a:48:82:f8:4a:61:7b:74:
d5:8c:a8:ec:b6:fe:5f:a7:bf:50:64:b8:80:e2:4b:
2e:35:a7:21:c8:74:ca:87:88:d9:ff:8f:7b:43:9e:
d0:cd:50:1c:1e:d3:de:1b:85:09:95:3b:f3:9f:e4:
4e:17:a3:df:16:76:98:b4:81:23:fd:e4:d1:2c:9d:
28:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:9D:98:2C:01:05:B4:09:24:5C:D2:03:97:11:05:BF:16:A8:DD:58
X509v3 Authority Key Identifier:
keyid:5E:ED:D6:F5:3B:CB:49:E4:B9:B0:70:6D:FD:07:42:59:C9:B8:A4:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xu3W9TvLSeS5sHBt_QdCWcm4pAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/73d5ad-a3f2-46cb-8582-215dbc89c2b9/1/dJ2YLAEFtAkkXNIDlxEFvxao3Vg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/73d5ad-a3f2-46cb-8582-215dbc89c2b9/1/Xu3W9TvLSeS5sHBt_QdCWcm4pAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.40.0/21
185.100.240.0/22
IPv6:
2a00:11d0::/32
Signature Algorithm: sha256WithRSAEncryption
ba:37:f0:fe:28:2c:92:ef:0c:72:b4:83:ee:65:84:46:85:c7:
1a:8a:f8:b3:b1:eb:a8:0b:2b:36:80:c3:a5:f6:3a:a0:2b:9d:
0c:11:94:62:00:42:4a:44:04:ef:eb:ee:a0:a1:cc:65:78:ef:
64:22:44:6f:cb:b3:04:ed:39:8f:ec:8a:98:87:b0:fe:75:2c:
80:3e:8b:db:2c:be:96:03:13:99:ad:16:03:52:1a:b7:12:c8:
e8:0d:ae:d6:2d:a8:37:d5:3a:ef:1f:11:36:4a:93:73:8f:ad:
d4:df:7d:96:11:e8:9b:3a:a8:66:09:b0:95:b5:56:1d:ab:3a:
07:b2:2c:b3:ae:e5:a6:44:77:f4:15:87:8e:c2:01:54:eb:7c:
87:b6:54:8e:4a:34:be:8b:c0:ac:f9:1a:97:64:f4:b5:c4:56:
d9:81:d1:ca:09:b1:5e:70:5b:4f:41:0d:85:a6:c5:4e:f6:8b:
25:18:3e:fe:70:be:d8:9e:15:72:f6:58:42:b0:7e:80:ae:b6:
fb:f4:44:1a:6d:4a:4c:e7:dd:28:dd:97:4d:8b:04:85:48:60:
76:01:e8:8b:14:c6:41:11:48:26:e2:86:7e:16:92:f2:30:08:
45:c8:23:51:a9:f5:3b:a6:5c:bc:5e:b9:ef:c6:65:e7:ba:e3:
d2:61:c1:40
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyOgCuK3xTFyKMTMplwv8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZWRkNmY1M2JjYjQ5ZTRiOWIwNzA2ZGZkMDc0MjU5Yzli
OGE0MDgwHhcNMjMwMTAyMTEyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDlkOTgyYzAxMDViNDA5MjQ1Y2QyMDM5NzExMDViZjE2YThkZDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0g/dnqb+dLhYEfWo1o4oNuof3fi
/On56KjBj3MT8JtQbH0Yq8zI/FWSc2UGruoBLGlf60dronRIKQ4ThHD7tqQldzHn
d4xudRDZgwCbhyG5TjkorFQA03F52+fePsSXBdPJDkgkFVaP8trwrHcjf+ufTUZL
ywSnLeVF1W7odmCAKKaKs/tdzmFjb6JAL2GIhz+RQd+M3moZ8JXqfh6RV99iCdbe
8LNvc5yqOICEne0sBETtgW5OVvNNCkiC+Ephe3TVjKjstv5fp79QZLiA4ksuNach
yHTKh4jZ/497Q57QzVAcHtPeG4UJlTvzn+ROF6PfFnaYtIEj/eTRLJ0o8QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHSdmCwBBbQJJFzSA5cRBb8WqN1YMB8GA1UdIwQY
MBaAFF7t1vU7y0nkubBwbf0HQlnJuKQIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHUzVzlUdkxTZVM1c0hCdF9RZENXY200cEFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi83M2Q1YWQtYTNmMi00NmNiLTg1ODIt
MjE1ZGJjODljMmI5LzEvZEoyWUxBRUZ0QWtrWE5JRGx4RUZ2eGFvM1ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi83M2Q1YWQtYTNmMi00NmNiLTg1ODItMjE1ZGJjODljMmI5
LzEvWHUzVzlUdkxTZVM1c0hCdF9RZENXY200cEFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDU4koAwQC
uWTwMA0EAgACMAcDBQAqABHQMA0GCSqGSIb3DQEBCwUAA4IBAQC6N/D+KCyS7wxy
tIPuZYRGhccaivizseuoCys2gMOl9jqgK50MEZRiAEJKRATv6+6gocxleO9kIkRv
y7ME7TmP7IqYh7D+dSyAPovbLL6WAxOZrRYDUhq3EsjoDa7WLag31TrvHxE2SpNz
j63U332WEeibOqhmCbCVtVYdqzoHsiyzruWmRHf0FYeOwgFU63yHtlSOSjS+i8Cs
+RqXZPS1xFbZgdHKCbFecFtPQQ2FpsVO9oslGD7+cL7YnhVy9lhCsH6Arrb79EQa
bUpM590o3ZdNiwSFSGB2AeiLFMZBEUgm4oZ+FpLyMAhFyCNRqfU7ply8XrnvxmXn
uuPSYcFA
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:14 2024 by rpki-client on console-fra.rpki-client.org