Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/ek4X1IP-X78ia7JiHx2dQmPOYjI.roa
File: ek4X1IP-X78ia7JiHx2dQmPOYjI.roa (raw, json)
Hash identifier: WMTCLn0AJFnkt4HDnBP+IkrragxJ9422M5czEoBgtK4=
Subject key identifier: 7A:4E:17:D4:83:FE:5F:BF:22:6B:B2:62:1F:1D:9D:42:63:CE:62:32
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 01911091A1020388E1944F963E7AB7BC9AD2
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/ek4X1IP-X78ia7JiHx2dQmPOYjI.roa
Signing time: Fri 02 Aug 2024 00:51:05 +0000
ROA not before: Fri 02 Aug 2024 00:51:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 393427
IP address blocks: 5.35.192.0/21 maxlen: 24
85.204.160.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Aug 2024 06:23:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:10:91:a1:02:03:88:e1:94:4f:96:3e:7a:b7:bc:9a:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Aug 2 00:51:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a4e17d483fe5fbf226bb2621f1d9d4263ce6232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:59:be:a0:b4:db:81:2c:ec:35:15:d2:44:97:
b4:f4:41:5b:ec:84:65:45:02:c3:2e:60:c1:bd:8f:
dd:09:4e:93:1f:3c:e6:d8:2e:5c:e6:8b:25:82:a6:
83:24:67:6c:24:2a:52:7c:3b:24:be:ec:e1:c9:61:
84:e6:75:5d:bc:d3:f6:3b:4f:5a:d0:14:11:ce:ae:
49:24:15:72:f1:c2:5b:0f:d0:2a:8e:90:59:48:a8:
3e:99:30:4b:22:23:25:a3:3b:85:9f:33:c2:67:36:
95:a4:c8:56:bd:96:03:9a:36:54:84:7b:02:3f:3f:
4e:c5:39:3c:bb:9c:fd:b4:a5:17:58:9b:e7:c1:cc:
ba:44:a5:9e:34:91:15:df:e9:74:dd:1e:35:15:43:
18:0b:72:2d:46:44:2f:17:e5:5b:d5:ba:2b:64:43:
35:9d:ca:15:48:32:52:d4:b3:00:fe:53:eb:8d:5f:
c0:c4:94:57:52:cd:a1:59:e5:24:18:8c:af:af:a6:
ae:f5:7c:1f:c2:d1:f9:0e:f1:cc:15:8b:ff:e4:2b:
d3:a0:e4:81:f5:7b:23:95:06:ca:cd:5b:30:ce:2d:
48:80:29:d3:b6:0a:17:6d:35:c1:48:6a:1d:77:ab:
d8:78:dd:34:83:b4:02:c5:fa:6f:c8:8f:1a:21:3a:
d9:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:4E:17:D4:83:FE:5F:BF:22:6B:B2:62:1F:1D:9D:42:63:CE:62:32
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/ek4X1IP-X78ia7JiHx2dQmPOYjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.192.0/21
85.204.160.0/22
Signature Algorithm: sha256WithRSAEncryption
50:59:08:ef:ea:73:3a:a9:e0:1b:6b:f0:4c:cd:63:bf:b7:47:
2c:fb:04:d0:c6:b5:10:a2:27:e1:53:fc:06:a0:92:0d:a3:a4:
1b:ec:f4:99:59:ef:e3:42:e0:f8:47:31:e2:10:7a:ee:18:95:
f3:73:c3:9a:ca:4c:a0:47:3a:19:fd:c7:8e:22:95:fd:b6:b3:
d2:9a:c1:16:2a:0c:21:12:c4:e2:6a:a9:1d:75:a7:d0:d3:e2:
6b:9a:77:92:85:33:52:19:3d:a5:71:10:93:a9:a5:81:11:15:
a9:43:e7:d4:a7:99:e5:99:8e:7b:ea:50:b4:e8:cf:53:93:72:
30:dc:a7:83:6b:f6:a7:4b:19:b0:56:95:61:56:9d:ff:5d:e4:
27:f0:f8:7a:83:9a:df:69:e7:0a:62:62:3f:8a:dc:88:10:2a:
90:f8:cd:4b:b5:62:fb:54:21:ee:2a:bb:8c:2a:7c:f6:57:93:
ea:51:e0:c2:94:17:f8:d7:14:5e:49:93:16:5e:8b:0a:fb:eb:
1a:e3:04:94:87:3b:26:42:1a:0b:8b:21:ad:ff:b8:b2:b9:6f:
b7:41:93:ea:21:10:0c:b4:a9:dc:3c:49:be:b8:33:92:0d:62:
58:67:bc:9f:95:6f:6e:76:58:4f:6d:5d:d8:86:85:48:a0:70:
f4:32:98:be
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZEQkaECA4jhlE+WPnq3vJrSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwODAyMDA1MTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTRlMTdkNDgzZmU1ZmJmMjI2YmIyNjIxZjFkOWQ0MjYzY2U2MjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilm+oLTbgSzsNRXSRJe09EFb7IRl
RQLDLmDBvY/dCU6THzzm2C5c5oslgqaDJGdsJCpSfDskvuzhyWGE5nVdvNP2O09a
0BQRzq5JJBVy8cJbD9AqjpBZSKg+mTBLIiMlozuFnzPCZzaVpMhWvZYDmjZUhHsC
Pz9OxTk8u5z9tKUXWJvnwcy6RKWeNJEV3+l03R41FUMYC3ItRkQvF+Vb1borZEM1
ncoVSDJS1LMA/lPrjV/AxJRXUs2hWeUkGIyvr6au9XwfwtH5DvHMFYv/5CvToOSB
9XsjlQbKzVswzi1IgCnTtgoXbTXBSGodd6vYeN00g7QCxfpvyI8aITrZHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHpOF9SD/l+/ImuyYh8dnUJjzmIyMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvZWs0WDFJUC1YNzhpYTdKaUh4MmRRbVBPWWpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBSPAAwQC
VcygMA0GCSqGSIb3DQEBCwUAA4IBAQBQWQjv6nM6qeAba/BMzWO/t0cs+wTQxrUQ
oifhU/wGoJINo6Qb7PSZWe/jQuD4RzHiEHruGJXzc8OaykygRzoZ/ceOIpX9trPS
msEWKgwhEsTiaqkddafQ0+JrmneShTNSGT2lcRCTqaWBERWpQ+fUp5nlmY576lC0
6M9Tk3Iw3KeDa/anSxmwVpVhVp3/XeQn8Ph6g5rfaecKYmI/ityIECqQ+M1LtWL7
VCHuKruMKnz2V5PqUeDClBf41xReSZMWXosK++sa4wSUhzsmQhoLiyGt/7iyuW+3
QZPqIRAMtKncPEm+uDOSDWJYZ7yflW9udlhPbV3YhoVIoHD0Mpi+
-----END CERTIFICATE-----
Generated at Fri Aug 2 07:45:02 2024 by rpki-client on console-ams.rpki-client.org