Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/y4SrJ4v6yQ7oRv4li6LCFfOBNK8.roa
File: y4SrJ4v6yQ7oRv4li6LCFfOBNK8.roa (raw, json)
Hash identifier: hvb7sKHyTuKwex1keDvvQgFG3jX5X4jGYlhE4DJuOSw=
Subject key identifier: CB:84:AB:27:8B:FA:C9:0E:E8:46:FE:25:8B:A2:C2:15:F3:81:34:AF
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 01903D91F7A13EE90675AF4FB56C679A1F5D
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/y4SrJ4v6yQ7oRv4li6LCFfOBNK8.roa
Signing time: Sat 22 Jun 2024 01:31:34 +0000
ROA not before: Sat 22 Jun 2024 01:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 393427
IP address blocks: 5.35.192.0/21 maxlen: 24
85.204.160.0/22 maxlen: 24
194.88.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Aug 2024 00:51:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3d:91:f7:a1:3e:e9:06:75:af:4f:b5:6c:67:9a:1f:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jun 22 01:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb84ab278bfac90ee846fe258ba2c215f38134af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:94:4c:d0:f5:fc:7d:45:ce:ec:3b:2b:91:26:
a1:f2:4e:31:00:bf:80:0f:f7:2f:0f:64:f5:ed:dc:
39:0a:71:03:20:c6:66:e6:9a:ec:5b:44:93:67:0b:
d0:a2:d9:f7:a9:40:f9:f3:b9:2c:73:60:2d:10:80:
0a:e5:42:bf:3a:7c:3d:9a:31:5a:3a:a3:45:fa:e5:
50:a6:e0:1d:4a:1a:5f:04:cd:cf:13:af:04:02:d2:
00:ed:3c:d6:9e:e4:45:16:01:e4:19:e7:c3:b0:db:
a8:7a:41:37:c7:14:53:e6:5e:72:08:00:94:0a:75:
5c:b9:51:eb:4d:24:88:f0:fa:30:5d:55:82:d7:33:
7b:68:8d:ef:cf:71:c8:22:61:c9:2f:7d:35:22:ae:
53:b7:d3:b1:e9:e8:6f:7f:92:5c:22:fe:f9:39:97:
0f:49:dc:f5:ae:b6:57:8e:2f:fc:53:54:ee:64:bc:
80:20:11:1d:e3:2a:a3:84:81:ed:5a:49:6a:0b:3c:
53:b4:7e:da:a8:f2:a1:7e:94:f4:21:b5:9c:f9:c6:
02:05:7e:e3:48:1f:f6:28:da:5f:94:1b:bb:02:f4:
30:39:02:c1:69:1b:95:fd:de:32:e9:0d:de:7e:d1:
c2:75:cd:71:f1:46:09:77:c2:5d:92:a9:b5:6a:74:
a6:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:84:AB:27:8B:FA:C9:0E:E8:46:FE:25:8B:A2:C2:15:F3:81:34:AF
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/y4SrJ4v6yQ7oRv4li6LCFfOBNK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.192.0/21
85.204.160.0/22
194.88.96.0/21
Signature Algorithm: sha256WithRSAEncryption
29:b0:e8:8f:3d:3a:c4:ca:c2:7e:b5:a5:cf:29:fe:58:44:cb:
10:8b:a5:47:c5:c2:d0:4b:b7:00:33:30:77:7e:bb:db:ab:5c:
5f:ba:6b:fa:72:4a:b3:de:56:e1:27:e9:ad:e9:82:7b:10:47:
ea:55:01:80:ae:82:84:cf:a2:87:cd:dd:0e:d6:75:41:6c:34:
01:5e:61:90:a6:e4:11:8d:d5:d2:db:89:e2:29:2b:f5:48:0e:
e7:7c:3d:1b:e5:80:fc:03:21:45:27:5c:aa:06:6f:c9:c3:4c:
3d:7f:53:ff:5d:15:df:b7:ef:b1:5d:2b:b2:79:5c:70:da:eb:
0a:a2:97:e3:f9:94:91:80:ea:56:10:9a:48:56:ab:c9:c8:80:
90:18:3a:3a:13:67:76:ef:53:c9:f7:77:87:50:72:c2:98:eb:
cc:ac:85:68:6a:4b:94:eb:06:e1:9c:65:60:ca:6e:18:5b:ad:
e9:6d:14:15:37:3a:04:9f:55:64:d5:3f:31:4b:5f:94:e4:cb:
d4:80:ca:a0:b0:67:88:c2:d4:8c:45:ad:ae:c7:47:30:cb:00:
f7:b4:22:71:e0:9a:5c:94:3a:5e:0a:19:72:4f:62:c9:3b:47:
19:82:d1:0e:8d:12:87:c6:09:e2:53:c0:c7:48:c8:ab:9e:10:
f8:6d:c5:64
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZA9kfehPukGda9PtWxnmh9dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwNjIyMDEzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjg0YWIyNzhiZmFjOTBlZTg0NmZlMjU4YmEyYzIxNWYzODEzNGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupRM0PX8fUXO7DsrkSah8k4xAL+A
D/cvD2T17dw5CnEDIMZm5prsW0STZwvQotn3qUD587ksc2AtEIAK5UK/Onw9mjFa
OqNF+uVQpuAdShpfBM3PE68EAtIA7TzWnuRFFgHkGefDsNuoekE3xxRT5l5yCACU
CnVcuVHrTSSI8PowXVWC1zN7aI3vz3HIImHJL301Iq5Tt9Ox6ehvf5JcIv75OZcP
Sdz1rrZXji/8U1TuZLyAIBEd4yqjhIHtWklqCzxTtH7aqPKhfpT0IbWc+cYCBX7j
SB/2KNpflBu7AvQwOQLBaRuV/d4y6Q3eftHCdc1x8UYJd8Jdkqm1anSmGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMuEqyeL+skO6Eb+JYuiwhXzgTSvMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEveTRTcko0djZ5UTdvUnY0bGk2TENGZk9CTks4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBSPAAwQC
VcygAwQDwlhgMA0GCSqGSIb3DQEBCwUAA4IBAQApsOiPPTrEysJ+taXPKf5YRMsQ
i6VHxcLQS7cAMzB3frvbq1xfumv6ckqz3lbhJ+mt6YJ7EEfqVQGAroKEz6KHzd0O
1nVBbDQBXmGQpuQRjdXS24niKSv1SA7nfD0b5YD8AyFFJ1yqBm/Jw0w9f1P/XRXf
t++xXSuyeVxw2usKopfj+ZSRgOpWEJpIVqvJyICQGDo6E2d271PJ93eHUHLCmOvM
rIVoakuU6wbhnGVgym4YW63pbRQVNzoEn1Vk1T8xS1+U5MvUgMqgsGeIwtSMRa2u
x0cwywD3tCJx4JpclDpeChlyT2LJO0cZgtEOjRKHxgniU8DHSMirnhD4bcVk
Generated at Fri Aug 2 03:36:57 2024 by rpki-client on console-fra.rpki-client.org