Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/e4L7K4pZM8Qne1M33b4C2URj1Zo.roa
File: e4L7K4pZM8Qne1M33b4C2URj1Zo.roa (raw, json)
Hash identifier: xuJ/mxoWpFkLr2CQTtmsVtNtZzMWAzQgOtH0QEAHlGo=
Subject key identifier: 7B:82:FB:2B:8A:59:33:C4:27:7B:53:37:DD:BE:02:D9:44:63:D5:9A
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 0193BACB8F47138013626F82FA372061484E
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/e4L7K4pZM8Qne1M33b4C2URj1Zo.roa
Signing time: Thu 12 Dec 2024 12:15:22 +0000
ROA not before: Thu 12 Dec 2024 12:15:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209737
IP address blocks: 85.235.72.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
93.190.8.0/24 maxlen: 24
193.17.5.0/24 maxlen: 24
193.111.76.0/24 maxlen: 24
193.111.78.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Dec 2024 18:39:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ba:cb:8f:47:13:80:13:62:6f:82:fa:37:20:61:48:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Dec 12 12:15:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b82fb2b8a5933c4277b5337ddbe02d94463d59a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:66:55:d6:a3:22:ce:32:8c:b2:53:f3:5e:07:
e8:89:6b:6b:e3:cf:29:04:a5:01:51:0d:7b:47:78:
d3:65:76:f6:ba:f0:3f:0f:2a:bd:b8:5f:fa:a6:cd:
b3:17:72:f0:68:30:34:ab:45:8b:c9:fe:69:43:de:
59:95:0f:1d:13:9c:5c:78:b1:42:48:fe:2c:62:57:
53:14:ac:9e:e8:e6:c2:eb:d7:68:6a:27:93:93:7d:
a3:1a:f2:6a:3e:e3:8f:5c:73:d0:9d:c7:20:25:8a:
12:53:3e:86:61:83:9d:40:4f:35:c0:8a:24:3d:6b:
ae:78:53:e1:38:3b:7b:4b:b6:95:43:11:6f:70:59:
6e:fb:11:5f:3d:83:1c:f0:96:5e:e1:54:d1:be:b5:
21:55:97:aa:80:67:91:a6:21:ce:a4:7a:c4:2d:6f:
e1:fe:7b:d5:d8:03:f1:b2:aa:a1:a5:e1:c6:bd:a9:
60:d3:b8:db:1a:22:fa:a1:66:4c:f5:a4:f2:97:82:
cc:af:f2:b6:ff:4e:eb:b6:06:7c:79:94:6f:c6:94:
4b:3a:55:50:2c:34:2e:87:30:89:2f:07:0d:f3:2c:
17:2c:9c:5e:63:18:61:03:3e:f7:4e:62:d3:c1:50:
ba:27:d6:bc:f9:b2:8f:e0:ac:d4:15:c8:db:23:b5:
5a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:82:FB:2B:8A:59:33:C4:27:7B:53:37:DD:BE:02:D9:44:63:D5:9A
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/e4L7K4pZM8Qne1M33b4C2URj1Zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.235.72.0-85.235.74.255
93.190.8.0/24
193.17.5.0/24
193.111.76.0/24
193.111.78.0/24
217.18.208.0/24
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
73:63:24:96:58:ad:d0:58:cd:c6:9a:d5:18:df:2d:80:d4:0d:
4d:8c:20:cc:46:55:c6:6e:ef:f3:45:d0:2d:7f:9c:a3:72:e2:
f7:a8:af:82:ce:9c:97:1e:86:27:bb:26:24:4b:b4:91:ee:1a:
d4:9d:61:13:f0:50:28:88:9f:96:65:cd:fc:74:dd:e1:4f:44:
fa:02:df:a7:df:b8:a0:ec:62:73:96:54:5f:a6:78:0a:10:1e:
1d:fa:7d:ca:fa:88:a0:03:48:cd:08:88:5a:11:8a:90:3d:cb:
0c:a2:19:4f:a2:f6:7c:cc:c7:ac:ad:ea:95:bd:27:cc:57:a7:
ec:3e:26:52:75:3c:3d:b6:06:5c:d8:e8:28:9a:44:27:55:9d:
6d:29:31:8f:14:16:42:97:08:b0:fc:16:f4:46:66:3f:27:06:
cc:57:26:cd:5c:54:ff:2c:36:4a:87:40:c1:cd:97:3a:b4:d3:
83:d7:93:a3:b0:d0:ad:11:ec:da:38:9d:b0:6d:f7:3b:00:84:
e4:34:99:47:4f:97:2f:a1:f0:58:52:c8:58:fc:13:35:0a:75:
93:d7:35:21:3d:0a:8a:f4:7d:9a:be:98:68:20:08:4c:e9:04:
a8:09:cb:95:0d:3f:c1:27:b0:4a:8f:b1:8a:29:6d:60:38:08:
f0:6b:4b:95
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZO6y49HE4ATYm+C+jcgYUhOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQxMjEyMTIxNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjgyZmIyYjhhNTkzM2M0Mjc3YjUzMzdkZGJlMDJkOTQ0NjNkNTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumZV1qMizjKMslPzXgfoiWtr488p
BKUBUQ17R3jTZXb2uvA/Dyq9uF/6ps2zF3LwaDA0q0WLyf5pQ95ZlQ8dE5xceLFC
SP4sYldTFKye6ObC69doaieTk32jGvJqPuOPXHPQnccgJYoSUz6GYYOdQE81wIok
PWuueFPhODt7S7aVQxFvcFlu+xFfPYMc8JZe4VTRvrUhVZeqgGeRpiHOpHrELW/h
/nvV2APxsqqhpeHGvalg07jbGiL6oWZM9aTyl4LMr/K2/07rtgZ8eZRvxpRLOlVQ
LDQuhzCJLwcN8ywXLJxeYxhhAz73TmLTwVC6J9a8+bKP4KzUFcjbI7VaPQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFHuC+yuKWTPEJ3tTN92+AtlEY9WaMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvZTRMN0s0cFpNOFFuZTFNMzNiNEMyVVJqMVpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBANV60gD
BABV60oDBABdvggDBADBEQUDBADBb0wDBADBb04DBADZEtADBADZEtMwDQYJKoZI
hvcNAQELBQADggEBAHNjJJZYrdBYzcaa1RjfLYDUDU2MIMxGVcZu7/NF0C1/nKNy
4veor4LOnJcehie7JiRLtJHuGtSdYRPwUCiIn5Zlzfx03eFPRPoC36ffuKDsYnOW
VF+meAoQHh36fcr6iKADSM0IiFoRipA9ywyiGU+i9nzMx6yt6pW9J8xXp+w+JlJ1
PD22BlzY6CiaRCdVnW0pMY8UFkKXCLD8FvRGZj8nBsxXJs1cVP8sNkqHQMHNlzq0
04PXk6Ow0K0R7No4nbBt9zsAhOQ0mUdPly+h8FhSyFj8EzUKdZPXNSE9Cor0fZq+
mGggCEzpBKgJy5UNP8EnsEqPsYopbWA4CPBrS5U=
-----END CERTIFICATE-----
Generated at Tue Dec 24 01:01:29 2024 by rpki-client on console.sobornost.net