Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/233948-f9a3-4b44-a4a9-4149de528833/1/U-NZDydG1kh_-Pzs4EaMZ-QFVms.roa
File: U-NZDydG1kh_-Pzs4EaMZ-QFVms.roa (raw, json)
Hash identifier: dkj+Suk1LuHbs7hvBF5ko9Sc8tIEBsUim/VwufE3b8Y=
Subject key identifier: 53:E3:59:0F:27:46:D6:48:7F:F8:FC:EC:E0:46:8C:67:E4:05:56:6B
Certificate issuer: /CN=03ad6365231ed79396940920149df71c0aa08e1f
Certificate serial: 018B475220E36378B98B974763BC89EE31A6
Authority key identifier: 03:AD:63:65:23:1E:D7:93:96:94:09:20:14:9D:F7:1C:0A:A0:8E:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A61jZSMe15OWlAkgFJ33HAqgjh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/233948-f9a3-4b44-a4a9-4149de528833/1/U-NZDydG1kh_-Pzs4EaMZ-QFVms.roa
Signing time: Thu 19 Oct 2023 09:44:06 +0000
ROA not before: Thu 19 Oct 2023 09:44:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58143
IP address blocks: 5.35.170.0/24 maxlen: 24
5.35.169.0/24 maxlen: 24
5.35.172.0/24 maxlen: 24
5.35.168.0/24 maxlen: 24
5.35.171.0/24 maxlen: 24
5.35.174.0/24 maxlen: 24
5.35.173.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:47:52:20:e3:63:78:b9:8b:97:47:63:bc:89:ee:31:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03ad6365231ed79396940920149df71c0aa08e1f
Validity
Not Before: Oct 19 09:44:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53e3590f2746d6487ff8fcece0468c67e405566b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:2f:4a:e2:1d:45:66:50:24:47:97:fe:94:fc:
1c:9a:93:93:23:ef:c8:87:96:c8:c7:ea:58:a0:f0:
25:59:a7:17:02:23:de:fa:41:40:c0:5b:19:9e:a3:
de:40:00:09:18:7e:cd:9a:a8:32:d0:86:39:cf:4e:
c6:e9:77:02:ee:6f:7e:1f:0e:73:a5:ae:b8:1e:e5:
d0:d6:3d:6f:7a:cd:16:a9:fd:b0:7c:5f:0b:cf:34:
d6:55:55:5a:30:c1:cf:03:74:60:e6:1a:be:f8:8b:
e9:e8:97:11:36:92:3e:25:a3:62:8c:e5:06:28:5c:
90:ac:1b:87:76:fe:d4:c2:c9:af:f8:71:1b:f6:a4:
05:93:b5:a0:10:ab:1b:f6:5a:44:ee:84:eb:ad:5c:
70:47:95:20:05:00:16:a7:bb:66:0f:60:0b:6b:26:
db:1e:62:2f:ed:e1:bb:71:d1:40:30:5a:22:ae:f6:
f2:ba:29:35:80:38:f4:20:6d:be:49:d6:73:1a:df:
b6:f5:23:d0:da:3e:05:2d:0d:6b:6a:a1:ac:d7:8a:
b5:09:49:b2:dd:f1:07:09:83:25:21:35:6f:59:c8:
4b:8c:ef:b4:35:78:88:15:18:44:db:ef:f0:f7:61:
b3:c1:ec:2b:b0:3d:97:da:3f:81:b8:8c:b3:b6:26:
3f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:E3:59:0F:27:46:D6:48:7F:F8:FC:EC:E0:46:8C:67:E4:05:56:6B
X509v3 Authority Key Identifier:
keyid:03:AD:63:65:23:1E:D7:93:96:94:09:20:14:9D:F7:1C:0A:A0:8E:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A61jZSMe15OWlAkgFJ33HAqgjh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/233948-f9a3-4b44-a4a9-4149de528833/1/U-NZDydG1kh_-Pzs4EaMZ-QFVms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/233948-f9a3-4b44-a4a9-4149de528833/1/A61jZSMe15OWlAkgFJ33HAqgjh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.168.0-5.35.174.255
Signature Algorithm: sha256WithRSAEncryption
5e:71:96:cd:dd:d6:77:0e:55:e4:8d:dc:54:5b:3a:49:3b:3c:
88:d4:e7:54:4a:76:3d:29:c1:91:9e:f7:eb:2a:b5:c7:11:95:
89:89:88:a8:7c:20:39:67:37:4e:12:bb:3b:12:44:69:50:3c:
8e:af:6c:5f:36:e7:0f:9a:4d:91:14:02:cf:8f:17:b4:52:64:
60:4e:10:55:9f:bb:59:fe:29:f4:7b:99:b5:03:5a:b6:bf:a1:
29:fd:11:76:70:d2:42:92:43:bb:f8:53:46:c2:e6:1a:79:18:
59:12:38:72:76:01:2d:cf:4e:31:c9:fc:b3:ab:4a:f3:b9:dd:
ac:ef:8a:8a:86:ca:96:2d:d9:8d:fb:34:9d:27:a0:4a:11:e2:
79:be:9e:ba:6c:33:8f:dd:a3:71:e5:65:c7:2e:14:7c:5a:4d:
2a:f5:7d:10:41:04:91:e0:50:10:2b:48:00:3f:d0:9c:0b:84:
c9:3c:dd:0b:86:65:fc:6a:bf:fc:41:15:c3:ba:03:d3:92:de:
7a:d8:56:2e:c2:35:81:25:60:41:f7:6e:7a:be:33:3c:43:4b:
b9:66:c1:ac:2a:29:b1:5e:80:cc:df:7f:a7:c0:9a:fd:f5:76:
fc:d1:4d:69:95:1c:02:2f:1a:61:94:e1:a1:c9:c0:3e:ad:2b:
3d:82:c8:ed
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYtHUiDjY3i5i5dHY7yJ7jGmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYWQ2MzY1MjMxZWQ3OTM5Njk0MDkyMDE0OWRmNzFjMGFh
MDhlMWYwHhcNMjMxMDE5MDk0NDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2UzNTkwZjI3NDZkNjQ4N2ZmOGZjZWNlMDQ2OGM2N2U0MDU1NjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAky9K4h1FZlAkR5f+lPwcmpOTI+/I
h5bIx+pYoPAlWacXAiPe+kFAwFsZnqPeQAAJGH7Nmqgy0IY5z07G6XcC7m9+Hw5z
pa64HuXQ1j1ves0Wqf2wfF8LzzTWVVVaMMHPA3Rg5hq++Ivp6JcRNpI+JaNijOUG
KFyQrBuHdv7Uwsmv+HEb9qQFk7WgEKsb9lpE7oTrrVxwR5UgBQAWp7tmD2ALaybb
HmIv7eG7cdFAMFoirvbyuik1gDj0IG2+SdZzGt+29SPQ2j4FLQ1raqGs14q1CUmy
3fEHCYMlITVvWchLjO+0NXiIFRhE2+/w92GzwewrsD2X2j+BuIyztiY//QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFPjWQ8nRtZIf/j87OBGjGfkBVZrMB8GA1UdIwQY
MBaAFAOtY2UjHteTlpQJIBSd9xwKoI4fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTYxalpTTWUxNU9XbEFrZ0ZKMzNIQXFnamg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yMzM5NDgtZjlhMy00YjQ0LWE0YTkt
NDE0OWRlNTI4ODMzLzEvVS1OWkR5ZEcxa2hfLVB6czRFYU1aLVFGVm1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yMzM5NDgtZjlhMy00YjQ0LWE0YTktNDE0OWRlNTI4ODMz
LzEvQTYxalpTTWUxNU9XbEFrZ0ZKMzNIQXFnamg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAMFI6gD
BAAFI64wDQYJKoZIhvcNAQELBQADggEBAF5xls3d1ncOVeSN3FRbOkk7PIjU51RK
dj0pwZGe9+sqtccRlYmJiKh8IDlnN04SuzsSRGlQPI6vbF825w+aTZEUAs+PF7RS
ZGBOEFWfu1n+KfR7mbUDWra/oSn9EXZw0kKSQ7v4U0bC5hp5GFkSOHJ2AS3PTjHJ
/LOrSvO53azvioqGypYt2Y37NJ0noEoR4nm+nrpsM4/do3HlZccuFHxaTSr1fRBB
BJHgUBArSAA/0JwLhMk83QuGZfxqv/xBFcO6A9OS3nrYVi7CNYElYEH3bnq+MzxD
S7lmwawqKbFegMzff6fAmv31dvzRTWmVHAIvGmGU4aHJwD6tKz2CyO0=
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:00:51 2024 by rpki-client on console.sobornost.net