Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/22Ae4-Pz-ReI7XRN9NTn93UqJvM.roa
File: 22Ae4-Pz-ReI7XRN9NTn93UqJvM.roa (raw, json)
Hash identifier: Ts6SjhnzWAb7JikA8hVlmX8Qa5bV5Xf4cIfdE5lbnd4=
Subject key identifier: DB:60:1E:E3:E3:F3:F9:17:88:ED:74:4D:F4:D4:E7:F7:75:2A:26:F3
Certificate issuer: /CN=77f8e7fbd4ab69507fb1fe3579af343a56639086
Certificate serial: 018CC5DCCC43676836E2172490FF690601B0
Authority key identifier: 77:F8:E7:FB:D4:AB:69:50:7F:B1:FE:35:79:AF:34:3A:56:63:90:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_jn-9SraVB_sf41ea80OlZjkIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/22Ae4-Pz-ReI7XRN9NTn93UqJvM.roa
Signing time: Mon 01 Jan 2024 16:30:30 +0000
ROA not before: Mon 01 Jan 2024 16:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60530
IP address blocks: 185.30.44.0/22 maxlen: 24
5.152.128.0/22 maxlen: 24
5.152.144.0/22 maxlen: 24
109.107.138.0/24 maxlen: 24
5.152.148.0/23 maxlen: 24
5.152.156.0/22 maxlen: 24
5.152.154.0/23 maxlen: 24
2a00:ab20::/29 maxlen: 32
2a11:cf40::/29 maxlen: 32
Validation: Failed, certificate revoked on Fri 09 Feb 2024 16:28:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:cc:43:67:68:36:e2:17:24:90:ff:69:06:01:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f8e7fbd4ab69507fb1fe3579af343a56639086
Validity
Not Before: Jan 1 16:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db601ee3e3f3f91788ed744df4d4e7f7752a26f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:dc:f7:f3:b1:d9:ba:b8:0b:d0:0a:08:93:6c:
a9:64:06:df:1c:9c:da:66:80:23:ca:06:b6:db:4a:
85:e9:01:88:68:7f:b5:47:bb:00:7d:2c:05:a7:4f:
3f:3d:98:50:63:a2:bd:32:12:7c:d2:16:29:03:b2:
28:2f:67:10:25:d5:b2:9b:fe:c8:42:77:7f:22:c8:
d0:b1:7b:94:e8:d7:aa:23:01:02:b9:95:be:87:86:
4b:0f:c9:34:2c:8d:b2:91:9d:56:d2:a8:91:bb:90:
0b:47:29:0f:55:96:3c:77:81:bf:77:af:aa:c8:d0:
60:83:eb:5f:22:19:24:64:36:b6:4e:b7:41:d3:f9:
77:ca:c7:b3:8d:42:f7:b0:bc:49:98:8d:d8:92:27:
20:61:bd:45:f9:5f:0f:4a:d0:08:0c:d6:f0:d2:b4:
bb:6f:78:df:74:8e:6f:5a:c0:f0:b2:72:12:27:d7:
c9:df:c0:40:4e:9a:6a:3b:89:59:a3:6b:7f:c1:e1:
f2:67:cc:90:6f:03:d0:37:6c:0d:0c:b1:de:76:61:
46:9c:76:66:1a:ea:d5:9f:f5:da:25:d5:0c:76:07:
1e:ff:1e:20:48:d9:c3:77:86:f0:ba:6b:ce:6e:1a:
93:80:78:41:05:87:46:77:f7:51:34:1c:02:e9:bf:
6b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:60:1E:E3:E3:F3:F9:17:88:ED:74:4D:F4:D4:E7:F7:75:2A:26:F3
X509v3 Authority Key Identifier:
keyid:77:F8:E7:FB:D4:AB:69:50:7F:B1:FE:35:79:AF:34:3A:56:63:90:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_jn-9SraVB_sf41ea80OlZjkIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/22Ae4-Pz-ReI7XRN9NTn93UqJvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/d_jn-9SraVB_sf41ea80OlZjkIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.128.0/22
5.152.144.0-5.152.149.255
5.152.154.0-5.152.159.255
109.107.138.0/24
185.30.44.0/22
IPv6:
2a00:ab20::/29
2a11:cf40::/29
Signature Algorithm: sha256WithRSAEncryption
68:02:ad:8c:09:6f:aa:2a:f0:2f:24:39:b7:af:08:22:0a:32:
66:d7:89:62:1b:75:82:f2:11:64:86:b5:1f:1e:a7:be:53:9c:
88:5f:d3:8a:64:89:e6:5a:0f:f4:2c:d3:d9:b5:b5:13:7b:fc:
0e:55:94:3d:cb:a5:bb:2e:7d:90:0a:27:5e:52:eb:1f:b8:33:
5b:e5:c2:0c:9c:2d:ed:3c:e2:12:c6:bc:dc:c2:d2:8a:1c:7c:
37:f3:1a:c1:c8:54:53:ef:8e:b2:a7:cc:a6:71:cd:25:c7:47:
68:71:ac:a6:89:a0:e4:27:ad:64:66:6a:a2:f2:18:53:a8:1f:
7f:cc:95:17:d7:60:14:37:c1:2d:4c:46:c1:e7:47:fd:7e:1e:
91:07:6c:4d:ec:bb:f7:00:0e:56:53:c2:9c:ea:2d:4a:2a:41:
33:f8:59:87:a1:25:07:08:a2:34:cd:a3:39:13:77:38:08:30:
e8:fe:82:16:b5:09:0a:8f:ce:ea:1b:40:b0:60:60:96:62:bc:
a1:ed:3d:83:a7:eb:95:e3:cf:0e:66:e3:bc:0c:cc:05:80:d7:
99:f0:b6:79:b9:ef:2d:6e:e3:e5:93:b4:6d:04:85:fd:c7:41:
0d:9e:85:1a:3f:c4:3f:6e:b7:2b:5e:dd:1c:ab:57:6b:f2:42:
ec:36:5b:17
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYzF3MxDZ2g24hckkP9pBgGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjhlN2ZiZDRhYjY5NTA3ZmIxZmUzNTc5YWYzNDNhNTY2
MzkwODYwHhcNMjQwMTAxMTYzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjYwMWVlM2UzZjNmOTE3ODhlZDc0NGRmNGQ0ZTdmNzc1MmEyNmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdz387HZurgL0AoIk2ypZAbfHJza
ZoAjyga220qF6QGIaH+1R7sAfSwFp08/PZhQY6K9MhJ80hYpA7IoL2cQJdWym/7I
Qnd/IsjQsXuU6NeqIwECuZW+h4ZLD8k0LI2ykZ1W0qiRu5ALRykPVZY8d4G/d6+q
yNBgg+tfIhkkZDa2TrdB0/l3ysezjUL3sLxJmI3YkicgYb1F+V8PStAIDNbw0rS7
b3jfdI5vWsDwsnISJ9fJ38BATppqO4lZo2t/weHyZ8yQbwPQN2wNDLHedmFGnHZm
GurVn/XaJdUMdgce/x4gSNnDd4bwumvObhqTgHhBBYdGd/dRNBwC6b9rFwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFNtgHuPj8/kXiO10TfTU5/d1KibzMB8GA1UdIwQY
MBaAFHf45/vUq2lQf7H+NXmvNDpWY5CGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9qbi05U3JhVkJfc2Y0MWVhODBPbFpqa0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82YzI3MzYtYWIwMi00ODk3LTk1Njgt
NzdmNmU5NGUzZGNjLzEvMjJBZTQtUHotUmVJN1hSTjlOVG45M1VxSnZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82YzI3MzYtYWIwMi00ODk3LTk1NjgtNzdmNmU5NGUzZGNj
LzEvZF9qbi05U3JhVkJfc2Y0MWVhODBPbFpqa0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDA0BAIAATAuAwQCBZiAMAwD
BAQFmJADBAEFmJQwDAMEAQWYmgMEBQWYgAMEAG1rigMEArkeLDAUBAIAAjAOAwUD
KgCrIAMFAyoRz0AwDQYJKoZIhvcNAQELBQADggEBAGgCrYwJb6oq8C8kObevCCIK
MmbXiWIbdYLyEWSGtR8ep75TnIhf04pkieZaD/Qs09m1tRN7/A5VlD3LpbsufZAK
J15S6x+4M1vlwgycLe084hLGvNzC0oocfDfzGsHIVFPvjrKnzKZxzSXHR2hxrKaJ
oOQnrWRmaqLyGFOoH3/MlRfXYBQ3wS1MRsHnR/1+HpEHbE3su/cADlZTwpzqLUoq
QTP4WYehJQcIojTNozkTdzgIMOj+gha1CQqPzuobQLBgYJZivKHtPYOn65Xjzw5m
47wMzAWA15nwtnm57y1u4+WTtG0Ehf3HQQ2ehRo/xD9utyte3RyrV2vyQuw2Wxc=
-----END CERTIFICATE-----
Generated at Tue Feb 27 01:00:24 2024 by rpki-client on console.sobornost.net