Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/DYYCoHvHAu_JuO4S28U2S8ZKjPs.roa
File: DYYCoHvHAu_JuO4S28U2S8ZKjPs.roa (raw, json)
Hash identifier: fNoYjv03U627zhae2JW/TAGwjdfrkjpwql30zWGv1GY=
Subject key identifier: 0D:86:02:A0:7B:C7:02:EF:C9:B8:EE:12:DB:C5:36:4B:C6:4A:8C:FB
Certificate issuer: /CN=77f8e7fbd4ab69507fb1fe3579af343a56639086
Certificate serial: 018CC5DCCCB7AE4868BA0C1092C9D29743A8
Authority key identifier: 77:F8:E7:FB:D4:AB:69:50:7F:B1:FE:35:79:AF:34:3A:56:63:90:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_jn-9SraVB_sf41ea80OlZjkIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/DYYCoHvHAu_JuO4S28U2S8ZKjPs.roa
Signing time: Mon 01 Jan 2024 16:30:30 +0000
ROA not before: Mon 01 Jan 2024 16:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199026
IP address blocks: 5.152.128.0/23 maxlen: 23
5.152.130.0/23 maxlen: 23
5.152.144.0/22 maxlen: 22
5.152.148.0/24 maxlen: 24
5.152.154.0/23 maxlen: 23
5.152.156.0/23 maxlen: 23
5.152.158.0/24 maxlen: 24
5.152.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Feb 2024 16:29:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:cc:b7:ae:48:68:ba:0c:10:92:c9:d2:97:43:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f8e7fbd4ab69507fb1fe3579af343a56639086
Validity
Not Before: Jan 1 16:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d8602a07bc702efc9b8ee12dbc5364bc64a8cfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:82:ce:22:97:4b:91:91:5f:5c:a5:68:1c:cb:
51:e8:56:3d:c1:63:6f:b0:d1:0b:a9:97:3b:72:5c:
f8:5f:6c:d1:8d:65:73:0f:72:29:75:89:58:01:c3:
4e:43:95:43:0e:9c:2e:e1:34:f7:e2:5f:7f:4c:f8:
b7:f6:66:b0:f7:8c:68:d5:7d:b8:41:c4:b8:6e:fa:
1e:38:6b:dd:4d:59:5c:0e:5c:26:eb:bf:89:4c:23:
fc:1a:f9:d8:a3:e2:8e:ee:57:1a:75:2b:fe:a5:e7:
ec:66:2b:64:57:15:c7:ca:1b:cf:08:9d:80:7d:f8:
fc:77:68:19:33:04:c9:85:a3:2a:46:54:92:7d:72:
7b:b5:48:ac:29:d7:c0:26:3a:ee:76:33:c9:d3:04:
2f:c0:3a:e7:4f:5f:0f:c3:e3:95:1e:b2:ce:13:11:
95:4e:e4:08:15:1c:2b:18:86:a4:8d:2c:9e:d0:fb:
d2:46:aa:bf:c0:d3:81:cb:e8:4b:9b:c1:20:6e:e7:
48:2d:a7:f5:30:e3:f2:ae:76:34:44:95:38:15:0c:
b9:11:24:a7:dd:79:dd:13:b7:03:f3:18:68:65:e9:
eb:1b:71:87:17:8d:b7:77:3a:f1:f5:83:9e:30:7b:
43:6e:f8:9f:87:08:af:9f:41:c4:d7:91:ad:b0:41:
c3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:86:02:A0:7B:C7:02:EF:C9:B8:EE:12:DB:C5:36:4B:C6:4A:8C:FB
X509v3 Authority Key Identifier:
keyid:77:F8:E7:FB:D4:AB:69:50:7F:B1:FE:35:79:AF:34:3A:56:63:90:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_jn-9SraVB_sf41ea80OlZjkIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/DYYCoHvHAu_JuO4S28U2S8ZKjPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6c2736-ab02-4897-9568-77f6e94e3dcc/1/d_jn-9SraVB_sf41ea80OlZjkIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.128.0/22
5.152.144.0-5.152.148.255
5.152.154.0-5.152.159.255
Signature Algorithm: sha256WithRSAEncryption
24:05:5a:57:88:19:26:02:2d:b1:fd:c1:1f:d9:6b:aa:64:69:
0f:77:3b:fd:a9:0b:b5:0b:57:1e:0e:27:ea:94:b3:8f:82:f6:
15:b4:19:ec:31:a8:0d:d9:34:c2:97:05:a9:74:f8:e0:10:d7:
2e:34:99:04:ac:53:ad:c5:ea:19:e5:98:a0:6b:f4:e7:c9:37:
ee:66:9d:db:b5:86:79:7e:c2:58:63:11:e8:87:b7:98:e7:b6:
b1:60:d4:a1:bc:c0:3c:d9:c0:53:15:27:17:c0:39:46:bc:ac:
8d:59:5e:25:8a:91:88:cd:35:fc:b5:ed:11:43:6f:d7:c3:54:
06:34:ba:8e:7c:11:20:93:c2:80:25:98:2e:fa:3e:57:5a:65:
58:13:3b:a6:27:12:90:d8:51:de:84:f8:47:ed:6d:d4:e5:c0:
0b:b6:c3:7f:48:70:9c:94:ba:35:28:f1:a0:c6:48:24:54:23:
13:d3:8c:5f:f5:95:9d:44:d8:af:3c:ad:9a:e7:f3:5c:9f:f6:
28:e9:57:15:07:22:0e:32:70:b4:c0:eb:fd:88:ff:92:87:eb:
87:75:38:a1:10:f8:95:e7:8d:c6:13:13:60:ee:05:13:da:31:
a9:e7:10:4e:09:f8:f5:be:b6:0f:6d:f8:62:e3:62:ec:33:c8:
3a:35:fa:f1
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzF3My3rkhougwQksnSl0OoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjhlN2ZiZDRhYjY5NTA3ZmIxZmUzNTc5YWYzNDNhNTY2
MzkwODYwHhcNMjQwMTAxMTYzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDg2MDJhMDdiYzcwMmVmYzliOGVlMTJkYmM1MzY0YmM2NGE4Y2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYLOIpdLkZFfXKVoHMtR6FY9wWNv
sNELqZc7clz4X2zRjWVzD3IpdYlYAcNOQ5VDDpwu4TT34l9/TPi39maw94xo1X24
QcS4bvoeOGvdTVlcDlwm67+JTCP8GvnYo+KO7lcadSv+pefsZitkVxXHyhvPCJ2A
ffj8d2gZMwTJhaMqRlSSfXJ7tUisKdfAJjrudjPJ0wQvwDrnT18Pw+OVHrLOExGV
TuQIFRwrGIakjSye0PvSRqq/wNOBy+hLm8EgbudILaf1MOPyrnY0RJU4FQy5ESSn
3XndE7cD8xhoZenrG3GHF423dzrx9YOeMHtDbvifhwivn0HE15GtsEHD0QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFA2GAqB7xwLvybjuEtvFNkvGSoz7MB8GA1UdIwQY
MBaAFHf45/vUq2lQf7H+NXmvNDpWY5CGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9qbi05U3JhVkJfc2Y0MWVhODBPbFpqa0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82YzI3MzYtYWIwMi00ODk3LTk1Njgt
NzdmNmU5NGUzZGNjLzEvRFlZQ29IdkhBdV9KdU80UzI4VTJTOFpLalBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82YzI3MzYtYWIwMi00ODk3LTk1NjgtNzdmNmU5NGUzZGNj
LzEvZF9qbi05U3JhVkJfc2Y0MWVhODBPbFpqa0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQCBZiAMAwD
BAQFmJADBAAFmJQwDAMEAQWYmgMEBQWYgDANBgkqhkiG9w0BAQsFAAOCAQEAJAVa
V4gZJgItsf3BH9lrqmRpD3c7/akLtQtXHg4n6pSzj4L2FbQZ7DGoDdk0wpcFqXT4
4BDXLjSZBKxTrcXqGeWYoGv058k37mad27WGeX7CWGMR6Ie3mOe2sWDUobzAPNnA
UxUnF8A5RrysjVleJYqRiM01/LXtEUNv18NUBjS6jnwRIJPCgCWYLvo+V1plWBM7
picSkNhR3oT4R+1t1OXAC7bDf0hwnJS6NSjxoMZIJFQjE9OMX/WVnUTYrzytmufz
XJ/2KOlXFQciDjJwtMDr/Yj/kofrh3U4oRD4leeNxhMTYO4FE9oxqecQTgn49b62
D234YuNi7DPIOjX68Q==
-----END CERTIFICATE-----
Generated at Tue Feb 27 01:00:24 2024 by rpki-client on console.sobornost.net