Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Kvyg3B33-fsjQBLti8VMng0C2CE.roa
File: Kvyg3B33-fsjQBLti8VMng0C2CE.roa (raw, json)
Hash identifier: si84FL/ahUyPZCEhXUFc7uZYt0HLBJPClkdyaFIqLYo=
Subject key identifier: 2A:FC:A0:DC:1D:F7:F9:FB:23:40:12:ED:8B:C5:4C:9E:0D:02:D8:21
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018CC802050347E726804558EDBAF9C1062D
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Kvyg3B33-fsjQBLti8VMng0C2CE.roa
Signing time: Tue 02 Jan 2024 02:30:24 +0000
ROA not before: Tue 02 Jan 2024 02:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35177
IP address blocks: 178.35.192.0/19 maxlen: 19
85.173.136.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Apr 2024 09:37:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:05:03:47:e7:26:80:45:58:ed:ba:f9:c1:06:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 02:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2afca0dc1df7f9fb234012ed8bc54c9e0d02d821
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:fc:12:e4:7b:f6:c8:bf:06:4d:07:25:f6:f5:
41:2d:bc:d8:c7:fa:a5:97:81:7d:67:09:ab:93:cf:
3b:75:bc:43:ae:98:d7:f3:0e:2a:12:66:22:e4:f0:
1d:2a:58:7d:b5:ba:5c:f9:87:a3:51:b3:23:b9:a4:
91:25:de:54:65:6f:99:4b:23:9b:f7:be:2b:b0:57:
54:0d:d6:37:77:31:4c:ad:13:f4:ab:b5:4a:3e:d0:
9d:48:9c:a0:ac:94:2b:50:bc:95:37:42:eb:f7:d8:
5f:fd:9b:a2:6b:37:50:63:86:37:2e:03:24:53:9d:
c6:57:58:39:b9:12:93:66:3f:9c:43:0b:ee:f6:dd:
0a:e3:7c:5e:b1:26:e1:b6:ec:7d:eb:3d:1a:8b:eb:
ce:c9:b2:69:0e:37:e1:b4:b5:6d:d9:0d:f8:74:3f:
23:12:28:17:81:6c:ef:48:f7:da:b2:f6:7d:a3:cc:
b2:dd:4d:75:06:c2:38:c2:f6:7f:3b:de:c6:0f:9b:
96:8a:6b:e1:16:be:1b:62:62:90:a6:74:55:f6:b8:
dc:fc:b1:e1:bb:f3:85:2b:09:47:a1:ae:b5:b2:f9:
82:4c:e8:8b:49:71:c2:7a:4b:cf:da:b0:af:55:b7:
fc:0d:e2:88:f8:c3:b5:72:b0:c8:76:fb:f4:b8:0e:
cf:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:FC:A0:DC:1D:F7:F9:FB:23:40:12:ED:8B:C5:4C:9E:0D:02:D8:21
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Kvyg3B33-fsjQBLti8VMng0C2CE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.173.136.0/21
178.35.192.0/19
Signature Algorithm: sha256WithRSAEncryption
8c:d3:60:45:5f:74:c1:06:20:8b:39:e6:fc:78:4c:c6:81:49:
6d:0d:35:0f:14:41:cc:40:bb:66:cf:3e:c6:9b:11:e5:5b:be:
cc:59:a0:c4:d4:e6:d1:67:94:a9:91:e9:e6:2d:3c:9d:d3:da:
92:2b:fa:da:1d:89:c9:03:3c:f8:12:46:d1:63:76:b5:29:9e:
c1:68:c9:5a:bf:fa:62:70:2d:85:0e:5b:be:21:f8:d5:c9:a9:
52:d9:6b:3f:71:1f:7e:bb:be:73:f8:85:1e:f2:fa:7c:83:4e:
3e:b4:a4:2a:1e:d2:e8:d8:a4:e5:f5:bf:5f:b7:37:5b:d1:c3:
8d:a9:43:71:fe:84:55:11:e2:1e:d6:a8:d5:15:78:7a:df:74:
e8:50:a8:d3:24:b3:31:1e:d1:fe:57:cc:25:71:91:cf:eb:73:
78:d0:c7:c2:1c:9e:83:51:70:07:79:a7:f3:a0:e6:73:6b:c5:
55:77:ab:7f:c5:6a:6c:ad:be:5b:27:3c:3b:11:85:7f:3b:d9:
02:e4:e9:bf:99:47:52:c4:14:71:09:af:b1:69:a5:a9:84:43:
5d:34:f3:cb:10:19:40:a3:28:7a:1c:5e:50:ee:84:23:a5:d3:
b6:32:82:1f:58:3d:f3:16:3f:fe:35:e0:70:30:5d:ad:f4:8c:
79:00:ba:62
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAgUDR+cmgEVY7br5wQYtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMTAyMDIzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWZjYTBkYzFkZjdmOWZiMjM0MDEyZWQ4YmM1NGM5ZTBkMDJkODIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovwS5Hv2yL8GTQcl9vVBLbzYx/ql
l4F9Zwmrk887dbxDrpjX8w4qEmYi5PAdKlh9tbpc+YejUbMjuaSRJd5UZW+ZSyOb
974rsFdUDdY3dzFMrRP0q7VKPtCdSJygrJQrULyVN0Lr99hf/ZuiazdQY4Y3LgMk
U53GV1g5uRKTZj+cQwvu9t0K43xesSbhtux96z0ai+vOybJpDjfhtLVt2Q34dD8j
EigXgWzvSPfasvZ9o8yy3U11BsI4wvZ/O97GD5uWimvhFr4bYmKQpnRV9rjc/LHh
u/OFKwlHoa61svmCTOiLSXHCekvP2rCvVbf8DeKI+MO1crDIdvv0uA7PLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCr8oNwd9/n7I0AS7YvFTJ4NAtghMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvS3Z5ZzNCMzMtZnNqUUJMdGk4Vk1uZzBDMkNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDVa2IAwQF
siPAMA0GCSqGSIb3DQEBCwUAA4IBAQCM02BFX3TBBiCLOeb8eEzGgUltDTUPFEHM
QLtmzz7GmxHlW77MWaDE1ObRZ5SpkenmLTyd09qSK/raHYnJAzz4EkbRY3a1KZ7B
aMlav/picC2FDlu+IfjVyalS2Ws/cR9+u75z+IUe8vp8g04+tKQqHtLo2KTl9b9f
tzdb0cONqUNx/oRVEeIe1qjVFXh633ToUKjTJLMxHtH+V8wlcZHP63N40MfCHJ6D
UXAHeafzoOZza8VVd6t/xWpsrb5bJzw7EYV/O9kC5Om/mUdSxBRxCa+xaaWphENd
NPPLEBlAoyh6HF5Q7oQjpdO2MoIfWD3zFj/+NeBwMF2t9Ix5ALpi
-----END CERTIFICATE-----
Generated at Mon Apr 1 11:18:48 2024 by rpki-client on console.sobornost.net