Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/9oPVJaCNM0djt796_fosQ-mH_QM.roa
File: 9oPVJaCNM0djt796_fosQ-mH_QM.roa (raw, json)
Hash identifier: MM+4XqbEBo7yBy739WyX8EQYgoLEhbApIZ2thERriLo=
Subject key identifier: F6:83:D5:25:A0:8D:33:47:63:B7:BF:7A:FD:FA:2C:43:E9:87:FD:03
Certificate issuer: /CN=795013346c8d8f23e0128d306997980237db2374
Certificate serial: 01856FB1267C4AF2964613F47F9980A60B73
Authority key identifier: 79:50:13:34:6C:8D:8F:23:E0:12:8D:30:69:97:98:02:37:DB:23:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eVATNGyNjyPgEo0waZeYAjfbI3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/9oPVJaCNM0djt796_fosQ-mH_QM.roa
Signing time: Sun 01 Jan 2023 23:35:58 +0000
ROA not before: Sun 01 Jan 2023 23:35:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2914
IP address blocks: 78.158.48.0/20 maxlen: 32
185.158.56.0/22 maxlen: 32
193.104.103.0/24 maxlen: 32
193.104.131.0/24 maxlen: 32
77.240.48.0/20 maxlen: 32
2a03:7600::/32 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:b1:26:7c:4a:f2:96:46:13:f4:7f:99:80:a6:0b:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=795013346c8d8f23e0128d306997980237db2374
Validity
Not Before: Jan 1 23:35:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f683d525a08d334763b7bf7afdfa2c43e987fd03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:28:64:97:c4:e3:1b:e3:71:09:d5:36:e4:8b:
f1:fb:9b:62:73:89:a0:45:51:42:f0:e5:a2:fd:4f:
1b:10:f0:4d:f9:83:f6:80:21:9f:0a:56:b0:b1:32:
ee:f3:27:3e:fd:d7:0d:bf:8d:b9:ea:e2:b7:66:74:
d9:8a:27:e0:d7:e0:d3:a8:06:95:1b:86:f0:d4:34:
47:39:4f:72:71:0a:af:65:a3:32:96:26:ec:3c:cd:
b1:ee:e2:71:6b:c5:92:0c:63:90:79:ee:fd:91:01:
bc:f8:ec:4a:4e:95:34:cd:29:d6:d9:b6:39:d1:c8:
18:86:d9:b6:54:b6:f5:3d:c2:d7:b2:d3:d2:86:72:
22:bf:fb:55:df:04:f1:af:94:d9:cf:49:6a:8b:db:
39:d3:85:97:73:f1:a3:3d:58:03:0c:1c:69:1b:8e:
58:61:e3:07:d5:a2:05:84:1d:34:62:f5:fd:65:eb:
a1:32:16:2d:d3:a5:fe:37:e3:c2:89:b9:14:b3:b7:
c1:17:e8:5b:fc:65:be:67:c1:40:e8:fd:ae:7f:bf:
b6:7c:a5:a2:f6:57:52:3b:32:da:a2:79:c9:30:94:
b5:fd:bd:02:fd:c0:1a:72:ec:90:cd:8f:ef:fd:5d:
5c:72:ef:bd:4a:82:4b:bd:c9:51:21:0c:8a:d0:8b:
de:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:83:D5:25:A0:8D:33:47:63:B7:BF:7A:FD:FA:2C:43:E9:87:FD:03
X509v3 Authority Key Identifier:
keyid:79:50:13:34:6C:8D:8F:23:E0:12:8D:30:69:97:98:02:37:DB:23:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eVATNGyNjyPgEo0waZeYAjfbI3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/9oPVJaCNM0djt796_fosQ-mH_QM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/eVATNGyNjyPgEo0waZeYAjfbI3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.48.0/20
78.158.48.0/20
185.158.56.0/22
193.104.103.0/24
193.104.131.0/24
IPv6:
2a03:7600::/32
Signature Algorithm: sha256WithRSAEncryption
11:48:43:ff:77:7d:68:42:cc:cc:c8:97:05:e9:65:7b:ce:bc:
d9:07:40:5d:12:9c:eb:2c:c2:fe:dc:a0:8c:75:09:79:6f:5a:
1b:d8:23:eb:54:4d:a6:7e:cb:f2:fd:55:1a:2c:b1:ec:46:bc:
03:a5:58:80:a5:0a:6e:5d:78:d0:dc:2b:5b:e5:09:df:6a:36:
31:60:70:1c:9c:7a:b9:f6:bb:b2:e2:8b:85:c7:6d:d6:3f:4c:
66:ec:4c:1b:81:f7:33:1f:bd:66:3a:d4:42:64:90:45:43:25:
da:c1:fb:f7:43:db:74:4a:5a:4f:67:ed:67:7b:43:03:9b:2d:
61:cd:78:82:82:2c:c5:e5:70:09:c0:51:6b:17:2e:2d:bf:3d:
f7:a9:83:e2:60:ed:38:48:0b:2b:8a:19:a9:43:4d:82:56:86:
38:9b:a3:b7:83:2e:9b:90:b9:ab:19:13:6c:e8:02:ca:c3:33:
c7:3e:58:d0:2b:a2:f0:15:bd:d8:95:7c:c2:86:a3:c9:97:41:
b7:0b:22:7c:c4:29:3e:ab:df:11:6a:ac:e7:69:8c:f2:ae:10:
18:ef:07:75:70:91:de:ee:88:45:99:e9:9b:88:d2:52:66:40:
24:f3:84:1e:2e:de:47:d0:e0:02:c4:e2:cc:bc:d7:4c:3c:2d:
06:da:d8:12
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVvsSZ8SvKWRhP0f5mApgtzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NTAxMzM0NmM4ZDhmMjNlMDEyOGQzMDY5OTc5ODAyMzdk
YjIzNzQwHhcNMjMwMTAxMjMzNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjgzZDUyNWEwOGQzMzQ3NjNiN2JmN2FmZGZhMmM0M2U5ODdmZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhShkl8TjG+NxCdU25Ivx+5tic4mg
RVFC8OWi/U8bEPBN+YP2gCGfClawsTLu8yc+/dcNv4256uK3ZnTZiifg1+DTqAaV
G4bw1DRHOU9ycQqvZaMylibsPM2x7uJxa8WSDGOQee79kQG8+OxKTpU0zSnW2bY5
0cgYhtm2VLb1PcLXstPShnIiv/tV3wTxr5TZz0lqi9s504WXc/GjPVgDDBxpG45Y
YeMH1aIFhB00YvX9ZeuhMhYt06X+N+PCibkUs7fBF+hb/GW+Z8FA6P2uf7+2fKWi
9ldSOzLaonnJMJS1/b0C/cAacuyQzY/v/V1ccu+9SoJLvclRIQyK0Ive0QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFPaD1SWgjTNHY7e/ev36LEPph/0DMB8GA1UdIwQY
MBaAFHlQEzRsjY8j4BKNMGmXmAI32yN0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVZBVE5HeU5qeVBnRW8wd2FaZVlBamZiSTNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84MmMwMWUtYjhjZC00NGFkLThhYTct
OGU5OGVhNmNhOGVlLzEvOW9QVkphQ05NMGRqdDc5Nl9mb3NRLW1IX1FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84MmMwMWUtYjhjZC00NGFkLThhYTctOGU5OGVhNmNhOGVl
LzEvZVZBVE5HeU5qeVBnRW8wd2FaZVlBamZiSTNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQETfAwAwQE
Tp4wAwQCuZ44AwQAwWhnAwQAwWiDMA0EAgACMAcDBQAqA3YAMA0GCSqGSIb3DQEB
CwUAA4IBAQARSEP/d31oQszMyJcF6WV7zrzZB0BdEpzrLML+3KCMdQl5b1ob2CPr
VE2mfsvy/VUaLLHsRrwDpViApQpuXXjQ3Ctb5QnfajYxYHAcnHq59ruy4ouFx23W
P0xm7EwbgfczH71mOtRCZJBFQyXawfv3Q9t0SlpPZ+1ne0MDmy1hzXiCgizF5XAJ
wFFrFy4tvz33qYPiYO04SAsrihmpQ02CVoY4m6O3gy6bkLmrGRNs6ALKwzPHPljQ
K6LwFb3YlXzChqPJl0G3CyJ8xCk+q98RaqznaYzyrhAY7wd1cJHe7ohFmembiNJS
ZkAk84QeLt5H0OACxOLMvNdMPC0G2tgS
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:25 2024 by rpki-client on console-ams.rpki-client.org