Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/GEIRWivg5EXdDI39zmrH4sgZb5g.roa
File: GEIRWivg5EXdDI39zmrH4sgZb5g.roa (raw, json)
Hash identifier: M1m2meSsQfKG0P/iyLgSjoAAoSXu23CQuryGDweAlsI=
Subject key identifier: 18:42:11:5A:2B:E0:E4:45:DD:0C:8D:FD:CE:6A:C7:E2:C8:19:6F:98
Certificate issuer: /CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
Certificate serial: 0188E81E3E66F1430177D11CFD9D2D21E4C5
Authority key identifier: C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/GEIRWivg5EXdDI39zmrH4sgZb5g.roa
Signing time: Fri 23 Jun 2023 11:57:56 +0000
ROA not before: Fri 23 Jun 2023 11:57:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15967
IP address blocks: 77.55.208.0/20 maxlen: 20
77.55.224.0/20 maxlen: 20
77.55.240.0/22 maxlen: 22
77.55.246.0/24 maxlen: 24
77.55.248.0/22 maxlen: 22
77.55.252.0/23 maxlen: 23
77.55.247.0/24 maxlen: 24
77.55.152.0/22 maxlen: 22
77.55.159.0/24 maxlen: 24
77.55.158.0/24 maxlen: 24
77.55.156.0/23 maxlen: 23
77.55.155.0/24 maxlen: 24
77.55.166.0/24 maxlen: 24
77.55.160.0/23 maxlen: 23
77.55.160.0/20 maxlen: 20
77.55.164.0/23 maxlen: 23
77.55.162.0/23 maxlen: 23
77.55.172.0/23 maxlen: 23
77.55.167.0/24 maxlen: 24
77.55.170.0/23 maxlen: 23
77.55.168.0/23 maxlen: 23
77.55.174.0/23 maxlen: 23
77.55.178.0/24 maxlen: 24
77.55.177.0/24 maxlen: 24
77.55.176.0/23 maxlen: 23
77.55.176.0/24 maxlen: 24
77.55.176.0/21 maxlen: 21
77.55.179.0/24 maxlen: 24
77.55.186.0/23 maxlen: 23
77.55.181.0/24 maxlen: 24
77.55.180.0/23 maxlen: 23
77.55.184.0/23 maxlen: 23
77.55.182.0/23 maxlen: 23
77.55.192.0/20 maxlen: 20
77.55.188.0/23 maxlen: 23
77.55.190.0/23 maxlen: 23
77.55.0.0/18 maxlen: 18
77.55.0.0/16 maxlen: 16
31.172.170.0/23 maxlen: 23
31.172.169.0/24 maxlen: 24
31.172.168.0/24 maxlen: 24
31.172.168.0/22 maxlen: 22
77.55.96.0/22 maxlen: 22
77.55.104.0/23 maxlen: 23
77.55.100.0/22 maxlen: 22
77.55.112.0/23 maxlen: 23
77.55.108.0/22 maxlen: 22
77.55.106.0/23 maxlen: 23
77.55.118.0/23 maxlen: 23
77.55.116.0/23 maxlen: 23
77.55.114.0/23 maxlen: 23
77.55.122.0/23 maxlen: 23
77.55.121.0/24 maxlen: 24
77.55.120.0/24 maxlen: 24
77.55.125.0/24 maxlen: 24
77.55.124.0/24 maxlen: 24
77.55.126.0/24 maxlen: 24
77.55.128.0/20 maxlen: 20
77.55.127.0/24 maxlen: 24
77.55.144.0/21 maxlen: 21
77.55.64.0/22 maxlen: 22
77.55.68.0/22 maxlen: 22
77.55.76.0/23 maxlen: 23
77.55.78.0/23 maxlen: 23
77.55.72.0/22 maxlen: 22
77.55.84.0/22 maxlen: 22
77.55.88.0/22 maxlen: 22
85.128.160.0/19 maxlen: 19
85.128.192.0/18 maxlen: 18
85.128.130.0/24 maxlen: 24
85.128.129.0/24 maxlen: 24
85.128.128.0/24 maxlen: 24
85.128.128.0/17 maxlen: 17
85.128.132.0/23 maxlen: 23
85.128.131.0/24 maxlen: 24
85.128.136.0/22 maxlen: 22
85.128.135.0/24 maxlen: 24
85.128.134.0/24 maxlen: 24
85.128.144.0/20 maxlen: 20
85.128.143.0/24 maxlen: 24
85.128.142.0/24 maxlen: 24
85.128.140.0/23 maxlen: 23
2a01:6100::/32 maxlen: 32
2a01:6100::/48 maxlen: 48
2a01:6100:111::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Jul 2023 12:09:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e8:1e:3e:66:f1:43:01:77:d1:1c:fd:9d:2d:21:e4:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
Validity
Not Before: Jun 23 11:57:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1842115a2be0e445dd0c8dfdce6ac7e2c8196f98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:15:e1:95:21:02:5c:32:c7:0a:b7:02:c2:42:
95:a7:3a:5c:3d:37:10:90:d7:28:c0:1b:a6:26:bc:
f4:b3:cc:40:eb:25:5c:40:8e:51:ac:64:97:22:9b:
08:c6:fb:82:c5:63:17:d0:31:cf:87:88:b7:b6:47:
03:6d:47:d7:2e:eb:56:e9:52:8f:7c:e3:cb:97:5a:
f7:62:59:f9:b7:08:29:2c:6d:71:e0:79:f1:45:41:
18:38:19:13:91:e5:72:53:66:0f:6b:25:6a:9b:ce:
6f:8f:95:c2:7d:9c:53:0e:86:fa:91:bd:c3:d7:f3:
84:00:37:4a:4d:4c:fb:0b:d0:63:88:5c:76:66:d8:
7a:e1:e7:dc:6b:6c:be:a1:ee:92:65:74:2c:40:fb:
5a:a4:13:7f:68:ee:1d:94:41:bf:75:83:b6:1f:e4:
bb:5b:1a:00:19:6c:77:3f:71:1f:06:51:61:08:8e:
5c:62:f8:42:10:87:56:49:f6:46:d9:9b:0f:de:c0:
8d:ac:d4:fb:17:bf:ec:0d:f2:35:c7:01:d6:4b:a2:
24:c8:d7:f6:4f:c2:24:3f:44:fa:a8:11:34:14:56:
3d:0a:12:b0:b3:02:98:34:55:c0:bf:d1:ca:55:c1:
1b:c7:f3:7d:6e:44:bf:a4:74:f2:5d:76:af:cb:03:
f1:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:42:11:5A:2B:E0:E4:45:DD:0C:8D:FD:CE:6A:C7:E2:C8:19:6F:98
X509v3 Authority Key Identifier:
keyid:C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/GEIRWivg5EXdDI39zmrH4sgZb5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.168.0/22
77.55.0.0/16
85.128.128.0/17
IPv6:
2a01:6100::/32
Signature Algorithm: sha256WithRSAEncryption
4a:45:3f:f1:66:9d:28:62:6e:b5:07:d5:88:ca:cf:19:da:43:
88:80:e7:d2:d4:0a:9b:a7:f5:b1:8f:c8:85:a7:27:9e:a1:82:
b0:01:69:af:d1:4e:94:14:81:f1:47:cd:d3:6f:97:87:63:6f:
a8:ac:b2:36:1e:b6:27:fa:7e:76:4f:89:7f:70:e7:68:55:0f:
48:61:12:fe:c0:77:7c:56:2e:a7:93:71:2a:bb:55:5d:06:5d:
3a:ea:d8:e1:52:a6:42:09:8f:40:78:69:3c:a4:8a:a2:8f:6b:
36:50:79:fe:5c:6c:fd:bf:39:c3:8c:75:f0:50:26:1e:83:b1:
9e:8e:35:2d:d2:49:73:98:c9:eb:ba:59:af:2e:2a:10:69:d6:
3a:d4:01:81:01:14:07:80:1f:05:43:03:14:27:21:fa:5a:f3:
3b:aa:82:e3:7f:24:e0:28:8d:1b:c0:69:83:12:c9:e9:2f:ba:
99:89:f0:8c:90:a4:eb:fc:d6:69:4b:3f:8d:56:ac:60:41:21:
c7:8d:a8:58:ee:da:1b:25:ec:52:0f:b0:9d:81:9d:4d:e0:04:
a0:ce:ae:d3:1e:81:60:d3:82:8b:8b:3d:5b:f3:e1:87:2e:53:
ea:61:ac:a8:d7:06:97:32:20:d9:b7:ed:80:03:9d:ce:e2:eb:
17:10:b5:c6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYjoHj5m8UMBd9Ec/Z0tIeTFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTJmNDI0MDdmMjFjOWQ3NjkwZmIzMGZkOGNkYjJiZmRm
NmQwMzAwHhcNMjMwNjIzMTE1NzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODQyMTE1YTJiZTBlNDQ1ZGQwYzhkZmRjZTZhYzdlMmM4MTk2Zjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhXhlSECXDLHCrcCwkKVpzpcPTcQ
kNcowBumJrz0s8xA6yVcQI5RrGSXIpsIxvuCxWMX0DHPh4i3tkcDbUfXLutW6VKP
fOPLl1r3Yln5twgpLG1x4HnxRUEYOBkTkeVyU2YPayVqm85vj5XCfZxTDob6kb3D
1/OEADdKTUz7C9BjiFx2Zth64efca2y+oe6SZXQsQPtapBN/aO4dlEG/dYO2H+S7
WxoAGWx3P3EfBlFhCI5cYvhCEIdWSfZG2ZsP3sCNrNT7F7/sDfI1xwHWS6IkyNf2
T8IkP0T6qBE0FFY9ChKwswKYNFXAv9HKVcEbx/N9bkS/pHTyXXavywPxawIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBhCEVor4ORF3QyN/c5qx+LIGW+YMB8GA1UdIwQY
MBaAFMWi9CQH8hyddpD7MP2M2yv99tAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEt
ZmI1YzYyZTQyZjZiLzEvR0VJUldpdmc1RVhkREkzOXptckg0c2daYjVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEtZmI1YzYyZTQyZjZi
LzEveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQCH6yoAwMA
TTcDBAdVgIAwDQQCAAIwBwMFACoBYQAwDQYJKoZIhvcNAQELBQADggEBAEpFP/Fm
nShibrUH1YjKzxnaQ4iA59LUCpun9bGPyIWnJ56hgrABaa/RTpQUgfFHzdNvl4dj
b6issjYetif6fnZPiX9w52hVD0hhEv7Ad3xWLqeTcSq7VV0GXTrq2OFSpkIJj0B4
aTykiqKPazZQef5cbP2/OcOMdfBQJh6DsZ6ONS3SSXOYyeu6Wa8uKhBp1jrUAYEB
FAeAHwVDAxQnIfpa8zuqguN/JOAojRvAaYMSyekvupmJ8IyQpOv81mlLP41WrGBB
IceNqFju2hsl7FIPsJ2BnU3gBKDOrtMegWDTgouLPVvz4YcuU+phrKjXBpcyINm3
7YADnc7i6xcQtcY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:10 2024 by rpki-client on console-ams.rpki-client.org