Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/P94k7yPrslHeJ9X6J8kIJeKVuek.roa
File: P94k7yPrslHeJ9X6J8kIJeKVuek.roa (raw, json)
Hash identifier: scdkayfTUQ6dNNuaaJkCjYAGokeMVFHyFJp1Rmmhcqc=
Subject key identifier: 3F:DE:24:EF:23:EB:B2:51:DE:27:D5:FA:27:C9:08:25:E2:95:B9:E9
Certificate issuer: /CN=7302cdc29fdca09e9a0f3f7d2113da85a7e1d654
Certificate serial: 018F29F04384D268BC53248F84F86DEFA109
Authority key identifier: 73:02:CD:C2:9F:DC:A0:9E:9A:0F:3F:7D:21:13:DA:85:A7:E1:D6:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cwLNwp_coJ6aDz99IRPahafh1lQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/P94k7yPrslHeJ9X6J8kIJeKVuek.roa
Signing time: Mon 29 Apr 2024 12:59:22 +0000
ROA not before: Mon 29 Apr 2024 12:59:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43391
IP address blocks: 77.223.128.0/19 maxlen: 24
77.223.132.0/24 maxlen: 24
77.223.135.0/24 maxlen: 24
77.223.136.0/24 maxlen: 24
77.223.143.0/24 maxlen: 24
77.223.148.0/24 maxlen: 24
77.223.149.0/24 maxlen: 24
77.223.152.0/24 maxlen: 24
77.223.153.0/24 maxlen: 24
77.223.154.0/24 maxlen: 24
77.223.156.0/24 maxlen: 24
77.223.158.0/24 maxlen: 24
78.40.224.0/21 maxlen: 21
78.40.224.0/24 maxlen: 24
78.40.228.0/24 maxlen: 24
78.40.230.0/24 maxlen: 24
91.191.160.0/20 maxlen: 24
91.191.168.0/21 maxlen: 21
91.191.170.0/24 maxlen: 24
91.191.171.0/24 maxlen: 24
93.187.200.0/21 maxlen: 21
93.187.204.0/24 maxlen: 24
93.187.205.0/24 maxlen: 24
93.187.206.0/24 maxlen: 24
93.187.207.0/24 maxlen: 24
185.80.72.0/24 maxlen: 24
195.244.32.0/19 maxlen: 24
195.244.33.0/24 maxlen: 24
195.244.43.0/24 maxlen: 24
2a01:aac0::/32 maxlen: 32
2a0a:be80::/29 maxlen: 29
2a0a:be80::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Jun 2024 09:09:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:29:f0:43:84:d2:68:bc:53:24:8f:84:f8:6d:ef:a1:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7302cdc29fdca09e9a0f3f7d2113da85a7e1d654
Validity
Not Before: Apr 29 12:59:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fde24ef23ebb251de27d5fa27c90825e295b9e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a4:45:42:31:d1:c1:4b:d9:1c:c5:1f:c5:b0:
4e:d3:96:2d:99:77:bd:35:a2:9b:05:36:3e:c8:32:
b4:4f:76:32:db:e2:00:55:81:6c:6f:b0:83:23:8e:
1f:7c:0c:1a:e0:c0:6d:fe:5f:66:58:2b:b7:80:d1:
67:47:e9:9e:23:03:21:46:96:f8:bc:06:25:3e:dc:
fc:f0:98:ee:68:08:1f:6b:82:50:0c:72:b2:a5:9a:
12:47:d5:d7:74:8e:45:0e:d7:7b:a4:fa:c4:3a:2d:
9a:d1:38:72:6d:c1:3c:0a:b7:50:c2:f5:0d:48:60:
b3:56:16:9e:42:f6:dc:94:0a:57:cd:c8:de:49:04:
9e:55:8f:47:25:f2:40:c2:2f:f0:90:9c:41:62:7c:
79:2e:3a:16:34:ac:5d:fa:ed:5b:2a:9b:9f:6d:be:
45:d2:c6:e9:41:87:13:ec:ff:b0:fe:9a:90:66:96:
b3:88:46:17:13:b0:78:a5:c2:76:97:c4:99:2f:ea:
34:7a:41:0a:02:d3:b0:75:eb:7d:9b:9f:2f:9f:b5:
59:6b:f7:54:7e:42:85:b8:75:a9:8e:b0:32:e9:8b:
de:24:ea:a6:37:84:89:2d:9b:be:ea:73:9e:b6:37:
c1:f2:7d:75:3b:87:8d:6f:6b:cd:71:88:21:02:ce:
d6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:DE:24:EF:23:EB:B2:51:DE:27:D5:FA:27:C9:08:25:E2:95:B9:E9
X509v3 Authority Key Identifier:
keyid:73:02:CD:C2:9F:DC:A0:9E:9A:0F:3F:7D:21:13:DA:85:A7:E1:D6:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cwLNwp_coJ6aDz99IRPahafh1lQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/P94k7yPrslHeJ9X6J8kIJeKVuek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/cwLNwp_coJ6aDz99IRPahafh1lQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.223.128.0/19
78.40.224.0/21
91.191.160.0/20
93.187.200.0/21
185.80.72.0/24
195.244.32.0/19
IPv6:
2a01:aac0::/32
2a0a:be80::/29
Signature Algorithm: sha256WithRSAEncryption
30:88:93:56:f2:81:66:13:45:1f:33:b8:10:e9:f4:a1:7e:8c:
d9:69:d1:7d:8d:11:79:7e:0f:27:1a:7f:94:f2:cf:49:d1:21:
12:27:ea:c2:57:74:82:82:8d:42:77:94:8e:a8:a3:48:da:60:
91:61:25:dc:a7:0f:de:4c:45:cb:3b:7a:bd:56:49:5b:bd:d6:
d7:17:91:1a:3e:cd:9f:81:5c:c9:9a:a4:80:87:a5:8d:c0:6c:
2a:7f:d7:eb:9c:22:f0:3c:90:c7:5e:20:47:44:5d:57:6b:10:
4a:1e:83:65:b8:17:c1:98:6a:c9:67:8c:b5:c1:c3:ae:1a:01:
d5:9e:ad:01:93:3c:cb:98:4b:36:13:2d:cf:50:d3:09:f2:fb:
24:05:17:47:b7:4e:84:ca:de:cc:cc:c9:cf:44:a1:a6:6c:ee:
6b:4a:23:35:05:c3:9c:eb:b5:7c:27:b9:4c:3f:9e:fa:26:20:
ed:1b:56:56:8f:d0:07:d7:b7:36:c5:41:aa:3e:28:5a:c0:ad:
94:32:28:0e:0a:66:36:75:95:4a:c8:c7:1e:1d:8c:3b:e8:05:
f6:c7:50:35:02:68:38:34:fb:50:08:dd:e7:da:25:a0:cb:62:
43:e8:d1:dd:53:bf:b2:70:78:d9:39:10:33:b6:ab:4a:9b:10:
e0:50:8d:fa
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAY8p8EOE0mi8UySPhPht76EJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMDJjZGMyOWZkY2EwOWU5YTBmM2Y3ZDIxMTNkYTg1YTdl
MWQ2NTQwHhcNMjQwNDI5MTI1OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmRlMjRlZjIzZWJiMjUxZGUyN2Q1ZmEyN2M5MDgyNWUyOTViOWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKRFQjHRwUvZHMUfxbBO05YtmXe9
NaKbBTY+yDK0T3Yy2+IAVYFsb7CDI44ffAwa4MBt/l9mWCu3gNFnR+meIwMhRpb4
vAYlPtz88JjuaAgfa4JQDHKypZoSR9XXdI5FDtd7pPrEOi2a0ThybcE8CrdQwvUN
SGCzVhaeQvbclApXzcjeSQSeVY9HJfJAwi/wkJxBYnx5LjoWNKxd+u1bKpufbb5F
0sbpQYcT7P+w/pqQZpaziEYXE7B4pcJ2l8SZL+o0ekEKAtOwdet9m58vn7VZa/dU
fkKFuHWpjrAy6YveJOqmN4SJLZu+6nOetjfB8n11O4eNb2vNcYghAs7WlQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFD/eJO8j67JR3ifV+ifJCCXilbnpMB8GA1UdIwQY
MBaAFHMCzcKf3KCemg8/fSET2oWn4dZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3dMTndwX2NvSjZhRHo5OUlSUGFoYWZoMWxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC83NzIxN2QtODE0Yi00ODZhLThlZjIt
ZmUwMzMzZWQwMDVmLzEvUDk0azd5UHJzbEhlSjlYNko4a0lKZUtWdWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC83NzIxN2QtODE0Yi00ODZhLThlZjItZmUwMzMzZWQwMDVm
LzEvY3dMTndwX2NvSjZhRHo5OUlSUGFoYWZoMWxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQFTd+AAwQD
TijgAwQEW7+gAwQDXbvIAwQAuVBIAwQFw/QgMBQEAgACMA4DBQAqAarAAwUDKgq+
gDANBgkqhkiG9w0BAQsFAAOCAQEAMIiTVvKBZhNFHzO4EOn0oX6M2WnRfY0ReX4P
Jxp/lPLPSdEhEifqwld0goKNQneUjqijSNpgkWEl3KcP3kxFyzt6vVZJW73W1xeR
Gj7Nn4FcyZqkgIeljcBsKn/X65wi8DyQx14gR0RdV2sQSh6DZbgXwZhqyWeMtcHD
rhoB1Z6tAZM8y5hLNhMtz1DTCfL7JAUXR7dOhMrezMzJz0Shpmzua0ojNQXDnOu1
fCe5TD+e+iYg7RtWVo/QB9e3NsVBqj4oWsCtlDIoDgpmNnWVSsjHHh2MO+gF9sdQ
NQJoODT7UAjd59oloMtiQ+jR3VO/snB42TkQM7arSpsQ4FCN+g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:10 2024 by rpki-client on console-fra.rpki-client.org