Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/087f99-cb9d-40a8-9830-1e695ef49c10/1/d2j2rOUiN6BcGDM1p1uALAfHvqI.roa
File: d2j2rOUiN6BcGDM1p1uALAfHvqI.roa (raw, json)
Hash identifier: +8h9RSak9LP7ZijI/+pvsxf4KR9UV1L2OiNzEb13XQQ=
Subject key identifier: 77:68:F6:AC:E5:22:37:A0:5C:18:33:35:A7:5B:80:2C:07:C7:BE:A2
Certificate issuer: /CN=470be1865f5079e24b1a7adfdca27ee2fe5d1f89
Certificate serial: 018B715B61B30D3990BDCB2EF959F83D554F
Authority key identifier: 47:0B:E1:86:5F:50:79:E2:4B:1A:7A:DF:DC:A2:7E:E2:FE:5D:1F:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rwvhhl9QeeJLGnrf3KJ-4v5dH4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/087f99-cb9d-40a8-9830-1e695ef49c10/1/d2j2rOUiN6BcGDM1p1uALAfHvqI.roa
Signing time: Fri 27 Oct 2023 13:38:15 +0000
ROA not before: Fri 27 Oct 2023 13:38:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34427
IP address blocks: 193.84.9.0/24 maxlen: 24
195.80.226.0/24 maxlen: 24
77.87.164.0/23 maxlen: 23
77.87.160.0/21 maxlen: 21
185.38.232.0/22 maxlen: 22
2a02:720:200::/40 maxlen: 40
2a02:720::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:71:5b:61:b3:0d:39:90:bd:cb:2e:f9:59:f8:3d:55:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=470be1865f5079e24b1a7adfdca27ee2fe5d1f89
Validity
Not Before: Oct 27 13:38:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7768f6ace52237a05c183335a75b802c07c7bea2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4f:a5:bb:ba:1f:b8:3a:86:00:6e:4d:bd:50:
9e:a3:c0:bc:40:08:6e:22:7d:70:62:d9:85:de:d6:
8d:07:15:a5:81:b6:11:c9:88:ac:1b:e5:91:f3:04:
b1:7e:89:d1:46:f7:15:08:1f:bb:1e:83:3d:66:2a:
f0:14:d7:c9:07:82:94:b8:86:3e:07:43:34:29:76:
b6:ae:2b:09:d0:a6:2e:ce:ed:e8:82:7f:9d:c2:e0:
fd:9c:3b:7f:22:4f:ae:e4:e3:6f:7a:e6:80:99:27:
91:b5:9b:ab:f9:d8:de:e9:c6:f2:e0:9b:07:91:64:
ce:81:64:4f:2c:44:00:40:c2:b1:6a:ee:ea:0a:d5:
0e:79:3a:94:24:55:9e:3d:3a:17:4c:e1:ee:16:f3:
ee:99:ba:ef:58:cd:87:b7:8e:25:9a:54:5e:76:1d:
09:62:c0:9b:6f:37:28:24:64:ce:f5:3d:73:45:54:
41:28:e6:e3:d4:4c:42:47:19:57:49:59:73:be:a1:
3f:e6:16:67:a3:49:36:22:61:5d:df:2c:14:c5:e8:
b5:fb:ef:6c:10:fe:8e:ff:3c:1b:77:3c:b3:11:db:
1c:ed:21:e6:a9:5a:2d:57:10:4d:2a:eb:76:13:f4:
8f:a7:78:7b:6e:11:77:09:43:cc:15:9d:b1:92:e3:
37:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:68:F6:AC:E5:22:37:A0:5C:18:33:35:A7:5B:80:2C:07:C7:BE:A2
X509v3 Authority Key Identifier:
keyid:47:0B:E1:86:5F:50:79:E2:4B:1A:7A:DF:DC:A2:7E:E2:FE:5D:1F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rwvhhl9QeeJLGnrf3KJ-4v5dH4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/087f99-cb9d-40a8-9830-1e695ef49c10/1/d2j2rOUiN6BcGDM1p1uALAfHvqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/087f99-cb9d-40a8-9830-1e695ef49c10/1/Rwvhhl9QeeJLGnrf3KJ-4v5dH4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.160.0/21
185.38.232.0/22
193.84.9.0/24
195.80.226.0/24
IPv6:
2a02:720::/32
Signature Algorithm: sha256WithRSAEncryption
80:e1:34:43:1e:b4:28:14:53:8a:c8:11:d0:cd:41:8d:36:ea:
64:69:10:1d:24:7d:b0:7d:04:9e:66:3f:66:3f:98:1d:f6:a8:
7b:09:0f:9a:ca:ba:54:3f:3b:b9:02:c0:9c:39:cd:25:07:bb:
31:5d:51:b3:46:9d:12:8a:a2:74:3a:ff:dc:e9:a8:4b:9d:15:
9c:3c:55:94:66:47:74:20:83:dd:86:f3:87:71:03:f6:9a:8e:
b0:8a:bb:b4:4c:18:60:ca:2a:fa:db:b3:ec:95:91:20:f9:9b:
2f:d8:40:b0:6c:0d:e6:a3:d5:06:ca:11:07:e9:c1:aa:ae:49:
2a:f2:4e:80:66:0c:58:1c:b2:8b:f8:eb:ed:fd:d1:ea:24:46:
65:b6:89:63:ec:40:6a:8d:60:1e:b7:18:fb:56:4c:d4:fc:17:
b3:9f:38:b8:f4:64:27:f0:4a:eb:4f:58:12:4f:c9:8f:4f:43:
df:67:5a:0d:b9:fc:5b:33:a7:63:d7:f0:74:cd:3d:31:d4:05:
5b:8e:e7:a4:8c:93:c8:83:86:cf:47:b9:1b:69:0e:64:b5:58:
e5:2c:37:3a:2e:cd:17:7a:00:95:27:91:ea:a1:8e:e3:9e:e3:
02:c5:8a:e4:83:24:92:04:7c:78:fc:59:9b:19:de:d4:cd:8a:
58:93:ee:22
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYtxW2GzDTmQvcsu+Vn4PVVPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MGJlMTg2NWY1MDc5ZTI0YjFhN2FkZmRjYTI3ZWUyZmU1
ZDFmODkwHhcNMjMxMDI3MTMzODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzY4ZjZhY2U1MjIzN2EwNWMxODMzMzVhNzViODAyYzA3YzdiZWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0+lu7ofuDqGAG5NvVCeo8C8QAhu
In1wYtmF3taNBxWlgbYRyYisG+WR8wSxfonRRvcVCB+7HoM9ZirwFNfJB4KUuIY+
B0M0KXa2risJ0KYuzu3ogn+dwuD9nDt/Ik+u5ONveuaAmSeRtZur+dje6cby4JsH
kWTOgWRPLEQAQMKxau7qCtUOeTqUJFWePToXTOHuFvPumbrvWM2Ht44lmlRedh0J
YsCbbzcoJGTO9T1zRVRBKObj1ExCRxlXSVlzvqE/5hZno0k2ImFd3ywUxei1++9s
EP6O/zwbdzyzEdsc7SHmqVotVxBNKut2E/SPp3h7bhF3CUPMFZ2xkuM3EQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHdo9qzlIjegXBgzNadbgCwHx76iMB8GA1UdIwQY
MBaAFEcL4YZfUHniSxp639yifuL+XR+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnd2aGhsOVFlZUpMR25yZjNLSi00djVkSDRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8wODdmOTktY2I5ZC00MGE4LTk4MzAt
MWU2OTVlZjQ5YzEwLzEvZDJqMnJPVWlONkJjR0RNMXAxdUFMQWZIdnFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi8wODdmOTktY2I5ZC00MGE4LTk4MzAtMWU2OTVlZjQ5YzEw
LzEvUnd2aGhsOVFlZUpMR25yZjNLSi00djVkSDRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDTVegAwQC
uSboAwQAwVQJAwQAw1DiMA0EAgACMAcDBQAqAgcgMA0GCSqGSIb3DQEBCwUAA4IB
AQCA4TRDHrQoFFOKyBHQzUGNNupkaRAdJH2wfQSeZj9mP5gd9qh7CQ+ayrpUPzu5
AsCcOc0lB7sxXVGzRp0SiqJ0Ov/c6ahLnRWcPFWUZkd0IIPdhvOHcQP2mo6wiru0
TBhgyir627PslZEg+Zsv2ECwbA3mo9UGyhEH6cGqrkkq8k6AZgxYHLKL+Ovt/dHq
JEZltolj7EBqjWAetxj7VkzU/Beznzi49GQn8ErrT1gST8mPT0PfZ1oNufxbM6dj
1/B0zT0x1AVbjuekjJPIg4bPR7kbaQ5ktVjlLDc6Ls0XegCVJ5HqoY7jnuMCxYrk
gySSBHx4/FmbGd7UzYpYk+4i
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:44 2024 by rpki-client on console-ams.rpki-client.org