Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/1-kWz1XdhxMEs-XwCRmLcrCJNyLc.roa
File: 1-kWz1XdhxMEs-XwCRmLcrCJNyLc.roa (raw, json)
Hash identifier: bFPkHE8AOyvik83oRGVTKm7ZV78MkCi0FsaEpoe51wY=
Subject key identifier: FA:45:B3:D5:77:61:C4:C1:2C:F9:7C:02:46:62:DC:AC:22:4D:C8:B7
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 018AB7184C3D504274B261476819E06EBB73
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/1-kWz1XdhxMEs-XwCRmLcrCJNyLc.roa
Signing time: Thu 21 Sep 2023 09:35:37 +0000
ROA not before: Thu 21 Sep 2023 09:35:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51713
IP address blocks: 77.95.113.0/24 maxlen: 24
192.250.224.0/24 maxlen: 24
192.250.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b7:18:4c:3d:50:42:74:b2:61:47:68:19:e0:6e:bb:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Sep 21 09:35:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa45b3d57761c4c12cf97c024662dcac224dc8b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:0f:ba:48:6e:cb:48:88:aa:84:95:d5:15:20:
70:8a:7b:16:50:24:3e:60:34:2e:ca:d8:71:9b:ba:
a0:17:db:ae:1c:79:7f:4a:c5:54:1e:84:fc:2a:13:
86:d4:f6:ad:77:19:08:47:c1:93:7d:87:09:d2:c8:
05:ae:c7:b8:9e:bd:ef:d6:b7:2f:3d:ec:52:ff:0a:
77:67:f3:16:ad:e8:b1:2a:9c:06:f3:c4:28:be:12:
84:cf:0e:51:5f:71:7f:32:75:e1:fb:bf:a9:70:01:
b4:af:31:94:ff:e0:25:98:ce:8d:b3:a3:be:d0:5f:
94:f2:96:17:42:76:61:8a:34:99:6d:95:47:1d:a1:
90:69:a5:79:b5:53:d4:85:e6:26:9e:52:bf:10:a9:
87:37:b2:ed:d1:a4:41:41:94:e0:a3:00:72:ca:8e:
30:23:97:d0:23:1a:16:e9:e0:48:5a:eb:00:b3:7c:
5c:c3:2b:e1:d3:9f:23:54:de:da:98:71:0a:df:0e:
dd:65:bd:50:91:5b:c5:57:04:39:d6:ec:05:05:5c:
cb:3f:fd:8d:fb:bf:2e:04:ce:18:03:f7:1a:15:b0:
a3:c6:0e:c0:b4:39:93:2b:ae:d8:43:bd:50:77:79:
75:a6:99:14:74:02:b3:96:a8:34:c1:9a:3b:51:ba:
e6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:45:B3:D5:77:61:C4:C1:2C:F9:7C:02:46:62:DC:AC:22:4D:C8:B7
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/1-kWz1XdhxMEs-XwCRmLcrCJNyLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.113.0/24
192.250.224.0/24
192.250.239.0/24
Signature Algorithm: sha256WithRSAEncryption
37:39:7e:4d:06:b9:36:a4:4d:cd:4c:22:83:fe:b8:cf:53:68:
f3:9a:b0:60:98:41:d6:ff:2e:9d:42:96:c5:e3:1c:c6:75:9a:
09:d7:07:74:49:88:bf:e9:4b:5b:de:fb:ae:f6:42:12:e0:f3:
7b:0a:b8:3c:a2:df:2b:d3:20:fd:e8:07:3b:c8:9b:21:ea:b8:
1c:d2:b6:3e:2a:bb:bf:ee:ed:eb:4d:61:87:b8:0f:8f:46:1f:
33:33:8c:1e:e5:3c:5c:54:ac:5c:49:65:26:a4:eb:42:8e:83:
a7:37:85:81:99:60:ce:aa:63:8d:48:3c:77:18:3c:6d:6c:df:
4a:e6:e3:d4:76:20:b7:75:89:97:b1:3b:0a:7a:62:c5:90:f7:
cb:c0:68:22:e6:1a:27:a3:9d:6e:3c:8a:3b:4a:7f:46:be:e2:
20:e0:54:d6:83:eb:7d:70:e8:d2:75:1d:7d:6f:f6:e0:d3:c2:
02:fc:f2:a3:7f:b1:04:1d:0c:98:7d:fc:30:65:d9:ff:b2:3f:
df:fc:69:2f:41:8c:f0:a2:94:4b:09:f0:5d:01:06:40:ea:63:
7f:d5:0f:41:3b:80:63:f4:4b:85:24:7e:31:81:4c:b8:a5:f0:
06:e7:9a:d8:cc:ca:5b:5f:99:4b:8a:5b:75:d5:eb:81:33:f4:
42:4f:ab:d4
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYq3GEw9UEJ0smFHaBngbrtzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjMwOTIxMDkzNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTQ1YjNkNTc3NjFjNGMxMmNmOTdjMDI0NjYyZGNhYzIyNGRjOGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0A+6SG7LSIiqhJXVFSBwinsWUCQ+
YDQuythxm7qgF9uuHHl/SsVUHoT8KhOG1PatdxkIR8GTfYcJ0sgFrse4nr3v1rcv
PexS/wp3Z/MWreixKpwG88QovhKEzw5RX3F/MnXh+7+pcAG0rzGU/+AlmM6Ns6O+
0F+U8pYXQnZhijSZbZVHHaGQaaV5tVPUheYmnlK/EKmHN7Lt0aRBQZTgowByyo4w
I5fQIxoW6eBIWusAs3xcwyvh058jVN7amHEK3w7dZb1QkVvFVwQ51uwFBVzLP/2N
+78uBM4YA/caFbCjxg7AtDmTK67YQ71Qd3l1ppkUdAKzlqg0wZo7Ubrm5QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPpFs9V3YcTBLPl8AkZi3KwiTci3MB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvMS1rV3oxWGRoeE1Fcy1Yd0NSbUxjckNKTnlMYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWYvMjIyM2NhLWNlMzgtNDliYi1iMTI1LWNjYTM3NjA2YmYx
OC8xL1VzMmFaUkxiOGxwZkdiZ24xNkxINGlvdTZOMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAE1fcQME
AMD64AMEAMD67zANBgkqhkiG9w0BAQsFAAOCAQEANzl+TQa5NqRNzUwig/64z1No
85qwYJhB1v8unUKWxeMcxnWaCdcHdEmIv+lLW977rvZCEuDzewq4PKLfK9Mg/egH
O8ibIeq4HNK2Piq7v+7t601hh7gPj0YfMzOMHuU8XFSsXEllJqTrQo6DpzeFgZlg
zqpjjUg8dxg8bWzfSubj1HYgt3WJl7E7CnpixZD3y8BoIuYaJ6OdbjyKO0p/Rr7i
IOBU1oPrfXDo0nUdfW/24NPCAvzyo3+xBB0MmH38MGXZ/7I/3/xpL0GM8KKUSwnw
XQEGQOpjf9UPQTuAY/RLhSR+MYFMuKXwBuea2MzKW1+ZS4pbddXrgTP0Qk+r1A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:27 2024 by rpki-client on console-ams.rpki-client.org