Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/pIw5iptC8fk84oaI1GDN0hng3js.roa
File: pIw5iptC8fk84oaI1GDN0hng3js.roa (raw, json)
Hash identifier: hLT2W1sVC8CzlTElTeUFVrQ0YOxRC8SPSlSzztlnbGk=
Subject key identifier: A4:8C:39:8A:9B:42:F1:F9:3C:E2:86:88:D4:60:CD:D2:19:E0:DE:3B
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 0189E3AF38A04F8B9301D51C9E0DDFD6DBBE
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/pIw5iptC8fk84oaI1GDN0hng3js.roa
Signing time: Fri 11 Aug 2023 08:20:58 +0000
ROA not before: Fri 11 Aug 2023 08:20:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51713
IP address blocks: 77.95.113.0/24 maxlen: 24
192.250.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Sep 2023 09:35:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e3:af:38:a0:4f:8b:93:01:d5:1c:9e:0d:df:d6:db:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Aug 11 08:20:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a48c398a9b42f1f93ce28688d460cdd219e0de3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ed:a7:eb:0f:16:b9:e0:1a:65:fd:ca:d3:74:
92:c9:9a:85:18:1e:d6:b6:58:15:7e:90:74:b8:ae:
da:ef:4f:71:01:d3:8d:1f:5d:9d:2d:e4:86:52:9f:
5f:ce:b1:f6:9b:07:de:56:07:77:42:3b:f6:87:90:
3f:d6:24:db:0a:29:6e:50:12:45:e2:19:40:8c:c9:
6f:a2:06:0c:70:41:6d:46:c0:65:85:20:63:23:23:
75:af:41:ed:21:bb:a4:71:df:bd:45:12:a6:cb:33:
f5:da:85:0f:95:c7:10:51:e5:92:7e:1d:c8:c7:c3:
65:66:e7:0c:8c:ec:5e:b2:fd:ad:af:2a:f8:47:33:
ed:3b:22:19:d6:3d:5b:8a:cc:a3:df:b4:79:89:d9:
e1:cf:bb:85:aa:74:d7:50:5a:f4:a9:8e:21:8a:81:
ce:6a:8b:d3:d4:e8:db:9e:e3:0c:1c:2b:d2:a4:bd:
1b:7e:df:bf:77:2a:a1:7f:1c:71:8f:77:4b:1d:b6:
3f:9f:68:93:ac:f1:96:e3:7a:c0:73:e0:09:30:ba:
dc:b6:62:8d:66:fd:a4:04:52:a2:db:76:63:fb:80:
4c:80:33:2e:bd:f9:5b:d5:c7:d2:98:51:41:76:7b:
09:a1:12:43:e3:dd:09:aa:7d:58:11:b9:fb:c3:d3:
82:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:8C:39:8A:9B:42:F1:F9:3C:E2:86:88:D4:60:CD:D2:19:E0:DE:3B
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/pIw5iptC8fk84oaI1GDN0hng3js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.113.0/24
192.250.239.0/24
Signature Algorithm: sha256WithRSAEncryption
52:4b:06:6e:e4:ae:ed:9b:cb:85:de:cb:61:ef:eb:ed:f6:d9:
48:59:7b:36:88:e9:9f:2f:8d:af:4a:2c:ae:97:b9:fc:df:f6:
36:c4:ce:47:95:d0:c4:0b:57:94:03:81:af:dc:d5:9e:51:d9:
2e:6a:84:61:69:bf:92:1a:c2:12:6e:06:a1:5f:b9:90:2b:14:
3e:40:db:14:44:20:83:72:ba:c1:ca:00:ba:7f:3c:24:e2:e3:
f8:0a:72:91:22:40:7a:73:b3:a6:ee:9e:bc:9d:fa:8c:3b:92:
12:51:ef:82:13:6f:51:50:0a:63:54:6c:6c:0a:2d:68:9b:b9:
d9:14:96:6e:4d:b3:13:b8:1f:a3:84:cf:bb:e0:f4:de:46:61:
35:15:e7:cf:d1:de:00:79:6d:fe:d5:12:74:fa:76:ce:89:8b:
b3:75:a1:70:97:34:7a:42:4c:5c:97:9f:15:a0:24:58:fd:be:
4f:f8:fd:3b:c8:bc:6e:be:3e:ce:f2:c7:bd:51:1b:22:c6:e3:
55:8b:a3:23:31:1a:52:76:81:52:64:57:63:8d:a4:91:72:b7:
c2:94:9b:87:f1:88:6d:e7:d1:98:e7:2c:0b:6c:5a:dd:89:5a:
44:7f:49:d1:16:45:12:32:f1:44:c0:7e:ba:0b:98:23:a9:d6:
d2:08:77:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnjrzigT4uTAdUcng3f1tu+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjMwODExMDgyMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDhjMzk4YTliNDJmMWY5M2NlMjg2ODhkNDYwY2RkMjE5ZTBkZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAme2n6w8WueAaZf3K03SSyZqFGB7W
tlgVfpB0uK7a709xAdONH12dLeSGUp9fzrH2mwfeVgd3Qjv2h5A/1iTbCiluUBJF
4hlAjMlvogYMcEFtRsBlhSBjIyN1r0HtIbukcd+9RRKmyzP12oUPlccQUeWSfh3I
x8NlZucMjOxesv2tryr4RzPtOyIZ1j1bisyj37R5idnhz7uFqnTXUFr0qY4hioHO
aovT1OjbnuMMHCvSpL0bft+/dyqhfxxxj3dLHbY/n2iTrPGW43rAc+AJMLrctmKN
Zv2kBFKi23Zj+4BMgDMuvflb1cfSmFFBdnsJoRJD490Jqn1YEbn7w9OCVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKSMOYqbQvH5POKGiNRgzdIZ4N47MB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvcEl3NWlwdEM4Zms4NG9hSTFHRE4waG5nM2pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATV9xAwQA
wPrvMA0GCSqGSIb3DQEBCwUAA4IBAQBSSwZu5K7tm8uF3sth7+vt9tlIWXs2iOmf
L42vSiyul7n83/Y2xM5HldDEC1eUA4Gv3NWeUdkuaoRhab+SGsISbgahX7mQKxQ+
QNsURCCDcrrBygC6fzwk4uP4CnKRIkB6c7Om7p68nfqMO5ISUe+CE29RUApjVGxs
Ci1om7nZFJZuTbMTuB+jhM+74PTeRmE1FefP0d4AeW3+1RJ0+nbOiYuzdaFwlzR6
Qkxcl58VoCRY/b5P+P07yLxuvj7O8se9URsixuNVi6MjMRpSdoFSZFdjjaSRcrfC
lJuH8Yht59GY5ywLbFrdiVpEf0nRFkUSMvFEwH66C5gjqdbSCHdB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:27 2024 by rpki-client on console-ams.rpki-client.org