Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/anmgGwuzWPNCOEIWSSDA8p7owv8.roa
File: anmgGwuzWPNCOEIWSSDA8p7owv8.roa (raw, json)
Hash identifier: jsdxAUmLEWyI/YjwIcKIVkFs9jstRL8X8+xcJWGFHWo=
Subject key identifier: 6A:79:A0:1B:0B:B3:58:F3:42:38:42:16:49:20:C0:F2:9E:E8:C2:FF
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01859BFABF8D65CEF111422AE133906CC305
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/anmgGwuzWPNCOEIWSSDA8p7owv8.roa
Signing time: Tue 10 Jan 2023 13:59:39 +0000
ROA not before: Tue 10 Jan 2023 13:59:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8795
IP address blocks: 77.85.175.0/24 maxlen: 24
212.5.130.0/24 maxlen: 24
212.5.133.0/24 maxlen: 24
212.5.145.0/24 maxlen: 24
213.16.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Apr 2023 06:51:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9b:fa:bf:8d:65:ce:f1:11:42:2a:e1:33:90:6c:c3:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 10 13:59:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a79a01b0bb358f3423842164920c0f29ee8c2ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:27:bf:94:1f:ca:88:0b:a7:f2:3b:ae:e7:a4:
e7:11:d1:6e:5b:c8:15:48:91:fc:56:c2:40:9b:80:
63:ee:f0:b0:a2:b3:5f:6f:e0:c9:b7:5c:4b:e9:ff:
80:94:d4:a4:84:f7:93:6d:b3:0d:07:0d:40:9b:9e:
be:95:9c:02:aa:48:bb:b7:50:a0:47:47:7e:79:65:
30:3d:29:73:79:0b:e2:d0:a5:df:b2:a3:8d:cd:83:
06:34:68:07:f1:61:3d:d1:39:82:5c:dd:54:4e:9b:
17:11:9a:94:25:a4:a3:97:37:e7:c2:a1:06:af:81:
02:fb:ed:5e:11:5a:86:74:b4:90:8d:1c:63:ab:f1:
13:97:ef:98:bf:18:60:a2:1e:a0:18:08:da:f0:38:
50:d8:c0:2b:9e:49:f9:e0:ec:56:2d:f3:7c:a7:1e:
f8:64:db:6f:e4:50:c8:97:9f:3c:d2:c3:1c:51:f4:
96:5c:7b:e8:16:9b:e7:0b:29:bf:c8:84:06:c5:90:
48:e5:ff:fb:d7:63:70:05:75:1b:96:68:01:bd:f7:
70:18:dd:c0:0e:47:3c:61:d6:98:af:fc:4a:39:2c:
8b:32:27:5c:82:03:f7:63:ec:00:8e:04:9d:76:59:
a3:d2:ad:37:da:a4:85:26:8d:7a:b7:96:41:bc:fc:
fc:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:79:A0:1B:0B:B3:58:F3:42:38:42:16:49:20:C0:F2:9E:E8:C2:FF
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/anmgGwuzWPNCOEIWSSDA8p7owv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.85.175.0/24
212.5.130.0/24
212.5.133.0/24
212.5.145.0/24
213.16.35.0/24
Signature Algorithm: sha256WithRSAEncryption
17:f3:8e:0e:62:6f:79:de:69:4d:bb:ee:18:99:56:89:44:ae:
21:a9:ff:0f:60:cb:3a:4a:72:fd:9b:bc:80:08:38:d6:ec:7b:
73:87:ac:08:2e:96:5e:23:5a:8a:d9:12:c8:56:7d:b6:16:de:
6a:a5:53:27:67:03:1b:48:52:49:c4:26:58:b2:5d:82:c6:7d:
6f:5a:23:a0:7e:96:da:06:1c:4f:15:12:22:01:cf:3c:83:8a:
15:cc:9a:81:b7:83:3b:c7:6e:bb:7a:91:e9:21:26:69:9d:73:
4d:d5:a3:c2:20:eb:33:61:46:a1:27:a8:c0:56:b0:86:cf:8f:
8d:3c:b4:7a:f9:77:d8:1e:a5:27:4d:a3:7c:85:f8:11:42:4b:
d1:8b:a0:0f:61:0b:99:2e:14:8f:d4:a7:04:fb:56:73:ca:c1:
f9:4f:42:49:cd:62:38:b4:02:e4:89:58:5b:dc:bc:01:b8:5f:
5c:56:a8:73:87:76:61:df:1a:9e:52:de:af:95:32:47:73:d4:
f9:7c:ac:16:3f:18:23:9e:31:00:a9:1e:3c:ba:cc:43:e3:5b:
13:32:cb:f5:a0:6e:22:c9:7d:03:c7:72:f4:2e:42:65:66:2a:
25:09:73:6e:0a:bc:28:d8:1b:d7:28:57:7a:ee:10:e8:60:d2:
86:47:ba:3f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYWb+r+NZc7xEUIq4TOQbMMFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwMTEwMTM1OTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTc5YTAxYjBiYjM1OGYzNDIzODQyMTY0OTIwYzBmMjllZThjMmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApye/lB/KiAun8juu56TnEdFuW8gV
SJH8VsJAm4Bj7vCworNfb+DJt1xL6f+AlNSkhPeTbbMNBw1Am56+lZwCqki7t1Cg
R0d+eWUwPSlzeQvi0KXfsqONzYMGNGgH8WE90TmCXN1UTpsXEZqUJaSjlzfnwqEG
r4EC++1eEVqGdLSQjRxjq/ETl++Yvxhgoh6gGAja8DhQ2MArnkn54OxWLfN8px74
ZNtv5FDIl5880sMcUfSWXHvoFpvnCym/yIQGxZBI5f/712NwBXUblmgBvfdwGN3A
Dkc8YdaYr/xKOSyLMidcggP3Y+wAjgSddlmj0q032qSFJo16t5ZBvPz8WwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGp5oBsLs1jzQjhCFkkgwPKe6ML/MB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvYW5tZ0d3dXpXUE5DT0VJV1NTREE4cDdvd3Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATVWvAwQA
1AWCAwQA1AWFAwQA1AWRAwQA1RAjMA0GCSqGSIb3DQEBCwUAA4IBAQAX844OYm95
3mlNu+4YmVaJRK4hqf8PYMs6SnL9m7yACDjW7Htzh6wILpZeI1qK2RLIVn22Ft5q
pVMnZwMbSFJJxCZYsl2Cxn1vWiOgfpbaBhxPFRIiAc88g4oVzJqBt4M7x267epHp
ISZpnXNN1aPCIOszYUahJ6jAVrCGz4+NPLR6+XfYHqUnTaN8hfgRQkvRi6APYQuZ
LhSP1KcE+1ZzysH5T0JJzWI4tALkiVhb3LwBuF9cVqhzh3Zh3xqeUt6vlTJHc9T5
fKwWPxgjnjEAqR48usxD41sTMsv1oG4iyX0Dx3L0LkJlZiolCXNuCrwo2BvXKFd6
7hDoYNKGR7o/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:53 2024 by rpki-client on console-ams.rpki-client.org