Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/vK7_Hkeciv697tO89yrNW3Php_g.roa
File: vK7_Hkeciv697tO89yrNW3Php_g.roa (raw, json)
Hash identifier: zGggu2KHgbl8rC7Yudq9SObvD8QbGFz+QkCIx7rq67c=
Subject key identifier: BC:AE:FF:1E:47:9C:8A:FE:BD:EE:D3:BC:F7:2A:CD:5B:73:E1:A7:F8
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01856CE64AF1653F779F0CF7362D8379F11A
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/vK7_Hkeciv697tO89yrNW3Php_g.roa
Signing time: Sun 01 Jan 2023 10:35:09 +0000
ROA not before: Sun 01 Jan 2023 10:35:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8795
IP address blocks: 77.85.175.0/24 maxlen: 24
212.5.133.0/24 maxlen: 24
213.16.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Jan 2023 08:49:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:4a:f1:65:3f:77:9f:0c:f7:36:2d:83:79:f1:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 10:35:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bcaeff1e479c8afebdeed3bcf72acd5b73e1a7f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c6:72:ce:5a:b7:4b:86:7b:af:17:d7:81:14:
60:26:a9:38:c0:aa:55:15:88:b6:b7:12:02:e4:ec:
86:9b:ea:1e:51:e6:a9:83:20:ac:0b:7f:dd:ae:ee:
e1:ba:70:88:69:96:8f:48:3d:96:6d:82:8a:1b:40:
df:c2:05:a8:c8:ed:94:58:c5:de:dc:8d:f9:31:c1:
ad:b1:33:17:49:9c:e8:e4:3b:36:fb:23:cf:4d:f7:
22:e2:7d:46:66:f0:8f:01:6c:89:41:4d:53:62:f1:
f5:91:f2:12:ba:53:8f:c5:16:9a:54:49:79:e5:b5:
1e:44:d6:42:db:ce:0e:16:7e:b6:e3:8c:99:ad:8c:
6e:74:64:5c:fe:6b:87:41:1d:fd:14:20:ff:1c:dd:
ed:76:6a:e0:5b:98:d5:38:a2:b4:d9:a5:fe:3c:21:
18:97:4f:15:1c:ad:76:4c:ff:d8:81:16:6b:66:98:
7e:d8:0a:80:c1:84:bd:44:a1:cd:f4:00:50:03:8a:
dc:b0:0a:0a:fa:11:3a:a1:11:76:1f:4e:4c:dd:d1:
da:d8:0f:19:a3:b4:d0:bd:43:29:4b:3f:6c:0e:a4:
3f:d9:3c:71:17:ae:29:91:00:bb:27:8f:ba:a2:3f:
3c:29:66:38:40:9a:9d:75:c9:dc:f8:c9:52:32:44:
2f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:AE:FF:1E:47:9C:8A:FE:BD:EE:D3:BC:F7:2A:CD:5B:73:E1:A7:F8
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/vK7_Hkeciv697tO89yrNW3Php_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.85.175.0/24
212.5.133.0/24
213.16.35.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:42:db:d3:64:42:8f:18:1c:05:e4:03:2c:71:4f:4b:5f:6c:
49:e3:a1:44:a5:a4:d1:b6:af:eb:c6:4f:6a:97:5d:8d:6c:b8:
c9:00:27:d8:b2:94:b2:03:5a:47:cb:fd:06:f4:65:1d:fc:a5:
80:38:9c:3c:17:eb:36:9a:1a:98:2b:ea:5a:8d:1e:46:09:5a:
f2:94:07:d8:fd:3b:a9:79:90:31:8d:74:38:64:2d:b3:54:af:
42:4d:64:25:1b:c2:b4:60:d6:52:1c:84:5c:2b:8a:19:a0:84:
5c:41:38:11:c3:dc:c8:3b:be:ca:22:86:c3:f3:bd:85:c0:fc:
2f:f8:c8:a0:52:14:7c:61:8a:4d:ad:1b:cb:5e:ef:f8:8e:8f:
31:f3:9a:7a:38:90:0d:90:3c:89:86:27:00:27:9d:10:9e:45:
34:58:3e:b5:6f:1e:40:f3:ce:51:b6:5f:64:5b:d0:c3:77:da:
a0:0d:03:0f:5d:6b:99:2d:2f:e4:60:87:90:99:52:dc:15:14:
05:7c:bc:5e:ad:03:6b:33:31:0c:2b:5c:8b:20:35:2e:a1:7c:
69:cc:a4:ee:9f:10:75:36:68:74:f8:1d:29:16:41:de:ad:91:
2e:a4:42:66:5a:50:ad:f1:c8:df:ae:eb:08:c7:be:12:8c:60:
1a:73:e2:ba
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVs5krxZT93nwz3Ni2DefEaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwMTAxMTAzNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2FlZmYxZTQ3OWM4YWZlYmRlZWQzYmNmNzJhY2Q1YjczZTFhN2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMZyzlq3S4Z7rxfXgRRgJqk4wKpV
FYi2txIC5OyGm+oeUeapgyCsC3/dru7hunCIaZaPSD2WbYKKG0DfwgWoyO2UWMXe
3I35McGtsTMXSZzo5Ds2+yPPTfci4n1GZvCPAWyJQU1TYvH1kfISulOPxRaaVEl5
5bUeRNZC284OFn6244yZrYxudGRc/muHQR39FCD/HN3tdmrgW5jVOKK02aX+PCEY
l08VHK12TP/YgRZrZph+2AqAwYS9RKHN9ABQA4rcsAoK+hE6oRF2H05M3dHa2A8Z
o7TQvUMpSz9sDqQ/2TxxF64pkQC7J4+6oj88KWY4QJqddcnc+MlSMkQvLQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLyu/x5HnIr+ve7TvPcqzVtz4af4MB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvdks3X0hrZWNpdjY5N3RPODl5ck5XM1BocF9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVWvAwQA
1AWFAwQA1RAjMA0GCSqGSIb3DQEBCwUAA4IBAQCmQtvTZEKPGBwF5AMscU9LX2xJ
46FEpaTRtq/rxk9ql12NbLjJACfYspSyA1pHy/0G9GUd/KWAOJw8F+s2mhqYK+pa
jR5GCVrylAfY/TupeZAxjXQ4ZC2zVK9CTWQlG8K0YNZSHIRcK4oZoIRcQTgRw9zI
O77KIobD872FwPwv+MigUhR8YYpNrRvLXu/4jo8x85p6OJANkDyJhicAJ50QnkU0
WD61bx5A885Rtl9kW9DDd9qgDQMPXWuZLS/kYIeQmVLcFRQFfLxerQNrMzEMK1yL
IDUuoXxpzKTunxB1Nmh0+B0pFkHerZEupEJmWlCt8cjfrusIx74SjGAac+K6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:05 2024 by rpki-client on console-fra.rpki-client.org