Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/leNbNYXdLnu1izbUsqY7G49rRMc.roa
File: leNbNYXdLnu1izbUsqY7G49rRMc.roa (raw, json)
Hash identifier: oHvehf8F6WKBMKxaKZYpA7Rirs3zYeutfHe/QmJHFDA=
Subject key identifier: 95:E3:5B:35:85:DD:2E:7B:B5:8B:36:D4:B2:A6:3B:1B:8F:6B:44:C7
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 018DB8B0F7EC7B18B08A845835F29B783C4F
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/leNbNYXdLnu1izbUsqY7G49rRMc.roa
Signing time: Sat 17 Feb 2024 20:10:21 +0000
ROA not before: Sat 17 Feb 2024 20:10:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 77.223.192.0/21 maxlen: 21
77.223.200.0/23 maxlen: 24
79.139.64.0/23 maxlen: 24
176.222.48.0/22 maxlen: 24
178.255.244.0/22 maxlen: 24
198.145.112.0/22 maxlen: 24
212.69.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 23:54:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b8:b0:f7:ec:7b:18:b0:8a:84:58:35:f2:9b:78:3c:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Feb 17 20:10:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95e35b3585dd2e7bb58b36d4b2a63b1b8f6b44c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ef:c2:f3:71:e2:1f:f9:07:7f:87:be:14:62:
70:93:b3:74:51:b4:8c:d4:bc:06:59:17:5b:38:66:
e2:cc:e5:45:ae:f9:cc:75:99:3f:fa:1b:d8:3f:0c:
10:ad:aa:58:3d:3c:ad:29:ba:c5:9b:4b:da:71:12:
49:92:fa:25:38:8e:db:04:98:b5:d2:3d:89:4a:67:
c9:a3:26:0d:c4:b1:6e:09:32:fa:f1:40:95:b6:a8:
f5:57:1d:83:03:2b:c4:04:eb:02:f1:2d:76:fb:08:
21:7f:1f:cc:ef:41:fd:4b:64:8a:bf:ab:a9:fc:43:
06:c1:cc:8f:38:8c:9c:db:b6:59:35:32:65:ad:4c:
60:0d:8b:db:83:74:52:a9:32:7e:7e:91:9a:4b:b9:
3a:19:2f:5b:5f:4d:96:73:a2:1c:19:ed:f5:7d:cf:
bf:6b:b4:1e:14:03:e1:66:a6:c7:6d:38:81:f8:1d:
69:75:05:31:3f:8f:cd:f6:31:6a:a3:c6:aa:e7:ba:
67:b6:d0:7e:40:13:6d:4e:39:ac:16:14:e0:ba:12:
18:8d:82:66:8c:d8:69:13:e9:b8:f1:b1:8b:e5:48:
1a:dc:01:e7:0f:e2:83:1f:3c:2b:0e:d1:37:56:40:
b0:b8:7c:0c:8e:86:dd:55:12:8a:5d:5c:be:81:20:
12:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:E3:5B:35:85:DD:2E:7B:B5:8B:36:D4:B2:A6:3B:1B:8F:6B:44:C7
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/leNbNYXdLnu1izbUsqY7G49rRMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.223.192.0-77.223.201.255
79.139.64.0/23
176.222.48.0/22
178.255.244.0/22
198.145.112.0/22
212.69.88.0/21
Signature Algorithm: sha256WithRSAEncryption
13:18:bf:d3:7e:85:9e:cb:13:e9:82:44:5a:5f:11:be:6f:e8:
4c:10:5d:b2:b3:aa:22:51:93:f9:3c:96:3f:60:2c:8b:d1:0f:
93:6c:38:65:f9:d1:7a:53:32:6f:e3:0f:e9:e3:79:07:7b:4b:
de:6f:ad:81:c0:b7:63:24:4a:8d:2e:b3:6e:34:9a:a1:7d:e1:
a0:b8:19:6b:07:3b:dd:11:76:27:d8:06:7d:2c:cc:3c:a2:cf:
de:b3:85:fb:3a:d0:2d:c6:50:34:ce:ff:85:65:ea:7d:8d:7e:
40:a8:a5:f3:f9:d9:2c:14:85:26:e1:b5:55:d9:db:63:b2:7f:
cc:bd:8d:03:ac:6a:e1:97:61:68:9d:51:62:af:4d:d9:0e:f9:
d7:00:ee:d4:bd:83:a1:4b:7f:4c:c5:79:96:f4:db:ef:05:ac:
c0:34:96:f1:f3:1a:ca:40:c9:46:69:eb:ff:87:e6:f5:0b:70:
9a:10:82:8e:88:d5:65:17:f7:40:e8:8c:15:9b:c6:32:d5:dd:
1e:c3:f5:96:eb:1b:6a:cc:a6:fb:27:18:67:62:01:4a:f0:d4:
a0:af:60:e2:1f:75:95:ec:fb:7a:19:0f:b5:32:ad:87:7a:90:
07:f8:2d:40:6b:52:5d:10:78:9e:67:23:d1:93:cc:73:92:68:
fd:16:3c:ec
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY24sPfsexiwioRYNfKbeDxPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwMjE3MjAxMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWUzNWIzNTg1ZGQyZTdiYjU4YjM2ZDRiMmE2M2IxYjhmNmI0NGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhe/C83HiH/kHf4e+FGJwk7N0UbSM
1LwGWRdbOGbizOVFrvnMdZk/+hvYPwwQrapYPTytKbrFm0vacRJJkvolOI7bBJi1
0j2JSmfJoyYNxLFuCTL68UCVtqj1Vx2DAyvEBOsC8S12+wghfx/M70H9S2SKv6up
/EMGwcyPOIyc27ZZNTJlrUxgDYvbg3RSqTJ+fpGaS7k6GS9bX02Wc6IcGe31fc+/
a7QeFAPhZqbHbTiB+B1pdQUxP4/N9jFqo8aq57pnttB+QBNtTjmsFhTguhIYjYJm
jNhpE+m48bGL5Uga3AHnD+KDHzwrDtE3VkCwuHwMjobdVRKKXVy+gSASoQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJXjWzWF3S57tYs21LKmOxuPa0THMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvbGVOYk5ZWGRMbnUxaXpiVXNxWTdHNDlyUk1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAZN38AD
BAFN38gDBAFPi0ADBAKw3jADBAKy//QDBALGkXADBAPURVgwDQYJKoZIhvcNAQEL
BQADggEBABMYv9N+hZ7LE+mCRFpfEb5v6EwQXbKzqiJRk/k8lj9gLIvRD5NsOGX5
0XpTMm/jD+njeQd7S95vrYHAt2MkSo0us240mqF94aC4GWsHO90RdifYBn0szDyi
z96zhfs60C3GUDTO/4Vl6n2NfkCopfP52SwUhSbhtVXZ22Oyf8y9jQOsauGXYWid
UWKvTdkO+dcA7tS9g6FLf0zFeZb02+8FrMA0lvHzGspAyUZp6/+H5vULcJoQgo6I
1WUX90DojBWbxjLV3R7D9ZbrG2rMpvsnGGdiAUrw1KCvYOIfdZXs+3oZD7UyrYd6
kAf4LUBrUl0QeJ5nI9GTzHOSaP0WPOw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:42 2025 by rpki-client