Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/zUOHP4ZoJBqKACRuVF0iI_iHWVw.roa
File: zUOHP4ZoJBqKACRuVF0iI_iHWVw.roa (raw, json)
Hash identifier: 5kgHkWzVhUp6aa+H+h3KPuf/dYxFcYiLpAYG29tzoPk=
Subject key identifier: CD:43:87:3F:86:68:24:1A:8A:00:24:6E:54:5D:22:23:F8:87:59:5C
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 018FCEF49A312ED99C5AC0D2C7E325D0862F
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/zUOHP4ZoJBqKACRuVF0iI_iHWVw.roa
Signing time: Fri 31 May 2024 14:01:27 +0000
ROA not before: Fri 31 May 2024 14:01:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 77.223.192.0/21 maxlen: 21
77.223.200.0/23 maxlen: 24
79.139.64.0/23 maxlen: 24
83.142.200.0/21 maxlen: 24
94.101.103.0/24 maxlen: 24
176.222.48.0/22 maxlen: 24
178.216.184.0/21 maxlen: 24
198.14.16.0/20 maxlen: 24
198.145.112.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jul 2024 09:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ce:f4:9a:31:2e:d9:9c:5a:c0:d2:c7:e3:25:d0:86:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: May 31 14:01:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd43873f8668241a8a00246e545d2223f887595c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c0:e7:e5:1e:c5:a9:42:0c:59:01:6e:15:3f:
37:5b:f4:50:84:ec:4b:51:c1:e3:7f:69:6c:18:6b:
8c:8e:2a:b4:ab:25:94:6e:3e:18:2d:ef:8c:04:b5:
a2:2d:c0:47:96:75:1b:ef:f2:d0:ca:26:4a:e1:d4:
59:9e:72:e6:3a:9c:0d:03:8b:03:4f:5c:8f:fd:3f:
93:46:8e:8a:f6:5b:2f:dd:9d:64:07:62:af:4c:f7:
d5:9e:67:60:48:3c:4a:65:4f:0a:0c:c7:fd:2f:b6:
2d:13:68:02:42:4d:00:a6:d4:d4:68:72:c9:81:7d:
cc:9a:11:ba:ef:1c:eb:c5:0d:6d:24:1c:01:e9:eb:
7b:93:fc:45:d8:6a:e1:db:50:4c:de:f0:32:d4:d4:
e3:cf:3d:36:79:b8:17:ed:e9:ca:7c:49:01:c3:15:
48:47:c8:5f:dc:0e:78:5d:86:bd:7f:a9:30:a7:ee:
c2:35:fc:70:0a:33:cb:16:a5:01:79:8e:a9:8d:70:
37:e4:a6:f2:25:f2:5b:ff:6c:60:4d:af:a9:d9:7d:
22:e9:bd:b4:d0:f7:7b:ea:78:92:03:de:70:91:02:
d9:79:98:fc:2e:d2:29:da:d7:2a:05:dd:65:e8:1b:
53:92:b5:49:6c:a2:49:b5:59:14:f3:3f:6e:80:72:
e3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:43:87:3F:86:68:24:1A:8A:00:24:6E:54:5D:22:23:F8:87:59:5C
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/zUOHP4ZoJBqKACRuVF0iI_iHWVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.223.192.0-77.223.201.255
79.139.64.0/23
83.142.200.0/21
94.101.103.0/24
176.222.48.0/22
178.216.184.0/21
198.14.16.0/20
198.145.112.0/22
Signature Algorithm: sha256WithRSAEncryption
88:ad:7f:05:c6:18:d6:7d:21:19:86:27:9c:85:84:db:6a:ae:
b9:04:79:05:be:a1:ad:c6:db:79:b5:f0:78:87:42:b2:3f:9a:
66:e7:c0:71:4e:6b:45:c2:f3:f0:0e:e6:cb:4f:9c:f9:c0:af:
a6:d2:ca:60:b6:b1:d4:69:6c:82:7d:a3:0b:b8:4e:6f:cb:e3:
d7:8f:8b:27:6e:a7:ed:60:04:1a:d0:73:63:35:48:82:5e:94:
76:10:bc:26:67:9b:64:8f:45:b2:38:db:aa:fc:7c:98:96:9e:
9a:8d:1b:00:ec:e8:2f:c8:00:2e:ba:ba:3f:8e:28:55:c0:3d:
4b:68:3a:a0:3b:f6:12:07:91:6b:64:b3:08:f9:9e:47:c6:5c:
ce:b4:61:77:72:7e:29:9e:82:17:38:32:47:b0:20:c6:30:9e:
dc:11:50:2b:2c:60:3d:48:04:bb:24:39:fe:a3:e3:4a:35:d5:
6d:90:d1:ae:70:bd:19:8c:02:23:e8:bf:2d:dc:fd:21:97:d6:
bb:be:51:a9:a1:60:a3:6d:e9:7f:54:1b:15:73:64:91:a3:a9:
e2:1c:c3:0c:58:61:94:64:83:bc:88:33:81:12:a5:cd:9a:72:
07:4f:73:d0:14:60:c2:92:6e:bd:d1:44:ce:cd:e6:60:b5:f0:
80:ab:5f:e9
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY/O9JoxLtmcWsDSx+Ml0IYvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwNTMxMTQwMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDQzODczZjg2NjgyNDFhOGEwMDI0NmU1NDVkMjIyM2Y4ODc1OTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsDn5R7FqUIMWQFuFT83W/RQhOxL
UcHjf2lsGGuMjiq0qyWUbj4YLe+MBLWiLcBHlnUb7/LQyiZK4dRZnnLmOpwNA4sD
T1yP/T+TRo6K9lsv3Z1kB2KvTPfVnmdgSDxKZU8KDMf9L7YtE2gCQk0AptTUaHLJ
gX3MmhG67xzrxQ1tJBwB6et7k/xF2Grh21BM3vAy1NTjzz02ebgX7enKfEkBwxVI
R8hf3A54XYa9f6kwp+7CNfxwCjPLFqUBeY6pjXA35KbyJfJb/2xgTa+p2X0i6b20
0Pd76niSA95wkQLZeZj8LtIp2tcqBd1l6BtTkrVJbKJJtVkU8z9ugHLj5wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFM1Dhz+GaCQaigAkblRdIiP4h1lcMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvelVPSFA0Wm9KQnFLQUNSdVZGMGlJX2lIV1Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4MAwDBAZN38AD
BAFN38gDBAFPi0ADBANTjsgDBABeZWcDBAKw3jADBAOy2LgDBATGDhADBALGkXAw
DQYJKoZIhvcNAQELBQADggEBAIitfwXGGNZ9IRmGJ5yFhNtqrrkEeQW+oa3G23m1
8HiHQrI/mmbnwHFOa0XC8/AO5stPnPnAr6bSymC2sdRpbIJ9owu4Tm/L49ePiydu
p+1gBBrQc2M1SIJelHYQvCZnm2SPRbI426r8fJiWnpqNGwDs6C/IAC66uj+OKFXA
PUtoOqA79hIHkWtkswj5nkfGXM60YXdyfimeghc4MkewIMYwntwRUCssYD1IBLsk
Of6j40o11W2Q0a5wvRmMAiPovy3c/SGX1ru+UamhYKNt6X9UGxVzZJGjqeIcwwxY
YZRkg7yIM4ESpc2acgdPc9AUYMKSbr3RRM7N5mC18ICrX+k=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:05 2025 by rpki-client