Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/r3mVxSWcZY6ke7uYCWvrpmCWHas.roa
File: r3mVxSWcZY6ke7uYCWvrpmCWHas.roa (raw, json)
Hash identifier: ntRkxpg1RD1MCbpFUaK5bw9uKUIccU/kUprqRaOAmqE=
Subject key identifier: AF:79:95:C5:25:9C:65:8E:A4:7B:BB:98:09:6B:EB:A6:60:96:1D:AB
Certificate issuer: /CN=a0a154441df9623eeb5a196138d21bef5824b441
Certificate serial: 018AB29890355B4A78254CD5582CAE49F9A0
Authority key identifier: A0:A1:54:44:1D:F9:62:3E:EB:5A:19:61:38:D2:1B:EF:58:24:B4:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKFURB35Yj7rWhlhONIb71gktEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/r3mVxSWcZY6ke7uYCWvrpmCWHas.roa
Signing time: Wed 20 Sep 2023 12:37:37 +0000
ROA not before: Wed 20 Sep 2023 12:37:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24641
IP address blocks: 77.240.176.0/20 maxlen: 24
85.132.144.0/20 maxlen: 24
81.19.0.0/20 maxlen: 24
95.129.96.0/21 maxlen: 21
2a02:e98::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b2:98:90:35:5b:4a:78:25:4c:d5:58:2c:ae:49:f9:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0a154441df9623eeb5a196138d21bef5824b441
Validity
Not Before: Sep 20 12:37:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af7995c5259c658ea47bbb98096beba660961dab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:14:ca:04:67:df:cc:cd:0d:35:43:50:5a:4b:
84:94:f4:b2:7c:00:0e:df:2d:59:a0:e2:d2:c9:a1:
78:87:6d:18:51:26:c4:49:db:41:52:2a:94:84:24:
58:96:ff:d1:99:7c:60:1d:28:a1:8c:79:39:8c:92:
95:4e:99:1a:80:92:6e:e6:76:ce:04:08:5f:8b:7b:
0a:09:a1:a2:eb:c6:ac:97:00:91:6f:01:a3:28:80:
9b:d1:e4:be:10:c2:33:21:e4:33:98:1f:41:cb:6b:
72:61:27:e2:05:88:35:88:b7:fe:d4:b0:36:a5:03:
56:67:5d:c5:d9:89:a2:da:ff:a8:ba:d6:81:cc:28:
4e:b8:3f:ce:64:e3:aa:6c:12:6e:59:e3:39:a1:1d:
77:6c:a7:61:cd:2b:b7:99:22:f6:7e:62:f7:29:5c:
06:5e:fa:fe:53:44:33:1b:2d:3e:e4:40:c7:4e:40:
a5:44:59:49:e3:96:81:b9:5d:1b:20:c7:d5:e2:86:
2a:3b:0d:fa:c7:15:95:b1:9d:2c:f8:cb:28:bf:dd:
05:0b:fe:cd:df:01:9b:fe:86:07:58:65:86:bc:a6:
39:36:6b:01:e1:58:50:a8:41:25:bd:35:29:ae:33:
7b:b4:5b:d0:49:80:3c:4d:1e:e9:da:55:28:4d:08:
94:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:79:95:C5:25:9C:65:8E:A4:7B:BB:98:09:6B:EB:A6:60:96:1D:AB
X509v3 Authority Key Identifier:
keyid:A0:A1:54:44:1D:F9:62:3E:EB:5A:19:61:38:D2:1B:EF:58:24:B4:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKFURB35Yj7rWhlhONIb71gktEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/r3mVxSWcZY6ke7uYCWvrpmCWHas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/5b3d6d-e6f1-47ad-b52b-9d943671a8a3/1/oKFURB35Yj7rWhlhONIb71gktEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.176.0/20
81.19.0.0/20
85.132.144.0/20
95.129.96.0/21
IPv6:
2a02:e98::/32
Signature Algorithm: sha256WithRSAEncryption
10:d9:bd:4c:2d:c2:d0:59:42:4b:2a:09:c9:b0:37:80:82:ce:
56:2f:08:4f:8e:14:b7:f5:8f:ee:d5:58:d2:8d:ca:c7:09:f6:
ca:67:99:2b:1f:52:bf:e3:1a:eb:3a:42:61:ba:06:68:65:a6:
b4:75:bf:ec:95:ac:4d:0a:83:26:bd:38:ca:6d:a0:53:44:48:
77:5f:9a:61:9e:8b:a0:15:25:bf:a1:0d:ec:be:3f:94:08:16:
50:67:2b:2e:d6:30:81:26:28:5e:98:71:8f:3e:fe:6a:c1:b8:
75:00:e9:69:ce:a1:95:2c:ca:0b:9f:19:dd:1f:70:02:e0:6e:
c5:2c:db:ed:25:a1:86:b3:83:5a:dc:3f:ea:f8:6d:70:ef:64:
f5:3f:f4:f9:ff:47:2e:67:87:0f:0a:a8:01:36:0a:63:e4:eb:
93:32:40:ee:d4:b0:7e:31:16:6b:00:51:cb:a1:72:c6:3b:cb:
65:6f:1e:d0:ac:4a:ad:b8:59:0c:37:97:e8:52:6a:db:fc:4c:
66:45:6a:a3:77:5c:2f:a3:50:27:9c:77:f3:b0:96:9c:fe:f3:
7c:24:a5:42:6b:da:ea:9c:9c:20:9b:47:5e:e7:11:94:43:ad:
7f:5e:26:4f:a2:82:59:fb:3f:aa:98:ff:8f:aa:5e:3d:a2:3f:
12:1e:93:4c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYqymJA1W0p4JUzVWCyuSfmgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTE1NDQ0MWRmOTYyM2VlYjVhMTk2MTM4ZDIxYmVmNTgy
NGI0NDEwHhcNMjMwOTIwMTIzNzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjc5OTVjNTI1OWM2NThlYTQ3YmJiOTgwOTZiZWJhNjYwOTYxZGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxTKBGffzM0NNUNQWkuElPSyfAAO
3y1ZoOLSyaF4h20YUSbESdtBUiqUhCRYlv/RmXxgHSihjHk5jJKVTpkagJJu5nbO
BAhfi3sKCaGi68aslwCRbwGjKICb0eS+EMIzIeQzmB9By2tyYSfiBYg1iLf+1LA2
pQNWZ13F2Ymi2v+outaBzChOuD/OZOOqbBJuWeM5oR13bKdhzSu3mSL2fmL3KVwG
Xvr+U0QzGy0+5EDHTkClRFlJ45aBuV0bIMfV4oYqOw36xxWVsZ0s+Msov90FC/7N
3wGb/oYHWGWGvKY5NmsB4VhQqEElvTUprjN7tFvQSYA8TR7p2lUoTQiUAQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFK95lcUlnGWOpHu7mAlr66Zglh2rMB8GA1UdIwQY
MBaAFKChVEQd+WI+61oZYTjSG+9YJLRBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0tGVVJCMzVZajdyV2hsaE9OSWI3MWdrdEVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC81YjNkNmQtZTZmMS00N2FkLWI1MmIt
OWQ5NDM2NzFhOGEzLzEvcjNtVnhTV2NaWTZrZTd1WUNXdnJwbUNXSGFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC81YjNkNmQtZTZmMS00N2FkLWI1MmItOWQ5NDM2NzFhOGEz
LzEvb0tGVVJCMzVZajdyV2hsaE9OSWI3MWdrdEVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQETfCwAwQE
URMAAwQEVYSQAwQDX4FgMA0EAgACMAcDBQAqAg6YMA0GCSqGSIb3DQEBCwUAA4IB
AQAQ2b1MLcLQWUJLKgnJsDeAgs5WLwhPjhS39Y/u1VjSjcrHCfbKZ5krH1K/4xrr
OkJhugZoZaa0db/slaxNCoMmvTjKbaBTREh3X5phnougFSW/oQ3svj+UCBZQZysu
1jCBJihemHGPPv5qwbh1AOlpzqGVLMoLnxndH3AC4G7FLNvtJaGGs4Na3D/q+G1w
72T1P/T5/0cuZ4cPCqgBNgpj5OuTMkDu1LB+MRZrAFHLoXLGO8tlbx7QrEqtuFkM
N5foUmrb/ExmRWqjd1wvo1AnnHfzsJac/vN8JKVCa9rqnJwgm0de5xGUQ61/XiZP
ooJZ+z+qmP+Pql49oj8SHpNM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:55 2024 by rpki-client on console-ams.rpki-client.org