Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/e4912b-5484-4ac0-8768-535bf9b1e8b7/1/770A65fZKXFHDiUPvXsjweYH1vY.roa
File: 770A65fZKXFHDiUPvXsjweYH1vY.roa (raw, json)
Hash identifier: MWH3NKaaGWCJAztep4RA8P38LOY/5OyQ/NRf8LOW0Xg=
Subject key identifier: EF:BD:00:EB:97:D9:29:71:47:0E:25:0F:BD:7B:23:C1:E6:07:D6:F6
Certificate issuer: /CN=278f62f3a5f84722852fc70f052cf13dea2374d0
Certificate serial: 018C7C65A81164FC3E6EC40EE8FDD641F91C
Authority key identifier: 27:8F:62:F3:A5:F8:47:22:85:2F:C7:0F:05:2C:F1:3D:EA:23:74:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J49i86X4RyKFL8cPBSzxPeojdNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/e4912b-5484-4ac0-8768-535bf9b1e8b7/1/770A65fZKXFHDiUPvXsjweYH1vY.roa
Signing time: Mon 18 Dec 2023 10:08:06 +0000
ROA not before: Mon 18 Dec 2023 10:08:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205741
IP address blocks: 94.136.179.0/24 maxlen: 24
94.136.178.0/24 maxlen: 24
94.136.177.0/24 maxlen: 24
94.136.176.0/24 maxlen: 24
94.136.176.0/22 maxlen: 22
185.141.67.0/24 maxlen: 24
185.141.66.0/24 maxlen: 24
185.141.65.0/24 maxlen: 24
185.207.209.0/24 maxlen: 24
185.207.208.0/24 maxlen: 24
185.207.208.0/22 maxlen: 22
185.207.211.0/24 maxlen: 24
185.207.210.0/24 maxlen: 24
185.141.64.0/24 maxlen: 24
185.141.64.0/22 maxlen: 22
2a0b:2c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:65:a8:11:64:fc:3e:6e:c4:0e:e8:fd:d6:41:f9:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278f62f3a5f84722852fc70f052cf13dea2374d0
Validity
Not Before: Dec 18 10:08:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=efbd00eb97d92971470e250fbd7b23c1e607d6f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d0:0d:13:80:db:b4:33:ae:b3:71:ae:36:5a:
96:e8:a0:83:78:ae:2e:5d:c8:7b:fe:ee:66:f0:e7:
e1:c2:f4:5d:81:9f:17:5c:ef:2b:ee:47:9c:b0:ef:
ae:aa:3f:e6:0f:64:b0:c4:9e:77:98:62:35:0c:3e:
82:ba:2f:50:ea:ed:dc:be:7b:7a:65:08:60:6a:41:
09:67:09:42:04:0d:a8:8f:9f:a6:74:09:43:0d:6e:
04:d8:01:c3:13:78:f5:6a:97:08:2e:e3:68:f5:84:
2f:51:91:ab:db:a3:2b:dc:8a:76:67:e4:59:66:85:
1f:59:6c:69:3f:e7:83:c5:0e:99:5f:6a:7c:c7:d4:
c2:0a:39:2e:a6:ca:19:20:ed:d4:b0:89:f6:07:e3:
c5:5e:e3:76:28:ac:b7:25:b0:24:f5:09:94:8b:2e:
bd:e9:54:0a:9d:28:c7:de:a8:49:0c:5f:d4:bd:d2:
73:c9:60:e3:4d:d2:b1:39:aa:65:f0:77:05:62:4a:
92:58:2e:a5:37:b7:26:1a:af:e3:a3:e0:62:81:42:
3a:45:34:a4:a5:f9:29:f8:03:09:b8:53:23:34:14:
01:f4:44:c4:c9:a5:ef:10:73:30:83:9e:3c:06:cc:
11:ec:34:6b:53:5b:26:90:9c:27:c3:44:45:06:81:
d3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:BD:00:EB:97:D9:29:71:47:0E:25:0F:BD:7B:23:C1:E6:07:D6:F6
X509v3 Authority Key Identifier:
keyid:27:8F:62:F3:A5:F8:47:22:85:2F:C7:0F:05:2C:F1:3D:EA:23:74:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J49i86X4RyKFL8cPBSzxPeojdNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e4912b-5484-4ac0-8768-535bf9b1e8b7/1/770A65fZKXFHDiUPvXsjweYH1vY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e4912b-5484-4ac0-8768-535bf9b1e8b7/1/J49i86X4RyKFL8cPBSzxPeojdNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.136.176.0/22
185.141.64.0/22
185.207.208.0/22
IPv6:
2a0b:2c40::/29
Signature Algorithm: sha256WithRSAEncryption
80:54:b3:d2:3d:3f:51:0f:10:6e:61:c9:6c:41:58:a2:41:5f:
ed:8e:bf:42:76:4b:5b:7a:74:6c:6c:b1:97:2d:55:45:46:5a:
73:4d:d4:aa:9c:b5:e6:f1:65:b3:57:36:36:3b:3e:51:73:b1:
f0:82:60:80:42:ad:43:a2:d8:8d:dc:f0:5c:0e:e3:b2:ef:6d:
d9:b8:d2:01:bd:02:26:d4:01:46:a3:07:53:a0:30:fe:fc:d1:
58:57:5f:ca:7c:47:66:8d:9c:bc:44:bc:a7:bd:d1:b4:43:c8:
a3:1e:a9:db:4a:c2:02:2f:82:fd:5a:6d:52:1c:e2:dc:35:6d:
e2:44:9f:9f:51:3b:d5:02:cb:83:4b:50:cd:42:47:01:5d:bd:
63:e6:3f:f1:2b:ac:84:da:81:6f:de:c7:5a:c7:e0:30:75:3f:
2a:e5:42:74:32:b8:7c:e1:63:37:b8:da:d8:ae:3a:57:a9:e8:
81:69:c4:19:e2:ec:84:bd:bc:c4:05:45:e9:e5:0a:4e:40:1e:
f6:ee:b9:67:cb:38:b6:83:bc:12:0c:4c:21:0f:ba:26:6a:5a:
f1:e0:cc:5f:4b:87:0b:cb:5f:47:ec:fb:5b:ac:04:63:17:b7:
d3:e2:3e:e7:58:10:cb:3d:da:db:21:cd:60:27:34:37:eb:d5:
3c:a8:03:32
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYx8ZagRZPw+bsQO6P3WQfkcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OGY2MmYzYTVmODQ3MjI4NTJmYzcwZjA1MmNmMTNkZWEy
Mzc0ZDAwHhcNMjMxMjE4MTAwODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmJkMDBlYjk3ZDkyOTcxNDcwZTI1MGZiZDdiMjNjMWU2MDdkNmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtANE4DbtDOus3GuNlqW6KCDeK4u
Xch7/u5m8OfhwvRdgZ8XXO8r7kecsO+uqj/mD2SwxJ53mGI1DD6Cui9Q6u3cvnt6
ZQhgakEJZwlCBA2oj5+mdAlDDW4E2AHDE3j1apcILuNo9YQvUZGr26Mr3Ip2Z+RZ
ZoUfWWxpP+eDxQ6ZX2p8x9TCCjkupsoZIO3UsIn2B+PFXuN2KKy3JbAk9QmUiy69
6VQKnSjH3qhJDF/UvdJzyWDjTdKxOapl8HcFYkqSWC6lN7cmGq/jo+BigUI6RTSk
pfkp+AMJuFMjNBQB9ETEyaXvEHMwg548BswR7DRrU1smkJwnw0RFBoHTgQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFO+9AOuX2SlxRw4lD717I8HmB9b2MB8GA1UdIwQY
MBaAFCePYvOl+EcihS/HDwUs8T3qI3TQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjQ5aTg2WDRSeUtGTDhjUEJTenhQZW9qZE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9lNDkxMmItNTQ4NC00YWMwLTg3Njgt
NTM1YmY5YjFlOGI3LzEvNzcwQTY1ZlpLWEZIRGlVUHZYc2p3ZVlIMXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9lNDkxMmItNTQ4NC00YWMwLTg3NjgtNTM1YmY5YjFlOGI3
LzEvSjQ5aTg2WDRSeUtGTDhjUEJTenhQZW9qZE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCXoiwAwQC
uY1AAwQCuc/QMA0EAgACMAcDBQMqCyxAMA0GCSqGSIb3DQEBCwUAA4IBAQCAVLPS
PT9RDxBuYclsQViiQV/tjr9CdktbenRsbLGXLVVFRlpzTdSqnLXm8WWzVzY2Oz5R
c7HwgmCAQq1DotiN3PBcDuOy723ZuNIBvQIm1AFGowdToDD+/NFYV1/KfEdmjZy8
RLynvdG0Q8ijHqnbSsICL4L9Wm1SHOLcNW3iRJ+fUTvVAsuDS1DNQkcBXb1j5j/x
K6yE2oFv3sdax+AwdT8q5UJ0Mrh84WM3uNrYrjpXqeiBacQZ4uyEvbzEBUXp5QpO
QB727rlnyzi2g7wSDEwhD7omalrx4MxfS4cLy19H7PtbrARjF7fT4j7nWBDLPdrb
Ic1gJzQ369U8qAMy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:29 2024 by rpki-client on console-ams.rpki-client.org