Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/76oUHPvA0YcVJfHTmF583H6m-GE.roa
File: 76oUHPvA0YcVJfHTmF583H6m-GE.roa (raw, json)
Hash identifier: J/wPHmGB0FXQSBuk/t9IbNrMyUL7C1lFrQNZ18kwnkI=
Subject key identifier: EF:AA:14:1C:FB:C0:D1:87:15:25:F1:D3:98:5E:7C:DC:7E:A6:F8:61
Certificate issuer: /CN=a4f8436003d37602026b65531755ca8fcd31bed2
Certificate serial: 018572311B1EEF5F682586977A315F0466B7
Authority key identifier: A4:F8:43:60:03:D3:76:02:02:6B:65:53:17:55:CA:8F:CD:31:BE:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/76oUHPvA0YcVJfHTmF583H6m-GE.roa
Signing time: Mon 02 Jan 2023 11:14:58 +0000
ROA not before: Mon 02 Jan 2023 11:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42525
IP address blocks: 217.63.96.0/19 maxlen: 19
94.101.208.0/20 maxlen: 20
37.205.120.0/21 maxlen: 21
81.27.208.0/20 maxlen: 20
185.17.192.0/22 maxlen: 22
194.182.0.0/18 maxlen: 18
212.98.64.0/18 maxlen: 18
77.243.32.0/20 maxlen: 20
2a01:7e8::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:1b:1e:ef:5f:68:25:86:97:7a:31:5f:04:66:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f8436003d37602026b65531755ca8fcd31bed2
Validity
Not Before: Jan 2 11:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=efaa141cfbc0d1871525f1d3985e7cdc7ea6f861
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:a6:96:ff:ee:e5:ff:3d:f3:55:0e:de:b4:a4:
26:97:c0:57:f0:9d:bc:ff:cf:32:fe:65:ec:17:0c:
d7:ba:fc:d0:b6:83:c7:c7:57:e2:81:6d:60:fb:5f:
df:fe:0c:11:17:c0:c5:8b:04:85:c2:aa:78:00:11:
e7:ca:75:23:e9:e4:71:cb:c3:d8:56:45:db:a9:ea:
81:b9:ed:1a:c9:fe:00:2d:e4:3e:2a:5d:8f:cb:52:
cb:4b:8f:8c:b8:f6:c6:43:ed:ce:6f:8f:01:b6:6c:
cc:1e:27:62:e6:09:f5:ac:d3:98:54:a2:6f:35:74:
e4:56:58:7b:7e:f9:6f:9a:c2:b4:ab:f4:81:87:85:
b2:d2:4a:78:9d:fd:c2:9a:aa:3b:e7:0e:b3:b0:35:
79:c3:fc:58:aa:f5:2c:fd:5a:18:c3:fb:52:9c:c0:
0e:2f:3f:b1:45:a1:c1:44:eb:ad:1d:46:9a:16:23:
9f:05:a3:df:6d:f6:26:b0:6b:d1:3d:ff:b1:02:88:
94:08:13:05:3c:b9:4a:63:b0:d5:90:b6:05:ce:89:
d9:25:bf:ca:16:5f:df:dd:61:fa:5a:7c:ae:e8:b0:
96:23:e9:10:dd:62:e8:33:4a:7d:56:7a:e1:f7:5e:
b1:67:7b:5a:bb:27:d1:ea:12:02:18:b2:10:2d:e7:
9d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:AA:14:1C:FB:C0:D1:87:15:25:F1:D3:98:5E:7C:DC:7E:A6:F8:61
X509v3 Authority Key Identifier:
keyid:A4:F8:43:60:03:D3:76:02:02:6B:65:53:17:55:CA:8F:CD:31:BE:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/76oUHPvA0YcVJfHTmF583H6m-GE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/pPhDYAPTdgICa2VTF1XKj80xvtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.205.120.0/21
77.243.32.0/20
81.27.208.0/20
94.101.208.0/20
185.17.192.0/22
194.182.0.0/18
212.98.64.0/18
217.63.96.0/19
IPv6:
2a01:7e8::/32
Signature Algorithm: sha256WithRSAEncryption
47:38:5d:6d:95:fd:e0:6f:7a:1d:33:5f:3c:49:74:80:43:b4:
4e:71:51:9c:d1:5b:31:51:7c:05:5b:e4:a6:40:f1:92:b5:8b:
e9:0e:c0:3b:ed:42:ca:bd:30:c1:a3:c8:40:c7:23:aa:18:5b:
28:cb:94:ff:d6:32:88:d3:1f:f0:8d:18:24:ef:01:e4:c9:4e:
a9:c8:9e:69:61:f7:b6:b0:90:67:b9:05:fc:22:9f:be:9f:94:
ec:0f:5e:78:1a:d0:2b:45:30:98:de:1e:c6:b4:28:e6:d9:98:
15:a0:9d:c0:65:bf:4f:1f:6a:36:ec:fa:b9:0a:45:58:20:04:
4e:68:33:bd:f1:00:29:0b:82:0c:61:da:0d:e8:17:1a:6b:1c:
e7:e6:c5:f1:01:54:2b:40:3b:09:0c:d8:e1:0b:eb:cc:5a:63:
31:d2:e7:5a:07:d1:9d:c9:5e:d2:e1:76:1d:40:fc:8f:65:9a:
e3:32:e6:3b:8a:8d:ec:25:4d:39:ed:c6:2d:43:6b:2c:e9:54:
fc:82:fe:32:a4:02:65:c3:34:54:10:f5:d9:e1:55:bc:50:43:
b6:c4:48:f7:58:2e:a9:d8:9e:88:fe:ce:41:cb:e9:63:03:6f:
ad:f4:d7:a3:df:17:2a:2e:65:bc:15:bc:65:69:97:3a:58:18:
25:4d:5d:95
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVyMRse719oJYaXejFfBGa3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Zjg0MzYwMDNkMzc2MDIwMjZiNjU1MzE3NTVjYThmY2Qz
MWJlZDIwHhcNMjMwMTAyMTExNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmFhMTQxY2ZiYzBkMTg3MTUyNWYxZDM5ODVlN2NkYzdlYTZmODYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qaW/+7l/z3zVQ7etKQml8BX8J28
/88y/mXsFwzXuvzQtoPHx1figW1g+1/f/gwRF8DFiwSFwqp4ABHnynUj6eRxy8PY
VkXbqeqBue0ayf4ALeQ+Kl2Py1LLS4+MuPbGQ+3Ob48BtmzMHidi5gn1rNOYVKJv
NXTkVlh7fvlvmsK0q/SBh4Wy0kp4nf3Cmqo75w6zsDV5w/xYqvUs/VoYw/tSnMAO
Lz+xRaHBROutHUaaFiOfBaPfbfYmsGvRPf+xAoiUCBMFPLlKY7DVkLYFzonZJb/K
Fl/f3WH6Wnyu6LCWI+kQ3WLoM0p9Vnrh916xZ3tauyfR6hICGLIQLeedQwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFO+qFBz7wNGHFSXx05hefNx+pvhhMB8GA1UdIwQY
MBaAFKT4Q2AD03YCAmtlUxdVyo/NMb7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBoRFlBUFRkZ0lDYTJWVEYxWEtqODB4dnRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS81MTU2MDgtNTAxMi00YTQwLWIzMjQt
MjdiZjgzY2RlZDZiLzEvNzZvVUhQdkEwWWNWSmZIVG1GNTgzSDZtLUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS81MTU2MDgtNTAxMi00YTQwLWIzMjQtMjdiZjgzY2RlZDZi
LzEvcFBoRFlBUFRkZ0lDYTJWVEYxWEtqODB4dnRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDJc14AwQE
TfMgAwQEURvQAwQEXmXQAwQCuRHAAwQGwrYAAwQG1GJAAwQF2T9gMA0EAgACMAcD
BQAqAQfoMA0GCSqGSIb3DQEBCwUAA4IBAQBHOF1tlf3gb3odM188SXSAQ7ROcVGc
0VsxUXwFW+SmQPGStYvpDsA77ULKvTDBo8hAxyOqGFsoy5T/1jKI0x/wjRgk7wHk
yU6pyJ5pYfe2sJBnuQX8Ip++n5TsD154GtArRTCY3h7GtCjm2ZgVoJ3AZb9PH2o2
7Pq5CkVYIAROaDO98QApC4IMYdoN6Bcaaxzn5sXxAVQrQDsJDNjhC+vMWmMx0uda
B9GdyV7S4XYdQPyPZZrjMuY7io3sJU057cYtQ2ss6VT8gv4ypAJlwzRUEPXZ4VW8
UEO2xEj3WC6p2J6I/s5By+ljA2+t9Nej3xcqLmW8FbxlaZc6WBglTV2V
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:25 2024 by rpki-client on console-ams.rpki-client.org