Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/2c0f0b-7831-41d3-916d-d9655987874a/1/uI06-IUsCj5qkcm7A0fjcYObxW8.roa
File: uI06-IUsCj5qkcm7A0fjcYObxW8.roa (raw, json)
Hash identifier: fNHxUriPoG9Ym/1732jwadk0UjzfsnqVi4wqR0u4L2E=
Subject key identifier: B8:8D:3A:F8:85:2C:0A:3E:6A:91:C9:BB:03:47:E3:71:83:9B:C5:6F
Certificate issuer: /CN=0277acd112f1c6c833bec22f8b53cc70d2390876
Certificate serial: 018572BA35BFCE462D7E3F7365DAC013DDC9
Authority key identifier: 02:77:AC:D1:12:F1:C6:C8:33:BE:C2:2F:8B:53:CC:70:D2:39:08:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Anes0RLxxsgzvsIvi1PMcNI5CHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/2c0f0b-7831-41d3-916d-d9655987874a/1/uI06-IUsCj5qkcm7A0fjcYObxW8.roa
Signing time: Mon 02 Jan 2023 13:44:44 +0000
ROA not before: Mon 02 Jan 2023 13:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56995
IP address blocks: 176.58.64.0/20 maxlen: 20
176.58.64.0/24 maxlen: 24
176.58.66.0/23 maxlen: 23
185.6.16.0/22 maxlen: 24
176.58.68.0/22 maxlen: 22
176.58.76.0/22 maxlen: 22
176.58.77.0/24 maxlen: 24
176.58.72.0/22 maxlen: 22
2a03:c40::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:35:bf:ce:46:2d:7e:3f:73:65:da:c0:13:dd:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0277acd112f1c6c833bec22f8b53cc70d2390876
Validity
Not Before: Jan 2 13:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b88d3af8852c0a3e6a91c9bb0347e371839bc56f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e0:9d:52:b4:b4:f7:af:df:b8:23:23:90:6c:
2f:8a:e3:d4:3d:6d:5e:1c:18:42:dd:32:fe:6b:ed:
82:f6:73:e5:53:69:ed:5d:a8:b1:61:6a:8a:3f:78:
28:b7:3b:e1:40:bb:8b:db:af:3e:39:07:52:39:2b:
e6:32:36:59:47:26:2b:30:51:cc:3d:39:6a:bb:25:
a4:df:91:12:6c:87:f4:2e:66:cd:b1:66:0e:d0:41:
2f:39:d9:cd:c2:f1:46:8a:ef:89:98:d0:6e:80:8d:
c5:e4:de:c6:b9:e6:c3:87:da:57:e9:60:88:93:cb:
06:f7:4c:a2:5f:5b:46:ff:e2:bf:d5:52:00:6b:72:
34:7c:db:db:da:9f:bb:92:09:b2:09:30:af:1f:03:
e4:75:79:94:7e:8e:f5:ff:63:c0:cf:6c:2e:bc:cc:
0b:ba:5d:08:49:51:46:48:6b:68:0c:6c:0b:31:04:
b2:dd:a2:3c:27:f7:56:9c:83:09:0d:c3:b4:f3:22:
fc:19:7c:f5:e2:fa:cd:c9:a3:b9:fe:1a:2a:ca:6e:
d2:b2:5d:88:fb:38:27:c7:81:18:71:14:f7:5f:7d:
9c:e4:ce:7f:9d:97:99:d0:04:01:df:d0:f2:f9:65:
38:ef:65:23:24:05:77:ec:c7:cf:e9:3e:a4:5f:79:
ef:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:8D:3A:F8:85:2C:0A:3E:6A:91:C9:BB:03:47:E3:71:83:9B:C5:6F
X509v3 Authority Key Identifier:
keyid:02:77:AC:D1:12:F1:C6:C8:33:BE:C2:2F:8B:53:CC:70:D2:39:08:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Anes0RLxxsgzvsIvi1PMcNI5CHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2c0f0b-7831-41d3-916d-d9655987874a/1/uI06-IUsCj5qkcm7A0fjcYObxW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2c0f0b-7831-41d3-916d-d9655987874a/1/Anes0RLxxsgzvsIvi1PMcNI5CHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.58.64.0/20
185.6.16.0/22
IPv6:
2a03:c40::/32
Signature Algorithm: sha256WithRSAEncryption
93:9b:49:01:ca:73:be:8a:06:4b:8c:10:40:40:38:d9:bc:17:
ce:48:50:f5:30:d3:88:82:e6:92:41:9d:67:fd:5d:96:05:aa:
06:5d:b8:c3:f6:40:c5:0e:88:45:5a:53:fa:c5:27:2f:1f:25:
d8:b3:ac:23:77:4f:42:69:72:96:c2:94:a2:63:3e:a6:7f:1a:
ec:c2:cc:85:52:f5:b7:2e:7b:32:36:86:9b:a6:10:c4:e6:1f:
ca:eb:26:a6:67:4b:02:8d:39:0f:4f:9e:ee:ac:9c:a5:44:e5:
6a:f9:33:b2:84:04:3b:3a:9f:45:58:c0:64:fd:54:8e:4c:51:
01:4c:f6:49:6c:45:86:7d:4f:14:c7:81:cc:f5:39:dd:e8:ec:
d2:87:49:af:f2:54:71:c0:c4:f7:2f:c7:b5:98:1d:90:2f:00:
69:44:99:d5:f8:e1:62:3c:26:0b:fa:b4:13:61:0c:3c:fc:d1:
ed:8d:a4:81:fa:c4:70:10:1d:ca:1d:af:cd:c6:fd:30:d6:53:
6f:2f:65:00:05:ea:4d:9f:f1:9a:de:4a:24:0b:97:cf:2f:bf:
65:44:dd:75:f3:fa:ea:8d:22:20:02:5e:94:ae:da:f5:7e:ba:
e9:92:fb:16:a5:92:21:a5:3d:8d:07:ad:29:e3:30:78:34:99:
07:8b:05:c2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyujW/zkYtfj9zZdrAE93JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNzdhY2QxMTJmMWM2YzgzM2JlYzIyZjhiNTNjYzcwZDIz
OTA4NzYwHhcNMjMwMTAyMTM0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODhkM2FmODg1MmMwYTNlNmE5MWM5YmIwMzQ3ZTM3MTgzOWJjNTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+CdUrS096/fuCMjkGwviuPUPW1e
HBhC3TL+a+2C9nPlU2ntXaixYWqKP3gotzvhQLuL268+OQdSOSvmMjZZRyYrMFHM
PTlquyWk35ESbIf0LmbNsWYO0EEvOdnNwvFGiu+JmNBugI3F5N7GuebDh9pX6WCI
k8sG90yiX1tG/+K/1VIAa3I0fNvb2p+7kgmyCTCvHwPkdXmUfo71/2PAz2wuvMwL
ul0ISVFGSGtoDGwLMQSy3aI8J/dWnIMJDcO08yL8GXz14vrNyaO5/hoqym7Ssl2I
+zgnx4EYcRT3X32c5M5/nZeZ0AQB39Dy+WU472UjJAV37MfP6T6kX3nvrwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLiNOviFLAo+apHJuwNH43GDm8VvMB8GA1UdIwQY
MBaAFAJ3rNES8cbIM77CL4tTzHDSOQh2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW5lczBSTHh4c2d6dnNJdmkxUE1jTkk1Q0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yYzBmMGItNzgzMS00MWQzLTkxNmQt
ZDk2NTU5ODc4NzRhLzEvdUkwNi1JVXNDajVxa2NtN0EwZmpjWU9ieFc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yYzBmMGItNzgzMS00MWQzLTkxNmQtZDk2NTU5ODc4NzRh
LzEvQW5lczBSTHh4c2d6dnNJdmkxUE1jTkk1Q0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEsDpAAwQC
uQYQMA0EAgACMAcDBQAqAwxAMA0GCSqGSIb3DQEBCwUAA4IBAQCTm0kBynO+igZL
jBBAQDjZvBfOSFD1MNOIguaSQZ1n/V2WBaoGXbjD9kDFDohFWlP6xScvHyXYs6wj
d09CaXKWwpSiYz6mfxrswsyFUvW3LnsyNoabphDE5h/K6yamZ0sCjTkPT57urJyl
ROVq+TOyhAQ7Op9FWMBk/VSOTFEBTPZJbEWGfU8Ux4HM9Tnd6OzSh0mv8lRxwMT3
L8e1mB2QLwBpRJnV+OFiPCYL+rQTYQw8/NHtjaSB+sRwEB3KHa/Nxv0w1lNvL2UA
BepNn/Ga3kokC5fPL79lRN118/rqjSIgAl6Urtr1frrpkvsWpZIhpT2NB60p4zB4
NJkHiwXC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:02 2024 by rpki-client on console-fra.rpki-client.org