Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/9ddebe-372f-4258-ba0f-cc4fe6323fec/1/UhkgriJOdjv4_95A9tWL9EKNdq0.roa
File: UhkgriJOdjv4_95A9tWL9EKNdq0.roa (raw, json)
Hash identifier: cNS/5gzIWezc+rQnS1SkZDkpx4XtSQwhVDEzFKYVYjw=
Subject key identifier: 52:19:20:AE:22:4E:76:3B:F8:FF:DE:40:F6:D5:8B:F4:42:8D:76:AD
Certificate issuer: /CN=a84e3e1becf30b44a469815fd0f8c069c562f996
Certificate serial: 018A4FC37681AA49F500D34308F66ABA1EB3
Authority key identifier: A8:4E:3E:1B:EC:F3:0B:44:A4:69:81:5F:D0:F8:C0:69:C5:62:F9:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qE4-G-zzC0SkaYFf0PjAacVi-ZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/9ddebe-372f-4258-ba0f-cc4fe6323fec/1/UhkgriJOdjv4_95A9tWL9EKNdq0.roa
Signing time: Fri 01 Sep 2023 08:02:04 +0000
ROA not before: Fri 01 Sep 2023 08:02:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 77.75.196.0/24 maxlen: 24
77.75.197.0/24 maxlen: 24
77.75.199.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4f:c3:76:81:aa:49:f5:00:d3:43:08:f6:6a:ba:1e:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a84e3e1becf30b44a469815fd0f8c069c562f996
Validity
Not Before: Sep 1 08:02:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=521920ae224e763bf8ffde40f6d58bf4428d76ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ef:34:0a:a9:f5:d4:25:ef:c4:06:fa:c6:47:
a0:1c:11:48:10:ae:22:5a:fd:99:04:ed:2a:01:f3:
75:84:f0:eb:03:41:c1:48:c0:4f:bb:59:6b:c7:32:
ad:43:ae:bb:1e:3c:02:3c:e3:1e:f7:df:1e:8b:d3:
69:29:40:a6:b8:be:27:c6:7c:47:b4:a7:5d:ff:8e:
41:4a:b0:e2:d6:17:e5:0c:92:e5:52:95:c5:a0:b9:
8d:c7:92:3c:88:e6:25:86:0c:f2:c0:cd:1f:d0:84:
f2:b2:1f:1c:08:80:4c:81:1f:20:76:8a:a8:47:9b:
f4:e3:96:67:0f:96:1b:26:31:ec:76:be:21:25:8a:
d4:68:59:de:ef:ea:eb:a3:0e:06:13:d7:7c:09:70:
b0:c2:55:b8:48:85:65:47:85:b0:f9:00:43:ce:73:
1b:91:ed:0d:97:e6:ac:a6:66:ee:97:c2:34:da:20:
2c:02:54:7f:5f:4e:63:a1:89:06:1a:96:0e:87:d3:
ae:82:0c:56:38:a2:8a:e7:72:c7:d0:c4:55:82:d0:
a4:1d:95:42:73:3b:0e:73:f8:78:fd:dc:71:dc:c8:
a0:50:94:ed:69:4e:1a:c8:99:48:8f:27:17:a5:c4:
fc:c2:b3:2b:42:5e:e0:77:36:73:ad:d8:85:ec:84:
36:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:19:20:AE:22:4E:76:3B:F8:FF:DE:40:F6:D5:8B:F4:42:8D:76:AD
X509v3 Authority Key Identifier:
keyid:A8:4E:3E:1B:EC:F3:0B:44:A4:69:81:5F:D0:F8:C0:69:C5:62:F9:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qE4-G-zzC0SkaYFf0PjAacVi-ZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9ddebe-372f-4258-ba0f-cc4fe6323fec/1/UhkgriJOdjv4_95A9tWL9EKNdq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9ddebe-372f-4258-ba0f-cc4fe6323fec/1/qE4-G-zzC0SkaYFf0PjAacVi-ZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.75.196.0/23
77.75.199.0/24
Signature Algorithm: sha256WithRSAEncryption
34:56:a0:1e:6e:2e:de:07:85:51:b2:50:4c:62:2a:58:9f:87:
f3:a8:34:0a:45:2d:a8:1f:f9:75:02:f2:c4:3b:46:df:36:b6:
2b:47:5f:e0:37:bd:47:6b:e4:7d:dd:bf:08:ee:5a:e0:2b:50:
a6:7a:a7:e6:dd:09:ba:1f:55:88:7e:25:61:9a:8f:5c:fd:11:
65:d9:48:c2:eb:98:5e:c5:5a:1f:61:f7:1f:b7:ae:bb:24:29:
3c:5d:4e:91:03:dd:46:78:be:a6:72:92:36:e6:a6:fa:25:4a:
8c:d6:9e:90:91:d2:a3:4d:a3:f8:73:47:5a:cd:a3:a8:da:d1:
58:2a:52:f9:32:17:35:5d:8e:c6:a8:c4:06:cf:f1:3a:1f:4e:
2d:89:89:17:3b:8b:f1:1a:9a:cc:a4:d0:41:3d:cb:cb:52:4c:
ca:db:00:8e:dd:7e:39:e0:a9:d3:c7:8e:6a:02:8a:e0:3a:78:
93:e0:26:f0:40:9a:37:be:d1:6c:f6:b9:7e:1f:0f:bb:4a:8a:
ba:5f:85:83:eb:b2:48:0c:b5:09:8b:ae:79:cf:bd:e6:02:b6:
43:2c:86:d3:e4:1c:fd:93:47:1d:88:6f:e0:2f:06:d9:08:7e:
0f:e0:11:4c:91:0d:0f:30:7c:b6:4b:59:f0:50:fe:f4:b2:74:
c9:cc:97:8a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpPw3aBqkn1ANNDCPZquh6zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NGUzZTFiZWNmMzBiNDRhNDY5ODE1ZmQwZjhjMDY5YzU2
MmY5OTYwHhcNMjMwOTAxMDgwMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjE5MjBhZTIyNGU3NjNiZjhmZmRlNDBmNmQ1OGJmNDQyOGQ3NmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyu80Cqn11CXvxAb6xkegHBFIEK4i
Wv2ZBO0qAfN1hPDrA0HBSMBPu1lrxzKtQ667HjwCPOMe998ei9NpKUCmuL4nxnxH
tKdd/45BSrDi1hflDJLlUpXFoLmNx5I8iOYlhgzywM0f0ITysh8cCIBMgR8gdoqo
R5v045ZnD5YbJjHsdr4hJYrUaFne7+rrow4GE9d8CXCwwlW4SIVlR4Ww+QBDznMb
ke0Nl+aspmbul8I02iAsAlR/X05joYkGGpYOh9OuggxWOKKK53LH0MRVgtCkHZVC
czsOc/h4/dxx3MigUJTtaU4ayJlIjycXpcT8wrMrQl7gdzZzrdiF7IQ2PwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFIZIK4iTnY7+P/eQPbVi/RCjXatMB8GA1UdIwQY
MBaAFKhOPhvs8wtEpGmBX9D4wGnFYvmWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUU0LUctenpDMFNrYVlGZjBQakFhY1ZpLVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85ZGRlYmUtMzcyZi00MjU4LWJhMGYt
Y2M0ZmU2MzIzZmVjLzEvVWhrZ3JpSk9kanY0Xzk1QTl0V0w5RUtOZHEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS85ZGRlYmUtMzcyZi00MjU4LWJhMGYtY2M0ZmU2MzIzZmVj
LzEvcUU0LUctenpDMFNrYVlGZjBQakFhY1ZpLVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBTUvEAwQA
TUvHMA0GCSqGSIb3DQEBCwUAA4IBAQA0VqAebi7eB4VRslBMYipYn4fzqDQKRS2o
H/l1AvLEO0bfNrYrR1/gN71Ha+R93b8I7lrgK1Cmeqfm3Qm6H1WIfiVhmo9c/RFl
2UjC65hexVofYfcft667JCk8XU6RA91GeL6mcpI25qb6JUqM1p6QkdKjTaP4c0da
zaOo2tFYKlL5Mhc1XY7GqMQGz/E6H04tiYkXO4vxGprMpNBBPcvLUkzK2wCO3X45
4KnTx45qAorgOniT4CbwQJo3vtFs9rl+Hw+7Soq6X4WD67JIDLUJi655z73mArZD
LIbT5Bz9k0cdiG/gLwbZCH4P4BFMkQ0PMHy2S1nwUP70snTJzJeK
-----END CERTIFICATE-----
Generated at Mon Sep 11 10:42:41 2023 by rpki-client on console-fra.rpki-client.org