Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/ciVxkeVphk7IAvdQ29VnTVmXsBE.roa
File: ciVxkeVphk7IAvdQ29VnTVmXsBE.roa (raw, json)
Hash identifier: oDRh7BWSl9XnB6+05kPBLgyHYFESy3NeTW1/pyHj7m8=
Subject key identifier: 72:25:71:91:E5:69:86:4E:C8:02:F7:50:DB:D5:67:4D:59:97:B0:11
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 018CCA2AA0722B0F854D073EA0579AE423A7
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/ciVxkeVphk7IAvdQ29VnTVmXsBE.roa
Signing time: Tue 02 Jan 2024 12:34:00 +0000
ROA not before: Tue 02 Jan 2024 12:34:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207353
IP address blocks: 77.220.216.0/21 maxlen: 24
185.62.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jul 2024 11:05:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:a0:72:2b:0f:85:4d:07:3e:a0:57:9a:e4:23:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Jan 2 12:34:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72257191e569864ec802f750dbd5674d5997b011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:43:94:1e:40:4a:c0:7f:8f:fa:d6:28:83:8f:
7a:f2:3e:9a:b8:14:7c:10:2f:ca:d8:68:67:01:56:
38:bf:51:99:c7:87:a0:b0:13:77:a4:78:a8:96:74:
a9:5e:45:be:85:08:43:ff:55:47:7c:ae:cd:a0:fd:
a1:ff:92:8b:be:0b:ce:1a:1a:79:7d:02:66:88:bc:
5a:56:5d:2f:5c:4c:12:74:1b:08:2a:45:d5:39:6c:
aa:01:91:ec:ec:86:7e:7a:7d:5c:2f:94:8e:a6:02:
75:bf:25:04:8e:10:9f:dd:a6:b0:19:4b:52:fa:2b:
55:e2:ed:56:80:e8:1e:28:8c:e9:5f:f3:67:68:1b:
11:71:ce:a7:c0:8a:53:f9:1e:a4:6b:66:10:26:b3:
ba:85:d7:04:90:a6:0d:b4:3c:7a:dc:d6:ee:44:ef:
0a:45:9b:9d:90:d2:9e:45:ef:0c:d6:e7:f5:7b:bd:
ad:18:dc:cf:d7:e8:83:0f:5e:d8:93:9f:52:cd:23:
7d:e3:90:14:e7:a7:b1:44:70:ef:c4:d1:28:9d:39:
0e:37:3d:06:f8:e1:ce:60:1c:04:a8:9c:f2:99:89:
a0:21:f3:da:33:68:38:bc:60:e8:03:30:21:57:a2:
1c:3f:65:3e:90:79:d5:6b:42:aa:e3:09:e7:46:e4:
19:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:25:71:91:E5:69:86:4E:C8:02:F7:50:DB:D5:67:4D:59:97:B0:11
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/ciVxkeVphk7IAvdQ29VnTVmXsBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.220.216.0/21
185.62.100.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:da:64:c7:9d:b9:08:28:fd:b3:e3:db:15:ed:e4:00:a3:1b:
63:32:32:85:b1:e5:26:2a:ea:39:14:fd:0e:81:0b:28:10:f6:
6b:c1:46:f1:65:6d:46:71:09:f4:ab:a9:40:70:08:cf:56:32:
9c:ea:b2:74:25:30:97:81:f2:d9:2a:3c:88:e9:73:ea:a9:89:
62:9e:9f:0c:01:8f:29:8e:2f:46:2e:9b:d7:81:a8:c2:d4:3e:
fe:3e:02:a1:73:97:ea:f8:a0:49:42:08:cc:c7:a3:8e:07:f9:
ac:dc:0b:36:7c:d9:c0:48:39:f7:a6:9f:79:55:64:19:7b:5a:
56:f6:19:73:8e:59:b9:e6:56:20:75:70:08:64:65:0c:c6:d2:
7a:6b:45:d0:ed:d1:1e:66:9e:a9:39:1b:af:ac:5a:51:c6:d9:
85:e3:67:b8:d3:d8:a4:5a:87:a3:5e:a1:e9:44:12:18:c3:53:
9f:c0:8b:b3:1f:fe:99:29:1d:06:e1:97:1c:08:01:22:bb:b4:
83:e5:04:1f:86:c8:69:bd:7d:bb:81:de:07:b6:12:bd:50:3a:
db:9c:c6:c2:0f:70:fc:74:2d:cf:c9:a0:90:ec:91:1a:ea:c2:
f8:7d:72:04:7a:11:59:65:e1:b4:6a:ac:16:f4:e7:c0:a2:df:
e7:08:c9:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKqByKw+FTQc+oFea5COnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjQwMTAyMTIzNDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjI1NzE5MWU1Njk4NjRlYzgwMmY3NTBkYmQ1Njc0ZDU5OTdiMDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkOUHkBKwH+P+tYog4968j6auBR8
EC/K2GhnAVY4v1GZx4egsBN3pHiolnSpXkW+hQhD/1VHfK7NoP2h/5KLvgvOGhp5
fQJmiLxaVl0vXEwSdBsIKkXVOWyqAZHs7IZ+en1cL5SOpgJ1vyUEjhCf3aawGUtS
+itV4u1WgOgeKIzpX/NnaBsRcc6nwIpT+R6ka2YQJrO6hdcEkKYNtDx63NbuRO8K
RZudkNKeRe8M1uf1e72tGNzP1+iDD17Yk59SzSN945AU56exRHDvxNEonTkONz0G
+OHOYBwEqJzymYmgIfPaM2g4vGDoAzAhV6IcP2U+kHnVa0Kq4wnnRuQZ3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHIlcZHlaYZOyAL3UNvVZ01Zl7ARMB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEvY2lWeGtlVnBoazdJQXZkUTI5Vm5UVm1Yc0JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2UtMWJhNTQzZWVhZWQ3
LzEvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTdzYAwQA
uT5kMA0GCSqGSIb3DQEBCwUAA4IBAQB82mTHnbkIKP2z49sV7eQAoxtjMjKFseUm
Kuo5FP0OgQsoEPZrwUbxZW1GcQn0q6lAcAjPVjKc6rJ0JTCXgfLZKjyI6XPqqYli
np8MAY8pji9GLpvXgajC1D7+PgKhc5fq+KBJQgjMx6OOB/ms3As2fNnASDn3pp95
VWQZe1pW9hlzjlm55lYgdXAIZGUMxtJ6a0XQ7dEeZp6pORuvrFpRxtmF42e409ik
WoejXqHpRBIYw1OfwIuzH/6ZKR0G4ZccCAEiu7SD5QQfhshpvX27gd4HthK9UDrb
nMbCD3D8dC3PyaCQ7JEa6sL4fXIEehFZZeG0aqwW9OfAot/nCMn6
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:32:07 2025 by rpki-client