Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/ItkM_lYb3pTw-XiCMPkXYgy-m0g.roa
File: ItkM_lYb3pTw-XiCMPkXYgy-m0g.roa (raw, json)
Hash identifier: Q3c7pbfWYQFpkYWB2q+5w0y32P4gyiXZ9eKMqbHqky0=
Subject key identifier: 22:D9:0C:FE:56:1B:DE:94:F0:F9:78:82:30:F9:17:62:0C:BE:9B:48
Certificate issuer: /CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Certificate serial: 018A64BF85C928A076E58A676B98D21AA4D5
Authority key identifier: 76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/ItkM_lYb3pTw-XiCMPkXYgy-m0g.roa
Signing time: Tue 05 Sep 2023 09:49:47 +0000
ROA not before: Tue 05 Sep 2023 09:49:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 178.22.29.0/24 maxlen: 24
77.72.82.0/24 maxlen: 24
84.246.83.0/24 maxlen: 24
46.31.66.0/24 maxlen: 24
5.57.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Oct 2023 06:46:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:64:bf:85:c9:28:a0:76:e5:8a:67:6b:98:d2:1a:a4:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Validity
Not Before: Sep 5 09:49:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22d90cfe561bde94f0f9788230f917620cbe9b48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:40:88:bc:5d:44:4e:d5:28:03:b5:0d:c8:21:
94:54:ad:e5:0e:59:78:68:13:9d:34:b7:06:4a:a7:
f3:da:56:d2:10:11:44:fb:e6:91:20:4c:86:89:86:
62:cb:f0:43:da:61:fa:2c:00:7b:f2:58:89:a8:27:
84:bd:c8:77:56:37:c7:c4:46:85:ca:06:7d:68:84:
36:a4:ed:18:e3:58:2b:1e:1e:b3:bd:c5:3c:5f:59:
83:da:7a:05:58:68:be:cd:60:7a:a2:1f:25:b2:e7:
bb:e3:4d:9c:0f:ad:ab:0c:ab:0f:74:50:62:7f:46:
ea:45:e8:55:a4:8b:7b:d3:90:c3:ba:c4:52:2c:31:
c1:d9:ea:4c:9e:fa:a0:ce:e0:66:75:0c:d3:eb:8e:
c0:20:2a:b0:11:34:26:d3:4d:83:d6:51:fd:64:84:
98:12:93:04:12:4d:4c:ae:00:7a:41:99:fb:fd:24:
2d:1e:b1:ae:08:93:f4:8e:e4:b5:53:b8:8e:8d:5e:
49:37:fb:66:4e:75:88:84:db:bf:13:98:6b:b4:f6:
b1:89:3a:fb:21:d1:60:37:26:93:ff:79:1d:76:f5:
01:fb:78:dd:75:41:d5:70:3d:42:be:1d:20:c3:66:
e3:52:15:f2:2f:7b:91:ca:06:a7:35:a7:44:34:7e:
11:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:D9:0C:FE:56:1B:DE:94:F0:F9:78:82:30:F9:17:62:0C:BE:9B:48
X509v3 Authority Key Identifier:
keyid:76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/ItkM_lYb3pTw-XiCMPkXYgy-m0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.213.0/24
46.31.66.0/24
77.72.82.0/24
84.246.83.0/24
178.22.29.0/24
Signature Algorithm: sha256WithRSAEncryption
58:55:bb:ce:6e:8b:ff:8e:ab:bd:c7:32:bf:97:0a:a6:78:75:
4b:e3:65:c2:83:0d:30:42:48:90:2b:d0:e0:03:8d:c3:5e:80:
9a:01:11:cf:0b:48:68:ee:46:a5:de:c6:b8:70:35:b2:69:d7:
d9:28:b3:e9:c4:85:d4:6e:f3:85:a3:0e:21:dd:3c:6f:3f:72:
98:38:26:15:a4:a0:0c:df:65:ea:30:a0:d8:ad:34:89:46:a4:
7c:af:83:5e:ae:2a:50:a8:54:ff:21:e9:cb:e1:de:2c:eb:95:
7c:b2:07:67:99:33:1f:fc:35:54:b7:94:fa:d8:70:90:19:59:
0a:fb:e4:98:5f:dc:15:e9:11:25:59:bc:9d:76:7e:28:89:87:
de:61:65:21:97:a0:a7:39:29:36:7c:2d:49:c9:4b:8a:b7:9a:
a2:9c:23:50:52:72:03:a2:df:b5:32:0c:89:c2:1c:91:de:b1:
82:c7:38:8f:65:f0:72:34:3e:e1:c5:14:78:b4:e0:3c:2e:dc:
aa:2f:1e:9c:25:1a:88:02:0f:42:74:d3:73:e0:e8:3a:b0:b8:
0e:b0:0e:7b:36:a3:6e:c5:00:1e:ca:e3:fe:e4:a5:65:d1:ca:
f4:7d:f0:3a:f4:32:37:98:0f:06:a7:17:31:53:d5:19:fc:8b:
75:17:5c:c7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYpkv4XJKKB25Ypna5jSGqTVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2YzYmQ0YmZiZDMwNzFjMzhjZDRkNzA5MmJkMzQ5MDky
MGMzZDkwHhcNMjMwOTA1MDk0OTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmQ5MGNmZTU2MWJkZTk0ZjBmOTc4ODIzMGY5MTc2MjBjYmU5YjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkCIvF1ETtUoA7UNyCGUVK3lDll4
aBOdNLcGSqfz2lbSEBFE++aRIEyGiYZiy/BD2mH6LAB78liJqCeEvch3VjfHxEaF
ygZ9aIQ2pO0Y41grHh6zvcU8X1mD2noFWGi+zWB6oh8lsue7402cD62rDKsPdFBi
f0bqRehVpIt705DDusRSLDHB2epMnvqgzuBmdQzT647AICqwETQm002D1lH9ZISY
EpMEEk1MrgB6QZn7/SQtHrGuCJP0juS1U7iOjV5JN/tmTnWIhNu/E5hrtPaxiTr7
IdFgNyaT/3kddvUB+3jddUHVcD1Cvh0gw2bjUhXyL3uRyganNadENH4RnQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCLZDP5WG96U8Pl4gjD5F2IMvptIMB8GA1UdIwQY
MBaAFHZ/O9S/vTBxw4zU1wkr00kJIMPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgt
NGZiNTU5YjNiOWIzLzEvSXRrTV9sWWIzcFR3LVhpQ01Qa1hZZ3ktbTBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgtNGZiNTU5YjNiOWIz
LzEvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABTnVAwQA
Lh9CAwQATUhSAwQAVPZTAwQAshYdMA0GCSqGSIb3DQEBCwUAA4IBAQBYVbvObov/
jqu9xzK/lwqmeHVL42XCgw0wQkiQK9DgA43DXoCaARHPC0ho7kal3sa4cDWyadfZ
KLPpxIXUbvOFow4h3TxvP3KYOCYVpKAM32XqMKDYrTSJRqR8r4NeripQqFT/IenL
4d4s65V8sgdnmTMf/DVUt5T62HCQGVkK++SYX9wV6RElWbyddn4oiYfeYWUhl6Cn
OSk2fC1JyUuKt5qinCNQUnIDot+1MgyJwhyR3rGCxziPZfByND7hxRR4tOA8Ltyq
Lx6cJRqIAg9CdNNz4Og6sLgOsA57NqNuxQAeyuP+5KVl0cr0ffA69DI3mA8Gpxcx
U9UZ/It1F1zH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:46 2024 by rpki-client on console-fra.rpki-client.org