Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/13eplZ7qAjbM8iJhPcjSP1yHgLk.roa
File: 13eplZ7qAjbM8iJhPcjSP1yHgLk.roa (raw, json)
Hash identifier: 44RWBmIIy/inQj+RDRPWRA8jqzNNREuPYP3Mk7DTieA=
Subject key identifier: D7:77:A9:95:9E:EA:02:36:CC:F2:22:61:3D:C8:D2:3F:5C:87:80:B9
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01884D2D7614A128BC1F2075540FCC6B97D3
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/13eplZ7qAjbM8iJhPcjSP1yHgLk.roa
Signing time: Wed 24 May 2023 09:53:24 +0000
ROA not before: Wed 24 May 2023 09:53:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
45.94.171.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 03 Jun 2023 08:18:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4d:2d:76:14:a1:28:bc:1f:20:75:54:0f:cc:6b:97:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: May 24 09:53:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d777a9959eea0236ccf222613dc8d23f5c8780b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:29:35:b2:81:01:0e:ca:aa:d9:5d:bb:d7:dc:
06:35:38:94:4d:cf:ff:23:58:25:51:dd:ca:c5:96:
3c:01:d1:d4:0c:59:68:f8:9f:aa:b7:42:36:c6:ba:
d5:c5:3d:a5:30:c5:bc:86:e1:2b:ed:c8:9a:b1:5a:
fe:b2:c7:ef:86:d8:a1:07:18:c2:98:d6:34:f1:65:
76:fe:6e:43:ce:a4:33:1c:71:54:ab:cd:a7:44:ba:
20:f3:f4:31:2c:e1:17:e8:e6:ea:e8:74:f4:4c:03:
11:0c:5f:77:98:ce:0a:5c:d3:94:98:0c:93:b2:99:
5f:f5:c6:b6:95:28:6d:69:d2:52:69:ce:44:b2:36:
e4:13:08:a2:f5:7a:66:a5:b0:44:94:3b:bd:82:f5:
25:43:23:36:d7:61:1f:58:f0:d3:16:fb:f2:a2:09:
a2:1f:f6:a0:6b:d8:30:f3:21:19:91:cf:1d:f2:88:
9b:ab:38:43:cd:25:18:dc:53:a8:39:6f:d3:46:86:
a4:8b:54:43:00:d2:9d:3a:4e:03:be:c2:93:02:fd:
ed:ff:2f:9c:06:78:90:74:78:e4:9f:9e:f5:bf:ed:
99:01:b2:6f:af:a5:34:8b:87:0e:b3:0f:47:f2:45:
d4:4f:aa:1b:4b:f5:e1:82:73:49:b8:bf:7f:67:c9:
0d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:77:A9:95:9E:EA:02:36:CC:F2:22:61:3D:C8:D2:3F:5C:87:80:B9
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/13eplZ7qAjbM8iJhPcjSP1yHgLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.171.0/24
77.83.38.0/23
85.209.120.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:34:41:7d:5e:59:07:9a:9d:bd:ec:b3:e5:d2:33:d7:ee:e3:
8d:65:16:8d:5a:a4:b2:12:8f:c2:dd:89:49:70:e2:86:82:58:
f3:0c:11:e9:1e:3c:74:44:1c:ec:2e:b7:f8:1f:a3:e9:4c:5b:
fd:d3:1f:cd:cc:89:30:b1:5c:67:76:6b:a3:ac:4f:f0:bb:b0:
0d:48:39:48:c0:b7:2e:73:33:68:50:f4:d6:02:bf:0b:33:58:
a3:d9:06:69:ac:6c:c8:39:2b:59:0d:83:66:c8:3f:c5:9b:bf:
4f:96:4c:3f:58:4c:2b:9b:bc:e6:b1:6e:2c:c7:ef:3b:50:42:
3b:d4:6b:b3:41:05:54:f5:29:fd:6d:5f:11:ff:c3:c3:ab:0a:
6a:28:b3:f2:6a:b6:e7:57:3b:2e:2f:e6:79:28:eb:eb:c1:19:
4b:30:27:75:0c:3e:e2:f1:64:b7:1a:98:18:75:ad:5f:9d:e7:
5a:38:58:d8:65:45:55:d5:2c:55:4d:24:7d:68:97:57:47:40:
79:48:13:8e:d2:aa:7b:32:5c:15:cb:f3:c2:07:4e:3f:01:9f:
17:1d:b5:7a:c6:15:de:79:80:aa:67:9d:eb:ab:46:93:f8:5c:
7e:64:65:f7:07:c5:8d:cc:53:68:09:20:e1:96:48:f7:54:d9:
8b:79:46:5a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYhNLXYUoSi8HyB1VA/Ma5fTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNTI0MDk1MzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzc3YTk5NTllZWEwMjM2Y2NmMjIyNjEzZGM4ZDIzZjVjODc4MGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCk1soEBDsqq2V2719wGNTiUTc//
I1glUd3KxZY8AdHUDFlo+J+qt0I2xrrVxT2lMMW8huEr7ciasVr+ssfvhtihBxjC
mNY08WV2/m5DzqQzHHFUq82nRLog8/QxLOEX6Obq6HT0TAMRDF93mM4KXNOUmAyT
splf9ca2lShtadJSac5EsjbkEwii9XpmpbBElDu9gvUlQyM212EfWPDTFvvyogmi
H/aga9gw8yEZkc8d8oibqzhDzSUY3FOoOW/TRoaki1RDANKdOk4DvsKTAv3t/y+c
BniQdHjkn571v+2ZAbJvr6U0i4cOsw9H8kXUT6obS/XhgnNJuL9/Z8kNSQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNd3qZWe6gI2zPIiYT3I0j9ch4C5MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMTNlcGxaN3FBamJNOGlKaFBjalNQMXlIZ0xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALV6rAwQB
TVMmAwQBVdF4MA0GCSqGSIb3DQEBCwUAA4IBAQChNEF9XlkHmp297LPl0jPX7uON
ZRaNWqSyEo/C3YlJcOKGgljzDBHpHjx0RBzsLrf4H6PpTFv90x/NzIkwsVxndmuj
rE/wu7ANSDlIwLcuczNoUPTWAr8LM1ij2QZprGzIOStZDYNmyD/Fm79Plkw/WEwr
m7zmsW4sx+87UEI71GuzQQVU9Sn9bV8R/8PDqwpqKLPyarbnVzsuL+Z5KOvrwRlL
MCd1DD7i8WS3GpgYda1fnedaOFjYZUVV1SxVTSR9aJdXR0B5SBOO0qp7MlwVy/PC
B04/AZ8XHbV6xhXeeYCqZ53rq0aT+Fx+ZGX3B8WNzFNoCSDhlkj3VNmLeUZa
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org