Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/9VAU6JsuWSqmLm-m4XHn1EvBixM.roa
File: 9VAU6JsuWSqmLm-m4XHn1EvBixM.roa (raw, json)
Hash identifier: XQch7ODh3MlxPjEqvSAInUd8MkszOhMA2j71Pg/NypE=
Subject key identifier: F5:50:14:E8:9B:2E:59:2A:A6:2E:6F:A6:E1:71:E7:D4:4B:C1:8B:13
Certificate issuer: /CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
Certificate serial: 018920CE7CDDB27D1651B72C2E46374E51D3
Authority key identifier: C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/9VAU6JsuWSqmLm-m4XHn1EvBixM.roa
Signing time: Tue 04 Jul 2023 12:09:10 +0000
ROA not before: Tue 04 Jul 2023 12:09:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15967
IP address blocks: 77.55.208.0/20 maxlen: 20
77.55.224.0/20 maxlen: 20
77.55.240.0/22 maxlen: 22
77.55.246.0/24 maxlen: 24
77.55.248.0/22 maxlen: 22
77.55.252.0/23 maxlen: 23
77.55.247.0/24 maxlen: 24
77.55.152.0/24 maxlen: 24
77.55.152.0/22 maxlen: 22
77.55.159.0/24 maxlen: 24
77.55.158.0/24 maxlen: 24
77.55.153.0/24 maxlen: 24
77.55.156.0/23 maxlen: 23
77.55.155.0/24 maxlen: 24
77.55.154.0/24 maxlen: 24
77.55.166.0/24 maxlen: 24
77.55.160.0/23 maxlen: 23
77.55.160.0/20 maxlen: 20
77.55.164.0/23 maxlen: 23
77.55.162.0/23 maxlen: 23
77.55.172.0/23 maxlen: 23
77.55.167.0/24 maxlen: 24
77.55.170.0/23 maxlen: 23
77.55.168.0/23 maxlen: 23
77.55.174.0/23 maxlen: 23
77.55.178.0/24 maxlen: 24
77.55.177.0/24 maxlen: 24
77.55.176.0/23 maxlen: 23
77.55.176.0/24 maxlen: 24
77.55.176.0/21 maxlen: 21
77.55.179.0/24 maxlen: 24
77.55.186.0/23 maxlen: 23
77.55.181.0/24 maxlen: 24
77.55.180.0/23 maxlen: 23
77.55.184.0/23 maxlen: 23
77.55.182.0/23 maxlen: 23
77.55.192.0/20 maxlen: 20
77.55.188.0/23 maxlen: 23
77.55.190.0/23 maxlen: 23
77.55.0.0/18 maxlen: 18
77.55.0.0/16 maxlen: 16
31.172.170.0/23 maxlen: 23
31.172.169.0/24 maxlen: 24
31.172.168.0/24 maxlen: 24
31.172.168.0/22 maxlen: 22
77.55.96.0/22 maxlen: 22
77.55.104.0/23 maxlen: 23
77.55.100.0/22 maxlen: 22
77.55.112.0/23 maxlen: 23
77.55.108.0/22 maxlen: 22
77.55.106.0/23 maxlen: 23
77.55.118.0/23 maxlen: 23
77.55.116.0/23 maxlen: 23
77.55.114.0/23 maxlen: 23
77.55.122.0/23 maxlen: 23
77.55.121.0/24 maxlen: 24
77.55.120.0/24 maxlen: 24
77.55.125.0/24 maxlen: 24
77.55.124.0/24 maxlen: 24
77.55.126.0/24 maxlen: 24
77.55.128.0/20 maxlen: 20
77.55.127.0/24 maxlen: 24
77.55.144.0/21 maxlen: 21
77.55.64.0/22 maxlen: 22
77.55.68.0/22 maxlen: 22
77.55.76.0/23 maxlen: 23
77.55.78.0/23 maxlen: 23
77.55.72.0/22 maxlen: 22
77.55.84.0/22 maxlen: 22
77.55.90.0/23 maxlen: 23
77.55.88.0/23 maxlen: 23
77.55.88.0/22 maxlen: 22
85.128.160.0/19 maxlen: 19
85.128.192.0/18 maxlen: 18
85.128.130.0/24 maxlen: 24
85.128.129.0/24 maxlen: 24
85.128.128.0/24 maxlen: 24
85.128.128.0/17 maxlen: 17
85.128.132.0/23 maxlen: 23
85.128.131.0/24 maxlen: 24
85.128.136.0/22 maxlen: 22
85.128.135.0/24 maxlen: 24
85.128.134.0/24 maxlen: 24
85.128.144.0/20 maxlen: 20
85.128.143.0/24 maxlen: 24
85.128.142.0/24 maxlen: 24
85.128.140.0/23 maxlen: 23
2a01:6100::/32 maxlen: 32
2a01:6100::/48 maxlen: 48
2a01:6100:111::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 07 Jul 2023 08:50:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:20:ce:7c:dd:b2:7d:16:51:b7:2c:2e:46:37:4e:51:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
Validity
Not Before: Jul 4 12:09:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f55014e89b2e592aa62e6fa6e171e7d44bc18b13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:65:5d:73:73:78:ce:39:e9:a8:ac:c8:bd:c8:
9d:fb:06:b6:ec:65:2d:e0:f3:2e:4d:dc:fe:94:75:
59:ed:fc:a4:6a:34:c5:f8:8d:82:f1:e9:e1:aa:35:
ee:82:57:5f:68:d5:8f:83:6e:61:7b:ea:b6:4a:45:
30:e8:f8:b0:57:a3:1a:13:05:bc:e6:7f:4e:fb:36:
19:27:f2:fd:d6:a5:18:39:2f:f5:ac:fe:ae:df:97:
93:b2:65:81:4a:d3:0d:ff:3d:d0:11:84:8c:24:82:
78:4e:f2:35:55:c3:ee:ec:ba:51:d2:4b:cb:31:af:
d9:40:7c:ee:e0:41:a4:cd:8c:a0:2b:b8:5f:a8:3c:
82:8f:e1:d9:b0:b7:90:41:df:ba:42:08:35:e2:36:
df:c5:e0:f6:18:60:ec:d4:b2:af:c7:4a:27:cd:31:
30:c5:df:e1:8b:dc:6f:94:92:09:fa:53:f5:7e:44:
b9:c8:69:58:20:74:69:e9:b3:2a:09:dd:7a:b6:b9:
41:78:60:49:73:13:74:ac:a1:59:ee:a6:c4:f5:8b:
bb:49:26:f7:e7:02:f3:0c:d1:b7:8c:a8:2d:f0:ed:
d9:19:67:76:f9:34:d3:26:72:58:f8:19:ef:b6:43:
38:90:b0:06:c3:6e:1e:b0:fe:8a:a7:0d:0b:46:d9:
cb:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:50:14:E8:9B:2E:59:2A:A6:2E:6F:A6:E1:71:E7:D4:4B:C1:8B:13
X509v3 Authority Key Identifier:
keyid:C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/9VAU6JsuWSqmLm-m4XHn1EvBixM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.168.0/22
77.55.0.0/16
85.128.128.0/17
IPv6:
2a01:6100::/32
Signature Algorithm: sha256WithRSAEncryption
6c:cc:9b:56:c7:b3:3d:ec:cf:11:bd:f5:cf:d6:47:8e:b1:22:
50:f3:ad:2d:10:8b:28:06:d4:98:dd:d5:d3:03:ed:60:de:ce:
06:01:39:23:c0:40:42:95:fe:3a:a2:c4:b1:3d:3d:f3:d6:19:
5b:e4:66:cc:5b:c3:3c:cd:65:d9:86:9a:58:25:42:e9:df:af:
e1:8b:52:eb:e6:7e:b8:47:04:33:cf:27:27:5e:f7:2a:fd:6f:
49:6f:a4:d6:66:4f:63:7e:ca:9a:3e:45:41:34:69:ab:33:5c:
26:02:f9:e4:0c:c3:55:7c:71:1b:74:7a:49:59:3c:ab:ca:e5:
ab:7c:e2:53:e9:87:a1:19:80:e0:8b:4d:6b:fd:11:6e:99:78:
94:88:d0:dc:73:6c:de:d1:4e:42:bd:cf:fb:fb:c6:0a:9d:e4:
9b:2a:d2:50:37:1d:99:3f:9e:ed:f7:39:65:ae:2c:be:9a:d1:
6d:83:cd:04:09:88:9b:96:80:7a:ec:eb:f2:71:1f:21:48:b1:
d3:a6:08:58:74:97:a1:05:0e:2e:b7:eb:5b:f3:d8:f8:71:61:
eb:0c:25:4a:b7:a1:da:06:a3:6e:ad:f6:4d:2f:5c:2a:65:f4:
7e:c0:3f:ed:39:c6:8d:bf:c4:fb:60:ba:2a:9a:2a:92:52:04:
d9:2e:94:7c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYkgznzdsn0WUbcsLkY3TlHTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTJmNDI0MDdmMjFjOWQ3NjkwZmIzMGZkOGNkYjJiZmRm
NmQwMzAwHhcNMjMwNzA0MTIwOTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTUwMTRlODliMmU1OTJhYTYyZTZmYTZlMTcxZTdkNDRiYzE4YjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2Vdc3N4zjnpqKzIvcid+wa27GUt
4PMuTdz+lHVZ7fykajTF+I2C8enhqjXugldfaNWPg25he+q2SkUw6PiwV6MaEwW8
5n9O+zYZJ/L91qUYOS/1rP6u35eTsmWBStMN/z3QEYSMJIJ4TvI1VcPu7LpR0kvL
Ma/ZQHzu4EGkzYygK7hfqDyCj+HZsLeQQd+6Qgg14jbfxeD2GGDs1LKvx0onzTEw
xd/hi9xvlJIJ+lP1fkS5yGlYIHRp6bMqCd16trlBeGBJcxN0rKFZ7qbE9Yu7SSb3
5wLzDNG3jKgt8O3ZGWd2+TTTJnJY+BnvtkM4kLAGw24esP6Kpw0LRtnLMwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPVQFOibLlkqpi5vpuFx59RLwYsTMB8GA1UdIwQY
MBaAFMWi9CQH8hyddpD7MP2M2yv99tAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEt
ZmI1YzYyZTQyZjZiLzEvOVZBVTZKc3VXU3FtTG0tbTRYSG4xRXZCaXhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEtZmI1YzYyZTQyZjZi
LzEveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQCH6yoAwMA
TTcDBAdVgIAwDQQCAAIwBwMFACoBYQAwDQYJKoZIhvcNAQELBQADggEBAGzMm1bH
sz3szxG99c/WR46xIlDzrS0QiygG1Jjd1dMD7WDezgYBOSPAQEKV/jqixLE9PfPW
GVvkZsxbwzzNZdmGmlglQunfr+GLUuvmfrhHBDPPJyde9yr9b0lvpNZmT2N+ypo+
RUE0aaszXCYC+eQMw1V8cRt0eklZPKvK5at84lPph6EZgOCLTWv9EW6ZeJSI0Nxz
bN7RTkK9z/v7xgqd5Jsq0lA3HZk/nu33OWWuLL6a0W2DzQQJiJuWgHrs6/JxHyFI
sdOmCFh0l6EFDi6361vz2PhxYesMJUq3odoGo26t9k0vXCpl9H7AP+05xo2/xPtg
uiqaKpJSBNkulHw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:10 2024 by rpki-client on console-ams.rpki-client.org