Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/iU1cKH3sWiAm1xT5Bljl-ZYEebM.roa
File: iU1cKH3sWiAm1xT5Bljl-ZYEebM.roa (raw, json)
Hash identifier: wurqHWwPrOSaZwSB5TKIVOPHovgLjeI2EuoTEF5dxkE=
Subject key identifier: 89:4D:5C:28:7D:EC:5A:20:26:D7:14:F9:06:58:E5:F9:96:04:79:B3
Certificate issuer: /CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
Certificate serial: 018745A85C718F7D8E6E4B25EA0951FE7FC9
Authority key identifier: C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/iU1cKH3sWiAm1xT5Bljl-ZYEebM.roa
Signing time: Mon 03 Apr 2023 05:47:54 +0000
ROA not before: Mon 03 Apr 2023 05:47:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15967
IP address blocks: 77.55.208.0/20 maxlen: 20
77.55.224.0/20 maxlen: 20
77.55.240.0/22 maxlen: 22
77.55.244.0/23 maxlen: 23
77.55.246.0/24 maxlen: 24
77.55.248.0/22 maxlen: 22
77.55.252.0/23 maxlen: 23
77.55.247.0/24 maxlen: 24
77.55.152.0/22 maxlen: 22
77.55.159.0/24 maxlen: 24
77.55.158.0/24 maxlen: 24
77.55.156.0/23 maxlen: 23
77.55.155.0/24 maxlen: 24
77.55.166.0/24 maxlen: 24
77.55.160.0/23 maxlen: 23
77.55.160.0/20 maxlen: 20
77.55.164.0/23 maxlen: 23
77.55.162.0/23 maxlen: 23
77.55.167.0/24 maxlen: 24
77.55.168.0/21 maxlen: 21
77.55.178.0/24 maxlen: 24
77.55.177.0/24 maxlen: 24
77.55.176.0/23 maxlen: 23
77.55.176.0/24 maxlen: 24
77.55.176.0/21 maxlen: 21
77.55.179.0/24 maxlen: 24
77.55.186.0/23 maxlen: 23
77.55.181.0/24 maxlen: 24
77.55.180.0/23 maxlen: 23
77.55.184.0/23 maxlen: 23
77.55.182.0/23 maxlen: 23
77.55.192.0/20 maxlen: 20
77.55.188.0/23 maxlen: 23
77.55.190.0/23 maxlen: 23
77.55.254.0/23 maxlen: 23
77.55.0.0/18 maxlen: 18
77.55.0.0/16 maxlen: 16
31.172.170.0/23 maxlen: 23
31.172.169.0/24 maxlen: 24
31.172.168.0/24 maxlen: 24
31.172.168.0/22 maxlen: 22
77.55.96.0/20 maxlen: 20
77.55.118.0/23 maxlen: 23
77.55.116.0/23 maxlen: 23
77.55.114.0/23 maxlen: 23
77.55.122.0/23 maxlen: 23
77.55.121.0/24 maxlen: 24
77.55.120.0/24 maxlen: 24
77.55.125.0/24 maxlen: 24
77.55.124.0/24 maxlen: 24
77.55.126.0/24 maxlen: 24
77.55.128.0/20 maxlen: 20
77.55.127.0/24 maxlen: 24
77.55.144.0/21 maxlen: 21
77.55.64.0/19 maxlen: 19
77.55.76.0/23 maxlen: 23
77.55.78.0/23 maxlen: 23
77.55.72.0/22 maxlen: 22
85.128.160.0/19 maxlen: 19
85.128.192.0/18 maxlen: 18
85.128.130.0/24 maxlen: 24
85.128.129.0/24 maxlen: 24
85.128.128.0/24 maxlen: 24
85.128.128.0/17 maxlen: 17
85.128.132.0/23 maxlen: 23
85.128.131.0/24 maxlen: 24
85.128.136.0/22 maxlen: 22
85.128.135.0/24 maxlen: 24
85.128.134.0/24 maxlen: 24
85.128.144.0/20 maxlen: 20
85.128.143.0/24 maxlen: 24
85.128.142.0/24 maxlen: 24
85.128.140.0/23 maxlen: 23
2a01:6100::/32 maxlen: 32
2a01:6100::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Apr 2023 08:54:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:45:a8:5c:71:8f:7d:8e:6e:4b:25:ea:09:51:fe:7f:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
Validity
Not Before: Apr 3 05:47:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=894d5c287dec5a2026d714f90658e5f9960479b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8d:d3:32:ad:f1:98:3e:39:8c:1f:91:e8:27:
67:a7:15:b6:93:2a:7e:63:e2:25:71:3d:aa:4e:6f:
ff:2a:a7:d0:d3:a4:4e:71:17:25:07:25:d0:9a:b1:
89:5e:52:ec:85:8a:63:f8:05:42:e2:7f:a3:b7:ff:
80:af:d9:1d:82:78:cc:44:0e:da:41:a6:f0:8d:23:
f9:88:22:0f:17:08:56:b4:d7:67:c8:80:36:b7:14:
c5:8d:c5:3a:38:20:18:96:dd:7d:2a:71:de:cd:ef:
48:79:c4:ff:fa:b0:ea:98:56:9b:c8:7e:3a:2e:0b:
83:cd:3d:81:ed:cc:5c:d3:d4:ff:d8:88:72:12:e4:
2f:08:c0:47:e4:c6:79:5f:ac:4b:bc:44:34:06:45:
75:0b:b5:45:95:54:07:07:fa:b4:63:a4:c7:1b:12:
83:fd:b8:b8:77:2f:fa:fb:09:5e:67:70:5f:62:ed:
92:57:5d:00:c6:e7:d9:79:20:42:03:b4:03:d9:91:
29:f2:af:1a:5f:5d:69:1d:26:fc:db:d1:45:8a:77:
2b:17:31:13:1a:79:c0:ac:5e:69:b1:66:1a:9b:4a:
3b:76:4c:57:ee:bd:1b:7b:54:0f:1b:e1:9e:bf:f5:
be:4d:00:ba:23:39:f3:2a:5e:f4:9a:e6:7b:68:06:
17:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:4D:5C:28:7D:EC:5A:20:26:D7:14:F9:06:58:E5:F9:96:04:79:B3
X509v3 Authority Key Identifier:
keyid:C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/iU1cKH3sWiAm1xT5Bljl-ZYEebM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.168.0/22
77.55.0.0/16
85.128.128.0/17
IPv6:
2a01:6100::/32
Signature Algorithm: sha256WithRSAEncryption
2d:af:3f:5b:e8:15:b4:94:10:cb:7e:c8:97:37:be:57:12:d5:
36:22:d9:fa:90:86:9a:ba:02:4f:9d:df:5f:b1:06:7c:38:0e:
1d:1f:2e:b1:49:37:21:1a:33:92:31:19:9d:d6:54:74:f1:65:
cd:78:6a:97:65:17:47:91:7e:16:49:e3:02:fd:9e:78:64:98:
f8:a0:42:64:2d:0e:70:ad:23:2c:10:47:50:92:a9:a9:03:96:
0c:28:08:24:f1:9b:32:ef:4c:ac:b5:ef:2a:84:20:77:e0:f7:
c5:e6:97:be:8d:fa:e3:70:13:17:89:0e:25:b4:6b:c1:d4:2c:
27:1c:c9:34:98:8c:87:0b:06:b6:b3:ec:e3:74:bb:e6:91:8d:
c4:23:3e:c6:0d:5e:51:04:b6:6c:6d:d9:15:cc:06:ca:25:36:
85:da:0d:42:da:a4:0e:cd:0f:33:43:ec:d1:13:80:d8:7b:fa:
cd:8f:07:f3:cb:d6:ad:01:76:68:dc:5a:89:1f:cb:9c:14:8f:
98:63:1c:7f:c3:61:66:6d:51:c1:2e:ca:8f:e1:e8:bf:76:1b:
c6:48:c8:3b:89:3e:c7:17:dd:ff:cb:a4:26:9c:4e:f8:2f:77:
ee:be:17:00:4b:01:eb:18:3b:b3:e3:7c:57:92:92:84:0f:ce:
e6:22:60:09
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYdFqFxxj32Obksl6glR/n/JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTJmNDI0MDdmMjFjOWQ3NjkwZmIzMGZkOGNkYjJiZmRm
NmQwMzAwHhcNMjMwNDAzMDU0NzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTRkNWMyODdkZWM1YTIwMjZkNzE0ZjkwNjU4ZTVmOTk2MDQ3OWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuI3TMq3xmD45jB+R6CdnpxW2kyp+
Y+IlcT2qTm//KqfQ06ROcRclByXQmrGJXlLshYpj+AVC4n+jt/+Ar9kdgnjMRA7a
QabwjSP5iCIPFwhWtNdnyIA2txTFjcU6OCAYlt19KnHeze9IecT/+rDqmFabyH46
LguDzT2B7cxc09T/2IhyEuQvCMBH5MZ5X6xLvEQ0BkV1C7VFlVQHB/q0Y6THGxKD
/bi4dy/6+wleZ3BfYu2SV10AxufZeSBCA7QD2ZEp8q8aX11pHSb829FFincrFzET
GnnArF5psWYam0o7dkxX7r0be1QPG+Gev/W+TQC6IznzKl70muZ7aAYX+QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIlNXCh97FogJtcU+QZY5fmWBHmzMB8GA1UdIwQY
MBaAFMWi9CQH8hyddpD7MP2M2yv99tAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEt
ZmI1YzYyZTQyZjZiLzEvaVUxY0tIM3NXaUFtMXhUNUJsamwtWllFZWJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEtZmI1YzYyZTQyZjZi
LzEveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQCH6yoAwMA
TTcDBAdVgIAwDQQCAAIwBwMFACoBYQAwDQYJKoZIhvcNAQELBQADggEBAC2vP1vo
FbSUEMt+yJc3vlcS1TYi2fqQhpq6Ak+d31+xBnw4Dh0fLrFJNyEaM5IxGZ3WVHTx
Zc14apdlF0eRfhZJ4wL9nnhkmPigQmQtDnCtIywQR1CSqakDlgwoCCTxmzLvTKy1
7yqEIHfg98Xml76N+uNwExeJDiW0a8HULCccyTSYjIcLBraz7ON0u+aRjcQjPsYN
XlEEtmxt2RXMBsolNoXaDULapA7NDzND7NETgNh7+s2PB/PL1q0BdmjcWokfy5wU
j5hjHH/DYWZtUcEuyo/h6L92G8ZIyDuJPscX3f/LpCacTvgvd+6+FwBLAesYO7Pj
fFeSkoQPzuYiYAk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:10 2024 by rpki-client on console-ams.rpki-client.org