Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Ur0cqAPLrLbObMmET7DF9IrAZ5g.roa
File: Ur0cqAPLrLbObMmET7DF9IrAZ5g.roa (raw, json)
Hash identifier: erTgBPbnYwNq9i15kUwaJbhwiTmP/rL+0wG/iR79Z/A=
Subject key identifier: 52:BD:1C:A8:03:CB:AC:B6:CE:6C:C9:84:4F:B0:C5:F4:8A:C0:67:98
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 018CEA3A0899058CC4CE8F9781E755AC2BA3
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Ur0cqAPLrLbObMmET7DF9IrAZ5g.roa
Signing time: Mon 08 Jan 2024 17:58:40 +0000
ROA not before: Mon 08 Jan 2024 17:58:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 77.72.81.0/24 maxlen: 24
146.19.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 17:58:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ea:3a:08:99:05:8c:c4:ce:8f:97:81:e7:55:ac:2b:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jan 8 17:58:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52bd1ca803cbacb6ce6cc9844fb0c5f48ac06798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:92:70:f5:08:a7:24:78:9b:9f:07:3c:a9:7d:
e7:c8:c6:e7:f5:b5:2f:d9:a3:79:fe:79:46:9c:80:
98:55:ca:18:f1:fd:32:7e:0f:b7:70:5b:88:62:47:
ae:d0:38:58:ef:dc:d3:f6:d4:84:e7:ad:29:b1:55:
2f:38:9b:1c:62:b9:4e:a1:55:12:30:e9:c2:d5:fa:
f5:59:24:7f:5a:34:0c:d8:1b:d3:65:6e:41:76:25:
e9:9d:e6:e9:42:b1:00:83:52:5e:79:56:2f:2c:96:
3b:c7:bd:19:9e:77:7c:45:cb:9b:dc:2f:29:83:5d:
5f:51:1c:a0:49:29:96:86:76:12:13:33:3a:34:9e:
08:ec:d1:00:ed:40:47:b7:03:fa:67:9d:5c:a6:98:
02:25:10:45:4b:75:be:d4:b8:f6:91:35:37:87:18:
c2:22:b9:f0:1a:95:4a:6b:7e:2a:40:80:93:94:5a:
53:09:2a:75:eb:7d:b9:d5:b9:c6:40:32:47:1e:bd:
c3:35:b1:ea:2a:88:45:9c:6b:85:b4:7c:da:87:21:
4f:31:96:90:c6:97:1f:38:00:61:3b:ed:ad:69:f0:
91:e2:dc:4d:c4:f3:6b:79:91:56:aa:fc:b6:02:71:
d0:57:64:29:48:ad:63:15:6b:c7:b0:3a:9d:01:93:
2d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:BD:1C:A8:03:CB:AC:B6:CE:6C:C9:84:4F:B0:C5:F4:8A:C0:67:98
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Ur0cqAPLrLbObMmET7DF9IrAZ5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.81.0/24
146.19.93.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:45:d4:4f:d3:30:36:7d:f8:cd:14:d4:63:d0:70:cc:02:3f:
ee:36:40:e6:b7:cf:3c:8d:2a:ca:bc:18:16:09:4c:3c:bb:e9:
1d:92:ae:78:05:77:ca:8d:c9:e1:0c:03:47:7c:c1:ac:cc:53:
23:b9:40:21:eb:7a:5b:cf:41:10:3b:99:76:7b:17:df:0e:ae:
16:ce:33:32:02:ff:e7:3e:c9:0b:a4:fc:d3:b4:1d:2c:3b:6e:
31:9b:05:d0:d0:46:1c:de:70:08:a5:dd:f9:9a:e9:80:c1:11:
b6:25:11:47:9e:f3:c4:e2:02:3a:41:45:69:6b:ae:e4:0f:07:
12:f5:73:12:56:4f:ab:57:a6:fc:ab:62:b6:69:4e:78:68:ed:
7c:65:64:59:32:f5:c5:90:54:91:76:04:8a:de:ac:41:1d:1a:
b5:1c:a3:02:7b:c5:f1:96:da:18:6b:46:aa:38:32:ec:7a:95:
55:f1:c7:19:c0:bf:ee:07:b1:f3:6c:1c:bf:54:2c:fe:f6:ca:
4e:c2:af:11:da:45:85:be:34:5c:3e:2e:d2:39:58:c8:fe:ec:
8d:8c:86:b8:45:21:61:a2:b0:58:94:4b:6d:b8:58:d3:16:86:
f6:27:69:f0:41:2f:36:14:d7:4f:3a:03:9e:c7:44:65:fd:35:
d4:05:3f:c8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzqOgiZBYzEzo+XgedVrCujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwMTA4MTc1ODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmJkMWNhODAzY2JhY2I2Y2U2Y2M5ODQ0ZmIwYzVmNDhhYzA2Nzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5Jw9QinJHibnwc8qX3nyMbn9bUv
2aN5/nlGnICYVcoY8f0yfg+3cFuIYkeu0DhY79zT9tSE560psVUvOJscYrlOoVUS
MOnC1fr1WSR/WjQM2BvTZW5BdiXpnebpQrEAg1JeeVYvLJY7x70Znnd8Rcub3C8p
g11fURygSSmWhnYSEzM6NJ4I7NEA7UBHtwP6Z51cppgCJRBFS3W+1Lj2kTU3hxjC
IrnwGpVKa34qQICTlFpTCSp163251bnGQDJHHr3DNbHqKohFnGuFtHzahyFPMZaQ
xpcfOABhO+2tafCR4txNxPNreZFWqvy2AnHQV2QpSK1jFWvHsDqdAZMtwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFK9HKgDy6y2zmzJhE+wxfSKwGeYMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvVXIwY3FBUExyTGJPYk1tRVQ3REY5SXJBWjVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATUhRAwQA
khNdMA0GCSqGSIb3DQEBCwUAA4IBAQBvRdRP0zA2ffjNFNRj0HDMAj/uNkDmt888
jSrKvBgWCUw8u+kdkq54BXfKjcnhDANHfMGszFMjuUAh63pbz0EQO5l2exffDq4W
zjMyAv/nPskLpPzTtB0sO24xmwXQ0EYc3nAIpd35mumAwRG2JRFHnvPE4gI6QUVp
a67kDwcS9XMSVk+rV6b8q2K2aU54aO18ZWRZMvXFkFSRdgSK3qxBHRq1HKMCe8Xx
ltoYa0aqODLsepVV8ccZwL/uB7HzbBy/VCz+9spOwq8R2kWFvjRcPi7SOVjI/uyN
jIa4RSFhorBYlEttuFjTFob2J2nwQS82FNdPOgOex0Rl/TXUBT/I
-----END CERTIFICATE-----
Generated at Tue Jan 16 21:18:25 2024 by rpki-client on console-ams.rpki-client.org