Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/sqX_iL7aaJf_jC5ILlS3baysYHI.roa
File: sqX_iL7aaJf_jC5ILlS3baysYHI.roa (raw, json)
Hash identifier: LLWDmIUhWTUCmmT2KhYNpORuWHNh0750ZS8uZK/BW3I=
Subject key identifier: B2:A5:FF:88:BE:DA:68:97:FF:8C:2E:48:2E:54:B7:6D:AC:AC:60:72
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 018D23D97A77A9FB2E472D9A3C6AC2833679
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/sqX_iL7aaJf_jC5ILlS3baysYHI.roa
Signing time: Fri 19 Jan 2024 22:31:11 +0000
ROA not before: Fri 19 Jan 2024 22:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 77.72.81.0/24 maxlen: 24
94.103.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jan 2024 16:52:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:23:d9:7a:77:a9:fb:2e:47:2d:9a:3c:6a:c2:83:36:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jan 19 22:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2a5ff88beda6897ff8c2e482e54b76dacac6072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ff:44:f1:d2:0f:6f:48:aa:d4:33:db:bb:d0:
b0:3b:94:6f:d3:bd:5c:22:18:ac:dd:85:68:69:6e:
7b:06:91:62:62:8b:ff:52:61:52:83:d8:be:e6:5c:
9e:76:cc:fc:cf:d1:e4:c2:54:1d:e4:f6:05:9f:f1:
68:44:f1:36:16:21:7c:3a:63:32:ca:d3:60:55:1d:
d0:db:20:4a:b2:a4:93:b4:3e:dc:57:d9:e9:ff:61:
0b:97:f5:15:aa:82:14:64:47:61:23:1b:10:98:08:
2f:8c:32:b1:88:98:96:d8:54:7b:fc:ae:e9:ec:3e:
39:81:4f:1b:c6:55:be:a4:18:15:7d:70:53:c4:26:
a6:b0:57:cc:7b:b0:c8:3b:79:ca:ef:5b:f7:43:66:
d1:ac:c1:60:d2:c1:37:52:b3:0f:cf:97:b0:69:8d:
27:40:a7:31:80:fd:09:98:0d:87:c2:ca:c8:0b:0f:
e4:26:8a:7a:94:49:b4:89:13:70:20:27:9d:44:c0:
04:a1:6f:77:d5:43:aa:0c:6c:55:93:8d:75:df:74:
c2:a5:ac:3f:89:aa:64:c7:73:24:c0:f8:85:b7:be:
af:20:5d:3b:2d:ef:09:e3:b5:8a:67:e9:ad:82:99:
e9:7c:9c:9f:6c:17:c4:35:ab:fb:ea:d6:4e:ca:e3:
c1:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:A5:FF:88:BE:DA:68:97:FF:8C:2E:48:2E:54:B7:6D:AC:AC:60:72
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/sqX_iL7aaJf_jC5ILlS3baysYHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.81.0/24
94.103.187.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:e0:da:bd:e2:78:8d:6d:f7:75:94:49:e6:14:0e:12:4c:9d:
4f:8c:25:14:c7:9c:a6:a9:f8:8c:47:9f:c4:5a:60:9f:53:92:
f6:8b:54:02:92:03:96:ed:92:21:f3:6d:98:1b:f8:d8:fc:4d:
52:6d:d5:a5:ce:8b:61:ab:1a:7c:51:99:dc:0c:37:69:1b:a2:
28:ea:21:7a:39:8f:07:16:c2:3b:71:72:d4:e6:e7:39:6c:94:
2b:10:75:5a:f2:fd:de:c9:cc:30:4c:b5:4e:d2:a7:8a:62:1c:
45:59:d0:6a:0e:49:82:7c:4d:fd:2f:0c:f1:54:f0:19:d2:4a:
a7:b1:65:4e:45:52:9b:3e:f3:33:91:b8:ab:b3:80:46:85:61:
0f:a1:b8:1a:96:47:78:0a:a2:1d:46:3b:a9:e3:64:b5:8d:06:
0d:7c:6e:07:e4:26:b9:61:48:94:d3:70:fa:0f:7a:e3:c3:24:
bf:8a:96:7e:0a:f7:f3:09:1b:21:18:3e:75:b8:e3:04:2d:46:
66:02:de:6c:64:6b:a4:9f:1d:e0:e1:e3:cf:44:14:23:4c:a3:
ed:a4:ff:78:dd:ec:63:b5:79:ea:ba:80:11:32:8d:8c:29:b3:
a4:8b:4b:78:6f:3c:0e:99:47:5d:40:96:31:bb:bf:13:25:b2:
e0:c3:a3:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0j2Xp3qfsuRy2aPGrCgzZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwMTE5MjIzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmE1ZmY4OGJlZGE2ODk3ZmY4YzJlNDgyZTU0Yjc2ZGFjYWM2MDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/9E8dIPb0iq1DPbu9CwO5Rv071c
Ihis3YVoaW57BpFiYov/UmFSg9i+5lyedsz8z9HkwlQd5PYFn/FoRPE2FiF8OmMy
ytNgVR3Q2yBKsqSTtD7cV9np/2ELl/UVqoIUZEdhIxsQmAgvjDKxiJiW2FR7/K7p
7D45gU8bxlW+pBgVfXBTxCamsFfMe7DIO3nK71v3Q2bRrMFg0sE3UrMPz5ewaY0n
QKcxgP0JmA2HwsrICw/kJop6lEm0iRNwICedRMAEoW931UOqDGxVk41133TCpaw/
iapkx3MkwPiFt76vIF07Le8J47WKZ+mtgpnpfJyfbBfENav76tZOyuPBTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLKl/4i+2miX/4wuSC5Ut22srGByMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvc3FYX2lMN2FhSmZfakM1SUxsUzNiYXlzWUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATUhRAwQA
Xme7MA0GCSqGSIb3DQEBCwUAA4IBAQBL4Nq94niNbfd1lEnmFA4STJ1PjCUUx5ym
qfiMR5/EWmCfU5L2i1QCkgOW7ZIh822YG/jY/E1SbdWlzothqxp8UZncDDdpG6Io
6iF6OY8HFsI7cXLU5uc5bJQrEHVa8v3eycwwTLVO0qeKYhxFWdBqDkmCfE39Lwzx
VPAZ0kqnsWVORVKbPvMzkbirs4BGhWEPobgalkd4CqIdRjup42S1jQYNfG4H5Ca5
YUiU03D6D3rjwyS/ipZ+CvfzCRshGD51uOMELUZmAt5sZGuknx3g4ePPRBQjTKPt
pP943exjtXnquoARMo2MKbOki0t4bzwOmUddQJYxu78TJbLgw6Pp
-----END CERTIFICATE-----
Generated at Sun Jan 21 18:04:11 2024 by rpki-client on console-fra.rpki-client.org