Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/gY9BASv2j2UWUOc9LoPmprjvoQw.roa
File: gY9BASv2j2UWUOc9LoPmprjvoQw.roa (raw, json)
Hash identifier: zPS11c+EnoPhWvgkcbMQ0gO0Y0GY5KSnQ7fRTUgdnBk=
Subject key identifier: 81:8F:41:01:2B:F6:8F:65:16:50:E7:3D:2E:83:E6:A6:B8:EF:A1:0C
Certificate issuer: /CN=d504e641e55a48aee0141e2c0d26227102caa6d4
Certificate serial: 0189ACAAEA1A0565CA17C7A9606C39DEC815
Authority key identifier: D5:04:E6:41:E5:5A:48:AE:E0:14:1E:2C:0D:26:22:71:02:CA:A6:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QTmQeVaSK7gFB4sDSYicQLKptQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/gY9BASv2j2UWUOc9LoPmprjvoQw.roa
Signing time: Mon 31 Jul 2023 15:57:09 +0000
ROA not before: Mon 31 Jul 2023 15:57:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9123
IP address blocks: 77.232.129.0/24 maxlen: 24
77.232.130.0/24 maxlen: 24
77.232.131.0/24 maxlen: 24
77.232.128.0/24 maxlen: 24
77.232.132.0/22 maxlen: 22
77.232.132.0/24 maxlen: 24
77.232.139.0/24 maxlen: 24
77.232.136.0/24 maxlen: 24
77.232.136.0/22 maxlen: 22
77.232.137.0/24 maxlen: 24
77.232.138.0/24 maxlen: 24
77.232.133.0/24 maxlen: 24
77.232.134.0/24 maxlen: 24
77.232.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Aug 2023 14:48:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ac:aa:ea:1a:05:65:ca:17:c7:a9:60:6c:39:de:c8:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d504e641e55a48aee0141e2c0d26227102caa6d4
Validity
Not Before: Jul 31 15:57:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=818f41012bf68f651650e73d2e83e6a6b8efa10c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e6:aa:c9:80:7c:bf:a9:a6:39:20:61:34:3e:
c6:16:3d:83:ea:52:1b:aa:36:83:84:0b:c9:f9:3f:
89:19:9c:f5:a2:f0:34:c9:0d:0d:60:d3:ca:41:92:
5c:16:55:6f:15:25:a0:fd:df:77:20:0a:4a:cb:21:
28:f2:36:b3:42:f9:5d:aa:41:06:42:56:57:36:ab:
ae:b0:f3:52:2d:df:63:0c:4e:08:06:36:6f:14:d1:
9f:63:b8:7b:20:ba:7d:fd:6b:34:8c:01:c5:d4:51:
e0:90:d3:f7:07:fc:36:e9:e6:e2:ab:1e:1d:83:be:
14:cd:19:27:99:9f:41:e4:f8:e8:f3:71:5d:b9:8c:
20:a6:e4:cd:bd:93:dd:78:be:d6:9d:7a:ef:c9:d5:
2d:aa:39:fd:cf:9b:80:cc:65:1b:29:7f:30:55:d8:
20:46:f4:69:25:55:fc:34:ed:07:ca:fd:44:fa:fc:
3b:76:7f:2c:67:e8:f1:55:e5:ef:bd:d0:a5:42:78:
81:96:7d:41:ab:e8:dd:c6:53:94:53:54:26:d3:86:
7f:60:e5:ec:31:4e:dd:3e:80:5e:4a:e1:bd:2a:e2:
8f:01:7e:89:cd:9c:52:98:91:0e:55:34:9e:e7:a4:
0c:26:36:9f:6a:ab:9a:f7:26:df:99:e4:55:59:e5:
2e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:8F:41:01:2B:F6:8F:65:16:50:E7:3D:2E:83:E6:A6:B8:EF:A1:0C
X509v3 Authority Key Identifier:
keyid:D5:04:E6:41:E5:5A:48:AE:E0:14:1E:2C:0D:26:22:71:02:CA:A6:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QTmQeVaSK7gFB4sDSYicQLKptQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/gY9BASv2j2UWUOc9LoPmprjvoQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/1QTmQeVaSK7gFB4sDSYicQLKptQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.232.128.0-77.232.139.255
Signature Algorithm: sha256WithRSAEncryption
33:81:e5:ae:db:b1:a5:d0:f3:4e:8c:63:59:d1:5b:dd:b3:51:
7f:93:c3:b6:a1:b9:35:25:fb:2f:fd:56:50:aa:6b:1c:28:92:
44:6e:16:18:0a:bc:a7:80:9e:6b:81:88:b9:a0:f0:e7:5e:c9:
a3:90:27:05:06:96:13:55:97:1a:dd:3b:8f:2e:23:45:09:6c:
51:37:63:2a:75:0f:af:72:da:94:8f:70:f7:6e:cf:66:8d:17:
1d:7b:95:07:95:26:f1:23:c2:8f:1b:3c:60:41:91:9c:79:78:
8f:c6:19:e8:11:84:46:b1:7c:f0:97:79:83:f7:f1:0e:e0:61:
e0:c8:6d:9a:ff:6b:1f:1d:a3:9b:89:d8:8b:7b:bd:4d:1a:72:
93:e9:7d:aa:97:4c:66:35:8c:7e:c2:3e:22:fa:aa:2d:d9:a7:
7e:6a:e6:6f:bd:31:9c:84:33:22:a2:67:b3:55:81:37:c4:6f:
ef:b4:a0:f5:69:a5:7e:70:20:46:3f:cf:b4:78:ca:ac:14:fc:
ab:09:d2:77:51:bf:4b:4a:b1:f9:e9:87:43:23:b6:95:98:c9:
a8:36:b0:ec:8f:ab:15:33:98:f5:41:0c:61:e7:1b:12:da:fa:
73:61:6b:1c:b7:30:88:32:71:19:fe:d6:a0:a4:95:0a:69:a5:
de:89:07:8b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYmsquoaBWXKF8epYGw53sgVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDRlNjQxZTU1YTQ4YWVlMDE0MWUyYzBkMjYyMjcxMDJj
YWE2ZDQwHhcNMjMwNzMxMTU1NzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MThmNDEwMTJiZjY4ZjY1MTY1MGU3M2QyZTgzZTZhNmI4ZWZhMTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OaqyYB8v6mmOSBhND7GFj2D6lIb
qjaDhAvJ+T+JGZz1ovA0yQ0NYNPKQZJcFlVvFSWg/d93IApKyyEo8jazQvldqkEG
QlZXNquusPNSLd9jDE4IBjZvFNGfY7h7ILp9/Ws0jAHF1FHgkNP3B/w26ebiqx4d
g74UzRknmZ9B5Pjo83FduYwgpuTNvZPdeL7WnXrvydUtqjn9z5uAzGUbKX8wVdgg
RvRpJVX8NO0Hyv1E+vw7dn8sZ+jxVeXvvdClQniBln1Bq+jdxlOUU1Qm04Z/YOXs
MU7dPoBeSuG9KuKPAX6JzZxSmJEOVTSe56QMJjafaqua9ybfmeRVWeUumwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIGPQQEr9o9lFlDnPS6D5qa476EMMB8GA1UdIwQY
MBaAFNUE5kHlWkiu4BQeLA0mInECyqbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFUbVFlVmFTSzdnRkI0c0RTWWljUUxLcHRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mMDFmMzUtMmNjYS00ZTVhLTgyOGEt
NmJmZmNiN2MwZjBhLzEvZ1k5QkFTdjJqMlVXVU9jOUxvUG1wcmp2b1F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mMDFmMzUtMmNjYS00ZTVhLTgyOGEtNmJmZmNiN2MwZjBh
LzEvMVFUbVFlVmFTSzdnRkI0c0RTWWljUUxLcHRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAdN6IAD
BAJN6IgwDQYJKoZIhvcNAQELBQADggEBADOB5a7bsaXQ806MY1nRW92zUX+Tw7ah
uTUl+y/9VlCqaxwokkRuFhgKvKeAnmuBiLmg8OdeyaOQJwUGlhNVlxrdO48uI0UJ
bFE3Yyp1D69y2pSPcPduz2aNFx17lQeVJvEjwo8bPGBBkZx5eI/GGegRhEaxfPCX
eYP38Q7gYeDIbZr/ax8do5uJ2It7vU0acpPpfaqXTGY1jH7CPiL6qi3Zp35q5m+9
MZyEMyKiZ7NVgTfEb++0oPVppX5wIEY/z7R4yqwU/KsJ0ndRv0tKsfnph0MjtpWY
yag2sOyPqxUzmPVBDGHnGxLa+nNhaxy3MIgycRn+1qCklQpppd6JB4s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:24 2024 by rpki-client on console-ams.rpki-client.org