Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/302863-5689-43fc-872f-fc44a8ace370/1/Cr44L8KLuCWoyRVDY1mdv1O6hpU.roa
File: Cr44L8KLuCWoyRVDY1mdv1O6hpU.roa (raw, json)
Hash identifier: Ouuhqf8i52SU3RG1937wnFK3sahBNBkkGqH7iN2/Sto=
Subject key identifier: 0A:BE:38:2F:C2:8B:B8:25:A8:C9:15:43:63:59:9D:BF:53:BA:86:95
Certificate issuer: /CN=864b0e13cf27aff66be730bece98e04b00fdfb9e
Certificate serial: 01909BF3A59707E36B96C07E265588C1D256
Authority key identifier: 86:4B:0E:13:CF:27:AF:F6:6B:E7:30:BE:CE:98:E0:4B:00:FD:FB:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hksOE88nr_Zr5zC-zpjgSwD9-54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/302863-5689-43fc-872f-fc44a8ace370/1/Cr44L8KLuCWoyRVDY1mdv1O6hpU.roa
Signing time: Wed 10 Jul 2024 09:22:34 +0000
ROA not before: Wed 10 Jul 2024 09:22:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8312
IP address blocks: 77.74.48.0/21 maxlen: 21
77.74.48.0/22 maxlen: 22
77.74.52.0/22 maxlen: 22
185.58.56.0/22 maxlen: 24
185.58.59.0/24 maxlen: 24
193.16.154.0/24 maxlen: 24
193.189.149.0/24 maxlen: 24
195.210.56.0/23 maxlen: 24
2a01:310::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 10 Jul 2024 09:24:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9b:f3:a5:97:07:e3:6b:96:c0:7e:26:55:88:c1:d2:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=864b0e13cf27aff66be730bece98e04b00fdfb9e
Validity
Not Before: Jul 10 09:22:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0abe382fc28bb825a8c9154363599dbf53ba8695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:24:57:ab:bf:14:61:69:e0:3f:61:8c:9f:0e:
a3:27:56:f8:97:ce:56:52:4d:8e:f0:48:4f:41:cd:
e2:7e:1f:44:9d:10:9a:7c:29:38:aa:8f:06:18:39:
b6:c2:97:e9:ee:81:37:d7:c1:ad:58:27:26:e9:fb:
20:12:7d:3d:31:31:fe:4e:e5:fc:a0:71:ae:53:a0:
60:5f:4a:28:47:35:38:f1:65:3e:87:1a:5c:2a:a2:
e1:8c:63:9c:c7:b0:03:b0:e4:ea:e1:97:46:7e:a0:
78:e2:36:8e:12:6e:71:a2:a4:94:62:70:f1:cf:f9:
3b:a5:7b:b4:e7:f1:79:16:6e:52:08:67:8c:05:7c:
30:0b:5d:f7:9d:c4:ee:0c:87:a6:24:95:cb:eb:73:
ac:e6:6d:c8:72:e8:c9:34:ca:9c:6e:bf:08:51:4e:
05:83:00:24:06:4b:04:64:13:1c:c4:53:f8:fa:f0:
aa:36:dd:74:b8:0e:f9:d0:a0:a4:67:49:e0:0d:ba:
5a:f8:1c:07:61:05:52:5b:6c:26:ec:96:65:7e:0a:
df:65:ac:3f:1d:e2:62:a3:87:97:04:7f:96:32:e7:
35:8f:0b:99:c5:32:79:03:13:a0:b0:ec:66:0b:63:
68:c7:25:41:9d:7e:61:36:3c:45:c1:ce:fd:91:8e:
08:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:BE:38:2F:C2:8B:B8:25:A8:C9:15:43:63:59:9D:BF:53:BA:86:95
X509v3 Authority Key Identifier:
keyid:86:4B:0E:13:CF:27:AF:F6:6B:E7:30:BE:CE:98:E0:4B:00:FD:FB:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hksOE88nr_Zr5zC-zpjgSwD9-54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/302863-5689-43fc-872f-fc44a8ace370/1/Cr44L8KLuCWoyRVDY1mdv1O6hpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/302863-5689-43fc-872f-fc44a8ace370/1/hksOE88nr_Zr5zC-zpjgSwD9-54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.48.0/21
185.58.56.0/22
193.16.154.0/24
193.189.149.0/24
195.210.56.0/23
IPv6:
2a01:310::/32
Signature Algorithm: sha256WithRSAEncryption
11:1a:e2:a6:e5:3d:8f:b6:80:4b:c2:b7:e3:d6:5b:a3:08:e6:
82:da:f5:77:a2:3d:36:e8:7b:92:fc:5f:2a:50:7d:f4:32:ab:
a8:60:c2:1d:d1:fb:9a:d7:12:96:4e:e0:53:4c:5b:59:d1:9e:
24:a8:ca:8a:b7:2f:f2:39:ed:df:ad:01:05:bf:00:6c:33:24:
d7:41:15:36:ae:a7:22:25:60:da:0e:c5:f2:92:ca:79:32:13:
be:3a:91:e1:6a:7d:62:03:22:e6:5e:a9:5f:9b:d5:61:1a:03:
1c:ed:df:91:93:b2:39:9f:5c:d4:b3:cf:9c:37:37:be:fc:62:
06:ce:b3:4f:0d:80:15:3e:34:1d:89:a5:c5:4a:bc:c1:96:7f:
44:87:76:bd:c0:0d:99:cf:31:91:72:e9:80:a4:7e:06:de:a9:
7b:21:77:d7:d2:5e:fd:76:57:2f:52:b5:cb:58:52:22:d9:17:
ec:89:72:86:34:cf:d8:ab:0f:f9:31:e9:8b:93:72:45:e9:89:
fc:21:aa:78:9c:9e:34:8b:7a:d2:42:d0:a7:4c:4d:49:54:76:
76:38:c7:f2:cc:1a:f1:7b:d9:82:93:7b:a6:0b:d2:2f:57:50:
55:55:7b:7a:70:26:b7:af:1e:b2:d3:ea:8b:59:0d:0e:f4:96:
95:05:c8:39
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZCb86WXB+NrlsB+JlWIwdJWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NGIwZTEzY2YyN2FmZjY2YmU3MzBiZWNlOThlMDRiMDBm
ZGZiOWUwHhcNMjQwNzEwMDkyMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWJlMzgyZmMyOGJiODI1YThjOTE1NDM2MzU5OWRiZjUzYmE4Njk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyRXq78UYWngP2GMnw6jJ1b4l85W
Uk2O8EhPQc3ifh9EnRCafCk4qo8GGDm2wpfp7oE318GtWCcm6fsgEn09MTH+TuX8
oHGuU6BgX0ooRzU48WU+hxpcKqLhjGOcx7ADsOTq4ZdGfqB44jaOEm5xoqSUYnDx
z/k7pXu05/F5Fm5SCGeMBXwwC133ncTuDIemJJXL63Os5m3IcujJNMqcbr8IUU4F
gwAkBksEZBMcxFP4+vCqNt10uA750KCkZ0ngDbpa+BwHYQVSW2wm7JZlfgrfZaw/
HeJio4eXBH+WMuc1jwuZxTJ5AxOgsOxmC2NoxyVBnX5hNjxFwc79kY4IyQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFAq+OC/Ci7glqMkVQ2NZnb9TuoaVMB8GA1UdIwQY
MBaAFIZLDhPPJ6/2a+cwvs6Y4EsA/fueMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtzT0U4OG5yX1pyNXpDLXpwamdTd0Q5LTU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8zMDI4NjMtNTY4OS00M2ZjLTg3MmYt
ZmM0NGE4YWNlMzcwLzEvQ3I0NEw4S0x1Q1dveVJWRFkxbWR2MU82aHBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8zMDI4NjMtNTY4OS00M2ZjLTg3MmYtZmM0NGE4YWNlMzcw
LzEvaGtzT0U4OG5yX1pyNXpDLXpwamdTd0Q5LTU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDTUowAwQC
uTo4AwQAwRCaAwQAwb2VAwQBw9I4MA0EAgACMAcDBQAqAQMQMA0GCSqGSIb3DQEB
CwUAA4IBAQARGuKm5T2PtoBLwrfj1lujCOaC2vV3oj026HuS/F8qUH30MquoYMId
0fua1xKWTuBTTFtZ0Z4kqMqKty/yOe3frQEFvwBsMyTXQRU2rqciJWDaDsXyksp5
MhO+OpHhan1iAyLmXqlfm9VhGgMc7d+Rk7I5n1zUs8+cNze+/GIGzrNPDYAVPjQd
iaXFSrzBln9Eh3a9wA2ZzzGRcumApH4G3ql7IXfX0l79dlcvUrXLWFIi2RfsiXKG
NM/Yqw/5MemLk3JF6Yn8Iap4nJ40i3rSQtCnTE1JVHZ2OMfyzBrxe9mCk3umC9Iv
V1BVVXt6cCa3rx6y0+qLWQ0O9JaVBcg5
-----END CERTIFICATE-----
Generated at Wed Jul 10 12:35:03 2024 by rpki-client on console-ams.rpki-client.org