Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/_0PgzZmqB2OhpHNLCFSbOOgoUlw.roa
File: _0PgzZmqB2OhpHNLCFSbOOgoUlw.roa (raw, json)
Hash identifier: B8kFz3I3IZ6lzazlsynpHDbLWt/BlHlB7DcBKAE7v7E=
Subject key identifier: FF:43:E0:CD:99:AA:07:63:A1:A4:73:4B:08:54:9B:38:E8:28:52:5C
Certificate issuer: /CN=4ac2bc0e3e59332f4be2c58ff25a1861f5fde819
Certificate serial: 018FB90C4EAF2C08F9CDDC803F7BF302BA43
Authority key identifier: 4A:C2:BC:0E:3E:59:33:2F:4B:E2:C5:8F:F2:5A:18:61:F5:FD:E8:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/_0PgzZmqB2OhpHNLCFSbOOgoUlw.roa
Signing time: Mon 27 May 2024 07:55:42 +0000
ROA not before: Mon 27 May 2024 07:55:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41622
IP address blocks: 77.245.176.0/20 maxlen: 20
185.244.112.0/22 maxlen: 22
217.194.48.0/20 maxlen: 20
2a01:760::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 19 Jun 2024 10:59:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b9:0c:4e:af:2c:08:f9:cd:dc:80:3f:7b:f3:02:ba:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ac2bc0e3e59332f4be2c58ff25a1861f5fde819
Validity
Not Before: May 27 07:55:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff43e0cd99aa0763a1a4734b08549b38e828525c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c4:6d:e3:2d:27:84:51:78:ec:92:d9:48:c9:
78:12:d1:df:4f:67:c9:c2:37:6a:30:cf:52:ec:97:
d4:c3:bf:b7:9e:ee:1d:8f:6b:5a:30:25:f7:1e:9e:
e3:fe:fe:64:ef:d6:d1:b0:3f:4d:f1:9e:4c:36:37:
d0:81:9d:65:ab:11:47:80:9a:4a:f9:d4:85:8f:62:
bc:08:c8:24:07:a4:c6:24:38:73:39:28:2f:9a:7a:
5e:d7:47:fb:59:cc:e3:c1:e6:c6:6f:98:87:55:26:
f5:5c:de:9b:31:e9:85:83:63:a8:6f:ec:4e:75:b6:
50:f2:e0:0c:c3:2d:96:64:17:b9:d3:da:5c:05:4f:
d9:33:66:a7:1e:d0:df:d3:bf:ba:a7:e0:1b:32:cd:
de:7a:1e:c9:f9:8e:2c:8d:c1:cb:33:23:5d:86:8e:
2d:fd:0f:b1:e8:30:7d:15:34:0a:13:79:4d:b3:46:
60:a7:2a:21:70:3b:9d:ba:34:d0:8e:e0:3b:1e:20:
74:15:a1:19:d5:b2:6d:43:fd:36:38:8a:3c:33:ba:
5e:49:37:0e:d0:ce:96:e8:14:ef:1b:4b:0c:71:d5:
79:06:2b:e1:dc:c0:e0:b1:6e:c7:87:ef:72:a5:45:
05:e1:62:8a:83:f4:69:8f:ac:8e:f5:09:1a:18:bd:
e2:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:43:E0:CD:99:AA:07:63:A1:A4:73:4B:08:54:9B:38:E8:28:52:5C
X509v3 Authority Key Identifier:
keyid:4A:C2:BC:0E:3E:59:33:2F:4B:E2:C5:8F:F2:5A:18:61:F5:FD:E8:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/_0PgzZmqB2OhpHNLCFSbOOgoUlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.245.176.0/20
185.244.112.0/22
217.194.48.0/20
IPv6:
2a01:760::/32
Signature Algorithm: sha256WithRSAEncryption
7a:05:4d:d1:4b:32:86:7c:43:96:60:37:19:c8:63:49:20:08:
c1:71:7a:06:21:a7:0d:e3:cb:d1:51:75:aa:ff:cb:d8:da:99:
61:aa:e9:18:9a:ec:a8:88:bd:a2:3c:86:15:b8:c4:b5:bd:29:
3f:75:bb:6d:9f:04:92:5e:17:48:95:fe:8b:65:74:01:5f:a1:
fc:85:6e:d5:fb:4b:ae:29:37:df:9d:10:f3:f3:e9:ff:77:87:
3a:3f:d5:e0:bb:d5:fe:90:92:35:1a:26:fc:56:9b:94:24:4c:
61:36:95:dc:2f:2b:ef:6c:7c:2b:cf:11:d3:30:52:70:5d:6f:
26:a6:4c:e5:06:e3:f9:42:14:04:57:d7:ba:c4:27:12:e4:00:
5c:7d:3c:4f:fb:e7:56:33:af:a4:8d:45:7d:7f:8a:ab:ae:aa:
f1:80:c1:58:61:1b:59:72:73:ba:b9:98:bd:46:7b:73:4d:4f:
5f:dc:4e:b8:53:59:6b:bd:18:18:52:99:dd:c1:8d:ab:63:8a:
aa:ba:05:a2:4b:4e:0b:b3:37:d1:6f:97:79:d6:ba:ab:f4:4e:
f8:6d:59:8d:f1:88:8e:5e:74:db:2d:fa:c7:cf:0d:e6:d2:c8:
27:54:2f:b0:e1:d1:43:56:80:7b:43:db:97:87:f2:d2:03:73:
b5:d6:12:08
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY+5DE6vLAj5zdyAP3vzArpDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYzJiYzBlM2U1OTMzMmY0YmUyYzU4ZmYyNWExODYxZjVm
ZGU4MTkwHhcNMjQwNTI3MDc1NTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjQzZTBjZDk5YWEwNzYzYTFhNDczNGIwODU0OWIzOGU4Mjg1MjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscRt4y0nhFF47JLZSMl4EtHfT2fJ
wjdqMM9S7JfUw7+3nu4dj2taMCX3Hp7j/v5k79bRsD9N8Z5MNjfQgZ1lqxFHgJpK
+dSFj2K8CMgkB6TGJDhzOSgvmnpe10f7WczjwebGb5iHVSb1XN6bMemFg2Oob+xO
dbZQ8uAMwy2WZBe509pcBU/ZM2anHtDf07+6p+AbMs3eeh7J+Y4sjcHLMyNdho4t
/Q+x6DB9FTQKE3lNs0ZgpyohcDudujTQjuA7HiB0FaEZ1bJtQ/02OIo8M7peSTcO
0M6W6BTvG0sMcdV5Bivh3MDgsW7Hh+9ypUUF4WKKg/Rpj6yO9QkaGL3iRwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFP9D4M2ZqgdjoaRzSwhUmzjoKFJcMB8GA1UdIwQY
MBaAFErCvA4+WTMvS+LFj/JaGGH1/egZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3NLOERqNVpNeTlMNHNXUDhsb1lZZlg5NkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80OGFmZTAtNWExOC00ZDk5LTkxYjYt
ODA3M2RjZTA5NjI4LzEvXzBQZ3pabXFCMk9ocEhOTENGU2JPT2dvVWx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80OGFmZTAtNWExOC00ZDk5LTkxYjYtODA3M2RjZTA5NjI4
LzEvU3NLOERqNVpNeTlMNHNXUDhsb1lZZlg5NkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQETfWwAwQC
ufRwAwQE2cIwMA0EAgACMAcDBQAqAQdgMA0GCSqGSIb3DQEBCwUAA4IBAQB6BU3R
SzKGfEOWYDcZyGNJIAjBcXoGIacN48vRUXWq/8vY2plhqukYmuyoiL2iPIYVuMS1
vSk/dbttnwSSXhdIlf6LZXQBX6H8hW7V+0uuKTffnRDz8+n/d4c6P9Xgu9X+kJI1
Gib8VpuUJExhNpXcLyvvbHwrzxHTMFJwXW8mpkzlBuP5QhQEV9e6xCcS5ABcfTxP
++dWM6+kjUV9f4qrrqrxgMFYYRtZcnO6uZi9RntzTU9f3E64U1lrvRgYUpndwY2r
Y4qqugWiS04LszfRb5d51rqr9E74bVmN8YiOXnTbLfrHzw3m0sgnVC+w4dFDVoB7
Q9uXh/LSA3O11hII
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:53 2025 by rpki-client