Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/lGCjvNN44KtC8BrOkJh__7ngNs4.roa
File: lGCjvNN44KtC8BrOkJh__7ngNs4.roa (raw, json)
Hash identifier: asvZsK0xpjePqpVfH0VLsY5LWaJBgP25bK0fN3Cs59A=
Subject key identifier: 94:60:A3:BC:D3:78:E0:AB:42:F0:1A:CE:90:98:7F:FF:B9:E0:36:CE
Certificate issuer: /CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Certificate serial: 019059104CB46627BBBCED472D8F39087648
Authority key identifier: 77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/lGCjvNN44KtC8BrOkJh__7ngNs4.roa
Signing time: Thu 27 Jun 2024 09:39:18 +0000
ROA not before: Thu 27 Jun 2024 09:39:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20765
IP address blocks: 139.3.0.0/16 maxlen: 16
185.84.216.0/22 maxlen: 24
193.96.96.0/21 maxlen: 24
193.102.32.0/22 maxlen: 22
194.45.0.0/22 maxlen: 22
194.45.6.0/23 maxlen: 23
194.115.4.0/24 maxlen: 24
2a05:a880:8000::/40 maxlen: 40
2a05:a880:de10::/48 maxlen: 48
2a05:a880:de52::/48 maxlen: 48
2a05:a880:de56::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 01 Oct 2024 08:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:59:10:4c:b4:66:27:bb:bc:ed:47:2d:8f:39:08:76:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Validity
Not Before: Jun 27 09:39:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9460a3bcd378e0ab42f01ace90987fffb9e036ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:92:37:92:fe:7a:e4:63:f8:b1:4b:6e:26:2d:
e9:36:c5:01:65:c0:70:3e:6a:0b:85:d2:9b:08:3e:
4a:2c:49:d2:41:70:76:ea:50:42:b0:4d:4b:51:3b:
47:8d:f2:dd:44:ee:94:53:1c:23:eb:3e:14:f4:5d:
97:35:d8:15:0b:9a:84:9c:a6:b0:36:a6:90:a3:d9:
c0:c3:07:fc:03:4e:8b:4b:dd:52:db:ee:2e:dd:06:
fb:d5:ca:0a:d5:c1:9d:b1:1c:19:85:51:d8:20:36:
fd:cc:1a:13:a8:aa:d7:b4:f1:99:ef:61:fe:55:fa:
15:26:97:08:ef:5f:bc:48:eb:ec:39:cf:09:26:a9:
69:26:ed:45:a7:c7:7c:34:65:b9:05:5f:ad:ce:b6:
22:4b:86:08:d1:2a:2c:c3:cc:09:96:9a:e7:ab:55:
a8:4d:8a:a9:7e:28:d4:3a:b3:06:87:88:ee:bc:56:
dc:f9:73:0a:84:8a:6f:19:8d:1c:77:e1:10:18:1f:
14:bd:0c:98:1f:b2:55:17:e9:3c:25:60:02:3a:8e:
68:a5:93:2b:5c:c0:4d:f0:ee:6d:15:62:63:d5:48:
ff:c5:a7:67:8a:ae:be:ef:96:3a:ab:e7:88:fd:2c:
a5:43:ea:a5:71:7b:4c:7f:c2:7f:8c:f2:15:14:17:
c7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:60:A3:BC:D3:78:E0:AB:42:F0:1A:CE:90:98:7F:FF:B9:E0:36:CE
X509v3 Authority Key Identifier:
keyid:77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/lGCjvNN44KtC8BrOkJh__7ngNs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.3.0.0/16
185.84.216.0/22
193.96.96.0/21
193.102.32.0/22
194.45.0.0/22
194.45.6.0/23
194.115.4.0/24
IPv6:
2a05:a880:8000::/40
2a05:a880:de10::/48
2a05:a880:de52::/48
2a05:a880:de56::/48
Signature Algorithm: sha256WithRSAEncryption
88:6d:4e:3d:18:94:40:7d:c5:7a:b5:7b:67:49:c0:47:2c:59:
bb:c1:8a:5c:23:34:61:b3:9b:13:31:db:bf:d1:96:2e:55:86:
84:f0:6e:50:2d:7c:4b:0b:5d:7f:25:b8:98:4c:11:94:71:bc:
18:91:e1:59:26:3c:36:4b:df:a6:7c:f9:d8:65:3e:03:47:20:
bb:c9:31:e4:bf:b3:fe:72:2c:b4:6c:d1:29:95:d9:ae:1a:f8:
db:f4:5e:30:4f:b1:5c:58:cd:f6:4f:e1:08:36:fd:1e:fb:0a:
54:0a:25:f5:10:f2:26:a6:95:b6:79:fa:86:82:b2:31:62:19:
ba:b2:db:63:a5:6e:44:25:fa:3c:4e:86:71:34:aa:07:b6:ca:
eb:c5:25:84:2d:e6:c8:91:58:50:f6:e0:52:09:9a:d5:a3:52:
19:db:b6:2e:77:ef:17:fc:a3:64:b7:5a:01:f5:c8:d8:77:86:
bb:2e:a6:75:df:2e:c7:67:0f:89:0e:b4:e1:57:32:50:d2:5a:
77:6c:11:4c:e6:77:36:a8:37:7e:eb:3d:70:64:f5:5d:4c:68:
f0:fa:8b:d3:23:72:eb:f6:d1:2b:9f:22:9f:fd:02:03:6f:e7:
af:ec:57:5d:7b:5d:96:39:5e:64:2a:ca:ae:fd:a9:14:ff:1a:
44:a0:65:89
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZBZEEy0Zie7vO1HLY85CHZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZWRhOGY3MjZhNjliNTA0ZGU5OTQ5NDNiMGE1ZjIzMDhj
MmE5NmIwHhcNMjQwNjI3MDkzOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDYwYTNiY2QzNzhlMGFiNDJmMDFhY2U5MDk4N2ZmZmI5ZTAzNmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5I3kv565GP4sUtuJi3pNsUBZcBw
PmoLhdKbCD5KLEnSQXB26lBCsE1LUTtHjfLdRO6UUxwj6z4U9F2XNdgVC5qEnKaw
NqaQo9nAwwf8A06LS91S2+4u3Qb71coK1cGdsRwZhVHYIDb9zBoTqKrXtPGZ72H+
VfoVJpcI71+8SOvsOc8JJqlpJu1Fp8d8NGW5BV+tzrYiS4YI0Sosw8wJlprnq1Wo
TYqpfijUOrMGh4juvFbc+XMKhIpvGY0cd+EQGB8UvQyYH7JVF+k8JWACOo5opZMr
XMBN8O5tFWJj1Uj/xadniq6+75Y6q+eI/SylQ+qlcXtMf8J/jPIVFBfHIQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFJRgo7zTeOCrQvAazpCYf/+54DbOMB8GA1UdIwQY
MBaAFHftqPcmpptQTemUlDsKXyMIwqlrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTkt
NjA4NGNmYzZlNGM0LzEvbEdDanZOTjQ0S3RDOEJyT2tKaF9fN25nTnM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTktNjA4NGNmYzZlNGM0
LzEvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDAvBAIAATApAwMAiwMDBAK5
VNgDBAPBYGADBALBZiADBALCLQADBAHCLQYDBADCcwQwKQQCAAIwIwMGACoFqICA
AwcAKgWogN4QAwcAKgWogN5SAwcAKgWogN5WMA0GCSqGSIb3DQEBCwUAA4IBAQCI
bU49GJRAfcV6tXtnScBHLFm7wYpcIzRhs5sTMdu/0ZYuVYaE8G5QLXxLC11/JbiY
TBGUcbwYkeFZJjw2S9+mfPnYZT4DRyC7yTHkv7P+ciy0bNEpldmuGvjb9F4wT7Fc
WM32T+EINv0e+wpUCiX1EPImppW2efqGgrIxYhm6sttjpW5EJfo8ToZxNKoHtsrr
xSWELebIkVhQ9uBSCZrVo1IZ27Yud+8X/KNkt1oB9cjYd4a7LqZ13y7HZw+JDrTh
VzJQ0lp3bBFM5nc2qDd+6z1wZPVdTGjw+ovTI3Lr9tErnyKf/QIDb+ev7Fdde12W
OV5kKsqu/akU/xpEoGWJ
-----END CERTIFICATE-----
Generated at Tue Oct 1 12:18:48 2024 by rpki-client on console-ams.rpki-client.org