Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/b6ac2c-ba6c-4e55-b17c-84a1fe9d4b78/1/R5s0vIRgWkqWv0AZy9PgXelZAJU.roa
File: R5s0vIRgWkqWv0AZy9PgXelZAJU.roa (raw, json)
Hash identifier: 9zV+DxNN21h5XB5NZOt8Xav8EJJ5UFks+p7liYZetow=
Subject key identifier: 47:9B:34:BC:84:60:5A:4A:96:BF:40:19:CB:D3:E0:5D:E9:59:00:95
Certificate issuer: /CN=ded55569177a889d337f03f2e698acabcccbb589
Certificate serial: 018C25564C67EFD4F47EFD4929FA0F10E5B6
Authority key identifier: DE:D5:55:69:17:7A:88:9D:33:7F:03:F2:E6:98:AC:AB:CC:CB:B5:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3tVVaRd6iJ0zfwPy5pisq8zLtYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/b6ac2c-ba6c-4e55-b17c-84a1fe9d4b78/1/R5s0vIRgWkqWv0AZy9PgXelZAJU.roa
Signing time: Fri 01 Dec 2023 12:24:21 +0000
ROA not before: Fri 01 Dec 2023 12:24:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212417
IP address blocks: 37.77.136.0/21 maxlen: 24
2a09:9a00::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:25:56:4c:67:ef:d4:f4:7e:fd:49:29:fa:0f:10:e5:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ded55569177a889d337f03f2e698acabcccbb589
Validity
Not Before: Dec 1 12:24:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=479b34bc84605a4a96bf4019cbd3e05de9590095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ba:3f:3f:95:af:36:e4:98:2a:5f:77:f2:b2:
fc:b7:ae:59:d0:23:5e:f2:13:72:12:13:9e:a6:b9:
51:d2:58:67:d4:96:4f:2f:fb:b5:6e:2a:f8:6c:46:
4d:85:3e:2e:54:e2:9e:6c:15:62:2f:ff:66:c2:e8:
22:86:dc:e5:16:87:e2:8f:4c:1a:69:4b:5f:35:99:
1a:5b:43:b8:19:d0:95:e9:9e:11:70:77:3e:48:51:
1b:b9:07:5f:24:46:61:c6:8e:54:ce:d5:68:e1:c3:
2d:79:6b:89:f2:df:91:ab:30:1f:d8:8a:43:8a:22:
8a:5d:b2:cd:0d:fd:21:7f:a5:8c:3b:d5:c4:14:3e:
1d:54:14:50:9e:0d:c9:6f:17:92:7c:1e:c4:c0:43:
a0:ca:1d:d9:17:e0:25:38:93:c1:35:65:ed:7a:bd:
c9:bd:8d:af:95:5a:48:68:8e:35:00:99:13:17:b2:
cb:b8:9d:42:12:1a:de:59:88:ce:61:6c:31:46:de:
df:b5:e6:90:22:ed:18:21:ab:05:f2:3e:10:52:d0:
86:bf:11:be:d2:61:7b:53:3e:ca:84:95:33:bf:b5:
f8:6d:8f:9b:0d:b1:5e:46:5a:e4:24:a7:8b:43:13:
29:e3:43:85:f9:39:d9:63:3d:c6:91:0e:66:91:e8:
87:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:9B:34:BC:84:60:5A:4A:96:BF:40:19:CB:D3:E0:5D:E9:59:00:95
X509v3 Authority Key Identifier:
keyid:DE:D5:55:69:17:7A:88:9D:33:7F:03:F2:E6:98:AC:AB:CC:CB:B5:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3tVVaRd6iJ0zfwPy5pisq8zLtYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/b6ac2c-ba6c-4e55-b17c-84a1fe9d4b78/1/R5s0vIRgWkqWv0AZy9PgXelZAJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/b6ac2c-ba6c-4e55-b17c-84a1fe9d4b78/1/3tVVaRd6iJ0zfwPy5pisq8zLtYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.136.0/21
IPv6:
2a09:9a00::/29
Signature Algorithm: sha256WithRSAEncryption
21:78:f7:e5:71:f6:c7:4b:22:15:e4:2a:55:f3:46:16:88:6c:
87:34:8a:fb:3a:3f:73:ec:fe:62:63:19:03:b3:ec:80:2c:c7:
66:1d:6b:4f:d8:39:c8:b8:a7:26:fd:72:48:77:ac:bb:2c:5d:
57:1b:ce:48:cd:92:ea:e4:e9:78:24:46:11:b7:00:74:6f:6d:
90:9f:85:e9:02:4f:70:ce:52:c5:49:2f:6c:8a:fe:29:5c:0f:
c1:04:53:2b:2e:29:5e:bb:36:a8:33:31:72:ad:ad:18:79:99:
ca:28:1b:05:72:45:9d:39:45:15:b7:dd:4e:fa:e2:91:85:a3:
52:0f:d0:57:70:12:a8:f7:57:a2:57:1a:21:3c:a5:32:73:54:
6b:87:60:21:e9:13:59:41:de:bc:48:9a:47:a0:7a:dc:20:2b:
a5:6e:37:5f:7f:a4:8a:ab:f5:91:31:da:11:74:75:b7:55:59:
85:46:7d:84:27:b8:8d:cd:48:27:d8:40:f0:87:92:f2:30:0c:
da:68:11:2f:f7:0f:b2:63:83:4d:60:ca:c4:ad:43:15:f5:0e:
75:5c:3c:0d:be:d5:ee:01:45:ab:58:72:05:47:47:24:4f:20:
ff:70:87:13:b6:70:01:0c:6d:36:22:3a:19:84:a5:c7:50:af:
68:45:84:47
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYwlVkxn79T0fv1JKfoPEOW2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZDU1NTY5MTc3YTg4OWQzMzdmMDNmMmU2OThhY2FiY2Nj
YmI1ODkwHhcNMjMxMjAxMTIyNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzliMzRiYzg0NjA1YTRhOTZiZjQwMTljYmQzZTA1ZGU5NTkwMDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbo/P5WvNuSYKl938rL8t65Z0CNe
8hNyEhOeprlR0lhn1JZPL/u1bir4bEZNhT4uVOKebBViL/9mwugihtzlFofij0wa
aUtfNZkaW0O4GdCV6Z4RcHc+SFEbuQdfJEZhxo5UztVo4cMteWuJ8t+RqzAf2IpD
iiKKXbLNDf0hf6WMO9XEFD4dVBRQng3JbxeSfB7EwEOgyh3ZF+AlOJPBNWXter3J
vY2vlVpIaI41AJkTF7LLuJ1CEhreWYjOYWwxRt7fteaQIu0YIasF8j4QUtCGvxG+
0mF7Uz7KhJUzv7X4bY+bDbFeRlrkJKeLQxMp40OF+TnZYz3GkQ5mkeiHuQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEebNLyEYFpKlr9AGcvT4F3pWQCVMB8GA1UdIwQY
MBaAFN7VVWkXeoidM38D8uaYrKvMy7WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3RWVmFSZDZpSjB6ZndQeTVwaXNxOHpMdFlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9iNmFjMmMtYmE2Yy00ZTU1LWIxN2Mt
ODRhMWZlOWQ0Yjc4LzEvUjVzMHZJUmdXa3FXdjBBWnk5UGdYZWxaQUpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9iNmFjMmMtYmE2Yy00ZTU1LWIxN2MtODRhMWZlOWQ0Yjc4
LzEvM3RWVmFSZDZpSjB6ZndQeTVwaXNxOHpMdFlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDJU2IMA0E
AgACMAcDBQMqCZoAMA0GCSqGSIb3DQEBCwUAA4IBAQAhePflcfbHSyIV5CpV80YW
iGyHNIr7Oj9z7P5iYxkDs+yALMdmHWtP2DnIuKcm/XJId6y7LF1XG85IzZLq5Ol4
JEYRtwB0b22Qn4XpAk9wzlLFSS9siv4pXA/BBFMrLileuzaoMzFyra0YeZnKKBsF
ckWdOUUVt91O+uKRhaNSD9BXcBKo91eiVxohPKUyc1Rrh2Ah6RNZQd68SJpHoHrc
ICulbjdff6SKq/WRMdoRdHW3VVmFRn2EJ7iNzUgn2EDwh5LyMAzaaBEv9w+yY4NN
YMrErUMV9Q51XDwNvtXuAUWrWHIFR0ckTyD/cIcTtnABDG02IjoZhKXHUK9oRYRH
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:32 2024 by rpki-client on console-fra.rpki-client.org