Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/86a74e-4db8-4fe9-9802-3bb92687602c/1/6MfRv6V1MT-4oAfZKLyDtL8pquo.roa
File: 6MfRv6V1MT-4oAfZKLyDtL8pquo.roa (raw, json)
Hash identifier: d9ASWXG7/pL0VGrRBhQdfnmSruuc3HPWABXJGRwW03U=
Subject key identifier: E8:C7:D1:BF:A5:75:31:3F:B8:A0:07:D9:28:BC:83:B4:BF:29:AA:EA
Certificate issuer: /CN=044aacab9a49e143de68979ad156b42dabddde8c
Certificate serial: 01870E17FAC7DABA3EB2B8D157BEEA308771
Authority key identifier: 04:4A:AC:AB:9A:49:E1:43:DE:68:97:9A:D1:56:B4:2D:AB:DD:DE:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BEqsq5pJ4UPeaJea0Va0Lavd3ow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/86a74e-4db8-4fe9-9802-3bb92687602c/1/6MfRv6V1MT-4oAfZKLyDtL8pquo.roa
Signing time: Thu 23 Mar 2023 10:51:05 +0000
ROA not before: Thu 23 Mar 2023 10:51:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2259
IP address blocks: 130.79.0.0/16 maxlen: 16
185.155.92.0/22 maxlen: 22
77.72.40.0/21 maxlen: 21
2a07:2e40::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0e:17:fa:c7:da:ba:3e:b2:b8:d1:57:be:ea:30:87:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=044aacab9a49e143de68979ad156b42dabddde8c
Validity
Not Before: Mar 23 10:51:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8c7d1bfa575313fb8a007d928bc83b4bf29aaea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:20:14:5e:1e:29:07:dc:c9:6e:9f:19:b5:21:
bd:a9:3f:93:ad:6e:02:8e:d9:db:81:e5:94:af:fe:
e1:6b:54:26:81:97:91:ee:90:fa:25:b2:de:2f:c3:
71:17:52:cb:53:07:a0:68:dc:35:8c:5e:50:20:1b:
f3:34:dc:29:ab:90:86:87:3e:da:9e:30:f8:fb:8e:
1a:ad:3e:ca:11:f9:39:d7:49:44:20:76:e7:0a:32:
dc:bd:2e:3e:53:62:dc:2d:03:85:65:28:d5:0c:00:
af:ff:b2:58:ae:54:84:93:d1:6f:d1:c1:ac:b1:2f:
a3:96:9e:40:16:5f:75:b7:ca:49:ad:99:79:21:3f:
5a:b8:9a:6b:85:e7:ae:68:86:fe:c7:94:88:2e:17:
e6:f1:cc:68:d6:07:35:8d:ba:84:d8:28:cf:a9:05:
42:9b:5e:c8:98:89:98:0f:17:d0:a3:8c:68:90:ec:
ea:2e:0e:5e:30:a5:f2:81:b6:b4:2a:4a:d1:c7:1a:
5a:76:58:97:66:b4:fd:5c:c1:d8:2c:ee:02:94:7a:
b3:be:58:8b:b3:f9:1d:71:37:50:8c:81:9b:a0:eb:
55:8b:c2:c7:6f:78:76:1f:00:74:b9:cc:81:11:02:
d3:78:2c:43:9b:2f:29:f6:53:13:b8:b1:1d:6b:a8:
af:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:C7:D1:BF:A5:75:31:3F:B8:A0:07:D9:28:BC:83:B4:BF:29:AA:EA
X509v3 Authority Key Identifier:
keyid:04:4A:AC:AB:9A:49:E1:43:DE:68:97:9A:D1:56:B4:2D:AB:DD:DE:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BEqsq5pJ4UPeaJea0Va0Lavd3ow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/86a74e-4db8-4fe9-9802-3bb92687602c/1/6MfRv6V1MT-4oAfZKLyDtL8pquo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/86a74e-4db8-4fe9-9802-3bb92687602c/1/BEqsq5pJ4UPeaJea0Va0Lavd3ow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.40.0/21
130.79.0.0/16
185.155.92.0/22
IPv6:
2a07:2e40::/29
Signature Algorithm: sha256WithRSAEncryption
8e:fd:83:5f:7f:a4:a0:66:49:f5:f8:0d:a7:07:dd:b1:8b:08:
e1:11:e3:3e:4e:c6:38:cc:5b:60:d5:66:d1:dc:4d:40:53:0f:
33:7a:7f:e9:fe:7e:a6:4f:29:5a:2a:5e:b5:d2:c7:97:e7:c7:
9e:83:3d:e5:23:52:9e:13:ee:3a:17:26:3c:96:b4:1b:51:dc:
47:9b:87:4e:87:8d:f0:e0:47:5f:bd:ec:14:bb:e2:41:e8:89:
f0:e1:c0:6d:40:f4:5d:b4:75:9e:5d:62:c9:78:48:61:2e:53:
05:db:7d:43:28:bb:9e:53:54:7d:96:40:fb:b4:2f:57:72:57:
33:4c:03:8a:6a:b4:8f:7e:22:1a:90:11:ed:eb:57:12:74:5a:
17:4b:4f:03:93:7d:8a:c2:0a:5c:7c:bc:91:6f:bb:30:4d:07:
85:9e:94:5a:f6:61:9f:9b:45:aa:b7:f9:92:f9:15:76:b8:85:
92:66:17:e6:15:89:da:b2:f3:cb:df:ef:69:46:73:c1:ef:84:
3c:3e:e0:87:1c:8c:81:12:10:80:a9:15:31:ce:96:3a:f9:13:
f3:98:93:12:01:ea:b0:5f:7f:90:c0:2a:8f:55:f4:63:9a:30:
b8:4e:eb:d0:ef:94:8c:9f:99:36:b1:4d:ca:ab:e6:a5:ea:57:
15:40:6b:16
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYcOF/rH2ro+srjRV77qMIdxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NGFhY2FiOWE0OWUxNDNkZTY4OTc5YWQxNTZiNDJkYWJk
ZGRlOGMwHhcNMjMwMzIzMTA1MTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGM3ZDFiZmE1NzUzMTNmYjhhMDA3ZDkyOGJjODNiNGJmMjlhYWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSAUXh4pB9zJbp8ZtSG9qT+TrW4C
jtnbgeWUr/7ha1QmgZeR7pD6JbLeL8NxF1LLUwegaNw1jF5QIBvzNNwpq5CGhz7a
njD4+44arT7KEfk510lEIHbnCjLcvS4+U2LcLQOFZSjVDACv/7JYrlSEk9Fv0cGs
sS+jlp5AFl91t8pJrZl5IT9auJprheeuaIb+x5SILhfm8cxo1gc1jbqE2CjPqQVC
m17ImImYDxfQo4xokOzqLg5eMKXygba0KkrRxxpadliXZrT9XMHYLO4ClHqzvliL
s/kdcTdQjIGboOtVi8LHb3h2HwB0ucyBEQLTeCxDmy8p9lMTuLEda6ivxQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOjH0b+ldTE/uKAH2Si8g7S/KarqMB8GA1UdIwQY
MBaAFARKrKuaSeFD3miXmtFWtC2r3d6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkVxc3E1cEo0VVBlYUplYTBWYTBMYXZkM293LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NmE3NGUtNGRiOC00ZmU5LTk4MDIt
M2JiOTI2ODc2MDJjLzEvNk1mUnY2VjFNVC00b0FmWktMeUR0TDhwcXVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NmE3NGUtNGRiOC00ZmU5LTk4MDItM2JiOTI2ODc2MDJj
LzEvQkVxc3E1cEo0VVBlYUplYTBWYTBMYXZkM293LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQDTUgoAwMA
gk8DBAK5m1wwDQQCAAIwBwMFAyoHLkAwDQYJKoZIhvcNAQELBQADggEBAI79g19/
pKBmSfX4DacH3bGLCOER4z5OxjjMW2DVZtHcTUBTDzN6f+n+fqZPKVoqXrXSx5fn
x56DPeUjUp4T7joXJjyWtBtR3Eebh06HjfDgR1+97BS74kHoifDhwG1A9F20dZ5d
Ysl4SGEuUwXbfUMou55TVH2WQPu0L1dyVzNMA4pqtI9+IhqQEe3rVxJ0WhdLTwOT
fYrCClx8vJFvuzBNB4WelFr2YZ+bRaq3+ZL5FXa4hZJmF+YVidqy88vf72lGc8Hv
hDw+4IccjIESEICpFTHOljr5E/OYkxIB6rBff5DAKo9V9GOaMLhO69DvlIyfmTax
Tcqr5qXqVxVAaxY=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:38 2024 by rpki-client on console-ams.rpki-client.org