Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/86a74e-4db8-4fe9-9802-3bb92687602c/1/L6iuYot57HAbRB9kkaX0rZZ5kpY.roa
File: L6iuYot57HAbRB9kkaX0rZZ5kpY.roa (raw, json)
Hash identifier: OpfxebD8dNGHLXrE+epCdo6UoH6JiQDMvxTNJoDbDoU=
Subject key identifier: 2F:A8:AE:62:8B:79:EC:70:1B:44:1F:64:91:A5:F4:AD:96:79:92:96
Certificate issuer: /CN=044aacab9a49e143de68979ad156b42dabddde8c
Certificate serial: 01870E00CFFF05F7C03C92E38A3DA8E4A7E7
Authority key identifier: 04:4A:AC:AB:9A:49:E1:43:DE:68:97:9A:D1:56:B4:2D:AB:DD:DE:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BEqsq5pJ4UPeaJea0Va0Lavd3ow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/86a74e-4db8-4fe9-9802-3bb92687602c/1/L6iuYot57HAbRB9kkaX0rZZ5kpY.roa
Signing time: Thu 23 Mar 2023 10:25:46 +0000
ROA not before: Thu 23 Mar 2023 10:25:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2259
IP address blocks: 130.79.0.0/16 maxlen: 16
185.155.92.0/22 maxlen: 22
77.72.40.0/21 maxlen: 21
2a07:2e40::/29 maxlen: 29
2a07:2e40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0e:00:cf:ff:05:f7:c0:3c:92:e3:8a:3d:a8:e4:a7:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=044aacab9a49e143de68979ad156b42dabddde8c
Validity
Not Before: Mar 23 10:25:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2fa8ae628b79ec701b441f6491a5f4ad96799296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:31:9e:53:97:37:f1:d8:60:a6:3f:bf:25:27:
86:2b:d7:92:17:af:12:91:16:e2:0e:3a:95:49:fa:
1e:84:c4:16:13:e0:bd:7c:02:c6:d5:32:0a:e6:6b:
72:93:05:98:57:dd:6f:c2:f6:e1:0d:6b:96:b3:48:
79:bf:67:a6:2e:ea:ef:62:c5:23:d7:f8:d8:23:2e:
0d:74:95:a2:db:8c:71:d9:b0:d5:21:0b:1f:d8:19:
99:39:89:75:42:e3:9c:22:ef:83:6c:79:43:1c:11:
dd:81:e2:8d:4d:6a:a7:90:78:84:3a:6b:c8:89:98:
bd:f7:15:7c:5f:01:e0:46:53:28:58:92:e8:ba:32:
b2:24:74:00:c6:e8:b6:68:1d:ce:9b:b6:2e:e3:bd:
e6:8f:83:ac:a6:16:68:fc:bf:a5:2d:22:ed:8e:64:
3c:be:75:fc:36:5f:fd:55:51:f8:c2:a6:0d:d6:78:
66:42:3a:11:ad:2a:c3:61:69:f6:41:3a:3a:1b:99:
65:72:7b:64:11:f3:00:13:98:80:d1:22:0a:81:f4:
16:32:e1:4b:93:0c:76:df:2b:78:40:00:e8:a7:b9:
1a:6b:b3:a7:ea:11:b0:d8:d2:d1:8a:a5:81:39:99:
86:0b:b1:1f:d2:61:e8:82:f1:1e:6d:bc:f7:07:7e:
9c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:A8:AE:62:8B:79:EC:70:1B:44:1F:64:91:A5:F4:AD:96:79:92:96
X509v3 Authority Key Identifier:
keyid:04:4A:AC:AB:9A:49:E1:43:DE:68:97:9A:D1:56:B4:2D:AB:DD:DE:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BEqsq5pJ4UPeaJea0Va0Lavd3ow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/86a74e-4db8-4fe9-9802-3bb92687602c/1/L6iuYot57HAbRB9kkaX0rZZ5kpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/86a74e-4db8-4fe9-9802-3bb92687602c/1/BEqsq5pJ4UPeaJea0Va0Lavd3ow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.40.0/21
130.79.0.0/16
185.155.92.0/22
IPv6:
2a07:2e40::/29
Signature Algorithm: sha256WithRSAEncryption
4e:3f:ab:ac:ed:b8:d5:01:55:67:3b:91:8a:33:0c:61:ea:b2:
c1:74:70:4f:f4:aa:ff:9d:a3:c4:db:73:a2:66:12:05:b1:1b:
34:c8:cf:ae:46:4d:77:1f:5a:01:24:7c:e4:e1:5e:c3:4b:84:
aa:14:cf:3f:ac:ec:1f:e0:62:98:a0:fb:47:95:e2:b5:69:e6:
da:8c:bb:da:0c:62:05:ab:92:1e:04:70:73:d1:19:ad:42:55:
3f:b8:2f:70:aa:a7:4c:a6:44:37:a3:33:10:21:2d:a2:e6:07:
a8:17:ed:4d:da:97:14:a1:f2:45:fe:67:70:ad:34:ee:ea:7d:
dd:38:43:a3:dd:67:20:1a:95:a4:bb:3e:2f:fe:73:91:83:8c:
06:ff:83:4d:a6:4c:ae:ad:b3:e7:48:45:ff:0b:ae:a4:04:99:
26:3f:12:3f:ca:a4:3f:be:9d:de:ac:7a:6f:95:95:54:d3:2c:
81:4a:2a:d3:6e:af:aa:f2:9b:e4:69:cf:1d:b4:9c:1d:f3:17:
fd:e4:fa:33:f2:b3:1f:9d:ee:ea:1b:13:14:cd:d7:5a:ba:8a:
0d:bb:9f:47:dd:4c:eb:d0:50:8c:6a:58:fb:c6:3d:00:29:37:
30:0d:70:ac:92:fa:0c:1e:51:ae:b8:a1:a3:1d:40:c2:0f:94:
c1:b2:68:a9
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYcOAM//BffAPJLjij2o5KfnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NGFhY2FiOWE0OWUxNDNkZTY4OTc5YWQxNTZiNDJkYWJk
ZGRlOGMwHhcNMjMwMzIzMTAyNTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmE4YWU2MjhiNzllYzcwMWI0NDFmNjQ5MWE1ZjRhZDk2Nzk5Mjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTGeU5c38dhgpj+/JSeGK9eSF68S
kRbiDjqVSfoehMQWE+C9fALG1TIK5mtykwWYV91vwvbhDWuWs0h5v2emLurvYsUj
1/jYIy4NdJWi24xx2bDVIQsf2BmZOYl1QuOcIu+DbHlDHBHdgeKNTWqnkHiEOmvI
iZi99xV8XwHgRlMoWJLoujKyJHQAxui2aB3Om7Yu473mj4OsphZo/L+lLSLtjmQ8
vnX8Nl/9VVH4wqYN1nhmQjoRrSrDYWn2QTo6G5llcntkEfMAE5iA0SIKgfQWMuFL
kwx23yt4QADop7kaa7On6hGw2NLRiqWBOZmGC7Ef0mHogvEebbz3B36cOQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFC+ormKLeexwG0QfZJGl9K2WeZKWMB8GA1UdIwQY
MBaAFARKrKuaSeFD3miXmtFWtC2r3d6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkVxc3E1cEo0VVBlYUplYTBWYTBMYXZkM293LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NmE3NGUtNGRiOC00ZmU5LTk4MDIt
M2JiOTI2ODc2MDJjLzEvTDZpdVlvdDU3SEFiUkI5a2thWDByWlo1a3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NmE3NGUtNGRiOC00ZmU5LTk4MDItM2JiOTI2ODc2MDJj
LzEvQkVxc3E1cEo0VVBlYUplYTBWYTBMYXZkM293LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQDTUgoAwMA
gk8DBAK5m1wwDQQCAAIwBwMFAyoHLkAwDQYJKoZIhvcNAQELBQADggEBAE4/q6zt
uNUBVWc7kYozDGHqssF0cE/0qv+do8Tbc6JmEgWxGzTIz65GTXcfWgEkfOThXsNL
hKoUzz+s7B/gYpig+0eV4rVp5tqMu9oMYgWrkh4EcHPRGa1CVT+4L3Cqp0ymRDej
MxAhLaLmB6gX7U3alxSh8kX+Z3CtNO7qfd04Q6PdZyAalaS7Pi/+c5GDjAb/g02m
TK6ts+dIRf8LrqQEmSY/Ej/KpD++nd6sem+VlVTTLIFKKtNur6rym+Rpzx20nB3z
F/3k+jPysx+d7uobExTN11q6ig27n0fdTOvQUIxqWPvGPQApNzANcKyS+gweUa64
oaMdQMIPlMGyaKk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:17 2023 by rpki-client on console-fra.rpki-client.org