Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/86a74e-4db8-4fe9-9802-3bb92687602c/1/RnmrtNpPJQWa7IK6Xarh-Q7pxks.roa
File: RnmrtNpPJQWa7IK6Xarh-Q7pxks.roa (raw, json)
Hash identifier: ao6WiEj1j97t3zjkuUbmoACuxhEuW84kwNSw/fG506w=
Subject key identifier: 46:79:AB:B4:DA:4F:25:05:9A:EC:82:BA:5D:AA:E1:F9:0E:E9:C6:4B
Certificate issuer: /CN=044aacab9a49e143de68979ad156b42dabddde8c
Certificate serial: 01856ED4C91A4AE29915CBFAD30E2F5BDBBD
Authority key identifier: 04:4A:AC:AB:9A:49:E1:43:DE:68:97:9A:D1:56:B4:2D:AB:DD:DE:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BEqsq5pJ4UPeaJea0Va0Lavd3ow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/86a74e-4db8-4fe9-9802-3bb92687602c/1/RnmrtNpPJQWa7IK6Xarh-Q7pxks.roa
Signing time: Sun 01 Jan 2023 19:35:16 +0000
ROA not before: Sun 01 Jan 2023 19:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2259
IP address blocks: 130.79.0.0/16 maxlen: 16
185.155.92.0/22 maxlen: 22
77.72.40.0/21 maxlen: 21
2a07:2e40::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 23 Mar 2023 10:25:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:c9:1a:4a:e2:99:15:cb:fa:d3:0e:2f:5b:db:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=044aacab9a49e143de68979ad156b42dabddde8c
Validity
Not Before: Jan 1 19:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4679abb4da4f25059aec82ba5daae1f90ee9c64b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:83:4b:a0:7a:27:6f:8e:bd:fc:a7:9f:94:25:
4c:47:b8:40:65:9a:15:56:a4:f5:8b:a2:11:91:e6:
cb:ba:d7:02:54:f7:88:3c:e4:e8:da:e9:75:8e:88:
89:a6:60:68:3f:1d:6f:ab:4b:3f:bf:7e:6c:6d:fc:
ad:64:a5:96:15:af:47:d8:45:5e:7d:9b:7b:7e:e9:
6f:6d:95:71:a6:98:56:58:2f:44:14:40:5c:83:12:
54:b6:f0:b8:cf:02:e3:70:d6:cb:97:de:26:a2:42:
2e:b1:ae:9c:6c:b9:56:3d:23:90:9f:5d:07:88:74:
10:8c:a1:47:d4:d5:ce:a5:63:27:89:2f:ab:d5:f0:
d8:ad:4c:e0:a1:c1:2c:9f:f4:e6:00:85:88:51:2e:
c6:38:92:b1:b4:35:86:2c:ac:c0:87:05:42:22:ab:
01:cd:05:4c:de:c2:d7:a1:7b:48:bf:40:a3:76:bb:
40:62:ae:10:06:c2:ef:0c:2e:0c:a5:1d:83:5f:5c:
eb:84:87:5d:54:d5:bd:a4:6f:7d:d2:c5:5c:02:96:
a2:42:1a:89:47:b9:0d:08:c9:b6:b2:17:7a:5f:3d:
0b:83:18:65:2f:af:b6:ea:07:d0:2a:ca:7a:8d:1b:
2f:24:d1:76:79:b5:32:dc:48:7d:40:56:a0:15:12:
36:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:79:AB:B4:DA:4F:25:05:9A:EC:82:BA:5D:AA:E1:F9:0E:E9:C6:4B
X509v3 Authority Key Identifier:
keyid:04:4A:AC:AB:9A:49:E1:43:DE:68:97:9A:D1:56:B4:2D:AB:DD:DE:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BEqsq5pJ4UPeaJea0Va0Lavd3ow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/86a74e-4db8-4fe9-9802-3bb92687602c/1/RnmrtNpPJQWa7IK6Xarh-Q7pxks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/86a74e-4db8-4fe9-9802-3bb92687602c/1/BEqsq5pJ4UPeaJea0Va0Lavd3ow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.40.0/21
130.79.0.0/16
185.155.92.0/22
IPv6:
2a07:2e40::/32
Signature Algorithm: sha256WithRSAEncryption
0d:fc:5c:bf:5d:c1:42:46:98:05:4e:01:9a:a3:3f:d2:ff:ae:
0c:66:97:30:df:db:1e:54:89:ce:78:0f:66:4c:65:4c:12:5a:
20:c5:a7:b8:f0:94:01:be:20:ee:e3:ba:68:a1:b6:b8:96:15:
00:4f:b9:ba:2b:a4:b9:16:66:f7:5c:b9:2b:cf:48:1e:08:25:
4e:42:33:76:04:ec:11:9d:90:ee:5b:3e:b1:75:8a:9f:65:6f:
b0:b5:3a:2c:76:ef:3f:67:7b:a0:60:4b:8b:c9:8b:d5:b7:8d:
5e:91:f8:04:d5:20:c7:8c:b5:d1:75:f5:7d:24:df:17:8e:ef:
07:cc:27:42:6b:30:7d:4c:dd:ba:b6:ea:fa:88:08:86:07:df:
c3:70:00:b8:d8:43:9d:00:25:ef:f7:d2:f1:12:09:f5:66:f0:
2e:a0:96:7e:1d:14:1e:d2:6d:31:7a:46:b6:ef:da:eb:4e:79:
1d:e1:ed:3d:c9:a4:c2:ff:da:44:59:44:42:04:ae:7f:01:cb:
93:e4:31:4e:82:b9:e4:87:5d:04:ff:57:63:b6:be:da:33:c5:
7f:8c:68:fd:ea:b6:b8:32:e1:4d:c9:29:8e:e6:c3:ee:16:be:
65:e2:d4:ec:a4:e6:fd:77:88:85:e8:35:c2:bb:1a:cb:b4:55:
20:30:b1:fe
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVu1MkaSuKZFcv60w4vW9u9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NGFhY2FiOWE0OWUxNDNkZTY4OTc5YWQxNTZiNDJkYWJk
ZGRlOGMwHhcNMjMwMTAxMTkzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njc5YWJiNGRhNGYyNTA1OWFlYzgyYmE1ZGFhZTFmOTBlZTljNjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYNLoHonb469/KeflCVMR7hAZZoV
VqT1i6IRkebLutcCVPeIPOTo2ul1joiJpmBoPx1vq0s/v35sbfytZKWWFa9H2EVe
fZt7fulvbZVxpphWWC9EFEBcgxJUtvC4zwLjcNbLl94mokIusa6cbLlWPSOQn10H
iHQQjKFH1NXOpWMniS+r1fDYrUzgocEsn/TmAIWIUS7GOJKxtDWGLKzAhwVCIqsB
zQVM3sLXoXtIv0CjdrtAYq4QBsLvDC4MpR2DX1zrhIddVNW9pG990sVcApaiQhqJ
R7kNCMm2shd6Xz0LgxhlL6+26gfQKsp6jRsvJNF2ebUy3Eh9QFagFRI2/QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFEZ5q7TaTyUFmuyCul2q4fkO6cZLMB8GA1UdIwQY
MBaAFARKrKuaSeFD3miXmtFWtC2r3d6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkVxc3E1cEo0VVBlYUplYTBWYTBMYXZkM293LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NmE3NGUtNGRiOC00ZmU5LTk4MDIt
M2JiOTI2ODc2MDJjLzEvUm5tcnROcFBKUVdhN0lLNlhhcmgtUTdweGtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NmE3NGUtNGRiOC00ZmU5LTk4MDItM2JiOTI2ODc2MDJj
LzEvQkVxc3E1cEo0VVBlYUplYTBWYTBMYXZkM293LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQDTUgoAwMA
gk8DBAK5m1wwDQQCAAIwBwMFACoHLkAwDQYJKoZIhvcNAQELBQADggEBAA38XL9d
wUJGmAVOAZqjP9L/rgxmlzDf2x5Uic54D2ZMZUwSWiDFp7jwlAG+IO7jumihtriW
FQBPuborpLkWZvdcuSvPSB4IJU5CM3YE7BGdkO5bPrF1ip9lb7C1Oix27z9ne6Bg
S4vJi9W3jV6R+ATVIMeMtdF19X0k3xeO7wfMJ0JrMH1M3bq26vqICIYH38NwALjY
Q50AJe/30vESCfVm8C6gln4dFB7SbTF6Rrbv2utOeR3h7T3JpML/2kRZREIErn8B
y5PkMU6CueSHXQT/V2O2vtozxX+MaP3qtrgy4U3JKY7mw+4WvmXi1Oyk5v13iIXo
NcK7Gsu0VSAwsf4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:09 2024 by rpki-client on console-ams.rpki-client.org