Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/2osjsMR3atmbmkLcKIe-2wlqCcw.roa
File: 2osjsMR3atmbmkLcKIe-2wlqCcw.roa (raw, json)
Hash identifier: Lt31+rDCBKWLyJaqRDdVnd6uRx3aExLj/mQ9oE+PFhQ=
Subject key identifier: DA:8B:23:B0:C4:77:6A:D9:9B:9A:42:DC:28:87:BE:DB:09:6A:09:CC
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0187763476A7BF33D4F4DB128D1229054A66
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/2osjsMR3atmbmkLcKIe-2wlqCcw.roa
Signing time: Wed 12 Apr 2023 16:02:42 +0000
ROA not before: Wed 12 Apr 2023 16:02:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 77.105.22.0/24 maxlen: 24
212.69.13.0/24 maxlen: 24
178.219.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Apr 2023 19:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:76:34:76:a7:bf:33:d4:f4:db:12:8d:12:29:05:4a:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Apr 12 16:02:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da8b23b0c4776ad99b9a42dc2887bedb096a09cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:85:1b:f3:20:e3:b1:fe:14:e3:4e:1c:12:c0:
84:6c:b7:40:9b:5d:fb:01:2c:89:31:2d:c3:8f:2f:
93:4b:22:bd:0a:57:3f:83:54:c5:30:1a:84:e5:05:
ef:6f:c8:e9:09:6f:09:5d:15:b3:9e:2a:19:61:3b:
ce:3d:35:d5:8a:1c:76:9c:fe:97:e5:b0:88:ce:72:
68:bf:62:5d:c4:d9:b0:db:90:2e:41:4c:78:1c:5b:
58:7b:2b:da:f3:e2:1c:9e:4a:25:36:5f:3c:0b:ce:
32:92:db:be:f8:fe:a5:f1:1f:38:64:28:11:a1:5a:
7d:72:0e:fc:5a:c6:b2:0b:b3:bd:e7:28:b6:c9:29:
34:f5:77:26:cc:6a:58:27:04:2b:02:25:d0:bb:77:
3f:09:95:d4:40:c8:1e:d9:14:8e:ab:de:ec:93:70:
18:7a:74:82:a7:8d:12:e3:0b:7d:ca:7e:85:1c:62:
7b:55:37:19:2d:58:79:8f:6f:f9:a2:74:f2:e8:31:
13:35:e4:fe:b3:ae:f3:4a:8b:ba:0c:08:a6:6d:12:
07:0c:53:31:87:f2:7b:03:ab:84:9f:1f:cb:f3:cb:
f1:49:0a:c6:a1:9e:eb:62:f4:8c:71:5e:12:50:25:
b7:aa:9d:b9:12:c3:a9:c0:52:db:eb:46:c3:4b:96:
b0:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:8B:23:B0:C4:77:6A:D9:9B:9A:42:DC:28:87:BE:DB:09:6A:09:CC
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/2osjsMR3atmbmkLcKIe-2wlqCcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.22.0/24
178.219.14.0/24
212.69.13.0/24
Signature Algorithm: sha256WithRSAEncryption
01:6b:ed:92:48:f8:f4:c4:70:a0:2c:6c:fa:b6:eb:53:4a:67:
99:30:fb:f0:5e:b6:6d:00:af:24:23:cb:19:be:b1:a0:82:e1:
ff:80:6c:eb:bb:04:a6:aa:c4:6c:07:bd:06:df:1e:ba:c4:cc:
fb:39:30:f8:0d:c8:3b:c9:2b:de:dc:9d:e8:6c:be:32:5d:f6:
3f:94:c5:2f:bf:e0:c9:69:98:31:61:fc:01:9a:e2:e8:d9:0d:
8f:72:01:17:5f:02:c9:f0:74:68:2d:f7:89:57:ab:a9:96:d5:
ff:b8:13:1f:71:e7:8b:a6:88:36:1e:b5:8c:ee:69:c9:33:1a:
0f:7a:d3:51:1a:72:24:50:28:e8:a4:a2:ff:36:b3:6b:a1:b4:
e4:32:ff:28:44:d1:b0:61:65:ef:84:b5:98:6e:5c:13:52:4a:
55:01:7f:8c:64:d8:9a:13:e4:32:18:b5:fc:61:5e:76:fe:7a:
ef:59:2c:67:a6:6f:86:ab:72:1a:2a:42:66:43:ea:35:30:7b:
24:8c:34:f7:72:54:85:46:47:f2:cb:16:c7:62:7a:c3:6f:3f:
17:c4:06:c1:6b:40:8c:f9:0b:9a:5f:4e:2d:7e:d8:4d:e0:63:
09:da:80:7a:78:70:bd:10:3d:71:80:5d:ec:94:8c:cd:24:86:
99:0f:15:ef
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYd2NHanvzPU9NsSjRIpBUpmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNDEyMTYwMjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYThiMjNiMGM0Nzc2YWQ5OWI5YTQyZGMyODg3YmVkYjA5NmEwOWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoUb8yDjsf4U404cEsCEbLdAm137
ASyJMS3Djy+TSyK9Clc/g1TFMBqE5QXvb8jpCW8JXRWznioZYTvOPTXVihx2nP6X
5bCIznJov2JdxNmw25AuQUx4HFtYeyva8+IcnkolNl88C84yktu++P6l8R84ZCgR
oVp9cg78WsayC7O95yi2ySk09XcmzGpYJwQrAiXQu3c/CZXUQMge2RSOq97sk3AY
enSCp40S4wt9yn6FHGJ7VTcZLVh5j2/5onTy6DETNeT+s67zSou6DAimbRIHDFMx
h/J7A6uEnx/L88vxSQrGoZ7rYvSMcV4SUCW3qp25EsOpwFLb60bDS5awrwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNqLI7DEd2rZm5pC3CiHvtsJagnMMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvMm9zanNNUjNhdG1ibWtMY0tJZS0yd2xxQ2N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATWkWAwQA
stsOAwQA1EUNMA0GCSqGSIb3DQEBCwUAA4IBAQABa+2SSPj0xHCgLGz6tutTSmeZ
MPvwXrZtAK8kI8sZvrGgguH/gGzruwSmqsRsB70G3x66xMz7OTD4Dcg7ySve3J3o
bL4yXfY/lMUvv+DJaZgxYfwBmuLo2Q2PcgEXXwLJ8HRoLfeJV6upltX/uBMfceeL
pog2HrWM7mnJMxoPetNRGnIkUCjopKL/NrNrobTkMv8oRNGwYWXvhLWYblwTUkpV
AX+MZNiaE+QyGLX8YV52/nrvWSxnpm+Gq3IaKkJmQ+o1MHskjDT3clSFRkfyyxbH
YnrDbz8XxAbBa0CM+QuaX04tfthN4GMJ2oB6eHC9ED1xgF3slIzNJIaZDxXv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:03 2024 by rpki-client on console-ams.rpki-client.org