Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/h-CzTKiVRBu3Mn1zVpHjwHawiG4.roa
File: h-CzTKiVRBu3Mn1zVpHjwHawiG4.roa (raw, json)
Hash identifier: 7rC0NdY6wHuRGpUzk0AFvLq8rzwj09accmeb+ZkkeNs=
Subject key identifier: 87:E0:B3:4C:A8:95:44:1B:B7:32:7D:73:56:91:E3:C0:76:B0:88:6E
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0188332049B2EE69750D66D38936F75C33F0
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/h-CzTKiVRBu3Mn1zVpHjwHawiG4.roa
Signing time: Fri 19 May 2023 08:28:54 +0000
ROA not before: Fri 19 May 2023 08:28:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.255.200.0/24 maxlen: 24
77.105.22.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
188.255.135.0/24 maxlen: 24
212.69.13.0/24 maxlen: 24
178.219.14.0/24 maxlen: 24
79.175.67.0/24 maxlen: 24
77.105.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 May 2023 18:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:33:20:49:b2:ee:69:75:0d:66:d3:89:36:f7:5c:33:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: May 19 08:28:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87e0b34ca895441bb7327d735691e3c076b0886e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7c:03:35:ff:00:63:f5:67:db:01:c3:34:41:
7e:65:b7:85:55:76:e6:94:28:c9:c5:76:f5:b7:17:
83:b1:81:80:d4:39:68:52:cc:b3:67:e2:23:40:8d:
ee:43:7e:5c:39:74:db:ff:20:15:fc:33:a1:1e:06:
00:5a:52:bd:3e:79:85:bb:75:ee:a1:3e:dc:7d:3f:
be:8d:79:4a:89:e0:de:6d:dd:1f:fb:d2:4f:86:34:
9f:f6:8e:e8:0a:0c:4a:2e:da:c0:ad:c4:a1:70:8c:
d2:72:fa:8f:d8:a0:59:47:98:34:ac:5b:79:fe:5f:
17:c5:66:72:44:94:57:1e:7e:92:82:7a:6e:25:b0:
0b:bc:2b:3c:53:ca:58:c0:3b:1b:1a:9d:58:31:8a:
7d:db:c2:5f:6d:f5:b5:28:e0:ea:59:0e:70:05:bc:
ed:78:0c:90:0e:88:ff:36:4b:b1:52:fc:48:ae:5c:
e7:c1:27:b4:a7:fe:53:46:11:0c:57:ce:1b:ac:ce:
ae:86:3d:c2:9e:de:71:0d:2b:1e:c5:b3:cb:10:b1:
27:60:b3:57:9b:59:78:71:b5:cc:4d:c3:a6:7b:37:
60:09:ac:3c:bd:91:c0:d3:ea:e4:68:c5:e3:cc:4a:
58:d8:6a:00:44:ab:f1:75:d3:51:fe:64:48:ce:45:
c3:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:E0:B3:4C:A8:95:44:1B:B7:32:7D:73:56:91:E3:C0:76:B0:88:6E
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/h-CzTKiVRBu3Mn1zVpHjwHawiG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.8.0/24
77.105.22.0/24
79.175.67.0/24
109.121.40.0/24
178.219.14.0/24
188.255.135.0/24
188.255.200.0/24
212.69.13.0/24
Signature Algorithm: sha256WithRSAEncryption
65:7e:9d:08:61:c6:4b:eb:7d:bf:32:b5:c5:dc:82:c1:f1:b1:
42:2b:81:a8:13:d2:be:c8:51:c6:25:f3:77:30:da:b2:65:e6:
15:9a:a1:50:17:29:1e:28:94:45:6f:3e:da:bd:a0:22:d7:80:
eb:54:47:b6:fa:8f:d9:16:92:9d:23:27:0e:d8:f1:45:3f:c6:
1d:95:32:fa:55:85:38:1c:c5:b5:df:18:ce:4e:eb:7d:9b:ce:
4a:89:28:2c:33:b1:de:6b:08:03:b0:bc:73:d5:1a:f6:b2:03:
f5:60:38:04:32:0b:da:01:13:43:9b:1d:b0:0e:1e:97:a4:4a:
27:8b:50:a8:b8:7e:d7:97:0a:c9:7b:f8:71:b6:db:45:cf:eb:
4d:7b:a3:22:72:6d:ef:b4:df:f4:9f:97:db:bc:a1:63:c4:02:
54:72:e2:af:e7:2e:16:76:8e:6d:26:13:68:2b:6f:f7:d5:f4:
9c:12:e1:6c:ab:fe:5b:19:b1:26:09:c1:4c:d8:8d:da:ac:89:
1c:31:ca:4a:93:65:b9:3c:7c:72:cb:5b:8e:f7:80:b0:d3:af:
aa:d6:57:16:28:1b:b4:51:85:1f:ea:c9:5e:99:7b:d3:17:df:
f5:0e:6a:10:06:d6:1b:55:df:cc:6e:23:12:c9:bf:25:0a:10:
3b:49:7c:81
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYgzIEmy7ml1DWbTiTb3XDPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNTE5MDgyODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2UwYjM0Y2E4OTU0NDFiYjczMjdkNzM1NjkxZTNjMDc2YjA4ODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3wDNf8AY/Vn2wHDNEF+ZbeFVXbm
lCjJxXb1txeDsYGA1DloUsyzZ+IjQI3uQ35cOXTb/yAV/DOhHgYAWlK9PnmFu3Xu
oT7cfT++jXlKieDebd0f+9JPhjSf9o7oCgxKLtrArcShcIzScvqP2KBZR5g0rFt5
/l8XxWZyRJRXHn6SgnpuJbALvCs8U8pYwDsbGp1YMYp928JfbfW1KODqWQ5wBbzt
eAyQDoj/NkuxUvxIrlznwSe0p/5TRhEMV84brM6uhj3Cnt5xDSsexbPLELEnYLNX
m1l4cbXMTcOmezdgCaw8vZHA0+rkaMXjzEpY2GoARKvxddNR/mRIzkXDBwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFIfgs0yolUQbtzJ9c1aR48B2sIhuMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvaC1DelRLaVZSQnUzTW4xelZwSGp3SGF3aUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQATWkIAwQA
TWkWAwQAT69DAwQAbXkoAwQAstsOAwQAvP+HAwQAvP/IAwQA1EUNMA0GCSqGSIb3
DQEBCwUAA4IBAQBlfp0IYcZL632/MrXF3ILB8bFCK4GoE9K+yFHGJfN3MNqyZeYV
mqFQFykeKJRFbz7avaAi14DrVEe2+o/ZFpKdIycO2PFFP8YdlTL6VYU4HMW13xjO
Tut9m85KiSgsM7HeawgDsLxz1Rr2sgP1YDgEMgvaARNDmx2wDh6XpEoni1CouH7X
lwrJe/hxtttFz+tNe6Micm3vtN/0n5fbvKFjxAJUcuKv5y4Wdo5tJhNoK2/31fSc
EuFsq/5bGbEmCcFM2I3arIkcMcpKk2W5PHxyy1uO94Cw06+q1lcWKBu0UYUf6sle
mXvTF9/1DmoQBtYbVd/MbiMSyb8lChA7SXyB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:05 2024 by rpki-client on console-ams.rpki-client.org