Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/VfLTEtRfSJAueodmURxP1Y7Ixdg.roa
File: VfLTEtRfSJAueodmURxP1Y7Ixdg.roa (raw, json)
Hash identifier: Z4qT54WLN2sjx/lHyBqIzCP8tjR2MGnABNwYidqIdso=
Subject key identifier: 55:F2:D3:12:D4:5F:48:90:2E:7A:87:66:51:1C:4F:D5:8E:C8:C5:D8
Certificate issuer: /CN=bd7410f4e62c7772c78d5750b21fc214339e94a2
Certificate serial: 01856CF8745A16B0D2F39E2DD52B34E2CF07
Authority key identifier: BD:74:10:F4:E6:2C:77:72:C7:8D:57:50:B2:1F:C2:14:33:9E:94:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vXQQ9OYsd3LHjVdQsh_CFDOelKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/VfLTEtRfSJAueodmURxP1Y7Ixdg.roa
Signing time: Sun 01 Jan 2023 10:55:00 +0000
ROA not before: Sun 01 Jan 2023 10:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 786
IP address blocks: 77.72.72.0/24 maxlen: 24
77.72.72.0/23 maxlen: 23
77.72.73.0/24 maxlen: 24
77.72.72.0/21 maxlen: 21
77.72.76.0/22 maxlen: 22
77.72.74.0/24 maxlen: 24
77.72.74.0/23 maxlen: 23
77.72.75.0/24 maxlen: 24
77.72.76.0/23 maxlen: 23
77.72.76.0/24 maxlen: 24
77.72.77.0/24 maxlen: 24
77.72.72.0/22 maxlen: 22
77.72.78.0/23 maxlen: 23
77.72.78.0/24 maxlen: 24
77.72.79.0/24 maxlen: 24
2a01:4b0:1::/48 maxlen: 48
2a01:4b0:2::/48 maxlen: 48
2a01:4b0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:74:5a:16:b0:d2:f3:9e:2d:d5:2b:34:e2:cf:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd7410f4e62c7772c78d5750b21fc214339e94a2
Validity
Not Before: Jan 1 10:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55f2d312d45f48902e7a8766511c4fd58ec8c5d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:5d:08:33:97:63:9a:53:2b:8d:5f:f0:dd:a5:
0e:54:9d:39:15:e5:a4:d0:44:63:2c:fe:14:b5:7c:
34:c4:3c:3b:7b:14:6b:f3:18:c9:95:86:a7:a5:4d:
b2:8e:d1:53:7c:30:26:b2:68:e4:57:47:b6:d0:8b:
18:2d:20:d6:73:c0:df:66:62:af:03:b3:e5:95:bb:
3d:d5:69:3a:0b:3c:d7:2c:3e:0f:db:da:71:d6:e8:
4e:9f:6b:ee:d5:da:90:b6:f2:b5:bc:7e:74:60:b8:
2c:68:ab:b1:62:76:0e:0d:fb:20:d2:08:39:5a:4c:
1a:4b:26:2d:53:57:61:e4:86:8d:fe:4b:fd:bd:7b:
06:52:85:42:a7:70:5c:ea:46:b4:93:4a:ab:15:45:
f2:3a:a4:3c:ef:14:ed:10:94:dc:ee:0c:9e:6d:89:
23:ff:82:05:a3:ba:b5:e2:3e:74:75:65:1c:f2:7f:
68:2c:cf:93:87:c3:0b:36:90:a3:00:a7:c7:47:78:
89:43:57:ac:3d:40:5a:9b:43:52:ba:04:8a:84:c8:
06:3f:dc:d4:ac:de:a0:7c:1e:b0:ac:49:76:04:05:
e5:85:7b:f9:4f:29:b0:96:f2:dc:8b:12:fc:b8:12:
25:ff:87:69:ff:c3:3e:c0:cb:c0:d2:92:ac:c4:c4:
7a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:F2:D3:12:D4:5F:48:90:2E:7A:87:66:51:1C:4F:D5:8E:C8:C5:D8
X509v3 Authority Key Identifier:
keyid:BD:74:10:F4:E6:2C:77:72:C7:8D:57:50:B2:1F:C2:14:33:9E:94:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vXQQ9OYsd3LHjVdQsh_CFDOelKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/VfLTEtRfSJAueodmURxP1Y7Ixdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/vXQQ9OYsd3LHjVdQsh_CFDOelKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.72.0/21
IPv6:
2a01:4b0::-2a01:4b0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a6:49:cd:b5:29:9d:e1:90:d0:f6:60:21:17:fd:46:f8:82:9c:
93:a4:1d:27:61:07:1a:33:29:91:e8:10:c7:aa:a5:4e:87:8f:
7a:b9:69:60:5e:22:f4:b5:bf:cf:f9:9a:a7:13:7d:2b:be:d9:
81:7e:55:42:94:43:9c:48:03:82:9b:70:ec:e5:d0:4a:3f:47:
50:41:26:f0:70:a2:bc:2f:44:b5:a3:7d:b9:ea:2d:7d:f5:5a:
ce:45:2b:78:8d:f3:e8:39:c0:07:04:58:a0:61:6a:1b:d4:c7:
f5:70:93:ca:26:26:4e:ca:85:3d:bd:fc:9e:b7:79:74:59:0d:
85:c3:b1:27:fa:4c:1a:12:e5:89:8a:7e:12:1b:35:6a:fc:e2:
e2:67:2f:bc:39:a5:16:0a:10:82:71:ec:63:b4:d4:8a:85:97:
e2:43:60:44:ce:e6:89:25:a0:5c:3e:bc:25:94:8a:81:10:86:
5e:cb:bf:9f:4a:96:47:63:ff:1b:f9:1d:70:36:ab:f8:51:42:
5b:6b:38:3c:6a:d1:42:b4:03:81:85:c6:7c:6c:b4:96:6b:24:
5f:be:2c:46:88:11:91:8f:ca:15:7e:93:f4:4d:c8:9b:ef:f1:
86:da:74:30:37:0e:50:74:0c:e5:82:07:ce:9e:d5:95:36:c5:
75:6a:01:4b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVs+HRaFrDS854t1Ss04s8HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNzQxMGY0ZTYyYzc3NzJjNzhkNTc1MGIyMWZjMjE0MzM5
ZTk0YTIwHhcNMjMwMTAxMTA1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWYyZDMxMmQ0NWY0ODkwMmU3YTg3NjY1MTFjNGZkNThlYzhjNWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjl0IM5djmlMrjV/w3aUOVJ05FeWk
0ERjLP4UtXw0xDw7exRr8xjJlYanpU2yjtFTfDAmsmjkV0e20IsYLSDWc8DfZmKv
A7Pllbs91Wk6CzzXLD4P29px1uhOn2vu1dqQtvK1vH50YLgsaKuxYnYODfsg0gg5
WkwaSyYtU1dh5IaN/kv9vXsGUoVCp3Bc6ka0k0qrFUXyOqQ87xTtEJTc7gyebYkj
/4IFo7q14j50dWUc8n9oLM+Th8MLNpCjAKfHR3iJQ1esPUBam0NSugSKhMgGP9zU
rN6gfB6wrEl2BAXlhXv5TymwlvLcixL8uBIl/4dp/8M+wMvA0pKsxMR6HwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFXy0xLUX0iQLnqHZlEcT9WOyMXYMB8GA1UdIwQY
MBaAFL10EPTmLHdyx41XULIfwhQznpSiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlhRUTlPWXNkM0xIalZkUXNoX0NGRE9lbEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8yMmM2MGUtNzJmZC00N2FmLTk5ZjMt
MjY4NDhmZmVlNzY1LzEvVmZMVEV0UmZTSkF1ZW9kbVVSeFAxWTdJeGRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8yMmM2MGUtNzJmZC00N2FmLTk5ZjMtMjY4NDhmZmVlNzY1
LzEvdlhRUTlPWXNkM0xIalZkUXNoX0NGRE9lbEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQDTUhIMBgE
AgACMBIwEAMFBCoBBLADBwAqAQSwAAIwDQYJKoZIhvcNAQELBQADggEBAKZJzbUp
neGQ0PZgIRf9RviCnJOkHSdhBxozKZHoEMeqpU6Hj3q5aWBeIvS1v8/5mqcTfSu+
2YF+VUKUQ5xIA4KbcOzl0Eo/R1BBJvBworwvRLWjfbnqLX31Ws5FK3iN8+g5wAcE
WKBhahvUx/Vwk8omJk7KhT29/J63eXRZDYXDsSf6TBoS5YmKfhIbNWr84uJnL7w5
pRYKEIJx7GO01IqFl+JDYETO5okloFw+vCWUioEQhl7Lv59Klkdj/xv5HXA2q/hR
QltrODxq0UK0A4GFxnxstJZrJF++LEaIEZGPyhV+k/RNyJvv8YbadDA3DlB0DOWC
B86e1ZU2xXVqAUs=
-----END CERTIFICATE-----
Generated at Wed Oct 25 09:50:57 2023 by rpki-client on console-fra.rpki-client.org