Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/KyrP7VypuFkm7W-eZ0cdWMKjJyE.roa
File: KyrP7VypuFkm7W-eZ0cdWMKjJyE.roa (raw, json)
Hash identifier: gGiFJp3DoJXrhzpl3FoH2fenDJsHPpv1yUN2VCccAKA=
Subject key identifier: 2B:2A:CF:ED:5C:A9:B8:59:26:ED:6F:9E:67:47:1D:58:C2:A3:27:21
Certificate issuer: /CN=22c7cda75f4e15e486dee5a6501cbe2018bc0e0f
Certificate serial: 018BF26007ED6F4A57CDCD1881E3E688F533
Authority key identifier: 22:C7:CD:A7:5F:4E:15:E4:86:DE:E5:A6:50:1C:BE:20:18:BC:0E:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsfNp19OFeSG3uWmUBy-IBi8Dg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/KyrP7VypuFkm7W-eZ0cdWMKjJyE.roa
Signing time: Tue 21 Nov 2023 14:54:21 +0000
ROA not before: Tue 21 Nov 2023 14:54:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 91.209.234.0/24 maxlen: 24
213.148.221.0/24 maxlen: 24
212.121.248.0/24 maxlen: 24
77.75.176.0/21 maxlen: 24
185.154.8.0/22 maxlen: 24
77.75.180.0/24 maxlen: 24
185.193.68.0/22 maxlen: 24
213.148.192.0/19 maxlen: 24
185.184.148.0/22 maxlen: 24
212.121.224.0/19 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f2:60:07:ed:6f:4a:57:cd:cd:18:81:e3:e6:88:f5:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c7cda75f4e15e486dee5a6501cbe2018bc0e0f
Validity
Not Before: Nov 21 14:54:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b2acfed5ca9b85926ed6f9e67471d58c2a32721
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:64:cc:9b:ed:03:c3:02:ed:6f:da:11:dd:ce:
df:de:3f:77:69:08:c1:bc:ec:53:ac:3d:86:90:ea:
8a:f8:4e:b8:16:e6:ce:e9:c6:bb:fd:8c:38:3d:3b:
24:54:fa:ca:fe:58:ce:02:d2:b3:0a:2a:6e:9f:a8:
e8:0c:03:6e:52:69:31:89:92:d6:29:64:df:2a:b8:
34:c1:46:25:52:c7:b4:82:20:29:d9:4f:69:47:9a:
5e:56:60:0a:3e:4e:48:9b:ed:cc:2e:f9:69:65:af:
92:26:b3:17:90:5f:8e:e5:43:e4:1d:23:83:f8:93:
fa:cf:4d:ef:3a:ed:2b:31:91:57:f1:88:2b:90:49:
4f:a7:93:34:da:9a:fa:aa:a6:9c:14:97:a5:0b:61:
65:25:54:81:ff:0c:ff:a4:44:50:90:75:af:15:11:
c0:00:f0:27:40:7d:08:94:78:64:3c:11:10:9f:69:
e2:25:4b:bb:0e:29:9a:e8:6b:b4:20:00:ab:1f:05:
5a:c0:f1:46:ce:20:31:17:5a:30:b5:02:7a:81:e1:
e3:59:14:25:92:71:be:dc:38:f8:f2:71:77:8f:99:
7e:bd:e5:ab:ab:af:72:5a:d6:56:a8:08:39:b3:3d:
46:5e:e3:4b:1d:c7:6a:f6:5a:7f:32:66:e5:d0:74:
10:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:2A:CF:ED:5C:A9:B8:59:26:ED:6F:9E:67:47:1D:58:C2:A3:27:21
X509v3 Authority Key Identifier:
keyid:22:C7:CD:A7:5F:4E:15:E4:86:DE:E5:A6:50:1C:BE:20:18:BC:0E:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsfNp19OFeSG3uWmUBy-IBi8Dg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/KyrP7VypuFkm7W-eZ0cdWMKjJyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/IsfNp19OFeSG3uWmUBy-IBi8Dg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.75.176.0/21
91.209.234.0/24
185.154.8.0/22
185.184.148.0/22
185.193.68.0/22
212.121.224.0/19
213.148.192.0/19
Signature Algorithm: sha256WithRSAEncryption
2a:e1:04:c0:0f:3f:09:e5:72:5f:78:77:89:e2:9b:68:4b:ef:
59:36:94:31:dc:f9:4e:d6:52:37:5a:31:01:7e:5e:24:18:24:
42:be:b9:c5:d6:6b:53:29:ba:1f:02:39:58:05:d0:b8:be:d4:
3d:02:26:6c:b7:af:84:49:02:7d:56:d0:b5:c6:33:31:2b:99:
5f:03:88:8d:f2:20:86:29:c2:ca:68:25:e8:f1:ac:8f:79:f6:
e4:36:33:7d:09:2e:0c:31:e3:03:8d:aa:3c:e8:5f:40:2c:56:
c9:aa:87:85:28:ce:27:f6:d5:e0:22:01:98:98:df:cf:86:ac:
06:43:dd:15:1c:46:c5:ff:4f:ec:f1:c4:e9:b5:0d:b4:c5:c3:
de:92:b4:4e:59:8a:44:09:7b:29:1d:58:7d:93:26:10:fd:50:
cb:f8:79:56:6f:1b:5e:18:44:c3:db:90:f0:72:4a:29:56:b0:
94:38:e9:8b:b3:f8:51:fd:8b:4b:34:a7:2c:fc:e1:15:68:1d:
9a:40:1f:43:fb:ee:ab:4a:30:c4:99:9f:a5:e4:bd:67:76:c2:
9b:1f:aa:ab:40:5a:d2:d7:ff:a7:e8:28:4a:82:c8:ae:de:55:
07:0d:d1:6a:c5:07:db:98:ab:dc:0b:2d:77:f7:45:4d:d7:81:
cc:43:9f:df
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYvyYAftb0pXzc0YgePmiPUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzdjZGE3NWY0ZTE1ZTQ4NmRlZTVhNjUwMWNiZTIwMThi
YzBlMGYwHhcNMjMxMTIxMTQ1NDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjJhY2ZlZDVjYTliODU5MjZlZDZmOWU2NzQ3MWQ1OGMyYTMyNzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWTMm+0DwwLtb9oR3c7f3j93aQjB
vOxTrD2GkOqK+E64FubO6ca7/Yw4PTskVPrK/ljOAtKzCipun6joDANuUmkxiZLW
KWTfKrg0wUYlUse0giAp2U9pR5peVmAKPk5Im+3MLvlpZa+SJrMXkF+O5UPkHSOD
+JP6z03vOu0rMZFX8YgrkElPp5M02pr6qqacFJelC2FlJVSB/wz/pERQkHWvFRHA
APAnQH0IlHhkPBEQn2niJUu7Dima6Gu0IACrHwVawPFGziAxF1owtQJ6geHjWRQl
knG+3Dj48nF3j5l+veWrq69yWtZWqAg5sz1GXuNLHcdq9lp/Mmbl0HQQJwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCsqz+1cqbhZJu1vnmdHHVjCoychMB8GA1UdIwQY
MBaAFCLHzadfThXkht7lplAcviAYvA4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNmTnAxOU9GZVNHM3VXbVVCeS1JQmk4RGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iOTIzMzEtMmJiNC00YTU5LTk5Nzgt
NzUxYjE3ZDFjNDM3LzEvS3lyUDdWeXB1RmttN1ctZVowY2RXTUtqSnlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iOTIzMzEtMmJiNC00YTU5LTk5NzgtNzUxYjE3ZDFjNDM3
LzEvSXNmTnAxOU9GZVNHM3VXbVVCeS1JQmk4RGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDTUuwAwQA
W9HqAwQCuZoIAwQCubiUAwQCucFEAwQF1HngAwQF1ZTAMA0GCSqGSIb3DQEBCwUA
A4IBAQAq4QTADz8J5XJfeHeJ4ptoS+9ZNpQx3PlO1lI3WjEBfl4kGCRCvrnF1mtT
KbofAjlYBdC4vtQ9AiZst6+ESQJ9VtC1xjMxK5lfA4iN8iCGKcLKaCXo8ayPefbk
NjN9CS4MMeMDjao86F9ALFbJqoeFKM4n9tXgIgGYmN/PhqwGQ90VHEbF/0/s8cTp
tQ20xcPekrROWYpECXspHVh9kyYQ/VDL+HlWbxteGETD25DwckopVrCUOOmLs/hR
/YtLNKcs/OEVaB2aQB9D++6rSjDEmZ+l5L1ndsKbH6qrQFrS1/+n6ChKgsiu3lUH
DdFqxQfbmKvcCy1390VN14HMQ5/f
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:20 2024 by rpki-client on console-fra.rpki-client.org