Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/9e4764-7234-4ba4-8e8a-e2754f6fb4c5/1/Hzl7bGe6GAa7CzoocUEcifNCJRo.roa
File: Hzl7bGe6GAa7CzoocUEcifNCJRo.roa (raw, json)
Hash identifier: 6YcOBEcaI1Br5rExadWXRn6v0n5yJGTJeAOT1ttHgxA=
Subject key identifier: 1F:39:7B:6C:67:BA:18:06:BB:0B:3A:28:71:41:1C:89:F3:42:25:1A
Certificate issuer: /CN=8efcc976ef90383ace7f0b4e09e4d819ed0d9b5e
Certificate serial: 01856EA68B1B39736262A55D352ADCC027B3
Authority key identifier: 8E:FC:C9:76:EF:90:38:3A:CE:7F:0B:4E:09:E4:D8:19:ED:0D:9B:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jvzJdu-QODrOfwtOCeTYGe0Nm14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/9e4764-7234-4ba4-8e8a-e2754f6fb4c5/1/Hzl7bGe6GAa7CzoocUEcifNCJRo.roa
Signing time: Sun 01 Jan 2023 18:44:46 +0000
ROA not before: Sun 01 Jan 2023 18:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43420
IP address blocks: 109.196.224.0/20 maxlen: 20
77.87.216.0/21 maxlen: 21
193.46.68.0/24 maxlen: 24
85.202.32.0/20 maxlen: 20
185.129.76.0/22 maxlen: 22
109.95.168.0/21 maxlen: 21
2a03:9c60::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:8b:1b:39:73:62:62:a5:5d:35:2a:dc:c0:27:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8efcc976ef90383ace7f0b4e09e4d819ed0d9b5e
Validity
Not Before: Jan 1 18:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f397b6c67ba1806bb0b3a2871411c89f342251a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:bf:25:19:bd:2f:58:0f:d3:23:81:00:f2:4b:
4a:c2:ab:19:97:84:a3:2d:6b:31:57:60:33:83:51:
00:8d:80:18:1f:d4:17:90:fe:35:47:76:f0:fd:74:
17:06:f3:7a:56:ef:25:a2:58:69:6c:db:09:86:64:
8c:a8:55:1e:84:6a:82:c7:9d:ce:52:39:a0:04:15:
22:ee:96:51:ca:b4:23:16:5f:62:76:6c:79:ba:39:
b7:b9:38:d0:60:f8:c5:3f:79:5b:a8:fb:ee:d0:57:
e0:8a:66:96:c0:cb:79:6c:80:75:17:a2:60:98:88:
8c:5a:7e:6a:81:79:dc:b5:b6:88:2a:71:66:ab:48:
95:ee:58:cf:7e:80:73:93:f6:42:69:71:63:16:6a:
3e:a6:6c:99:41:9c:09:74:9f:67:20:0f:ae:73:65:
5b:dc:f9:85:a4:92:34:99:04:f7:96:a2:46:da:cc:
17:8d:ea:cd:e2:00:17:71:7c:e7:2a:08:49:54:7f:
23:d8:5e:7e:21:88:09:ae:7e:c4:65:db:fe:b8:d5:
94:2a:43:bf:33:53:5f:9d:d5:c4:aa:97:7e:68:9b:
0b:cf:21:5c:32:cb:b0:65:f3:6d:1a:6a:53:e2:ea:
a8:6d:27:7c:31:1f:bd:5e:6b:e2:bf:1d:5c:5e:d8:
04:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:39:7B:6C:67:BA:18:06:BB:0B:3A:28:71:41:1C:89:F3:42:25:1A
X509v3 Authority Key Identifier:
keyid:8E:FC:C9:76:EF:90:38:3A:CE:7F:0B:4E:09:E4:D8:19:ED:0D:9B:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jvzJdu-QODrOfwtOCeTYGe0Nm14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/9e4764-7234-4ba4-8e8a-e2754f6fb4c5/1/Hzl7bGe6GAa7CzoocUEcifNCJRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/9e4764-7234-4ba4-8e8a-e2754f6fb4c5/1/jvzJdu-QODrOfwtOCeTYGe0Nm14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.216.0/21
85.202.32.0/20
109.95.168.0/21
109.196.224.0/20
185.129.76.0/22
193.46.68.0/24
IPv6:
2a03:9c60::/32
Signature Algorithm: sha256WithRSAEncryption
24:60:5e:c9:04:81:49:dc:05:73:e8:3d:ec:a1:84:fd:b7:7d:
8c:46:59:2c:60:55:99:ac:cd:a0:e9:74:ed:31:52:bb:a0:7d:
b1:de:f5:f8:a8:27:aa:3b:17:d5:7b:bc:d8:7c:71:15:90:d3:
f0:40:c8:77:fb:51:5c:e2:35:41:0d:1a:9b:9b:76:4b:08:4f:
36:e6:bb:6b:49:11:65:50:0f:fd:28:df:03:96:18:db:de:15:
94:32:ff:ee:84:79:d5:37:6c:9d:30:ca:55:72:80:9e:ea:96:
25:ce:13:37:e7:a1:2a:27:cd:c1:dd:93:31:7a:d5:3d:c3:0a:
6f:16:b0:38:fe:79:86:de:cd:d7:94:a8:4b:cc:5f:e2:cd:91:
69:0f:b1:62:11:0b:29:d5:24:9e:3c:c4:87:18:a7:ff:99:20:
cf:64:d6:23:c0:23:9a:82:a2:5d:b8:fe:08:c3:e9:80:37:5d:
99:9d:a1:0f:2b:70:e1:ca:4c:0b:17:25:0f:33:ab:03:56:f5:
70:cc:48:50:b2:d7:d6:b4:8d:f9:8b:af:cb:45:d9:e3:50:5b:
cd:a7:e5:4b:f6:87:34:52:da:ce:01:20:26:df:b0:25:7b:83:
b7:06:28:ef:06:d8:9c:e1:20:41:90:6a:f6:74:8e:83:66:fd:
d3:fc:80:31
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVuposbOXNiYqVdNSrcwCezMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZmNjOTc2ZWY5MDM4M2FjZTdmMGI0ZTA5ZTRkODE5ZWQw
ZDliNWUwHhcNMjMwMTAxMTg0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjM5N2I2YzY3YmExODA2YmIwYjNhMjg3MTQxMWM4OWYzNDIyNTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4L8lGb0vWA/TI4EA8ktKwqsZl4Sj
LWsxV2Azg1EAjYAYH9QXkP41R3bw/XQXBvN6Vu8lolhpbNsJhmSMqFUehGqCx53O
UjmgBBUi7pZRyrQjFl9idmx5ujm3uTjQYPjFP3lbqPvu0FfgimaWwMt5bIB1F6Jg
mIiMWn5qgXnctbaIKnFmq0iV7ljPfoBzk/ZCaXFjFmo+pmyZQZwJdJ9nIA+uc2Vb
3PmFpJI0mQT3lqJG2swXjerN4gAXcXznKghJVH8j2F5+IYgJrn7EZdv+uNWUKkO/
M1NfndXEqpd+aJsLzyFcMsuwZfNtGmpT4uqobSd8MR+9Xmvivx1cXtgE4QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFB85e2xnuhgGuws6KHFBHInzQiUaMB8GA1UdIwQY
MBaAFI78yXbvkDg6zn8LTgnk2BntDZteMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanZ6SmR1LVFPRHJPZnd0T0NlVFlHZTBObTE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni85ZTQ3NjQtNzIzNC00YmE0LThlOGEt
ZTI3NTRmNmZiNGM1LzEvSHpsN2JHZTZHQWE3Q3pvb2NVRWNpZk5DSlJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni85ZTQ3NjQtNzIzNC00YmE0LThlOGEtZTI3NTRmNmZiNGM1
LzEvanZ6SmR1LVFPRHJPZnd0T0NlVFlHZTBObTE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDTVfYAwQE
VcogAwQDbV+oAwQEbcTgAwQCuYFMAwQAwS5EMA0EAgACMAcDBQAqA5xgMA0GCSqG
SIb3DQEBCwUAA4IBAQAkYF7JBIFJ3AVz6D3soYT9t32MRlksYFWZrM2g6XTtMVK7
oH2x3vX4qCeqOxfVe7zYfHEVkNPwQMh3+1Fc4jVBDRqbm3ZLCE825rtrSRFlUA/9
KN8Dlhjb3hWUMv/uhHnVN2ydMMpVcoCe6pYlzhM356EqJ83B3ZMxetU9wwpvFrA4
/nmG3s3XlKhLzF/izZFpD7FiEQsp1SSePMSHGKf/mSDPZNYjwCOagqJduP4Iw+mA
N12ZnaEPK3DhykwLFyUPM6sDVvVwzEhQstfWtI35i6/LRdnjUFvNp+VL9oc0UtrO
ASAm37Ale4O3BijvBtic4SBBkGr2dI6DZv3T/IAx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:12 2024 by rpki-client on console-ams.rpki-client.org