Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/e48256-c6fc-4631-8f5f-58bcda356e62/1/DVvDbnDi8Dle3GmoQ7flhhxW7Xo.roa
File: DVvDbnDi8Dle3GmoQ7flhhxW7Xo.roa (raw, json)
Hash identifier: HutO2ERKfCNbp5pqnA+WdFA65PicrJa3UY1fZ9jS1uc=
Subject key identifier: 0D:5B:C3:6E:70:E2:F0:39:5E:DC:69:A8:43:B7:E5:86:1C:56:ED:7A
Certificate issuer: /CN=99bf7d5c70c63254d0cde34c2ba49d9407fc24f3
Certificate serial: 018A1C878DC821B6D7FB682AAF2B126F45B9
Authority key identifier: 99:BF:7D:5C:70:C6:32:54:D0:CD:E3:4C:2B:A4:9D:94:07:FC:24:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mb99XHDGMlTQzeNMK6SdlAf8JPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/e48256-c6fc-4631-8f5f-58bcda356e62/1/DVvDbnDi8Dle3GmoQ7flhhxW7Xo.roa
Signing time: Tue 22 Aug 2023 09:16:00 +0000
ROA not before: Tue 22 Aug 2023 09:16:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49729
IP address blocks: 185.137.77.0/24 maxlen: 24
185.137.76.0/22 maxlen: 22
185.137.76.0/23 maxlen: 23
185.137.78.0/24 maxlen: 24
185.137.78.0/23 maxlen: 23
185.137.76.0/24 maxlen: 24
185.137.79.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1c:87:8d:c8:21:b6:d7:fb:68:2a:af:2b:12:6f:45:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99bf7d5c70c63254d0cde34c2ba49d9407fc24f3
Validity
Not Before: Aug 22 09:16:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d5bc36e70e2f0395edc69a843b7e5861c56ed7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0e:19:06:d4:33:0f:97:12:1c:fa:23:c1:5e:
09:4f:45:12:87:01:ae:a6:36:2d:d9:7b:48:45:2c:
54:5c:f4:d6:6f:f2:01:cf:a9:e3:07:de:c0:02:16:
15:b0:a0:56:ae:98:04:6e:d9:ac:a2:47:b8:43:c1:
2d:df:8f:4a:62:fc:b2:6d:b6:a1:30:4b:f2:c6:18:
93:b2:c4:bc:14:c4:4a:30:9f:47:9d:bd:37:bb:50:
d0:72:76:d8:d5:01:11:1a:91:99:dc:69:1d:c2:f4:
f7:11:e7:5b:06:d6:ab:60:c7:e5:e4:a0:f5:76:25:
54:40:9b:0a:f2:a4:fd:91:fa:22:32:f0:d0:4c:c4:
02:4b:1e:c1:6b:f8:1b:b3:06:da:d9:f3:58:b7:a8:
e5:e6:c0:69:80:a5:06:24:95:81:19:0b:a6:bc:52:
45:5c:79:76:08:11:64:37:03:7f:f0:77:c2:48:2d:
8f:8d:98:fe:7d:4a:f1:7f:41:69:ff:53:ec:c2:76:
9b:ec:5e:e4:47:49:7a:c6:ba:4c:f2:a0:3d:17:82:
3a:69:a4:da:02:f2:0b:4b:ef:8a:fa:24:56:1e:b8:
d4:75:63:e8:85:7b:ec:63:d9:e7:f8:61:6b:18:e6:
fe:9f:de:ce:74:e1:7f:fc:3a:46:6d:46:69:df:e8:
83:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:5B:C3:6E:70:E2:F0:39:5E:DC:69:A8:43:B7:E5:86:1C:56:ED:7A
X509v3 Authority Key Identifier:
keyid:99:BF:7D:5C:70:C6:32:54:D0:CD:E3:4C:2B:A4:9D:94:07:FC:24:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mb99XHDGMlTQzeNMK6SdlAf8JPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e48256-c6fc-4631-8f5f-58bcda356e62/1/DVvDbnDi8Dle3GmoQ7flhhxW7Xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e48256-c6fc-4631-8f5f-58bcda356e62/1/mb99XHDGMlTQzeNMK6SdlAf8JPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.76.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:c5:23:87:e7:79:b7:0b:92:72:ba:51:6d:3f:a4:24:2e:0f:
53:d6:e4:81:03:6c:40:c1:12:86:35:dd:28:14:92:31:b0:c1:
e7:3c:2b:bb:57:2d:51:1f:3a:e6:15:a9:01:52:27:fd:ce:aa:
d5:49:f4:94:7f:90:37:f9:b2:6d:78:d3:61:e2:dc:59:63:f0:
8a:d6:02:9e:82:70:ec:d2:cd:92:29:22:b1:1c:38:0c:8e:75:
d8:33:c7:98:f1:e7:72:f6:e0:46:b2:b5:e8:3f:6a:51:9c:e2:
57:74:e3:3e:21:39:bc:f7:7c:75:9a:59:2c:18:8f:01:2a:40:
67:0a:eb:1c:43:ec:e6:23:63:4b:ce:df:4d:a1:2e:e6:4c:40:
4b:fa:19:e9:a2:81:16:44:26:f0:70:bf:16:77:ae:02:9c:c1:
c6:0e:e7:bf:4d:b8:8b:d8:50:9e:80:c2:ba:cd:bb:1d:1f:7d:
8d:0e:c1:bb:e0:35:ca:52:bb:c6:91:a8:45:5c:67:fd:3f:10:
b0:12:e3:bf:c4:0c:b5:83:aa:a2:a4:27:18:45:c4:30:14:30:
2b:f7:6c:74:10:d1:f9:3a:aa:6a:85:f1:48:b9:43:88:c9:43:
af:75:4d:42:e1:c8:3e:6f:14:9a:62:87:84:81:06:8f:be:c8:
f6:46:2e:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoch43IIbbX+2gqrysSb0W5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YmY3ZDVjNzBjNjMyNTRkMGNkZTM0YzJiYTQ5ZDk0MDdm
YzI0ZjMwHhcNMjMwODIyMDkxNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDViYzM2ZTcwZTJmMDM5NWVkYzY5YTg0M2I3ZTU4NjFjNTZlZDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApw4ZBtQzD5cSHPojwV4JT0UShwGu
pjYt2XtIRSxUXPTWb/IBz6njB97AAhYVsKBWrpgEbtmsoke4Q8Et349KYvyybbah
MEvyxhiTssS8FMRKMJ9Hnb03u1DQcnbY1QERGpGZ3GkdwvT3EedbBtarYMfl5KD1
diVUQJsK8qT9kfoiMvDQTMQCSx7Ba/gbswba2fNYt6jl5sBpgKUGJJWBGQumvFJF
XHl2CBFkNwN/8HfCSC2PjZj+fUrxf0Fp/1Pswnab7F7kR0l6xrpM8qA9F4I6aaTa
AvILS++K+iRWHrjUdWPohXvsY9nn+GFrGOb+n97OdOF//DpGbUZp3+iD6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA1bw25w4vA5XtxpqEO35YYcVu16MB8GA1UdIwQY
MBaAFJm/fVxwxjJU0M3jTCuknZQH/CTzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWI5OVhIREdNbFRRemVOTUs2U2RsQWY4SlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lNDgyNTYtYzZmYy00NjMxLThmNWYt
NThiY2RhMzU2ZTYyLzEvRFZ2RGJuRGk4RGxlM0dtb1E3ZmxoaHhXN1hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lNDgyNTYtYzZmYy00NjMxLThmNWYtNThiY2RhMzU2ZTYy
LzEvbWI5OVhIREdNbFRRemVOTUs2U2RsQWY4SlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYlMMA0G
CSqGSIb3DQEBCwUAA4IBAQC/xSOH53m3C5JyulFtP6QkLg9T1uSBA2xAwRKGNd0o
FJIxsMHnPCu7Vy1RHzrmFakBUif9zqrVSfSUf5A3+bJteNNh4txZY/CK1gKegnDs
0s2SKSKxHDgMjnXYM8eY8edy9uBGsrXoP2pRnOJXdOM+ITm893x1mlksGI8BKkBn
CuscQ+zmI2NLzt9NoS7mTEBL+hnpooEWRCbwcL8Wd64CnMHGDue/TbiL2FCegMK6
zbsdH32NDsG74DXKUrvGkahFXGf9PxCwEuO/xAy1g6qipCcYRcQwFDAr92x0ENH5
OqpqhfFIuUOIyUOvdU1C4cg+bxSaYoeEgQaPvsj2Ri5/
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:04 2024 by rpki-client on console-ams.rpki-client.org