Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/orkwSvDC6LDCRotO1_wXbRiVamA.roa
File: orkwSvDC6LDCRotO1_wXbRiVamA.roa (raw, json)
Hash identifier: m5Ar7zpN+LLfGHgRG5Dnto424t1DyNPcRfRoZpHP1dQ=
Subject key identifier: A2:B9:30:4A:F0:C2:E8:B0:C2:46:8B:4E:D7:FC:17:6D:18:95:6A:60
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01857002948C4D4A08E95AE70BFC0A48C484
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/orkwSvDC6LDCRotO1_wXbRiVamA.roa
Signing time: Mon 02 Jan 2023 01:04:55 +0000
ROA not before: Mon 02 Jan 2023 01:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 188.132.150.0/24 maxlen: 24
77.92.154.0/24 maxlen: 24
188.132.188.0/24 maxlen: 24
78.135.80.0/24 maxlen: 24
188.132.209.0/24 maxlen: 24
78.135.87.0/24 maxlen: 24
78.135.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Jun 2023 00:39:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:94:8c:4d:4a:08:e9:5a:e7:0b:fc:0a:48:c4:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 01:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2b9304af0c2e8b0c2468b4ed7fc176d18956a60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d7:4b:2e:d1:d0:1e:99:2f:a1:15:73:db:39:
ef:1b:01:65:ac:62:de:25:45:62:46:23:4f:4b:71:
75:9d:ef:1b:4e:0c:7b:90:f9:71:ff:96:81:85:86:
e9:c1:02:0a:26:4f:36:18:af:07:e6:3f:4d:80:e1:
b0:18:44:c3:99:a1:94:e0:ee:70:d3:66:b8:99:dc:
3a:d3:06:07:d1:6b:79:c2:0a:26:6b:1e:7c:f2:f7:
18:73:15:71:43:f8:a5:f1:e3:df:8a:b9:09:8f:ef:
24:af:6f:08:32:60:e9:d1:7d:57:23:c3:28:e2:c0:
75:d3:83:48:9c:72:00:48:02:8f:de:fd:e4:31:27:
e3:ed:bb:44:bd:35:c6:4b:91:0b:d9:1b:7b:9e:7b:
b6:5b:ac:85:49:88:fe:16:91:66:96:76:fd:75:bd:
d8:7c:47:b2:87:f6:ca:5b:75:f5:eb:0e:f6:55:fa:
98:28:56:9f:5e:f7:57:c5:d1:8b:93:25:c1:29:86:
d3:a0:7e:6f:aa:45:22:9b:04:3c:55:39:53:b2:46:
1c:42:fe:d5:6c:bf:6b:49:c7:f6:81:ac:e7:5b:01:
d4:14:cd:5e:c5:ca:74:06:2f:40:4d:6f:ce:54:cc:
fa:d3:0b:c0:82:7b:0a:3b:1e:5b:0b:20:c2:33:04:
43:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:B9:30:4A:F0:C2:E8:B0:C2:46:8B:4E:D7:FC:17:6D:18:95:6A:60
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/orkwSvDC6LDCRotO1_wXbRiVamA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.154.0/24
78.135.80.0/24
78.135.87.0-78.135.88.255
188.132.150.0/24
188.132.188.0/24
188.132.209.0/24
Signature Algorithm: sha256WithRSAEncryption
05:c3:fd:03:02:5d:31:f6:a3:bb:33:3c:95:36:d0:a5:d1:fb:
d6:03:a8:10:6e:2b:75:fe:5e:ce:65:54:01:d9:73:38:16:a0:
ba:ed:86:c0:0f:fd:04:b4:f1:41:f3:41:c6:cf:d5:fa:04:26:
3f:dc:68:89:21:0f:4f:7d:5c:49:91:84:2d:3c:fa:a8:df:6d:
1e:da:0d:af:d8:73:78:72:89:85:18:be:cb:f0:90:85:33:06:
89:0a:e2:7a:7c:be:51:66:fd:27:75:3e:c0:6b:cd:22:93:5a:
b7:6c:ee:2b:7a:50:58:aa:4c:4c:83:b4:a0:ff:c1:47:c8:e6:
da:b5:dc:4e:75:2d:37:40:05:83:60:97:8c:f9:d4:0c:bb:da:
c8:75:71:00:b8:f2:d2:4c:ff:4a:c5:c5:37:51:d6:24:90:9d:
dd:2a:6a:6b:a8:d2:e4:2d:5b:e1:0a:3f:4e:8f:7a:b3:00:f5:
f6:b5:96:97:41:a5:da:71:34:c3:81:00:7a:22:a0:2e:6f:3b:
1b:e6:7b:d0:af:e8:05:f7:ca:f3:c4:14:32:ab:4e:4a:ab:89:
92:2f:bb:0b:0e:0e:53:07:9d:bb:f3:78:d2:9f:d8:f9:65:d0:
d9:cd:00:29:b0:32:84:70:cc:6b:2d:21:2f:af:84:c7:8d:64:
d9:4d:74:ce
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVwApSMTUoI6VrnC/wKSMSEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjMwMTAyMDEwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmI5MzA0YWYwYzJlOGIwYzI0NjhiNGVkN2ZjMTc2ZDE4OTU2YTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9dLLtHQHpkvoRVz2znvGwFlrGLe
JUViRiNPS3F1ne8bTgx7kPlx/5aBhYbpwQIKJk82GK8H5j9NgOGwGETDmaGU4O5w
02a4mdw60wYH0Wt5wgomax588vcYcxVxQ/il8ePfirkJj+8kr28IMmDp0X1XI8Mo
4sB104NInHIASAKP3v3kMSfj7btEvTXGS5EL2Rt7nnu2W6yFSYj+FpFmlnb9db3Y
fEeyh/bKW3X16w72VfqYKFafXvdXxdGLkyXBKYbToH5vqkUimwQ8VTlTskYcQv7V
bL9rScf2gaznWwHUFM1excp0Bi9ATW/OVMz60wvAgnsKOx5bCyDCMwRDEQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKK5MErwwuiwwkaLTtf8F20YlWpgMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvb3Jrd1N2REM2TERDUm90TzFfd1hiUmlWYW1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQATVyaAwQA
TodQMAwDBABOh1cDBABOh1gDBAC8hJYDBAC8hLwDBAC8hNEwDQYJKoZIhvcNAQEL
BQADggEBAAXD/QMCXTH2o7szPJU20KXR+9YDqBBuK3X+Xs5lVAHZczgWoLrthsAP
/QS08UHzQcbP1foEJj/caIkhD099XEmRhC08+qjfbR7aDa/Yc3hyiYUYvsvwkIUz
BokK4np8vlFm/Sd1PsBrzSKTWrds7it6UFiqTEyDtKD/wUfI5tq13E51LTdABYNg
l4z51Ay72sh1cQC48tJM/0rFxTdR1iSQnd0qamuo0uQtW+EKP06PerMA9fa1lpdB
pdpxNMOBAHoioC5vOxvme9Cv6AX3yvPEFDKrTkqriZIvuwsODlMHnbvzeNKf2Pll
0NnNACmwMoRwzGstIS+vhMeNZNlNdM4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:44 2024 by rpki-client on console-fra.rpki-client.org