Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/RQZkX2rqXgAuOI1rWm2o9q6Cp2k.roa
File: RQZkX2rqXgAuOI1rWm2o9q6Cp2k.roa (raw, json)
Hash identifier: wxW/bSBAnA2a5JxBgLKhgRItUQQ9DVndCWEkgeOIryg=
Subject key identifier: 45:06:64:5F:6A:EA:5E:00:2E:38:8D:6B:5A:6D:A8:F6:AE:82:A7:69
Certificate issuer: /CN=374e2729b17369890a1512f643cd08e4ba2ff414
Certificate serial: 018572559785C1F28C30AC7B51AED4C3EFA6
Authority key identifier: 37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/RQZkX2rqXgAuOI1rWm2o9q6Cp2k.roa
Signing time: Mon 02 Jan 2023 11:54:50 +0000
ROA not before: Mon 02 Jan 2023 11:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 178.20.215.0/24 maxlen: 24
178.20.214.0/24 maxlen: 24
77.243.91.0/24 maxlen: 24
77.243.89.0/24 maxlen: 24
77.243.88.0/24 maxlen: 24
185.101.21.0/24 maxlen: 24
185.101.20.0/24 maxlen: 24
178.20.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Jun 2023 17:49:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:97:85:c1:f2:8c:30:ac:7b:51:ae:d4:c3:ef:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=374e2729b17369890a1512f643cd08e4ba2ff414
Validity
Not Before: Jan 2 11:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4506645f6aea5e002e388d6b5a6da8f6ae82a769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e8:3f:66:82:6c:f7:1c:7b:7f:dd:a3:03:25:
69:1e:f6:b5:3c:83:3c:dd:0b:ab:d4:37:bf:ab:c4:
66:f1:c3:23:eb:2f:d4:19:97:0a:44:b9:d4:8d:e6:
a0:d9:16:e7:fc:d5:eb:99:81:7e:6d:6c:20:b1:28:
04:be:74:19:38:f1:15:c2:4c:48:58:67:4f:da:5d:
13:6e:17:a3:31:e2:56:91:62:c6:9a:dc:f4:5f:20:
d5:3e:b5:e5:2d:1e:a0:4b:69:4a:84:e8:b6:a8:24:
5e:ef:2d:b8:55:99:fb:83:13:e7:f9:1e:4c:57:ee:
59:35:df:69:b5:ae:d2:78:71:f3:35:e6:1c:e7:0a:
8b:ec:7a:46:96:ba:48:f6:a9:14:fc:e1:02:0e:cf:
a5:47:1a:04:fc:6d:04:16:fc:8d:b9:5f:7e:28:11:
77:26:2d:39:a1:83:5b:4c:c9:25:88:79:44:b4:df:
6c:42:2e:0f:89:de:25:2e:cc:04:20:d2:b2:5c:66:
9c:64:69:a8:1e:a3:93:e4:73:01:7b:ff:c4:18:ce:
22:2a:82:55:20:89:9f:fe:cf:1f:64:a9:c3:40:f8:
4d:15:2c:47:5e:0a:a3:24:e9:84:00:d8:3d:20:31:
a8:d0:da:fd:6a:b6:27:99:1e:83:89:76:56:9b:94:
7a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:06:64:5F:6A:EA:5E:00:2E:38:8D:6B:5A:6D:A8:F6:AE:82:A7:69
X509v3 Authority Key Identifier:
keyid:37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/RQZkX2rqXgAuOI1rWm2o9q6Cp2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/N04nKbFzaYkKFRL2Q80I5Lov9BQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.243.88.0/23
77.243.91.0/24
178.20.213.0-178.20.215.255
185.101.20.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:dd:42:22:28:d1:14:f9:48:aa:a0:73:f7:df:39:c0:94:ee:
a7:be:00:b0:37:22:07:6a:3b:26:ea:60:f0:4c:5a:9f:45:4e:
c4:e9:49:d0:8b:76:1d:70:5f:fc:c2:35:8b:9e:ee:e1:5b:78:
c4:bc:2d:7c:a6:64:4f:dd:4f:5a:11:8f:d3:cc:ae:0a:b1:bf:
43:05:04:58:ee:26:7e:c3:b7:55:36:6d:54:7b:ce:e0:09:3e:
ba:99:51:ba:25:d0:d7:e9:99:ae:2f:50:39:fc:f5:00:b1:a6:
83:a0:a4:4e:14:e0:45:0a:08:43:7a:be:99:5e:3e:c6:ca:e2:
bd:df:15:6b:ea:6c:05:f3:e9:04:5c:ae:7d:3f:ca:84:a0:ac:
1f:24:b3:08:a2:4e:dd:c2:6a:08:f1:3b:e3:d9:17:c9:d7:06:
f3:9b:f7:66:b7:bc:59:43:9e:9b:56:8b:6d:46:6d:3c:c7:86:
db:28:bb:6a:45:bd:a9:91:d6:13:40:df:31:f2:04:b5:e9:e3:
30:b6:73:3b:a6:fa:e0:9a:1e:a7:4b:6b:9a:68:e5:9e:f0:ce:
4b:20:15:32:8e:e3:26:7c:da:57:8b:aa:2a:29:72:5a:98:c8:
f9:51:8c:1e:d1:e3:e5:f0:a2:c3:ce:9e:33:d3:d8:c7:78:94:
7a:c1:ea:5a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVyVZeFwfKMMKx7Ua7Uw++mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGUyNzI5YjE3MzY5ODkwYTE1MTJmNjQzY2QwOGU0YmEy
ZmY0MTQwHhcNMjMwMTAyMTE1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTA2NjQ1ZjZhZWE1ZTAwMmUzODhkNmI1YTZkYThmNmFlODJhNzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+g/ZoJs9xx7f92jAyVpHva1PIM8
3Qur1De/q8Rm8cMj6y/UGZcKRLnUjeag2Rbn/NXrmYF+bWwgsSgEvnQZOPEVwkxI
WGdP2l0TbhejMeJWkWLGmtz0XyDVPrXlLR6gS2lKhOi2qCRe7y24VZn7gxPn+R5M
V+5ZNd9pta7SeHHzNeYc5wqL7HpGlrpI9qkU/OECDs+lRxoE/G0EFvyNuV9+KBF3
Ji05oYNbTMkliHlEtN9sQi4Pid4lLswEINKyXGacZGmoHqOT5HMBe//EGM4iKoJV
IImf/s8fZKnDQPhNFSxHXgqjJOmEANg9IDGo0Nr9arYnmR6DiXZWm5R6VwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFEUGZF9q6l4ALjiNa1ptqPaugqdpMB8GA1UdIwQY
MBaAFDdOJymxc2mJChUS9kPNCOS6L/QUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYt
Y2ZjNDZhNzZlYzc4LzEvUlFaa1gycnFYZ0F1T0kxcldtMm85cTZDcDJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYtY2ZjNDZhNzZlYzc4
LzEvTjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBTfNYAwQA
TfNbMAwDBACyFNUDBAOyFNADBAG5ZRQwDQYJKoZIhvcNAQELBQADggEBADzdQiIo
0RT5SKqgc/ffOcCU7qe+ALA3IgdqOybqYPBMWp9FTsTpSdCLdh1wX/zCNYue7uFb
eMS8LXymZE/dT1oRj9PMrgqxv0MFBFjuJn7Dt1U2bVR7zuAJPrqZUbol0Nfpma4v
UDn89QCxpoOgpE4U4EUKCEN6vplePsbK4r3fFWvqbAXz6QRcrn0/yoSgrB8kswii
Tt3CagjxO+PZF8nXBvOb92a3vFlDnptWi21GbTzHhtsou2pFvamR1hNA3zHyBLXp
4zC2czum+uCaHqdLa5po5Z7wzksgFTKO4yZ82leLqiopclqYyPlRjB7R4+XwosPO
njPT2Md4lHrB6lo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:57 2024 by rpki-client on console-ams.rpki-client.org