Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/86D1yTHLPLBtLGJAjrZtmACqMo8.roa
File: 86D1yTHLPLBtLGJAjrZtmACqMo8.roa (raw, json)
Hash identifier: a3XldrWv2kX6fxjqhrV2L58mw+b7oGWlMM+EEKsMiSM=
Subject key identifier: F3:A0:F5:C9:31:CB:3C:B0:6D:2C:62:40:8E:B6:6D:98:00:AA:32:8F
Certificate issuer: /CN=71c1690ef57afcffae73bdb9934309f8b70ebb61
Certificate serial: 01856F5DF7D93916FE29A7EF74BCA3C417FD
Authority key identifier: 71:C1:69:0E:F5:7A:FC:FF:AE:73:BD:B9:93:43:09:F8:B7:0E:BB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ccFpDvV6_P-uc725k0MJ-LcOu2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/86D1yTHLPLBtLGJAjrZtmACqMo8.roa
Signing time: Sun 01 Jan 2023 22:05:07 +0000
ROA not before: Sun 01 Jan 2023 22:05:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203210
IP address blocks: 91.196.49.0/24 maxlen: 24
91.196.48.0/22 maxlen: 22
91.196.50.0/24 maxlen: 24
91.196.48.0/24 maxlen: 24
91.196.51.0/24 maxlen: 24
77.87.74.0/24 maxlen: 24
77.87.73.0/24 maxlen: 24
195.22.125.0/24 maxlen: 24
195.22.124.0/24 maxlen: 24
195.22.124.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:f7:d9:39:16:fe:29:a7:ef:74:bc:a3:c4:17:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71c1690ef57afcffae73bdb9934309f8b70ebb61
Validity
Not Before: Jan 1 22:05:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3a0f5c931cb3cb06d2c62408eb66d9800aa328f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:cc:5a:b8:3e:57:7e:13:40:6d:3a:1d:91:f9:
8d:88:63:b4:0c:9c:54:66:c6:c4:86:7a:cf:46:dd:
cb:4a:8f:07:f8:69:5a:d0:eb:ed:33:34:06:b4:13:
8d:57:75:9a:db:32:a2:8b:03:83:a5:ea:56:aa:7a:
96:70:48:1d:96:71:2e:c4:08:b6:b0:78:c8:2e:77:
b4:f1:20:9e:dd:09:e8:4b:1d:7c:46:09:0b:20:9c:
01:9f:19:4c:af:c1:2f:c2:90:79:62:57:4b:4b:74:
8e:f8:6d:4f:82:af:68:bf:14:5e:79:51:93:7f:a9:
96:9e:7f:a5:ce:bb:f3:ef:5c:ea:55:66:c6:50:5e:
ae:02:b7:79:37:01:dc:19:49:b7:d1:92:85:bb:3b:
af:b1:e9:68:b6:7a:76:4e:28:85:a6:26:23:01:f3:
22:84:48:89:04:30:18:d8:3a:5c:cd:fd:ce:81:f2:
54:31:a2:50:9b:3e:00:ba:39:e9:1b:b5:1d:39:9e:
b0:f7:bc:3c:87:a7:f9:a6:01:6b:e8:38:9d:09:27:
02:ce:9f:25:53:82:ef:fe:6a:00:0e:17:2f:a1:c8:
4f:8e:16:71:52:b1:f0:b5:f8:11:23:83:e5:e5:06:
8a:ed:5e:ce:3c:11:a6:ef:94:7e:87:1b:bc:ec:7a:
8a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:A0:F5:C9:31:CB:3C:B0:6D:2C:62:40:8E:B6:6D:98:00:AA:32:8F
X509v3 Authority Key Identifier:
keyid:71:C1:69:0E:F5:7A:FC:FF:AE:73:BD:B9:93:43:09:F8:B7:0E:BB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ccFpDvV6_P-uc725k0MJ-LcOu2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/86D1yTHLPLBtLGJAjrZtmACqMo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/ccFpDvV6_P-uc725k0MJ-LcOu2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.73.0-77.87.74.255
91.196.48.0/22
195.22.124.0/23
Signature Algorithm: sha256WithRSAEncryption
29:8c:c7:ff:0c:85:ba:7e:e8:28:56:15:9d:a6:6f:5d:7f:b6:
a1:25:62:96:2e:84:81:29:6e:d7:78:cb:98:71:6b:51:f6:0a:
a8:08:17:40:af:19:f5:29:41:a3:ad:1c:2b:e3:80:05:6d:ff:
8d:3a:96:7f:6e:23:e9:db:a3:41:a5:65:ab:7b:e9:f3:19:d6:
50:87:68:7e:f5:6e:86:2a:68:0a:1c:f4:e4:df:99:25:e2:9d:
a6:3d:96:63:3c:f1:5f:cf:c3:4e:34:72:f2:b9:87:10:ef:8d:
71:8d:62:d2:9a:0c:5c:e3:66:66:ae:13:b6:af:78:5c:06:6a:
aa:1c:82:c5:d4:75:11:88:cd:94:f7:4d:13:1f:b3:a2:87:00:
d1:11:06:57:d0:39:85:fe:ea:9b:e5:26:fc:8b:74:e7:50:29:
39:e9:f7:fe:7d:3d:02:bd:a7:4c:51:6c:58:c9:57:91:ec:b6:
97:a8:56:2a:eb:d6:84:87:71:24:af:cf:52:ce:d9:a7:20:b8:
1b:4a:0d:41:d8:8c:7c:95:ba:51:86:ac:8d:26:04:21:80:fc:
0e:25:16:bd:57:a1:81:4a:14:e5:7a:d3:64:9a:ac:81:00:5e:
ac:61:3f:72:0f:04:1f:e0:0a:e7:8f:ee:cb:eb:c3:83:74:0a:
3c:32:ae:63
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVvXffZORb+KafvdLyjxBf9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYzE2OTBlZjU3YWZjZmZhZTczYmRiOTkzNDMwOWY4Yjcw
ZWJiNjEwHhcNMjMwMTAxMjIwNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2EwZjVjOTMxY2IzY2IwNmQyYzYyNDA4ZWI2NmQ5ODAwYWEzMjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MxauD5XfhNAbTodkfmNiGO0DJxU
ZsbEhnrPRt3LSo8H+Gla0OvtMzQGtBONV3Wa2zKiiwODpepWqnqWcEgdlnEuxAi2
sHjILne08SCe3QnoSx18RgkLIJwBnxlMr8EvwpB5YldLS3SO+G1Pgq9ovxReeVGT
f6mWnn+lzrvz71zqVWbGUF6uArd5NwHcGUm30ZKFuzuvselotnp2TiiFpiYjAfMi
hEiJBDAY2Dpczf3OgfJUMaJQmz4AujnpG7UdOZ6w97w8h6f5pgFr6DidCScCzp8l
U4Lv/moADhcvochPjhZxUrHwtfgRI4Pl5QaK7V7OPBGm75R+hxu87HqKoQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPOg9ckxyzywbSxiQI62bZgAqjKPMB8GA1UdIwQY
MBaAFHHBaQ71evz/rnO9uZNDCfi3DrthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2NGcER2VjZfUC11YzcyNWswTUotTGNPdTJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85YzcwZTktM2RmMy00YmM3LTgyZTYt
MDA2ZTliYjhlZDU5LzEvODZEMXlUSExQTEJ0TEdKQWpyWnRtQUNxTW84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85YzcwZTktM2RmMy00YmM3LTgyZTYtMDA2ZTliYjhlZDU5
LzEvY2NGcER2VjZfUC11YzcyNWswTUotTGNPdTJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABNV0kD
BABNV0oDBAJbxDADBAHDFnwwDQYJKoZIhvcNAQELBQADggEBACmMx/8Mhbp+6ChW
FZ2mb11/tqElYpYuhIEpbtd4y5hxa1H2CqgIF0CvGfUpQaOtHCvjgAVt/406ln9u
I+nbo0GlZat76fMZ1lCHaH71boYqaAoc9OTfmSXinaY9lmM88V/Pw040cvK5hxDv
jXGNYtKaDFzjZmauE7aveFwGaqocgsXUdRGIzZT3TRMfs6KHANERBlfQOYX+6pvl
JvyLdOdQKTnp9/59PQK9p0xRbFjJV5HstpeoVirr1oSHcSSvz1LO2acguBtKDUHY
jHyVulGGrI0mBCGA/A4lFr1XoYFKFOV602SarIEAXqxhP3IPBB/gCueP7svrw4N0
CjwyrmM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:23 2024 by rpki-client on console-ams.rpki-client.org