Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/0aH_V6vcGa60AdFAKB172n-RIN8.roa
File: 0aH_V6vcGa60AdFAKB172n-RIN8.roa (raw, json)
Hash identifier: 1OcA/RQywgRHeyab/g1rothEVcAupWR4jpU8baecx/Q=
Subject key identifier: D1:A1:FF:57:AB:DC:19:AE:B4:01:D1:40:28:1D:7B:DA:7F:91:20:DF
Certificate issuer: /CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Certificate serial: 018571D790774D2D505CAF3086DD8D5EB846
Authority key identifier: 65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/0aH_V6vcGa60AdFAKB172n-RIN8.roa
Signing time: Mon 02 Jan 2023 09:37:10 +0000
ROA not before: Mon 02 Jan 2023 09:37:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31029
IP address blocks: 109.107.72.0/21 maxlen: 21
109.107.88.0/21 maxlen: 21
94.139.208.0/21 maxlen: 21
77.76.184.0/21 maxlen: 21
77.76.128.0/21 maxlen: 21
77.76.138.0/24 maxlen: 24
77.76.137.0/24 maxlen: 24
77.76.139.0/24 maxlen: 24
77.76.140.0/24 maxlen: 24
77.76.141.0/24 maxlen: 24
77.76.143.0/24 maxlen: 24
77.76.142.0/24 maxlen: 24
77.76.152.0/21 maxlen: 21
77.76.152.0/24 maxlen: 24
77.76.154.0/24 maxlen: 24
77.76.153.0/24 maxlen: 24
77.76.155.0/24 maxlen: 24
77.76.157.0/24 maxlen: 24
77.76.156.0/24 maxlen: 24
77.76.159.0/24 maxlen: 24
77.76.158.0/24 maxlen: 24
2a03:2c0:e::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:90:77:4d:2d:50:5c:af:30:86:dd:8d:5e:b8:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Validity
Not Before: Jan 2 09:37:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1a1ff57abdc19aeb401d140281d7bda7f9120df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5f:43:c5:a8:ca:7e:56:10:8f:f3:e3:01:57:
d2:81:9a:2f:44:60:2f:b3:f4:95:03:93:24:d2:7a:
33:28:68:2e:a7:c4:70:6c:0e:34:a9:28:ec:d6:ef:
9a:37:a6:93:95:b0:3a:99:a1:46:a7:83:24:ea:ae:
8f:4b:74:c0:56:aa:ae:ec:bc:2c:1d:2e:46:fb:ce:
cb:0a:6e:f3:d2:14:74:ce:b4:13:00:15:44:d6:d8:
93:48:c8:9b:f5:66:6c:e1:cb:f4:47:41:34:5f:89:
71:b3:96:9e:ae:41:77:a4:6d:c8:90:94:59:2a:d0:
8e:36:67:a3:ef:58:3d:ba:26:d9:cc:63:f2:34:fc:
c7:d4:31:26:ad:c3:e9:95:39:91:41:44:8a:25:3a:
7a:22:54:d1:cf:84:f2:26:f9:7c:ee:ca:66:29:74:
58:6a:90:78:88:4f:78:f7:d4:a9:6d:f1:4f:9f:7a:
99:5d:b3:6d:24:e2:bc:47:13:95:d6:ce:06:fa:2c:
30:f2:a5:1a:23:94:0c:f7:da:10:99:68:52:57:9d:
be:36:a1:cb:4f:94:ab:26:f4:7b:91:1d:83:f4:93:
ed:8c:6d:65:54:34:48:7b:c5:58:82:46:c0:e7:ba:
a5:b6:58:a8:c9:1a:89:3c:fc:90:c7:3e:99:ef:c6:
53:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A1:FF:57:AB:DC:19:AE:B4:01:D1:40:28:1D:7B:DA:7F:91:20:DF
X509v3 Authority Key Identifier:
keyid:65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/0aH_V6vcGa60AdFAKB172n-RIN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/ZYFndLfFZl1nqGwgzrZIe1t4s40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.128.0/21
77.76.137.0-77.76.143.255
77.76.152.0/21
77.76.184.0/21
94.139.208.0/21
109.107.72.0/21
109.107.88.0/21
IPv6:
2a03:2c0:e::/48
Signature Algorithm: sha256WithRSAEncryption
e7:ef:8f:46:16:57:02:7e:a5:4d:84:73:21:02:6b:90:b3:ef:
90:c3:62:56:f5:ab:41:08:a9:3b:f8:79:46:f5:65:29:1c:a8:
5f:98:5c:00:70:2b:92:fe:aa:63:07:f4:b7:a3:37:ef:53:8c:
6a:de:57:f5:02:5a:aa:7d:f4:fd:9a:e0:f6:ca:b3:0a:44:d5:
58:51:cb:d6:e3:1a:17:c4:6b:4f:68:0f:fe:9d:ac:fd:6d:26:
10:2f:7d:9a:bf:1d:24:df:f6:4f:bf:7e:39:8d:95:8a:dd:c0:
a0:f7:42:c9:2f:f1:6f:d7:19:24:59:e1:13:07:33:42:33:48:
5f:aa:3d:04:ea:6d:36:aa:0e:c1:f4:f7:53:dd:97:8b:58:eb:
23:0b:51:2d:0c:d1:12:81:c7:e1:ad:15:74:b8:46:0c:55:a0:
77:43:5a:fa:2f:23:e0:4d:c0:81:66:30:23:42:fd:46:56:73:
38:b2:0c:48:a1:6d:82:bc:a5:e0:46:29:5a:85:57:4a:db:d1:
1d:0e:94:5a:61:00:e9:ed:af:93:50:29:6d:4f:1b:b0:c0:a8:
5a:06:13:4c:30:e3:31:ce:4b:d2:76:d3:12:51:68:e4:c3:a6:
44:2a:e3:30:78:34:5a:ac:c3:bf:5c:36:63:48:f0:57:b0:17:
cc:25:4e:02
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYVx15B3TS1QXK8wht2NXrhGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ODE2Nzc0YjdjNTY2NWQ2N2E4NmMyMGNlYjY0ODdiNWI3
OGIzOGQwHhcNMjMwMTAyMDkzNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWExZmY1N2FiZGMxOWFlYjQwMWQxNDAyODFkN2JkYTdmOTEyMGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxl9DxajKflYQj/PjAVfSgZovRGAv
s/SVA5Mk0nozKGgup8RwbA40qSjs1u+aN6aTlbA6maFGp4Mk6q6PS3TAVqqu7Lws
HS5G+87LCm7z0hR0zrQTABVE1tiTSMib9WZs4cv0R0E0X4lxs5aerkF3pG3IkJRZ
KtCONmej71g9uibZzGPyNPzH1DEmrcPplTmRQUSKJTp6IlTRz4TyJvl87spmKXRY
apB4iE9499SpbfFPn3qZXbNtJOK8RxOV1s4G+iww8qUaI5QM99oQmWhSV52+NqHL
T5SrJvR7kR2D9JPtjG1lVDRIe8VYgkbA57qltlioyRqJPPyQxz6Z78ZTCQIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFNGh/1er3BmutAHRQCgde9p/kSDfMB8GA1UdIwQY
MBaAFGWBZ3S3xWZdZ6hsIM62SHtbeLONMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWllGbmRMZkZabDFucUd3Z3pyWkllMXQ0czQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9mM2I4MjUtY2JjMC00OWQyLThiNzYt
NmIxNDY5YzNiOTVhLzEvMGFIX1Y2dmNHYTYwQWRGQUtCMTcybi1SSU44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9mM2I4MjUtY2JjMC00OWQyLThiNzYtNmIxNDY5YzNiOTVh
LzEvWllGbmRMZkZabDFucUd3Z3pyWkllMXQ0czQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzA4BAIAATAyAwQDTUyAMAwD
BABNTIkDBARNTIADBANNTJgDBANNTLgDBANei9ADBANta0gDBANta1gwDwQCAAIw
CQMHACoDAsAADjANBgkqhkiG9w0BAQsFAAOCAQEA5++PRhZXAn6lTYRzIQJrkLPv
kMNiVvWrQQipO/h5RvVlKRyoX5hcAHArkv6qYwf0t6M371OMat5X9QJaqn30/Zrg
9sqzCkTVWFHL1uMaF8RrT2gP/p2s/W0mEC99mr8dJN/2T79+OY2Vit3AoPdCyS/x
b9cZJFnhEwczQjNIX6o9BOptNqoOwfT3U92Xi1jrIwtRLQzREoHH4a0VdLhGDFWg
d0Na+i8j4E3AgWYwI0L9RlZzOLIMSKFtgryl4EYpWoVXStvRHQ6UWmEA6e2vk1Ap
bU8bsMCoWgYTTDDjMc5L0nbTElFo5MOmRCrjMHg0WqzDv1w2Y0jwV7AXzCVOAg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:08 2024 by rpki-client on console-fra.rpki-client.org