Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/ACMIOfVhphbLfeRhJUG7cOQhXWg.roa
File: ACMIOfVhphbLfeRhJUG7cOQhXWg.roa (raw, json)
Hash identifier: /S1mQjg43DIijJk0/spTu+4vaGFJQf7w7HWbcpYxQZc=
Subject key identifier: 00:23:08:39:F5:61:A6:16:CB:7D:E4:61:25:41:BB:70:E4:21:5D:68
Certificate issuer: /CN=2532a5cf2ba18c753edc95ee20b666293df02d5b
Certificate serial: 0189F4EE5AC8F240B88758DC5140EF67A603
Authority key identifier: 25:32:A5:CF:2B:A1:8C:75:3E:DC:95:EE:20:B6:66:29:3D:F0:2D:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTKlzyuhjHU-3JXuILZmKT3wLVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/ACMIOfVhphbLfeRhJUG7cOQhXWg.roa
Signing time: Mon 14 Aug 2023 16:43:28 +0000
ROA not before: Mon 14 Aug 2023 16:43:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35030
IP address blocks: 91.221.83.0/24 maxlen: 24
91.221.82.0/24 maxlen: 24
77.32.231.0/24 maxlen: 24
77.32.227.0/24 maxlen: 24
195.211.13.0/24 maxlen: 24
195.211.12.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f4:ee:5a:c8:f2:40:b8:87:58:dc:51:40:ef:67:a6:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2532a5cf2ba18c753edc95ee20b666293df02d5b
Validity
Not Before: Aug 14 16:43:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00230839f561a616cb7de4612541bb70e4215d68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:01:1f:f1:1f:f2:4d:68:44:d5:21:13:bf:6f:
3b:34:74:15:d0:45:17:c6:16:e1:bb:67:6f:d2:a3:
20:be:4a:01:81:ac:9c:61:af:cd:02:2c:54:fa:5e:
77:39:35:de:49:29:c5:83:7e:3b:9f:d4:ff:73:b7:
27:10:dc:bd:62:76:21:d1:8d:00:35:c2:3b:e1:ac:
0e:17:99:e9:20:4f:95:a4:8b:ae:5c:c2:fb:22:1b:
ac:d4:63:36:1a:80:39:31:eb:79:a8:a6:ed:23:25:
c1:79:65:57:7d:76:4a:62:da:29:bd:85:ea:97:f3:
a6:9a:fb:6b:63:08:02:56:fb:6a:87:33:58:83:51:
81:86:72:ff:a2:d3:6a:80:02:a3:8f:92:22:c6:e4:
ad:57:62:cd:0d:52:ab:33:27:e8:4a:3f:8a:cd:e3:
95:90:6b:fe:2d:f5:4a:a2:9e:78:2c:ff:08:b5:d8:
9d:b4:62:bc:6c:e2:a2:4d:e2:ba:8a:a2:cd:b3:dc:
6d:8d:99:72:00:da:1a:cf:16:2c:ef:ae:f0:e0:27:
4f:65:91:08:40:4b:bf:18:fd:cf:ee:da:cc:50:8b:
a0:05:94:8f:3b:4d:28:6d:64:ff:51:7f:e5:07:43:
de:0c:a8:42:ca:66:9a:af:31:21:05:a6:ba:b2:c7:
b4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:23:08:39:F5:61:A6:16:CB:7D:E4:61:25:41:BB:70:E4:21:5D:68
X509v3 Authority Key Identifier:
keyid:25:32:A5:CF:2B:A1:8C:75:3E:DC:95:EE:20:B6:66:29:3D:F0:2D:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTKlzyuhjHU-3JXuILZmKT3wLVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/ACMIOfVhphbLfeRhJUG7cOQhXWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/JTKlzyuhjHU-3JXuILZmKT3wLVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.32.227.0/24
77.32.231.0/24
91.221.82.0/23
195.211.12.0/23
Signature Algorithm: sha256WithRSAEncryption
01:02:8f:bd:ed:97:88:02:74:a3:d5:90:1c:d4:e4:5f:4b:2a:
8d:53:38:26:de:20:6f:7d:19:73:b7:ae:92:1c:f7:3b:69:9c:
c7:dd:cd:e8:cf:dc:e0:98:a9:4e:7a:da:13:a0:31:eb:e5:92:
99:25:69:7b:77:6d:4b:5a:66:94:3e:8a:7c:a3:37:fc:c3:60:
c6:8b:90:6c:f7:99:a8:5e:8c:58:32:cd:31:86:49:35:4c:ca:
0d:c4:50:bb:ed:2e:de:48:06:06:cf:fa:bc:a4:4b:75:58:f8:
04:4f:80:53:cb:52:4d:0d:9a:6a:bb:dc:16:43:40:31:a9:4b:
26:2f:3e:00:a1:ef:74:10:c8:59:5c:c6:69:b9:d3:45:a5:e7:
6b:31:96:e3:ba:54:63:72:3d:e4:75:76:b1:bb:a0:5a:6f:62:
4f:4a:b6:21:02:9c:7e:50:fe:6b:90:c1:04:5f:38:88:35:1b:
58:67:df:ea:20:7e:0e:cb:22:92:e9:01:05:7c:7a:0d:9b:02:
4b:b1:78:df:97:4a:e2:09:ea:88:47:8b:53:a8:ca:6c:8b:5c:
8c:11:e6:bd:ba:7d:ac:8f:fc:76:53:8f:8a:86:5b:f9:b5:7e:
a3:21:63:4c:f1:55:e5:a0:93:fd:0a:80:fb:72:cb:2f:e8:ed:
a2:3e:c7:e0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYn07lrI8kC4h1jcUUDvZ6YDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MzJhNWNmMmJhMThjNzUzZWRjOTVlZTIwYjY2NjI5M2Rm
MDJkNWIwHhcNMjMwODE0MTY0MzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDIzMDgzOWY1NjFhNjE2Y2I3ZGU0NjEyNTQxYmI3MGU0MjE1ZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQEf8R/yTWhE1SETv287NHQV0EUX
xhbhu2dv0qMgvkoBgaycYa/NAixU+l53OTXeSSnFg347n9T/c7cnENy9YnYh0Y0A
NcI74awOF5npIE+VpIuuXML7Ihus1GM2GoA5Met5qKbtIyXBeWVXfXZKYtopvYXq
l/OmmvtrYwgCVvtqhzNYg1GBhnL/otNqgAKjj5IixuStV2LNDVKrMyfoSj+KzeOV
kGv+LfVKop54LP8ItdidtGK8bOKiTeK6iqLNs9xtjZlyANoazxYs767w4CdPZZEI
QEu/GP3P7trMUIugBZSPO00obWT/UX/lB0PeDKhCymaarzEhBaa6sse0sQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAAjCDn1YaYWy33kYSVBu3DkIV1oMB8GA1UdIwQY
MBaAFCUypc8roYx1PtyV7iC2Zik98C1bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRLbHp5dWhqSFUtM0pYdUlMWm1LVDN3TFZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xZTAyZmEtZjgyMy00MWM4LTg2YjIt
MTUxY2Y2MWRlODNlLzEvQUNNSU9mVmhwaGJMZmVSaEpVRzdjT1FoWFdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xZTAyZmEtZjgyMy00MWM4LTg2YjItMTUxY2Y2MWRlODNl
LzEvSlRLbHp5dWhqSFUtM0pYdUlMWm1LVDN3TFZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATSDjAwQA
TSDnAwQBW91SAwQBw9MMMA0GCSqGSIb3DQEBCwUAA4IBAQABAo+97ZeIAnSj1ZAc
1ORfSyqNUzgm3iBvfRlzt66SHPc7aZzH3c3oz9zgmKlOetoToDHr5ZKZJWl7d21L
WmaUPop8ozf8w2DGi5Bs95moXoxYMs0xhkk1TMoNxFC77S7eSAYGz/q8pEt1WPgE
T4BTy1JNDZpqu9wWQ0AxqUsmLz4Aoe90EMhZXMZpudNFpedrMZbjulRjcj3kdXax
u6Bab2JPSrYhApx+UP5rkMEEXziINRtYZ9/qIH4OyyKS6QEFfHoNmwJLsXjfl0ri
CeqIR4tTqMpsi1yMEea9un2sj/x2U4+Khlv5tX6jIWNM8VXloJP9CoD7cssv6O2i
Psfg
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:42 2024 by rpki-client on console-ams.rpki-client.org