Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/9Bnz42UOoIaB0-3GD4D5XlPJ1_I.roa
File: 9Bnz42UOoIaB0-3GD4D5XlPJ1_I.roa (raw, json)
Hash identifier: xgxtdAkEV6AdBxAd9pJDybT60QW1MwhZD/AenfTcH3U=
Subject key identifier: F4:19:F3:E3:65:0E:A0:86:81:D3:ED:C6:0F:80:F9:5E:53:C9:D7:F2
Certificate issuer: /CN=da70c441fb892b8c9816534885069fcd3300c9a4
Certificate serial: 01886D6F8333A194EC68A779FE3470ADC6F4
Authority key identifier: DA:70:C4:41:FB:89:2B:8C:98:16:53:48:85:06:9F:CD:33:00:C9:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2nDEQfuJK4yYFlNIhQafzTMAyaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/9Bnz42UOoIaB0-3GD4D5XlPJ1_I.roa
Signing time: Tue 30 May 2023 16:13:24 +0000
ROA not before: Tue 30 May 2023 16:13:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20853
IP address blocks: 77.105.166.0/24 maxlen: 24
77.105.167.0/24 maxlen: 24
185.225.200.0/24 maxlen: 24
185.225.201.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6d:6f:83:33:a1:94:ec:68:a7:79:fe:34:70:ad:c6:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da70c441fb892b8c9816534885069fcd3300c9a4
Validity
Not Before: May 30 16:13:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f419f3e3650ea08681d3edc60f80f95e53c9d7f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:da:82:21:20:b4:b7:e0:56:94:c8:2b:34:76:
84:bb:55:4e:d1:d3:47:75:d9:4c:aa:34:ad:e1:4d:
45:55:40:e4:78:ff:74:ac:a4:6b:d1:f4:36:35:7a:
c4:fc:8c:11:54:89:c7:1c:c2:58:c9:2d:79:d9:8f:
05:3b:c1:35:e1:13:6a:93:49:bf:fe:75:6c:25:4b:
f9:78:8b:06:1e:11:20:5c:20:61:e8:6a:5d:b2:80:
52:1a:f3:82:e4:14:d4:54:8b:26:08:11:b4:d0:c6:
9c:ad:79:c6:b6:ea:62:69:38:ed:ee:e8:67:d8:22:
17:5d:58:03:b8:5b:16:3a:01:89:0f:11:63:c9:83:
8e:0f:5e:e4:1f:67:d6:44:3c:6a:cc:4c:62:d8:4b:
73:94:22:35:03:7a:c3:e8:3e:10:4c:ae:c9:8a:91:
3e:d1:2e:44:f3:94:3e:0c:56:93:6b:b2:32:ad:12:
19:41:a1:0c:98:59:2c:c7:34:89:94:b8:98:a5:f5:
b2:85:8e:ea:5a:19:71:75:30:b7:1a:28:7e:2f:5a:
e2:ce:b3:58:58:10:b3:14:a1:b0:59:41:a1:3d:53:
b1:a4:ae:f9:68:ef:25:ad:0a:f2:47:81:23:43:86:
f6:a8:83:16:34:f3:17:f5:42:26:22:73:f3:46:4a:
47:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:19:F3:E3:65:0E:A0:86:81:D3:ED:C6:0F:80:F9:5E:53:C9:D7:F2
X509v3 Authority Key Identifier:
keyid:DA:70:C4:41:FB:89:2B:8C:98:16:53:48:85:06:9F:CD:33:00:C9:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nDEQfuJK4yYFlNIhQafzTMAyaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/9Bnz42UOoIaB0-3GD4D5XlPJ1_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/2nDEQfuJK4yYFlNIhQafzTMAyaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.166.0/23
185.225.200.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:23:3f:ba:5b:06:3a:a2:f2:1d:a4:62:58:b5:35:e9:cf:9e:
0f:f3:52:04:63:9c:4f:0d:64:da:b1:86:bb:92:38:de:91:61:
e4:40:2c:94:5b:b0:9e:d7:cf:17:6f:fe:8b:44:17:a7:89:03:
84:0a:ab:eb:0d:53:b8:a7:e6:81:5b:f3:48:af:4c:8a:95:e1:
64:cc:65:eb:1b:1b:01:4a:b1:20:69:52:bb:65:8b:fc:25:3c:
90:de:32:6e:40:c9:46:45:fa:5d:7e:4d:27:68:20:34:92:80:
98:88:8a:36:8a:8d:cb:fc:d7:3d:44:54:2c:74:3e:a6:71:8c:
98:b2:2a:73:00:ee:a8:ba:5c:c4:44:e7:80:2c:e2:39:0f:6a:
d7:00:97:24:db:21:19:67:c1:b7:c0:5e:8b:29:26:ff:2a:aa:
51:6e:0c:42:54:df:74:0b:72:82:8e:86:06:d5:8a:d7:a5:bc:
fb:ae:62:db:55:b5:7d:97:ab:bb:17:6a:01:ec:5c:0d:b0:6b:
57:a3:df:18:94:a5:11:14:b4:76:b8:5b:4e:10:cb:05:b8:bd:
3a:13:aa:fa:30:e3:bb:4f:27:a0:94:3d:10:62:2e:8d:c0:d8:
b1:80:eb:68:1c:35:50:50:5c:70:d3:d7:71:f8:d3:99:22:ad:
fa:fd:b3:36
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhtb4MzoZTsaKd5/jRwrcb0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzBjNDQxZmI4OTJiOGM5ODE2NTM0ODg1MDY5ZmNkMzMw
MGM5YTQwHhcNMjMwNTMwMTYxMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDE5ZjNlMzY1MGVhMDg2ODFkM2VkYzYwZjgwZjk1ZTUzYzlkN2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttqCISC0t+BWlMgrNHaEu1VO0dNH
ddlMqjSt4U1FVUDkeP90rKRr0fQ2NXrE/IwRVInHHMJYyS152Y8FO8E14RNqk0m/
/nVsJUv5eIsGHhEgXCBh6GpdsoBSGvOC5BTUVIsmCBG00MacrXnGtupiaTjt7uhn
2CIXXVgDuFsWOgGJDxFjyYOOD17kH2fWRDxqzExi2EtzlCI1A3rD6D4QTK7JipE+
0S5E85Q+DFaTa7IyrRIZQaEMmFksxzSJlLiYpfWyhY7qWhlxdTC3Gih+L1rizrNY
WBCzFKGwWUGhPVOxpK75aO8lrQryR4EjQ4b2qIMWNPMX9UImInPzRkpHvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPQZ8+NlDqCGgdPtxg+A+V5TydfyMB8GA1UdIwQY
MBaAFNpwxEH7iSuMmBZTSIUGn80zAMmkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5ERVFmdUpLNHlZRmxOSWhRYWZ6VE1BeWFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lNTNkZTUtMWI1Zi00NDY3LWE2OGMt
MTVmYzBiNjhmODQ0LzEvOUJuejQyVU9vSWFCMC0zR0Q0RDVYbFBKMV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lNTNkZTUtMWI1Zi00NDY3LWE2OGMtMTVmYzBiNjhmODQ0
LzEvMm5ERVFmdUpLNHlZRmxOSWhRYWZ6VE1BeWFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBTWmmAwQB
ueHIMA0GCSqGSIb3DQEBCwUAA4IBAQA+Iz+6WwY6ovIdpGJYtTXpz54P81IEY5xP
DWTasYa7kjjekWHkQCyUW7Ce188Xb/6LRBeniQOECqvrDVO4p+aBW/NIr0yKleFk
zGXrGxsBSrEgaVK7ZYv8JTyQ3jJuQMlGRfpdfk0naCA0koCYiIo2io3L/Nc9RFQs
dD6mcYyYsipzAO6oulzEROeALOI5D2rXAJck2yEZZ8G3wF6LKSb/KqpRbgxCVN90
C3KCjoYG1YrXpbz7rmLbVbV9l6u7F2oB7FwNsGtXo98YlKURFLR2uFtOEMsFuL06
E6r6MOO7TyeglD0QYi6NwNixgOtoHDVQUFxw09dx+NOZIq36/bM2
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:00 2023 by rpki-client on console-fra.rpki-client.org