Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/sr3b71nE1zCV8LBs1ljT12OU75Y.roa
File: sr3b71nE1zCV8LBs1ljT12OU75Y.roa (raw, json)
Hash identifier: EP63Ze2xU8jqXAKGg1o/x7ivOuiVG8QM9hYctGyLfvc=
Subject key identifier: B2:BD:DB:EF:59:C4:D7:30:95:F0:B0:6C:D6:58:D3:D7:63:94:EF:96
Certificate issuer: /CN=da70c441fb892b8c9816534885069fcd3300c9a4
Certificate serial: 01889C1BDF4FD9135EC047BA38FA7BE6120F
Authority key identifier: DA:70:C4:41:FB:89:2B:8C:98:16:53:48:85:06:9F:CD:33:00:C9:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2nDEQfuJK4yYFlNIhQafzTMAyaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/sr3b71nE1zCV8LBs1ljT12OU75Y.roa
Signing time: Thu 08 Jun 2023 17:44:12 +0000
ROA not before: Thu 08 Jun 2023 17:44:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 77.105.166.0/24 maxlen: 24
77.105.167.0/24 maxlen: 24
185.225.201.0/24 maxlen: 24
185.225.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9c:1b:df:4f:d9:13:5e:c0:47:ba:38:fa:7b:e6:12:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da70c441fb892b8c9816534885069fcd3300c9a4
Validity
Not Before: Jun 8 17:44:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2bddbef59c4d73095f0b06cd658d3d76394ef96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5e:39:d3:e4:af:0e:e3:ea:23:76:24:79:09:
46:a1:bc:80:06:80:22:e1:e3:61:7c:ab:72:83:63:
9a:a3:02:fe:62:92:aa:77:fe:3f:1f:35:72:ad:a8:
6f:9b:40:c0:30:ce:90:bf:7a:d7:22:3c:56:d6:2e:
a8:53:ed:be:f3:62:ab:9e:42:e1:e2:b8:80:7b:73:
e3:0f:a6:ce:de:77:6c:a5:e3:80:7d:cb:b0:ee:d0:
2a:31:04:eb:cd:e7:33:f5:c6:b9:cc:cc:64:34:8e:
c3:ae:52:89:1a:59:85:82:e0:4c:5f:ff:b4:54:16:
33:6c:f0:67:5a:39:b6:27:a8:ee:c8:9d:79:54:ba:
36:3d:68:93:36:56:91:9f:b1:85:84:56:42:19:43:
af:bb:12:56:bf:1d:51:25:19:16:f1:8b:2e:66:eb:
91:fd:e9:5b:25:c1:e5:9e:91:14:5e:43:b2:a7:1b:
dd:d6:32:2d:e0:86:55:a1:3d:8b:ef:d1:9b:e6:01:
87:15:9a:b6:5b:3b:bc:82:de:0f:79:e3:c5:5a:b7:
f9:19:da:4d:a5:76:90:49:37:59:3c:57:ac:f8:e4:
ee:67:77:9d:7d:0f:cc:97:93:ec:b8:94:eb:e7:64:
69:c2:71:23:13:f9:bb:21:1b:8f:4d:3c:79:07:35:
24:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:BD:DB:EF:59:C4:D7:30:95:F0:B0:6C:D6:58:D3:D7:63:94:EF:96
X509v3 Authority Key Identifier:
keyid:DA:70:C4:41:FB:89:2B:8C:98:16:53:48:85:06:9F:CD:33:00:C9:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nDEQfuJK4yYFlNIhQafzTMAyaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/sr3b71nE1zCV8LBs1ljT12OU75Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/2nDEQfuJK4yYFlNIhQafzTMAyaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.166.0/23
185.225.200.0/23
Signature Algorithm: sha256WithRSAEncryption
68:0b:ff:f7:e6:9e:01:07:50:da:23:ef:42:a2:1f:c4:47:d5:
e1:30:ea:66:0b:dd:cf:e3:b8:71:64:26:d1:5d:64:7e:8c:69:
88:cf:92:df:b8:1c:43:00:88:85:c5:f7:7c:8e:7e:90:be:95:
05:e7:bd:6e:13:39:aa:b1:c3:a1:eb:78:7f:f7:78:e1:fc:6e:
37:85:d4:64:bb:59:ff:56:ce:45:28:41:af:92:37:53:cd:3c:
63:08:72:25:0c:7f:45:26:3e:86:e5:0c:79:95:a4:68:61:e7:
e3:ae:9b:fa:09:97:39:7e:5a:93:80:47:0f:7c:ad:c9:c5:e0:
b4:d4:1c:05:60:5a:e3:f5:1e:ca:2d:84:c7:f4:2e:fe:47:66:
a8:9a:3d:d4:20:ed:08:0e:72:f8:84:66:e5:bd:b8:af:14:4f:
7b:5f:fc:09:af:eb:5f:68:fe:b3:eb:47:27:ff:9f:c9:49:32:
f5:a4:af:e4:f9:ec:f4:a0:8f:49:8c:77:3e:4a:c2:cc:1b:65:
33:43:53:f0:86:5b:2d:43:4d:04:90:45:22:64:b0:62:b5:80:
a7:5a:e5:26:83:c6:38:fd:49:58:9b:f1:6a:7c:30:8a:08:00:
23:17:af:01:4e:5d:14:80:88:6a:31:11:24:37:b4:2d:cd:f3:
9b:bc:02:99
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYicG99P2RNewEe6OPp75hIPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzBjNDQxZmI4OTJiOGM5ODE2NTM0ODg1MDY5ZmNkMzMw
MGM5YTQwHhcNMjMwNjA4MTc0NDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmJkZGJlZjU5YzRkNzMwOTVmMGIwNmNkNjU4ZDNkNzYzOTRlZjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqF450+SvDuPqI3YkeQlGobyABoAi
4eNhfKtyg2OaowL+YpKqd/4/HzVyrahvm0DAMM6Qv3rXIjxW1i6oU+2+82KrnkLh
4riAe3PjD6bO3ndspeOAfcuw7tAqMQTrzecz9ca5zMxkNI7DrlKJGlmFguBMX/+0
VBYzbPBnWjm2J6juyJ15VLo2PWiTNlaRn7GFhFZCGUOvuxJWvx1RJRkW8YsuZuuR
/elbJcHlnpEUXkOypxvd1jIt4IZVoT2L79Gb5gGHFZq2Wzu8gt4PeePFWrf5GdpN
pXaQSTdZPFes+OTuZ3edfQ/Ml5PsuJTr52RpwnEjE/m7IRuPTTx5BzUkhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLK92+9ZxNcwlfCwbNZY09djlO+WMB8GA1UdIwQY
MBaAFNpwxEH7iSuMmBZTSIUGn80zAMmkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5ERVFmdUpLNHlZRmxOSWhRYWZ6VE1BeWFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lNTNkZTUtMWI1Zi00NDY3LWE2OGMt
MTVmYzBiNjhmODQ0LzEvc3IzYjcxbkUxekNWOExCczFsalQxMk9VNzVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lNTNkZTUtMWI1Zi00NDY3LWE2OGMtMTVmYzBiNjhmODQ0
LzEvMm5ERVFmdUpLNHlZRmxOSWhRYWZ6VE1BeWFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBTWmmAwQB
ueHIMA0GCSqGSIb3DQEBCwUAA4IBAQBoC//35p4BB1DaI+9Coh/ER9XhMOpmC93P
47hxZCbRXWR+jGmIz5LfuBxDAIiFxfd8jn6QvpUF571uEzmqscOh63h/93jh/G43
hdRku1n/Vs5FKEGvkjdTzTxjCHIlDH9FJj6G5Qx5laRoYefjrpv6CZc5flqTgEcP
fK3JxeC01BwFYFrj9R7KLYTH9C7+R2aomj3UIO0IDnL4hGblvbivFE97X/wJr+tf
aP6z60cn/5/JSTL1pK/k+ez0oI9JjHc+SsLMG2UzQ1PwhlstQ00EkEUiZLBitYCn
WuUmg8Y4/UlYm/FqfDCKCAAjF68BTl0UgIhqMREkN7QtzfObvAKZ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:41 2023 by rpki-client on console-ams.rpki-client.org