Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/CiCilZUHMgULwJG2VHmOmDd30bQ.roa
File: CiCilZUHMgULwJG2VHmOmDd30bQ.roa (raw, json)
Hash identifier: YoFHcswF3Irpn7bpBQzQf4BDAar/MeSQavsZlmObS7M=
Subject key identifier: 0A:20:A2:95:95:07:32:05:0B:C0:91:B6:54:79:8E:98:37:77:D1:B4
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018611C15CA26C267F7655B6F1ACB818571F
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/CiCilZUHMgULwJG2VHmOmDd30bQ.roa
Signing time: Thu 02 Feb 2023 10:52:10 +0000
ROA not before: Thu 02 Feb 2023 10:52:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 89.37.192.0/24 maxlen: 24
89.37.193.0/24 maxlen: 24
77.81.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Feb 2023 12:08:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:11:c1:5c:a2:6c:26:7f:76:55:b6:f1:ac:b8:18:57:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Feb 2 10:52:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a20a295950732050bc091b654798e983777d1b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:7a:88:c3:77:c5:a2:3f:fb:55:81:40:0a:9a:
ac:c8:75:79:50:72:af:f8:09:2b:9e:14:c3:74:f4:
a5:44:23:a9:61:5b:e4:02:b5:72:23:d2:ab:9c:0c:
b5:1c:50:e1:f8:c7:88:22:26:d5:ad:55:d0:f2:e6:
ab:04:30:0d:d3:21:4b:6f:18:f6:dd:d6:cd:64:46:
d4:89:d3:b6:d1:0e:94:47:46:17:59:5b:4f:06:22:
28:af:38:b6:de:6d:7a:f5:bc:37:46:cb:3e:aa:93:
2c:e6:05:6c:04:fa:81:bb:91:5e:0e:f3:dc:bd:47:
b6:5a:5f:6c:6d:0a:a2:c6:c0:cf:c5:57:66:5c:5c:
af:76:51:e1:af:15:b2:66:d0:1d:d6:20:4b:86:ee:
3e:c1:d8:27:8d:06:f4:f2:46:52:c7:fd:f6:17:35:
be:f8:2b:3f:38:14:9a:44:fc:6a:ea:83:ba:84:7e:
f2:96:ba:a2:90:3d:b4:3c:2b:6c:0d:67:6f:ee:83:
b1:8c:85:f7:09:b7:06:f5:97:60:de:f1:58:ab:be:
0d:a4:9d:b7:13:8b:3e:3c:50:fb:49:45:ad:14:3c:
8f:03:ac:84:4c:1a:96:8f:f2:c0:9a:66:db:e3:56:
9a:30:e9:50:c5:be:d3:38:81:d8:af:2b:51:e0:96:
be:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:20:A2:95:95:07:32:05:0B:C0:91:B6:54:79:8E:98:37:77:D1:B4
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/CiCilZUHMgULwJG2VHmOmDd30bQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.100.0/24
89.37.192.0/23
Signature Algorithm: sha256WithRSAEncryption
37:4b:00:b4:1d:7d:8a:8d:2f:64:7e:86:dd:1d:dd:c5:c3:25:
cc:fe:ec:16:ae:81:16:86:85:44:db:fe:9e:1f:ba:9d:0f:4f:
f1:2b:69:c9:25:7e:5c:20:81:bc:4f:28:b3:6d:6e:ca:06:5f:
79:38:77:9a:f2:77:b1:06:b3:f8:50:30:c8:72:7f:52:41:be:
18:c1:c2:6c:a6:a6:ee:c9:b1:0e:31:6a:c2:00:99:a3:c7:74:
1a:b8:7e:54:2c:cb:91:4a:72:b6:5c:ed:58:53:f0:ec:c4:ef:
4c:a8:cf:0d:0a:06:66:57:65:66:d1:32:15:dc:82:06:72:93:
95:b6:72:96:68:a7:4c:da:e5:40:c4:c1:24:29:05:81:26:11:
a6:95:9e:1f:44:4b:0d:bb:9e:66:03:9e:33:dc:0c:fc:2d:a7:
cd:2c:17:57:76:5c:c6:f6:51:14:eb:bd:4a:46:3b:f9:d9:80:
9d:e1:69:b0:d4:fa:9f:c5:e1:9b:97:62:99:7a:12:ef:11:fe:
09:d3:f8:de:6f:7b:77:c4:ee:6f:c7:7b:1e:80:e4:e4:2e:1c:
d3:63:33:f7:d3:57:db:12:db:5e:aa:d9:06:38:00:f3:2e:3d:
5b:8c:a0:ae:ad:4b:a0:fd:24:f4:ff:ba:22:93:36:ef:4c:8e:
ae:fe:17:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYRwVyibCZ/dlW28ay4GFcfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwMjAyMTA1MjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTIwYTI5NTk1MDczMjA1MGJjMDkxYjY1NDc5OGU5ODM3NzdkMWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHqIw3fFoj/7VYFACpqsyHV5UHKv
+AkrnhTDdPSlRCOpYVvkArVyI9KrnAy1HFDh+MeIIibVrVXQ8uarBDAN0yFLbxj2
3dbNZEbUidO20Q6UR0YXWVtPBiIorzi23m169bw3Rss+qpMs5gVsBPqBu5FeDvPc
vUe2Wl9sbQqixsDPxVdmXFyvdlHhrxWyZtAd1iBLhu4+wdgnjQb08kZSx/32FzW+
+Cs/OBSaRPxq6oO6hH7ylrqikD20PCtsDWdv7oOxjIX3CbcG9Zdg3vFYq74NpJ23
E4s+PFD7SUWtFDyPA6yETBqWj/LAmmbb41aaMOlQxb7TOIHYrytR4Ja+aQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAogopWVBzIFC8CRtlR5jpg3d9G0MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvQ2lDaWxaVUhNZ1VMd0pHMlZIbU9tRGQzMGJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVFkAwQB
WSXAMA0GCSqGSIb3DQEBCwUAA4IBAQA3SwC0HX2KjS9kfobdHd3FwyXM/uwWroEW
hoVE2/6eH7qdD0/xK2nJJX5cIIG8TyizbW7KBl95OHea8nexBrP4UDDIcn9SQb4Y
wcJspqbuybEOMWrCAJmjx3QauH5ULMuRSnK2XO1YU/DsxO9MqM8NCgZmV2Vm0TIV
3IIGcpOVtnKWaKdM2uVAxMEkKQWBJhGmlZ4fREsNu55mA54z3Az8LafNLBdXdlzG
9lEU671KRjv52YCd4Wmw1PqfxeGbl2KZehLvEf4J0/jeb3t3xO5vx3segOTkLhzT
YzP301fbEtteqtkGOADzLj1bjKCurUug/ST0/7oikzbvTI6u/hdS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:12 2024 by rpki-client on console-ams.rpki-client.org