Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/tVYdnnk8PEfLeCeUOdccsnMGBbo.roa
File: tVYdnnk8PEfLeCeUOdccsnMGBbo.roa (raw, json)
Hash identifier: pZJ4nHSv7bneFt07ZQCaIy3b7hy80MaVOrsTax/PJBE=
Subject key identifier: B5:56:1D:9E:79:3C:3C:47:CB:78:27:94:39:D7:1C:B2:73:06:05:BA
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018E08CFEE4718D7908A9F9CC2F670E90BE1
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/tVYdnnk8PEfLeCeUOdccsnMGBbo.roa
Signing time: Mon 04 Mar 2024 09:33:48 +0000
ROA not before: Mon 04 Mar 2024 09:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 77.81.182.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
91.132.50.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
128.0.41.0/24 maxlen: 24
185.212.119.0/24 maxlen: 24
188.213.0.0/24 maxlen: 24
188.215.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Mar 2024 20:29:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:08:cf:ee:47:18:d7:90:8a:9f:9c:c2:f6:70:e9:0b:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Mar 4 09:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5561d9e793c3c47cb78279439d71cb2730605ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d4:7a:4f:99:33:37:20:cd:23:c0:97:0d:eb:
e5:4b:b1:d9:4b:bc:a5:0d:b2:fb:e2:03:e7:aa:58:
54:a9:0b:1a:75:7c:6c:15:b7:12:5f:6e:21:8e:05:
ef:86:4d:e7:60:dd:be:eb:02:ac:f3:2c:08:99:13:
e6:36:82:d6:c9:79:9b:36:42:75:57:d1:c1:dc:8f:
e4:b5:00:fd:7d:3f:c3:37:76:9b:66:e2:a0:6d:4f:
36:af:e8:b4:4a:4a:03:dc:f0:d2:88:66:8c:37:eb:
86:54:45:f8:fa:f2:0c:64:27:8d:60:e4:68:86:c8:
de:58:b9:02:82:52:46:ad:4a:0e:0a:71:d9:9e:75:
87:fa:73:4f:0d:bd:43:e0:95:c1:2a:db:59:72:9f:
5e:a9:b8:7b:8c:6c:97:8a:fc:b6:02:de:92:50:a7:
39:47:54:43:ed:e1:ac:94:8b:51:dd:5f:67:6b:29:
95:52:17:e7:81:c3:b5:9f:db:4c:7b:c8:04:76:ae:
c6:ee:63:eb:0e:f6:82:0d:ac:19:dd:40:0a:ca:33:
94:fb:cd:f1:c7:95:43:80:46:0c:bb:c2:4c:f8:c6:
14:8b:80:49:f3:91:c7:bc:06:be:86:12:56:e4:4f:
36:91:68:a2:4e:1a:e5:a1:30:ed:c6:ec:5a:43:23:
ce:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:56:1D:9E:79:3C:3C:47:CB:78:27:94:39:D7:1C:B2:73:06:05:BA
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/tVYdnnk8PEfLeCeUOdccsnMGBbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.182.0/24
89.34.106.0/24
89.35.129.0/24
91.132.50.0/24
93.114.183.0/24
128.0.41.0/24
185.212.119.0/24
188.213.0.0/24
188.215.31.0/24
Signature Algorithm: sha256WithRSAEncryption
41:a9:ba:09:5c:38:92:a6:81:4e:ab:f0:3a:2e:87:d2:69:dc:
14:2a:1f:67:0a:c4:16:35:70:db:ab:c0:f4:02:4b:ca:e9:14:
b2:d4:8a:58:1c:46:83:e4:01:02:07:a6:2a:2c:9a:e2:a3:fe:
44:9c:07:d1:aa:8a:56:fb:98:c3:db:c8:e1:0d:c2:c9:32:03:
58:d8:1a:18:de:94:2a:20:a0:3c:a4:72:f9:e7:df:0e:05:e6:
d5:db:8b:a0:37:71:b1:2f:92:04:65:5a:f8:22:e9:24:a5:f9:
bd:51:a2:dc:32:00:58:db:64:c6:71:ac:3e:fd:b9:31:a8:5c:
43:74:53:b6:d4:91:60:ad:98:b4:ce:15:bc:1f:da:8d:ca:06:
72:d5:3a:17:a1:df:5e:04:fa:11:ce:82:2f:35:46:36:d7:00:
a6:4d:4c:ea:ee:f5:0c:3e:d7:71:8c:a8:13:5d:8b:5a:f2:3f:
fc:86:2d:96:94:b8:ac:8f:69:f7:28:e5:2a:1a:00:ea:62:5a:
9a:fd:7f:e3:f9:cf:2d:e1:6b:91:26:80:08:9e:52:fa:f7:58:
46:03:ce:48:13:d5:e8:d7:3a:9d:80:7e:af:33:e0:f0:6e:0d:
c6:8b:f2:13:4e:ad:20:6b:5d:51:d9:9f:63:f5:c2:90:f5:f7:
9e:1c:00:85
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY4Iz+5HGNeQip+cwvZw6QvhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMzA0MDkzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTU2MWQ5ZTc5M2MzYzQ3Y2I3ODI3OTQzOWQ3MWNiMjczMDYwNWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNR6T5kzNyDNI8CXDevlS7HZS7yl
DbL74gPnqlhUqQsadXxsFbcSX24hjgXvhk3nYN2+6wKs8ywImRPmNoLWyXmbNkJ1
V9HB3I/ktQD9fT/DN3abZuKgbU82r+i0SkoD3PDSiGaMN+uGVEX4+vIMZCeNYORo
hsjeWLkCglJGrUoOCnHZnnWH+nNPDb1D4JXBKttZcp9eqbh7jGyXivy2At6SUKc5
R1RD7eGslItR3V9naymVUhfngcO1n9tMe8gEdq7G7mPrDvaCDawZ3UAKyjOU+83x
x5VDgEYMu8JM+MYUi4BJ85HHvAa+hhJW5E82kWiiThrloTDtxuxaQyPORQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLVWHZ55PDxHy3gnlDnXHLJzBgW6MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvdFZZZG5uazhQRWZMZUNlVU9kY2Nzbk1HQmJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQATVG2AwQA
WSJqAwQAWSOBAwQAW4QyAwQAXXK3AwQAgAApAwQAudR3AwQAvNUAAwQAvNcfMA0G
CSqGSIb3DQEBCwUAA4IBAQBBqboJXDiSpoFOq/A6LofSadwUKh9nCsQWNXDbq8D0
AkvK6RSy1IpYHEaD5AECB6YqLJrio/5EnAfRqopW+5jD28jhDcLJMgNY2BoY3pQq
IKA8pHL5598OBebV24ugN3GxL5IEZVr4Iukkpfm9UaLcMgBY22TGcaw+/bkxqFxD
dFO21JFgrZi0zhW8H9qNygZy1ToXod9eBPoRzoIvNUY21wCmTUzq7vUMPtdxjKgT
XYta8j/8hi2WlLisj2n3KOUqGgDqYlqa/X/j+c8t4WuRJoAInlL691hGA85IE9Xo
1zqdgH6vM+Dwbg3Gi/ITTq0ga11R2Z9j9cKQ9feeHACF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:14 2024 by rpki-client on console-ams.rpki-client.org