Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/pBGgBmEQnHkGnSKff3KcsM_dMTQ.roa
File: pBGgBmEQnHkGnSKff3KcsM_dMTQ.roa (raw, json)
Hash identifier: yun1Xf1TqsJs/kXclp9m4FabKV8/2FmBFwGoCzNF7H0=
Subject key identifier: A4:11:A0:06:61:10:9C:79:06:9D:22:9F:7F:72:9C:B0:CF:DD:31:34
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 018CC94E32D54ED27F4615ED1F358BB5B9F7
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/pBGgBmEQnHkGnSKff3KcsM_dMTQ.roa
Signing time: Tue 02 Jan 2024 08:33:14 +0000
ROA not before: Tue 02 Jan 2024 08:33:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35632
IP address blocks: 87.100.0.0/17 maxlen: 17
77.84.0.0/16 maxlen: 16
188.141.128.0/17 maxlen: 17
2a00:7180::/46 maxlen: 46
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:32:d5:4e:d2:7f:46:15:ed:1f:35:8b:b5:b9:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 2 08:33:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a411a00661109c79069d229f7f729cb0cfdd3134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:41:88:58:f1:6c:34:eb:69:76:7a:a3:13:6d:
65:1b:a0:8f:15:bd:95:c7:24:38:b7:3c:1a:a8:28:
ed:f1:9e:81:e2:af:be:0c:c0:88:9b:fc:f4:e8:c0:
bb:44:8b:0c:0f:51:02:77:4d:90:16:be:04:d2:aa:
23:d7:66:68:fd:e0:13:55:fe:43:19:b7:06:2d:90:
46:00:77:db:4f:a5:73:07:d5:88:e2:6a:04:ae:2b:
86:82:5a:12:0d:d8:12:68:2c:61:db:ab:d7:f9:d9:
a1:f0:d7:fb:84:5a:1c:2c:10:1a:ec:ca:41:81:64:
cb:92:c8:0e:09:de:61:d9:fb:95:3c:a9:bb:3a:e2:
5f:8b:58:6a:90:59:8e:4b:24:cd:56:fd:61:2b:e3:
b5:c9:14:75:01:34:2a:79:66:ef:d5:d1:57:69:ea:
5e:54:1e:d6:50:f7:7e:f2:6d:14:31:f7:b1:57:8b:
ad:65:7f:05:b5:37:66:d3:73:2d:ef:c6:57:ba:81:
5c:0c:05:32:ce:91:1a:89:05:a5:89:38:5b:d3:1a:
30:d5:2b:d4:d1:40:c8:af:c9:03:99:59:21:43:2f:
74:6b:db:75:54:94:a0:97:2b:23:05:21:dd:80:4b:
a4:1c:57:70:dd:53:60:85:dd:5a:53:ea:d8:fa:66:
f6:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:11:A0:06:61:10:9C:79:06:9D:22:9F:7F:72:9C:B0:CF:DD:31:34
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/pBGgBmEQnHkGnSKff3KcsM_dMTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.84.0.0/16
87.100.0.0/17
188.141.128.0/17
IPv6:
2a00:7180::/46
Signature Algorithm: sha256WithRSAEncryption
8a:8b:9f:33:e1:86:b9:38:75:1a:77:41:ca:14:eb:d2:c2:7d:
7b:bc:a1:98:7c:b1:74:40:ce:90:67:05:c9:d4:01:9e:41:cb:
51:7c:c3:c6:5d:7f:68:05:7d:85:40:5a:13:98:68:87:0f:93:
e1:ac:07:11:ac:2f:7d:53:f0:a1:09:a1:ce:d3:bc:2c:81:e9:
40:46:14:3b:9f:bb:e1:ab:ba:77:3e:f8:2b:72:26:e4:0c:1d:
1f:20:60:c3:ce:b3:46:aa:63:35:6c:26:65:52:46:0d:ec:94:
5a:2e:24:c0:a4:63:39:bd:04:06:e6:ca:3a:57:bc:de:64:38:
33:0b:92:3a:59:bb:6b:7b:52:88:65:e5:9d:51:af:85:7a:83:
b8:ee:03:44:ad:5a:87:e5:54:08:2d:75:16:b0:2f:ea:ea:39:
8a:63:dd:f8:34:b2:9a:e9:e6:b8:6d:b4:4e:b7:ea:c1:aa:2b:
d0:7e:9a:68:64:1e:c1:e7:b7:2d:e1:80:fb:ea:f0:1a:f7:6e:
59:80:42:c6:36:14:d1:0d:10:e9:8c:f4:2f:5e:7f:3d:0d:49:
cb:38:d9:63:dd:9d:3e:05:7d:30:74:c7:60:7d:de:e9:eb:de:
93:05:bc:dd:6c:f0:6a:49:d7:74:c0:35:ef:08:8b:ac:1e:76:
81:3d:f6:66
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzJTjLVTtJ/RhXtHzWLtbn3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjQwMTAyMDgzMzE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDExYTAwNjYxMTA5Yzc5MDY5ZDIyOWY3ZjcyOWNiMGNmZGQzMTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1EGIWPFsNOtpdnqjE21lG6CPFb2V
xyQ4tzwaqCjt8Z6B4q++DMCIm/z06MC7RIsMD1ECd02QFr4E0qoj12Zo/eATVf5D
GbcGLZBGAHfbT6VzB9WI4moEriuGgloSDdgSaCxh26vX+dmh8Nf7hFocLBAa7MpB
gWTLksgOCd5h2fuVPKm7OuJfi1hqkFmOSyTNVv1hK+O1yRR1ATQqeWbv1dFXaepe
VB7WUPd+8m0UMfexV4utZX8FtTdm03Mt78ZXuoFcDAUyzpEaiQWliThb0xow1SvU
0UDIr8kDmVkhQy90a9t1VJSglysjBSHdgEukHFdw3VNghd1aU+rY+mb2/QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFKQRoAZhEJx5Bp0in39ynLDP3TE0MB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvcEJHZ0JtRVFuSGtHblNLZmYzS2NzTV9kTVRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAXBAIAATARAwMATVQDBAdX
ZAADBAe8jYAwDwQCAAIwCQMHAioAcYAAADANBgkqhkiG9w0BAQsFAAOCAQEAiouf
M+GGuTh1GndByhTr0sJ9e7yhmHyxdEDOkGcFydQBnkHLUXzDxl1/aAV9hUBaE5ho
hw+T4awHEawvfVPwoQmhztO8LIHpQEYUO5+74au6dz74K3Im5AwdHyBgw86zRqpj
NWwmZVJGDeyUWi4kwKRjOb0EBubKOle83mQ4MwuSOlm7a3tSiGXlnVGvhXqDuO4D
RK1ah+VUCC11FrAv6uo5imPd+DSymunmuG20Trfqwaor0H6aaGQewee3LeGA++rw
GvduWYBCxjYU0Q0Q6Yz0L15/PQ1JyzjZY92dPgV9MHTHYH3e6evekwW83WzwaknX
dMA17wiLrB52gT32Zg==
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:19:20 2025 by rpki-client