Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/U2lcp5jPawqDE3lYX1q8QuDBh5w.roa
File: U2lcp5jPawqDE3lYX1q8QuDBh5w.roa (raw, json)
Hash identifier: Zqwhhltl/XsTpEJQHShQHWLW157Qg0jS40YFWAeCo0M=
Subject key identifier: 53:69:5C:A7:98:CF:6B:0A:83:13:79:58:5F:5A:BC:42:E0:C1:87:9C
Certificate issuer: /CN=3096d7afbb8a5e315a5c489acea7dcb75aa65d04
Certificate serial: 0185F3A7F146105FFA3F45DC7ED589F7C202
Authority key identifier: 30:96:D7:AF:BB:8A:5E:31:5A:5C:48:9A:CE:A7:DC:B7:5A:A6:5D:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/U2lcp5jPawqDE3lYX1q8QuDBh5w.roa
Signing time: Fri 27 Jan 2023 14:35:47 +0000
ROA not before: Fri 27 Jan 2023 14:35:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34606
IP address blocks: 77.108.0.0/18 maxlen: 18
85.208.232.0/22 maxlen: 22
194.116.0.0/18 maxlen: 18
88.87.96.0/19 maxlen: 19
185.73.244.0/22 maxlen: 22
95.140.136.0/21 maxlen: 21
82.215.128.0/18 maxlen: 18
82.215.128.0/22 maxlen: 22
185.117.216.0/22 maxlen: 22
185.127.32.0/22 maxlen: 22
194.176.126.0/24 maxlen: 24
81.30.0.0/20 maxlen: 20
85.159.176.0/21 maxlen: 21
77.72.32.0/21 maxlen: 21
2a03:4560::/32 maxlen: 32
2a06:8580::/29 maxlen: 29
2a02:260::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f3:a7:f1:46:10:5f:fa:3f:45:dc:7e:d5:89:f7:c2:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3096d7afbb8a5e315a5c489acea7dcb75aa65d04
Validity
Not Before: Jan 27 14:35:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53695ca798cf6b0a831379585f5abc42e0c1879c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:21:35:72:25:7a:11:db:ef:f9:94:3c:52:22:
dd:46:4e:b8:55:08:6d:2d:c5:4c:97:f8:e4:31:82:
f9:3e:e3:2b:46:bc:b5:92:aa:d2:16:91:96:d4:c7:
e5:c2:46:54:2d:ec:0b:62:58:5a:be:ac:0b:43:af:
63:63:64:66:83:2b:e2:8a:1d:23:cf:06:b1:9c:bc:
a9:00:10:6c:71:4c:b7:13:e2:cb:d8:28:69:76:86:
d3:1e:24:d3:f2:ae:d5:84:1b:56:68:77:b8:b5:91:
89:93:4f:2b:91:0c:3d:36:a4:b3:bc:88:55:0b:12:
2e:26:2c:06:b0:a4:7b:43:73:fc:29:4e:92:6c:63:
2f:d0:96:e6:b2:fc:a7:17:48:ad:3c:07:88:08:85:
e2:08:4e:2e:f0:5c:f2:19:c8:6a:61:fc:be:c9:c6:
b4:d5:bf:6b:dc:d7:79:3d:ef:e7:94:b3:b7:9e:aa:
2a:83:68:85:a9:45:d9:34:43:90:35:5b:ae:0c:e1:
44:83:7d:ed:b2:8a:60:be:4f:b1:8c:84:b7:8b:d7:
49:3d:72:d3:93:71:c0:5f:55:e8:94:bf:6b:85:f6:
59:80:fb:18:89:9e:65:c8:e0:e1:a2:98:0e:9e:aa:
2e:ee:0a:69:5e:6c:05:d0:01:9f:1d:46:16:a9:0a:
a9:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:69:5C:A7:98:CF:6B:0A:83:13:79:58:5F:5A:BC:42:E0:C1:87:9C
X509v3 Authority Key Identifier:
keyid:30:96:D7:AF:BB:8A:5E:31:5A:5C:48:9A:CE:A7:DC:B7:5A:A6:5D:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/U2lcp5jPawqDE3lYX1q8QuDBh5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/MJbXr7uKXjFaXEiazqfct1qmXQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.32.0/21
77.108.0.0/18
81.30.0.0/20
82.215.128.0/18
85.159.176.0/21
85.208.232.0/22
88.87.96.0/19
95.140.136.0/21
185.73.244.0/22
185.117.216.0/22
185.127.32.0/22
194.116.0.0/18
194.176.126.0/24
IPv6:
2a02:260::/32
2a03:4560::/32
2a06:8580::/29
Signature Algorithm: sha256WithRSAEncryption
09:e7:e0:04:6e:82:74:96:75:b6:59:a8:38:a9:6a:40:bd:24:
b6:00:91:f5:59:7a:26:c0:fc:36:8c:a7:78:45:85:27:df:68:
ec:7a:bd:82:a5:ce:3b:8c:e5:5e:a2:b7:54:21:fa:92:0e:0e:
ff:90:18:14:b5:2a:5f:57:17:2b:40:5a:52:96:61:2b:7a:81:
ae:37:51:09:3c:07:94:dd:1a:74:50:93:2f:f2:a5:b7:52:6a:
df:e7:45:a3:48:cf:cb:e5:f9:b3:29:32:1c:b7:3f:ee:a2:29:
13:79:3b:cd:f0:75:6e:e8:9f:ef:f0:5a:1b:59:bc:0e:16:5b:
42:c2:a3:59:eb:aa:2c:d5:89:44:24:9d:bd:e0:c0:54:36:f0:
2a:e8:b5:7f:af:57:d2:6f:09:67:0b:e1:91:62:dc:d8:b2:f3:
17:b2:64:14:8b:6b:a2:8c:4b:75:e2:6a:a9:d9:b7:c6:38:c4:
74:f5:09:bf:d6:a0:69:87:c9:d0:90:84:1b:d7:39:69:29:7b:
bd:61:4b:54:82:fb:e0:46:83:5b:c9:87:db:91:d3:66:6e:d6:
cd:d3:ca:0a:31:79:a0:96:7c:78:cf:6c:77:e2:d4:9d:e5:bb:
6f:89:a0:83:4c:45:a8:72:f8:c9:df:95:f8:b7:05:de:15:b8:
6a:a6:eb:6d
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYXzp/FGEF/6P0XcftWJ98ICMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwOTZkN2FmYmI4YTVlMzE1YTVjNDg5YWNlYTdkY2I3NWFh
NjVkMDQwHhcNMjMwMTI3MTQzNTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzY5NWNhNzk4Y2Y2YjBhODMxMzc5NTg1ZjVhYmM0MmUwYzE4NzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCE1ciV6Edvv+ZQ8UiLdRk64VQht
LcVMl/jkMYL5PuMrRry1kqrSFpGW1MflwkZULewLYlhavqwLQ69jY2Rmgyviih0j
zwaxnLypABBscUy3E+LL2ChpdobTHiTT8q7VhBtWaHe4tZGJk08rkQw9NqSzvIhV
CxIuJiwGsKR7Q3P8KU6SbGMv0JbmsvynF0itPAeICIXiCE4u8FzyGchqYfy+yca0
1b9r3Nd5Pe/nlLO3nqoqg2iFqUXZNEOQNVuuDOFEg33tsopgvk+xjIS3i9dJPXLT
k3HAX1XolL9rhfZZgPsYiZ5lyODhopgOnqou7gppXmwF0AGfHUYWqQqpxwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFFNpXKeYz2sKgxN5WF9avELgwYecMB8GA1UdIwQY
MBaAFDCW16+7il4xWlxIms6n3Ldapl0EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUpiWHI3dUtYakZhWEVpYXpxZmN0MXFtWFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9jZjhmOTktZTU4MS00ZjVmLTg3NWYt
ZGY0ZThjNzM2NGZlLzEvVTJsY3A1alBhd3FERTNsWVgxcThRdURCaDV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9jZjhmOTktZTU4MS00ZjVmLTg3NWYtZGY0ZThjNzM2NGZl
LzEvTUpiWHI3dUtYakZhWEVpYXpxZmN0MXFtWFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwVAQCAAEwTgMEA01IIAME
Bk1sAAMEBFEeAAMEBlLXgAMEA1WfsAMEAlXQ6AMEBVhXYAMEA1+MiAMEArlJ9AME
Arl12AMEArl/IAMEBsJ0AAMEAMKwfjAbBAIAAjAVAwUAKgICYAMFACoDRWADBQMq
BoWAMA0GCSqGSIb3DQEBCwUAA4IBAQAJ5+AEboJ0lnW2Wag4qWpAvSS2AJH1WXom
wPw2jKd4RYUn32jser2Cpc47jOVeordUIfqSDg7/kBgUtSpfVxcrQFpSlmEreoGu
N1EJPAeU3Rp0UJMv8qW3Umrf50WjSM/L5fmzKTIctz/uoikTeTvN8HVu6J/v8Fob
WbwOFltCwqNZ66os1YlEJJ294MBUNvAq6LV/r1fSbwlnC+GRYtzYsvMXsmQUi2ui
jEt14mqp2bfGOMR09Qm/1qBph8nQkIQb1zlpKXu9YUtUgvvgRoNbyYfbkdNmbtbN
08oKMXmglnx4z2x34tSd5btviaCDTEWocvjJ35X4twXeFbhqputt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:09 2024 by rpki-client on console-fra.rpki-client.org