Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/95c3c8-6ab1-4951-8f59-65503a9306a0/1/AwUAKPNChdiMuwPxbMav_IjCRP4.roa
File: AwUAKPNChdiMuwPxbMav_IjCRP4.roa (raw, json)
Hash identifier: RRg3l0312TjI3xoFWREivXzDGcereAUQzXSuJFUDLhc=
Subject key identifier: 03:05:00:28:F3:42:85:D8:8C:BB:03:F1:6C:C6:AF:FC:88:C2:44:FE
Certificate issuer: /CN=18d801de9fe8a6680758817823ae36ba065c610d
Certificate serial: 01856D38742A424FB5037CE67880D011642F
Authority key identifier: 18:D8:01:DE:9F:E8:A6:68:07:58:81:78:23:AE:36:BA:06:5C:61:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GNgB3p_opmgHWIF4I642ugZcYQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/95c3c8-6ab1-4951-8f59-65503a9306a0/1/AwUAKPNChdiMuwPxbMav_IjCRP4.roa
Signing time: Sun 01 Jan 2023 12:04:54 +0000
ROA not before: Sun 01 Jan 2023 12:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21473
IP address blocks: 213.206.160.0/19 maxlen: 24
77.72.216.0/21 maxlen: 24
77.72.221.0/24 maxlen: 24
213.183.64.0/19 maxlen: 24
2a02:24d8::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:74:2a:42:4f:b5:03:7c:e6:78:80:d0:11:64:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18d801de9fe8a6680758817823ae36ba065c610d
Validity
Not Before: Jan 1 12:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03050028f34285d88cbb03f16cc6affc88c244fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:86:d4:9f:37:02:30:e1:ad:ae:d3:6f:7c:27:
6e:c2:3d:b5:c3:9d:5b:01:7c:72:7c:fd:b3:9b:9f:
3d:0b:8b:bb:4c:03:09:14:e6:ee:3d:7a:98:e9:db:
ba:2b:16:3a:23:08:27:ee:21:4a:62:cf:e9:28:d0:
e7:e7:2b:ef:3d:9b:de:4c:17:c0:7d:85:34:fb:51:
b0:a4:89:27:ea:a3:43:98:cf:74:3f:b4:b9:26:51:
b7:a1:8d:ba:17:6d:81:36:69:66:d9:90:e4:03:33:
ad:51:c2:02:65:1c:f9:18:39:37:7d:73:49:19:93:
9d:ce:5a:82:2a:ee:3a:1f:0b:32:75:a2:4d:86:f2:
55:1b:e3:40:5e:f4:a6:5d:2c:aa:3d:9b:72:d4:38:
3d:7a:fa:84:93:a9:6d:81:de:75:66:95:fd:a2:2b:
31:57:ed:5e:bf:73:5d:72:ce:bb:35:12:8e:0f:7c:
5d:da:5c:7c:7d:fb:69:6a:68:ce:2f:95:92:b5:b7:
7f:65:13:d0:ef:0c:86:8d:ea:f2:20:0e:71:90:23:
9d:31:a8:01:d3:a2:32:b4:f3:95:2a:8a:e6:ed:8a:
7d:08:65:b5:ab:58:0e:ee:f6:e9:ec:cd:79:8d:7a:
19:82:e5:c1:cc:5d:39:7f:d7:de:4e:45:d9:fd:84:
8c:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:05:00:28:F3:42:85:D8:8C:BB:03:F1:6C:C6:AF:FC:88:C2:44:FE
X509v3 Authority Key Identifier:
keyid:18:D8:01:DE:9F:E8:A6:68:07:58:81:78:23:AE:36:BA:06:5C:61:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GNgB3p_opmgHWIF4I642ugZcYQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/95c3c8-6ab1-4951-8f59-65503a9306a0/1/AwUAKPNChdiMuwPxbMav_IjCRP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/95c3c8-6ab1-4951-8f59-65503a9306a0/1/GNgB3p_opmgHWIF4I642ugZcYQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.216.0/21
213.183.64.0/19
213.206.160.0/19
IPv6:
2a02:24d8::/32
Signature Algorithm: sha256WithRSAEncryption
a5:b7:dc:8f:ba:e5:d7:ee:2f:fc:35:1a:3d:e0:fd:88:a9:f4:
f8:bb:9f:75:27:0e:a3:44:56:7b:20:39:18:6e:2b:15:0e:76:
83:28:0e:d2:50:ff:20:df:42:bb:44:88:58:41:0a:1f:07:0e:
81:c1:90:63:08:8d:8d:e7:36:20:bf:72:49:6e:68:33:f9:c5:
b3:29:b3:19:ef:33:a6:81:7d:1d:ea:a9:0e:26:59:f8:bd:32:
5f:52:fe:40:aa:8e:c8:25:cb:b7:70:4d:b7:9f:48:50:8e:7b:
3a:c3:99:d1:31:98:f4:2f:73:ef:52:3c:46:1a:69:ef:fe:88:
fd:b4:37:0a:50:51:df:9e:dd:49:ae:d8:6c:ed:90:cd:58:03:
69:cb:e7:28:fc:57:55:1d:e7:15:e8:1d:60:e5:3c:6b:49:6c:
5a:7b:1d:b0:48:a9:36:a8:ab:69:b0:4b:d8:6b:97:bc:f1:f7:
d4:a5:27:63:69:a2:d5:3d:a1:1d:c1:52:73:56:e8:3b:3f:4c:
42:c8:cf:bb:d8:5f:41:c5:4e:63:bc:1d:54:2c:64:a5:19:fb:
66:df:56:3d:78:d1:e5:2b:a5:f9:06:37:8a:47:84:bc:3a:93:
25:5c:6a:12:58:6f:33:1c:b5:d7:79:d5:e3:21:86:04:5d:a8:
75:e1:a9:fe
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVtOHQqQk+1A3zmeIDQEWQvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZDgwMWRlOWZlOGE2NjgwNzU4ODE3ODIzYWUzNmJhMDY1
YzYxMGQwHhcNMjMwMTAxMTIwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzA1MDAyOGYzNDI4NWQ4OGNiYjAzZjE2Y2M2YWZmYzg4YzI0NGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIbUnzcCMOGtrtNvfCduwj21w51b
AXxyfP2zm589C4u7TAMJFObuPXqY6du6KxY6Iwgn7iFKYs/pKNDn5yvvPZveTBfA
fYU0+1GwpIkn6qNDmM90P7S5JlG3oY26F22BNmlm2ZDkAzOtUcICZRz5GDk3fXNJ
GZOdzlqCKu46HwsydaJNhvJVG+NAXvSmXSyqPZty1Dg9evqEk6ltgd51ZpX9oisx
V+1ev3Ndcs67NRKOD3xd2lx8fftpamjOL5WStbd/ZRPQ7wyGjeryIA5xkCOdMagB
06IytPOVKorm7Yp9CGW1q1gO7vbp7M15jXoZguXBzF05f9feTkXZ/YSMhQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAMFACjzQoXYjLsD8WzGr/yIwkT+MB8GA1UdIwQY
MBaAFBjYAd6f6KZoB1iBeCOuNroGXGENMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR05nQjNwX29wbWdIV0lGNEk2NDJ1Z1pjWVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85NWMzYzgtNmFiMS00OTUxLThmNTkt
NjU1MDNhOTMwNmEwLzEvQXdVQUtQTkNoZGlNdXdQeGJNYXZfSWpDUlA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85NWMzYzgtNmFiMS00OTUxLThmNTktNjU1MDNhOTMwNmEw
LzEvR05nQjNwX29wbWdIV0lGNEk2NDJ1Z1pjWVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDTUjYAwQF
1bdAAwQF1c6gMA0EAgACMAcDBQAqAiTYMA0GCSqGSIb3DQEBCwUAA4IBAQClt9yP
uuXX7i/8NRo94P2IqfT4u591Jw6jRFZ7IDkYbisVDnaDKA7SUP8g30K7RIhYQQof
Bw6BwZBjCI2N5zYgv3JJbmgz+cWzKbMZ7zOmgX0d6qkOJln4vTJfUv5Aqo7IJcu3
cE23n0hQjns6w5nRMZj0L3PvUjxGGmnv/oj9tDcKUFHfnt1Jrths7ZDNWANpy+co
/FdVHecV6B1g5TxrSWxaex2wSKk2qKtpsEvYa5e88ffUpSdjaaLVPaEdwVJzVug7
P0xCyM+72F9BxU5jvB1ULGSlGftm31Y9eNHlK6X5BjeKR4S8OpMlXGoSWG8zHLXX
edXjIYYEXah14an+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:17 2024 by rpki-client on console-ams.rpki-client.org