Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/uh8XBm3PwlXeEISxoJffWS-rBYY.roa
File: uh8XBm3PwlXeEISxoJffWS-rBYY.roa (raw, json)
Hash identifier: U5DG5Qm7X/VfqSXCSjdWNAH4JM9BkFcMNOo3c2M5Z74=
Subject key identifier: BA:1F:17:06:6D:CF:C2:55:DE:10:84:B1:A0:97:DF:59:2F:AB:05:86
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 018F2DEC29A274E6FD21ABD8E3D286BA52F8
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/uh8XBm3PwlXeEISxoJffWS-rBYY.roa
Signing time: Tue 30 Apr 2024 07:33:22 +0000
ROA not before: Tue 30 Apr 2024 07:33:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 77.83.246.0/24 maxlen: 24
160.20.156.0/24 maxlen: 24
160.20.157.0/24 maxlen: 24
185.75.132.0/24 maxlen: 24
185.77.138.0/24 maxlen: 24
185.77.139.0/24 maxlen: 24
185.79.133.0/24 maxlen: 24
185.95.228.0/24 maxlen: 24
185.100.156.0/24 maxlen: 24
185.102.114.0/24 maxlen: 24
185.111.24.0/24 maxlen: 24
193.38.228.0/24 maxlen: 24
193.38.229.0/24 maxlen: 24
193.38.230.0/24 maxlen: 24
193.38.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Jun 2024 06:50:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2d:ec:29:a2:74:e6:fd:21:ab:d8:e3:d2:86:ba:52:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Apr 30 07:33:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba1f17066dcfc255de1084b1a097df592fab0586
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f0:14:c7:a9:0c:c3:8d:e8:09:c8:b9:bd:58:
53:66:d4:b2:b0:72:4b:7e:0d:ef:ff:d8:91:ea:99:
7d:3b:06:91:e7:cf:73:a9:81:b1:d0:6a:a0:c4:36:
95:58:ff:d6:93:12:fb:7e:1e:7e:a9:31:73:25:95:
b7:98:17:e6:dc:3d:74:cc:5a:8b:84:5a:e9:4c:c9:
b5:e2:b3:38:95:80:ce:3e:20:a7:cf:b2:b6:66:f9:
da:07:e0:3a:88:1c:ce:b4:e2:30:06:52:10:aa:9c:
1f:fb:1b:bc:fb:bd:06:1f:5d:64:f5:8c:d3:6f:56:
ba:6e:73:4c:3c:9e:e9:c4:00:f1:7b:b6:88:01:16:
7b:5e:ad:ed:82:36:34:78:af:1d:f5:ac:1b:ef:28:
8a:32:17:4e:cc:71:62:c5:d2:63:ac:e1:83:a8:89:
19:3d:79:4c:a5:fc:22:bb:02:df:19:0f:62:37:42:
90:59:54:e6:56:ac:07:9d:22:81:0e:42:17:0b:36:
d0:2a:9b:6f:4f:0b:7f:30:43:21:c1:d3:17:8a:7e:
d5:73:f1:43:a0:15:68:84:7a:47:df:96:60:04:23:
ae:23:64:b0:23:88:ec:6e:db:3a:5b:1d:5a:12:2c:
c4:51:68:f1:c8:de:ae:b9:23:27:f1:ce:10:57:f5:
cd:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:1F:17:06:6D:CF:C2:55:DE:10:84:B1:A0:97:DF:59:2F:AB:05:86
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/uh8XBm3PwlXeEISxoJffWS-rBYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.246.0/24
160.20.156.0/23
185.75.132.0/24
185.77.138.0/23
185.79.133.0/24
185.95.228.0/24
185.100.156.0/24
185.102.114.0/24
185.111.24.0/24
193.38.228.0/22
Signature Algorithm: sha256WithRSAEncryption
02:92:5d:04:fd:2b:7f:f1:f0:17:f9:a6:90:8b:93:b9:c0:30:
89:0c:c3:ab:1e:a0:1b:86:69:0f:72:ed:b2:00:6c:ed:60:12:
b8:47:a5:2c:9e:1d:31:d7:11:26:da:3b:9a:1a:d5:a9:c9:dc:
e0:8e:2d:70:b8:76:bb:58:fc:dc:bd:f6:ad:f5:cb:d9:ae:a5:
f6:aa:79:79:b6:42:80:03:65:f0:04:0b:8f:e5:62:9b:2f:10:
91:ae:3c:fd:68:af:a3:7e:5f:77:9b:30:b4:5b:d2:7b:90:36:
6f:96:89:b8:74:ab:55:a8:a0:8c:d8:8b:be:35:f9:af:7c:e8:
51:e7:4b:f7:4a:e5:6d:bc:95:12:0a:6a:70:24:c4:b8:0f:98:
b2:d2:1a:8b:a0:5f:49:d3:d7:22:3d:3f:70:cf:e6:e7:d2:97:
34:5a:47:66:e3:1a:80:7d:a9:cb:b5:1c:24:de:2d:2a:3e:fd:
1b:e0:a7:58:e7:45:05:08:80:1d:a8:c0:dd:e4:9a:4f:9c:fc:
74:1e:8a:5f:8d:b1:c2:ff:74:9f:13:af:47:aa:a7:b1:fe:31:
4f:0d:7f:d7:1a:84:30:1e:cc:7a:ba:30:83:64:96:62:28:17:
73:18:71:8b:0a:80:fa:b4:12:17:72:a5:4f:cf:d9:de:56:92:
71:4f:5f:d0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY8t7CmidOb9IavY49KGulL4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjQwNDMwMDczMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTFmMTcwNjZkY2ZjMjU1ZGUxMDg0YjFhMDk3ZGY1OTJmYWIwNTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPAUx6kMw43oCci5vVhTZtSysHJL
fg3v/9iR6pl9OwaR589zqYGx0GqgxDaVWP/WkxL7fh5+qTFzJZW3mBfm3D10zFqL
hFrpTMm14rM4lYDOPiCnz7K2ZvnaB+A6iBzOtOIwBlIQqpwf+xu8+70GH11k9YzT
b1a6bnNMPJ7pxADxe7aIARZ7Xq3tgjY0eK8d9awb7yiKMhdOzHFixdJjrOGDqIkZ
PXlMpfwiuwLfGQ9iN0KQWVTmVqwHnSKBDkIXCzbQKptvTwt/MEMhwdMXin7Vc/FD
oBVohHpH35ZgBCOuI2SwI4jsbts6Wx1aEizEUWjxyN6uuSMn8c4QV/XN/wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFLofFwZtz8JV3hCEsaCX31kvqwWGMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvdWg4WEJtM1B3bFhlRUlTeG9KZmZXUy1yQllZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQATVP2AwQB
oBScAwQAuUuEAwQBuU2KAwQAuU+FAwQAuV/kAwQAuWScAwQAuWZyAwQAuW8YAwQC
wSbkMA0GCSqGSIb3DQEBCwUAA4IBAQACkl0E/St/8fAX+aaQi5O5wDCJDMOrHqAb
hmkPcu2yAGztYBK4R6Usnh0x1xEm2juaGtWpydzgji1wuHa7WPzcvfat9cvZrqX2
qnl5tkKAA2XwBAuP5WKbLxCRrjz9aK+jfl93mzC0W9J7kDZvlom4dKtVqKCM2Iu+
NfmvfOhR50v3SuVtvJUSCmpwJMS4D5iy0hqLoF9J09ciPT9wz+bn0pc0Wkdm4xqA
fanLtRwk3i0qPv0b4KdY50UFCIAdqMDd5JpPnPx0HopfjbHC/3SfE69Hqqex/jFP
DX/XGoQwHsx6ujCDZJZiKBdzGHGLCoD6tBIXcqVPz9neVpJxT1/Q
-----END CERTIFICATE-----
Generated at Tue Jun 25 09:54:33 2024 by rpki-client on console-ams.rpki-client.org