Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/eef035-2629-4e3e-bebc-15a0dddd749c/1/OoSoh7YCl8gmLUd2e_dNmqq4AVw.roa
File: OoSoh7YCl8gmLUd2e_dNmqq4AVw.roa (raw, json)
Hash identifier: RABiml26PrVu2hAkdOZ4lnYOp9Y1GmR8KDkIS6ACPYU=
Subject key identifier: 3A:84:A8:87:B6:02:97:C8:26:2D:47:76:7B:F7:4D:9A:AA:B8:01:5C
Certificate issuer: /CN=88a62cf8100e8c1b475443fd94cd58d8ef2a33ae
Certificate serial: 01856C53AC66B6A2B38846CA82CFF07FEB81
Authority key identifier: 88:A6:2C:F8:10:0E:8C:1B:47:54:43:FD:94:CD:58:D8:EF:2A:33:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iKYs-BAOjBtHVEP9lM1Y2O8qM64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/eef035-2629-4e3e-bebc-15a0dddd749c/1/OoSoh7YCl8gmLUd2e_dNmqq4AVw.roa
Signing time: Sun 01 Jan 2023 07:55:01 +0000
ROA not before: Sun 01 Jan 2023 07:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201127
IP address blocks: 77.39.220.0/22 maxlen: 24
185.84.88.0/22 maxlen: 24
2a05:a3c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:ac:66:b6:a2:b3:88:46:ca:82:cf:f0:7f:eb:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88a62cf8100e8c1b475443fd94cd58d8ef2a33ae
Validity
Not Before: Jan 1 07:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a84a887b60297c8262d47767bf74d9aaab8015c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8b:00:8f:c3:f1:0d:76:e8:c4:af:a2:e6:18:
97:ea:67:ce:03:b1:7a:58:79:cc:e0:18:4b:33:a7:
02:cd:12:40:ce:a2:c0:0d:d9:50:48:c1:31:9a:3c:
42:6c:f4:cf:c2:33:ec:c4:ff:61:c3:69:92:b3:4a:
1e:f5:b8:d7:b6:b0:6f:60:c4:bd:48:83:ff:92:8d:
65:d6:78:92:34:16:44:fd:51:b1:55:dd:23:cd:aa:
bc:0f:2d:23:7f:31:23:6d:74:57:b3:52:8d:e9:bb:
9e:d4:e0:8d:fc:3e:6a:27:81:71:5b:8e:46:5f:c2:
db:8a:a0:52:d2:1f:56:85:33:14:53:ce:55:ae:ad:
e7:bf:55:b3:e1:38:e7:82:12:39:81:ae:ce:1d:41:
81:b1:08:c5:d2:70:47:a5:79:d5:56:ec:20:96:e6:
99:75:f4:0c:68:33:92:ca:da:14:8b:67:8b:9d:48:
cd:93:de:32:e8:f6:5f:d2:76:a3:8e:6c:06:f3:ee:
1a:6a:3f:a9:26:9e:ec:65:f0:20:42:12:88:c8:86:
22:21:aa:a1:b0:26:01:51:d6:5b:ba:0f:2e:31:63:
98:ea:a2:77:c8:44:15:70:50:a4:9f:cd:4a:66:9a:
57:75:1d:85:ce:21:3e:38:9b:75:b0:2f:a7:8b:8c:
79:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:84:A8:87:B6:02:97:C8:26:2D:47:76:7B:F7:4D:9A:AA:B8:01:5C
X509v3 Authority Key Identifier:
keyid:88:A6:2C:F8:10:0E:8C:1B:47:54:43:FD:94:CD:58:D8:EF:2A:33:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKYs-BAOjBtHVEP9lM1Y2O8qM64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/eef035-2629-4e3e-bebc-15a0dddd749c/1/OoSoh7YCl8gmLUd2e_dNmqq4AVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/eef035-2629-4e3e-bebc-15a0dddd749c/1/iKYs-BAOjBtHVEP9lM1Y2O8qM64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.39.220.0/22
185.84.88.0/22
IPv6:
2a05:a3c0::/29
Signature Algorithm: sha256WithRSAEncryption
4b:3c:23:e2:57:34:3b:61:2e:b9:64:1e:01:cd:c0:36:92:8d:
e3:2d:86:f9:a1:bb:68:b7:37:fc:f8:2a:be:f2:b0:37:e9:1a:
9c:cd:2f:d6:28:b7:9b:ab:83:09:59:d3:1b:99:3f:7c:4c:3f:
7e:8e:61:6a:de:c1:42:1d:36:97:ec:33:ab:7a:74:ff:81:c5:
0e:74:6e:55:1a:7d:d5:f0:65:23:85:6a:9c:67:de:91:55:ef:
50:6a:b0:a0:4d:d7:d0:2a:81:98:cd:c3:8b:81:9e:89:7b:75:
5b:28:a0:54:70:3a:dc:72:1b:2c:93:2f:ae:fb:d5:de:70:95:
f9:9e:54:6e:14:66:f4:36:26:7c:5d:7a:79:56:3c:91:41:56:
68:99:ff:8e:9f:62:4a:3d:8c:ca:7c:8c:85:f4:2e:25:e0:81:
ae:f5:72:a5:93:9a:37:17:ab:e7:ca:33:9d:d2:22:ab:a1:62:
bd:96:d7:61:85:e4:c2:dd:62:f3:8b:58:64:2e:6d:c9:1d:cb:
5b:2c:ca:bb:3c:60:82:27:db:ce:41:a0:c8:a6:55:b5:24:1b:
98:ce:47:38:52:76:7e:bc:c8:a6:38:29:61:81:36:aa:36:59:
39:c8:be:9e:c3:ee:9d:9d:c0:e2:eb:38:b9:aa:99:71:d2:d7:
27:a6:05:54
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsU6xmtqKziEbKgs/wf+uBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YTYyY2Y4MTAwZThjMWI0NzU0NDNmZDk0Y2Q1OGQ4ZWYy
YTMzYWUwHhcNMjMwMTAxMDc1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTg0YTg4N2I2MDI5N2M4MjYyZDQ3NzY3YmY3NGQ5YWFhYjgwMTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqosAj8PxDXboxK+i5hiX6mfOA7F6
WHnM4BhLM6cCzRJAzqLADdlQSMExmjxCbPTPwjPsxP9hw2mSs0oe9bjXtrBvYMS9
SIP/ko1l1niSNBZE/VGxVd0jzaq8Dy0jfzEjbXRXs1KN6bue1OCN/D5qJ4FxW45G
X8LbiqBS0h9WhTMUU85Vrq3nv1Wz4TjnghI5ga7OHUGBsQjF0nBHpXnVVuwgluaZ
dfQMaDOSytoUi2eLnUjNk94y6PZf0najjmwG8+4aaj+pJp7sZfAgQhKIyIYiIaqh
sCYBUdZbug8uMWOY6qJ3yEQVcFCkn81KZppXdR2FziE+OJt1sC+ni4x5qQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDqEqIe2ApfIJi1Hdnv3TZqquAFcMB8GA1UdIwQY
MBaAFIimLPgQDowbR1RD/ZTNWNjvKjOuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUtZcy1CQU9qQnRIVkVQOWxNMVkyTzhxTTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9lZWYwMzUtMjYyOS00ZTNlLWJlYmMt
MTVhMGRkZGQ3NDljLzEvT29Tb2g3WUNsOGdtTFVkMmVfZE5tcXE0QVZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9lZWYwMzUtMjYyOS00ZTNlLWJlYmMtMTVhMGRkZGQ3NDlj
LzEvaUtZcy1CQU9qQnRIVkVQOWxNMVkyTzhxTTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCTSfcAwQC
uVRYMA0EAgACMAcDBQMqBaPAMA0GCSqGSIb3DQEBCwUAA4IBAQBLPCPiVzQ7YS65
ZB4BzcA2ko3jLYb5obtotzf8+Cq+8rA36RqczS/WKLebq4MJWdMbmT98TD9+jmFq
3sFCHTaX7DOrenT/gcUOdG5VGn3V8GUjhWqcZ96RVe9QarCgTdfQKoGYzcOLgZ6J
e3VbKKBUcDrcchssky+u+9XecJX5nlRuFGb0NiZ8XXp5VjyRQVZomf+On2JKPYzK
fIyF9C4l4IGu9XKlk5o3F6vnyjOd0iKroWK9ltdhheTC3WLzi1hkLm3JHctbLMq7
PGCCJ9vOQaDIplW1JBuYzkc4UnZ+vMimOClhgTaqNlk5yL6ew+6dncDi6zi5qplx
0tcnpgVU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:19 2024 by rpki-client on console-fra.rpki-client.org