Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/1-iLsn-McQTS5y7M3zIaCbjI5VM0.roa
File: 1-iLsn-McQTS5y7M3zIaCbjI5VM0.roa (raw, json)
Hash identifier: 6EW4UzX1keoHKIjjorKLwFQr7rytnqhDtpt2JHAXEhQ=
Subject key identifier: FA:22:EC:9F:E3:1C:41:34:B9:CB:B3:37:CC:86:82:6E:32:39:54:CD
Certificate issuer: /CN=a322f229edc2f314a2fa5ef0d7af1dddb499ea31
Certificate serial: 01856F0B7735A00CE83D6AE0B9A23722B60B
Authority key identifier: A3:22:F2:29:ED:C2:F3:14:A2:FA:5E:F0:D7:AF:1D:DD:B4:99:EA:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oyLyKe3C8xSi-l7w168d3bSZ6jE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/1-iLsn-McQTS5y7M3zIaCbjI5VM0.roa
Signing time: Sun 01 Jan 2023 20:35:00 +0000
ROA not before: Sun 01 Jan 2023 20:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42309
IP address blocks: 77.240.208.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:77:35:a0:0c:e8:3d:6a:e0:b9:a2:37:22:b6:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a322f229edc2f314a2fa5ef0d7af1dddb499ea31
Validity
Not Before: Jan 1 20:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa22ec9fe31c4134b9cbb337cc86826e323954cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:22:a9:cd:23:b4:41:b9:2e:2e:f5:2a:4e:55:
34:72:27:ba:4f:b3:10:81:57:22:8f:ed:d8:6f:9a:
c6:b4:e0:28:bd:5d:38:ee:9c:54:7f:8b:c9:b9:99:
ac:aa:81:3e:1f:4d:5c:f6:2e:df:a1:c5:7c:7d:5c:
3b:8f:5c:81:ae:6c:82:72:c2:f4:60:9c:c1:27:fd:
57:57:40:de:69:88:2e:ae:ac:4b:5a:42:ea:53:17:
40:ba:f3:50:c3:ea:3e:fa:a1:cc:7c:a3:ac:a1:24:
54:cd:ef:ef:a5:e9:56:2c:83:53:54:1b:d4:5c:41:
c5:77:4e:e1:6d:3f:43:b8:8a:04:26:e6:6d:60:0b:
54:59:fe:60:fb:25:52:f7:81:6b:02:21:d0:eb:a2:
78:a6:10:f7:4c:83:73:aa:a7:32:45:f2:ec:3c:7f:
5f:ef:71:38:ac:96:d9:5d:34:02:1d:d0:09:64:b5:
98:4a:6a:cb:da:ae:7d:c9:cd:e9:f9:0c:93:a0:f5:
cf:7e:11:f5:55:1c:dc:58:ca:40:84:f3:fa:e1:ba:
9d:f3:cd:d2:8f:6e:17:a6:74:ce:45:92:c2:86:8c:
89:b4:e0:3c:14:2c:c7:9a:bb:34:a2:b8:df:3a:88:
26:44:40:76:3f:06:e2:27:1b:c4:cd:a9:d9:f9:d3:
06:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:22:EC:9F:E3:1C:41:34:B9:CB:B3:37:CC:86:82:6E:32:39:54:CD
X509v3 Authority Key Identifier:
keyid:A3:22:F2:29:ED:C2:F3:14:A2:FA:5E:F0:D7:AF:1D:DD:B4:99:EA:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyLyKe3C8xSi-l7w168d3bSZ6jE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/1-iLsn-McQTS5y7M3zIaCbjI5VM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/oyLyKe3C8xSi-l7w168d3bSZ6jE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.208.0/20
Signature Algorithm: sha256WithRSAEncryption
78:70:8e:17:fe:be:d8:01:7f:9f:88:94:7c:0d:ab:9c:11:a5:
ae:fc:70:06:12:c6:77:95:53:9f:4b:83:6d:70:fe:84:dd:40:
cb:32:5f:75:80:ae:31:25:5f:3d:8b:ea:1b:35:9d:d6:25:7b:
51:76:aa:04:2e:bd:d3:6b:58:aa:a3:72:07:93:f2:91:42:e7:
ce:77:9d:6c:ca:af:59:21:35:ec:01:44:1d:fe:16:64:f0:7a:
88:4f:02:98:7d:5e:46:2f:68:48:fe:00:22:1f:4a:b9:04:07:
0c:2a:f8:98:4f:30:9f:3a:7f:f7:90:fd:07:65:0f:0f:22:4a:
f7:f2:9a:b9:39:c3:d6:94:c5:d1:1f:31:93:86:50:9b:38:96:
04:56:76:08:fc:c0:32:a2:5f:d8:db:ff:35:e5:6e:db:37:27:
4f:b1:e6:82:49:0d:d2:b2:00:48:92:60:57:8b:2c:91:7c:01:
75:e7:ef:7f:62:d9:c4:cc:51:c0:fa:b1:d6:da:20:88:c0:92:
76:55:e0:3d:eb:a1:ef:b1:94:8f:1e:cf:b9:64:27:06:f6:ec:
e5:ae:ed:06:1c:80:fc:fe:98:f5:cb:21:fd:5f:60:4f:fa:de:
a0:72:14:8c:e6:25:e1:b6:85:07:16:98:a8:d9:03:b2:bd:7e:
b6:24:2f:08
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvC3c1oAzoPWrguaI3IrYLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjJmMjI5ZWRjMmYzMTRhMmZhNWVmMGQ3YWYxZGRkYjQ5
OWVhMzEwHhcNMjMwMTAxMjAzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTIyZWM5ZmUzMWM0MTM0YjljYmIzMzdjYzg2ODI2ZTMyMzk1NGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCKpzSO0QbkuLvUqTlU0cie6T7MQ
gVcij+3Yb5rGtOAovV047pxUf4vJuZmsqoE+H01c9i7focV8fVw7j1yBrmyCcsL0
YJzBJ/1XV0DeaYgurqxLWkLqUxdAuvNQw+o++qHMfKOsoSRUze/vpelWLINTVBvU
XEHFd07hbT9DuIoEJuZtYAtUWf5g+yVS94FrAiHQ66J4phD3TINzqqcyRfLsPH9f
73E4rJbZXTQCHdAJZLWYSmrL2q59yc3p+QyToPXPfhH1VRzcWMpAhPP64bqd883S
j24XpnTORZLChoyJtOA8FCzHmrs0orjfOogmREB2PwbiJxvEzanZ+dMGIQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPoi7J/jHEE0ucuzN8yGgm4yOVTNMB8GA1UdIwQY
MBaAFKMi8intwvMUovpe8NevHd20meoxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lMeUtlM0M4eFNpLWw3dzE2OGQzYlNaNmpFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lZGZmYmItMTA4Mi00NDgyLThhMDgt
NjVmODI0N2ZmYTkxLzEvMS1pTHNuLU1jUVRTNXk3TTN6SWFDYmpJNVZNMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2QvZWRmZmJiLTEwODItNDQ4Mi04YTA4LTY1ZjgyNDdmZmE5
MS8xL295THlLZTNDOHhTaS1sN3cxNjhkM2JTWjZqRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBE3w0DAN
BgkqhkiG9w0BAQsFAAOCAQEAeHCOF/6+2AF/n4iUfA2rnBGlrvxwBhLGd5VTn0uD
bXD+hN1AyzJfdYCuMSVfPYvqGzWd1iV7UXaqBC6902tYqqNyB5PykULnznedbMqv
WSE17AFEHf4WZPB6iE8CmH1eRi9oSP4AIh9KuQQHDCr4mE8wnzp/95D9B2UPDyJK
9/KauTnD1pTF0R8xk4ZQmziWBFZ2CPzAMqJf2Nv/NeVu2zcnT7HmgkkN0rIASJJg
V4sskXwBdefvf2LZxMxRwPqx1togiMCSdlXgPeuh77GUjx7PuWQnBvbs5a7tBhyA
/P6Y9csh/V9gT/reoHIUjOYl4baFBxaYqNkDsr1+tiQvCA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:55 2024 by rpki-client on console-ams.rpki-client.org