Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/cDEWE_oUtUIEuGeDEl5jV0Iqo4k.roa
File: cDEWE_oUtUIEuGeDEl5jV0Iqo4k.roa (raw, json)
Hash identifier: VAzhW2ly89fm8kHy22d8d0vAdKJ1d3tGLUDlLnxCkQY=
Subject key identifier: 70:31:16:13:FA:14:B5:42:04:B8:67:83:12:5E:63:57:42:2A:A3:89
Certificate issuer: /CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Certificate serial: 01874BA98937FE4B546B223284CC9C1D89EA
Authority key identifier: DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/cDEWE_oUtUIEuGeDEl5jV0Iqo4k.roa
Signing time: Tue 04 Apr 2023 09:46:54 +0000
ROA not before: Tue 04 Apr 2023 09:46:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25393
IP address blocks: 89.184.72.0/21 maxlen: 21
89.184.88.0/21 maxlen: 21
193.178.144.0/23 maxlen: 23
78.27.224.0/19 maxlen: 19
77.87.192.0/21 maxlen: 21
195.177.116.0/22 maxlen: 22
2a02:2278:208::/48 maxlen: 48
2a02:2278:204::/48 maxlen: 48
2a02:2279::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 03 Jul 2023 18:17:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4b:a9:89:37:fe:4b:54:6b:22:32:84:cc:9c:1d:89:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Validity
Not Before: Apr 4 09:46:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70311613fa14b54204b86783125e6357422aa389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fe:96:2d:c6:f8:98:f9:a8:ff:93:8d:c5:7e:
6e:be:11:08:d9:09:3f:24:8e:ba:34:e0:ed:51:06:
47:bd:04:02:1c:e4:29:26:a6:46:c7:b2:12:b0:fc:
78:7f:af:f9:32:8d:26:8f:01:e0:4c:d4:ac:59:5a:
35:27:78:32:1b:d3:2c:dc:26:f8:2e:42:00:1f:5e:
b0:42:77:2f:2e:dd:d8:55:60:f0:a1:d7:5d:98:21:
b1:d4:75:b4:be:98:aa:f4:22:e7:2b:3c:85:9e:6d:
85:c3:e4:ac:45:26:fb:34:6f:8d:0a:4e:37:c6:9a:
26:47:66:a4:b0:9e:69:e2:d0:d5:4b:54:44:e5:53:
6a:90:d7:d9:69:9d:de:c9:d0:cb:1f:72:aa:1f:c1:
29:9d:15:ab:5d:b9:be:4f:89:d5:a8:ea:9b:72:3e:
c5:b7:e7:bb:66:9c:0d:0f:ab:c9:71:f8:df:5b:77:
9b:aa:fb:b2:7b:28:c9:64:65:2c:bc:51:80:2c:f5:
dd:ed:3c:db:b2:ab:b8:b6:17:74:98:73:7c:5f:7e:
a8:1b:bb:cd:c2:f5:e4:bb:85:28:8b:ec:70:81:1b:
69:8f:2b:9d:b4:44:d1:46:73:18:11:ca:aa:f8:ae:
8b:7a:8c:ee:b7:52:fa:df:a5:94:a8:34:5b:1d:fd:
44:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:31:16:13:FA:14:B5:42:04:B8:67:83:12:5E:63:57:42:2A:A3:89
X509v3 Authority Key Identifier:
keyid:DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/cDEWE_oUtUIEuGeDEl5jV0Iqo4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/3R2uzTCut0ZSu92l2tlnbOSIqkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.192.0/21
78.27.224.0/19
89.184.72.0/21
89.184.88.0/21
193.178.144.0/23
195.177.116.0/22
IPv6:
2a02:2278:204::/48
2a02:2278:208::/48
2a02:2279::/32
Signature Algorithm: sha256WithRSAEncryption
22:20:b1:87:b4:a3:e7:73:fc:ec:24:07:0d:7e:de:d7:6e:c2:
72:dc:19:6c:80:85:21:07:cf:1e:22:9f:f3:93:0f:d4:ad:03:
84:76:14:67:4b:36:1a:53:e0:17:c7:f1:ca:82:86:0e:b5:4c:
3e:d2:2b:51:5b:95:8d:35:8b:7e:38:64:f6:88:02:56:45:34:
a2:b0:09:20:4d:54:fd:ac:9a:c8:a1:56:ac:ab:ec:0e:64:89:
9d:59:af:1a:e6:cc:20:92:10:18:65:95:ad:d5:e0:da:da:3b:
1c:22:07:58:9e:31:84:33:48:7a:39:3c:41:d5:f5:0f:3d:64:
42:34:26:f6:2a:c4:a6:cd:18:41:da:38:ff:61:28:0b:e5:e0:
c5:6c:df:14:58:15:a2:ae:46:5e:a5:b9:46:93:61:7c:af:73:
a0:42:29:d8:ff:1d:6a:23:51:db:5c:3f:8c:c3:c4:c8:8b:7d:
d0:c0:48:c4:eb:60:78:bd:9b:cb:23:c1:34:24:1c:56:37:95:
0f:03:1c:20:ce:8e:c4:54:8d:bd:9b:54:c2:33:77:75:7d:15:
ca:4f:7f:b2:a0:76:cf:16:c6:16:56:65:a6:ae:4d:1d:03:59:
5f:78:13:39:a6:ab:7d:f3:cd:33:31:f4:91:cd:52:4b:34:dc:
ef:7c:d7:34
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYdLqYk3/ktUayIyhMycHYnqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMWRhZWNkMzBhZWI3NDY1MmJiZGRhNWRhZDk2NzZjZTQ4
OGFhNDkwHhcNMjMwNDA0MDk0NjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDMxMTYxM2ZhMTRiNTQyMDRiODY3ODMxMjVlNjM1NzQyMmFhMzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApv6WLcb4mPmo/5ONxX5uvhEI2Qk/
JI66NODtUQZHvQQCHOQpJqZGx7ISsPx4f6/5Mo0mjwHgTNSsWVo1J3gyG9Ms3Cb4
LkIAH16wQncvLt3YVWDwodddmCGx1HW0vpiq9CLnKzyFnm2Fw+SsRSb7NG+NCk43
xpomR2aksJ5p4tDVS1RE5VNqkNfZaZ3eydDLH3KqH8EpnRWrXbm+T4nVqOqbcj7F
t+e7ZpwND6vJcfjfW3ebqvuyeyjJZGUsvFGALPXd7Tzbsqu4thd0mHN8X36oG7vN
wvXku4Uoi+xwgRtpjyudtETRRnMYEcqq+K6Leozut1L636WUqDRbHf1EEQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFHAxFhP6FLVCBLhngxJeY1dCKqOJMB8GA1UdIwQY
MBaAFN0drs0wrrdGUrvdpdrZZ2zkiKpJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTct
MDYwYWMwODkwOTY2LzEvY0RFV0Vfb1V0VUlFdUdlREVsNWpWMElxbzRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTctMDYwYWMwODkwOTY2
LzEvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAqBAIAATAkAwQDTVfAAwQF
ThvgAwQDWbhIAwQDWbhYAwQBwbKQAwQCw7F0MB8EAgACMBkDBwAqAiJ4AgQDBwAq
AiJ4AggDBQAqAiJ5MA0GCSqGSIb3DQEBCwUAA4IBAQAiILGHtKPnc/zsJAcNft7X
bsJy3BlsgIUhB88eIp/zkw/UrQOEdhRnSzYaU+AXx/HKgoYOtUw+0itRW5WNNYt+
OGT2iAJWRTSisAkgTVT9rJrIoVasq+wOZImdWa8a5swgkhAYZZWt1eDa2jscIgdY
njGEM0h6OTxB1fUPPWRCNCb2KsSmzRhB2jj/YSgL5eDFbN8UWBWirkZepblGk2F8
r3OgQinY/x1qI1HbXD+Mw8TIi33QwEjE62B4vZvLI8E0JBxWN5UPAxwgzo7EVI29
m1TCM3d1fRXKT3+yoHbPFsYWVmWmrk0dA1lfeBM5pqt9880zMfSRzVJLNNzvfNc0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:15 2024 by rpki-client on console-ams.rpki-client.org