Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/c4c32c-322e-4ed7-8a29-45d542d5f55f/1/gO6fGDE23yf6KMvioyP4euJ0DUE.roa
File: gO6fGDE23yf6KMvioyP4euJ0DUE.roa (raw, json)
Hash identifier: LIL4T5re0XNb5yXBkdTOVA4iB0K208x9JJPasa7GAQI=
Subject key identifier: 80:EE:9F:18:31:36:DF:27:FA:28:CB:E2:A3:23:F8:7A:E2:74:0D:41
Certificate issuer: /CN=c8531ae2ce57c95f5a398930ea45503542801ba1
Certificate serial: 01856D78956A071AB986FA5906CEFAEAF466
Authority key identifier: C8:53:1A:E2:CE:57:C9:5F:5A:39:89:30:EA:45:50:35:42:80:1B:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yFMa4s5XyV9aOYkw6kVQNUKAG6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/c4c32c-322e-4ed7-8a29-45d542d5f55f/1/gO6fGDE23yf6KMvioyP4euJ0DUE.roa
Signing time: Sun 01 Jan 2023 13:14:57 +0000
ROA not before: Sun 01 Jan 2023 13:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3491
IP address blocks: 217.113.64.0/19 maxlen: 19
217.113.65.0/24 maxlen: 24
217.113.92.0/24 maxlen: 24
185.77.60.0/22 maxlen: 22
2a03:5400::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 26 Jul 2023 05:34:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:95:6a:07:1a:b9:86:fa:59:06:ce:fa:ea:f4:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8531ae2ce57c95f5a398930ea45503542801ba1
Validity
Not Before: Jan 1 13:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80ee9f183136df27fa28cbe2a323f87ae2740d41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:44:a9:25:f1:6f:ce:52:62:71:8a:33:fd:d1:
ef:bb:8d:0f:0f:fd:2f:d8:77:36:3b:0f:e9:c5:fc:
26:3d:30:dc:b8:e8:e4:0c:f7:7a:bf:7b:30:6a:89:
e1:9d:eb:f8:27:1e:82:11:7c:0b:bb:d4:ba:e9:dd:
c8:f0:a3:7f:3d:fe:a0:5d:4e:ad:1a:40:a4:81:85:
48:b7:e9:ff:df:38:5a:4a:66:7e:b1:7a:67:f6:2c:
1d:f2:a8:f0:d5:38:2f:7a:f9:fc:0d:71:9c:17:d2:
18:01:ec:20:89:86:ce:9b:f2:98:95:97:a9:bb:08:
79:2f:61:5e:26:01:86:58:bf:63:8a:cb:7f:47:b0:
0c:ce:fa:5d:29:64:4f:3b:a6:b3:2e:49:38:50:3d:
d4:5a:64:c2:c1:38:07:cd:79:c5:46:bd:cb:b1:78:
fe:40:f5:ee:28:75:ee:40:12:8b:2a:df:95:f3:b2:
2f:ba:d4:10:8e:70:c2:32:90:c1:71:62:c8:a8:9d:
47:d7:ee:01:fb:fc:4a:cd:74:d7:02:ad:39:2e:12:
4c:b7:9b:bc:20:cf:18:b9:9b:39:73:80:5d:65:37:
8b:9e:b4:90:00:a8:5e:36:1a:0f:e7:c4:0d:e7:17:
77:09:81:67:64:0c:84:7a:81:cf:8e:7f:c6:c8:40:
a1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:EE:9F:18:31:36:DF:27:FA:28:CB:E2:A3:23:F8:7A:E2:74:0D:41
X509v3 Authority Key Identifier:
keyid:C8:53:1A:E2:CE:57:C9:5F:5A:39:89:30:EA:45:50:35:42:80:1B:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yFMa4s5XyV9aOYkw6kVQNUKAG6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/c4c32c-322e-4ed7-8a29-45d542d5f55f/1/gO6fGDE23yf6KMvioyP4euJ0DUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/c4c32c-322e-4ed7-8a29-45d542d5f55f/1/yFMa4s5XyV9aOYkw6kVQNUKAG6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.60.0/22
217.113.64.0/19
IPv6:
2a03:5400::/32
Signature Algorithm: sha256WithRSAEncryption
32:0a:00:8e:45:b3:e3:19:b6:66:12:1d:d6:20:a9:93:20:6d:
6f:7e:c1:73:60:e6:98:5e:54:1a:98:11:45:e5:80:6e:2d:3c:
12:49:5a:6e:e5:4d:64:bf:26:5c:30:a7:d6:d4:be:f6:29:51:
2c:0d:e6:40:8f:4c:6c:a5:f2:2b:b8:4c:fd:13:47:07:9e:ca:
f0:51:29:85:61:17:e5:5d:7f:f1:fa:42:7e:7c:82:9c:f9:f2:
39:01:23:ee:ff:d8:8d:84:6f:8e:02:cd:4f:20:6b:53:82:2c:
54:c9:13:ba:b4:8d:7d:b4:c8:c6:b8:e8:79:d2:f2:f4:62:59:
d0:27:d2:b7:3b:46:5f:88:b4:82:6c:38:fa:44:0b:dd:0f:2f:
a2:90:ab:62:09:e6:c7:77:55:de:26:9f:d3:51:08:ca:38:54:
8f:67:9d:6e:3b:c5:86:f3:9c:e8:6b:f8:be:28:3a:b7:90:ca:
85:3b:d4:bb:ed:36:38:e7:c6:df:28:e4:f3:0d:c0:b8:a7:1f:
80:c9:54:7d:03:c0:95:d4:a4:ee:b7:f9:41:a1:f3:76:9b:ca:
02:cb:15:ae:6c:49:0a:84:ba:14:d1:47:93:f3:bc:b4:c3:fd:
e3:5f:2b:e1:16:a4:10:90:4d:87:ae:f8:df:9a:2b:9c:a0:8d:
35:d5:be:c5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVteJVqBxq5hvpZBs766vRmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NTMxYWUyY2U1N2M5NWY1YTM5ODkzMGVhNDU1MDM1NDI4
MDFiYTEwHhcNMjMwMTAxMTMxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGVlOWYxODMxMzZkZjI3ZmEyOGNiZTJhMzIzZjg3YWUyNzQwZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0SpJfFvzlJicYoz/dHvu40PD/0v
2Hc2Ow/pxfwmPTDcuOjkDPd6v3swaonhnev4Jx6CEXwLu9S66d3I8KN/Pf6gXU6t
GkCkgYVIt+n/3zhaSmZ+sXpn9iwd8qjw1Tgvevn8DXGcF9IYAewgiYbOm/KYlZep
uwh5L2FeJgGGWL9jist/R7AMzvpdKWRPO6azLkk4UD3UWmTCwTgHzXnFRr3LsXj+
QPXuKHXuQBKLKt+V87IvutQQjnDCMpDBcWLIqJ1H1+4B+/xKzXTXAq05LhJMt5u8
IM8YuZs5c4BdZTeLnrSQAKheNhoP58QN5xd3CYFnZAyEeoHPjn/GyEChSQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIDunxgxNt8n+ijL4qMj+HridA1BMB8GA1UdIwQY
MBaAFMhTGuLOV8lfWjmJMOpFUDVCgBuhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUZNYTRzNVh5VjlhT1lrdzZrVlFOVUtBRzZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9jNGMzMmMtMzIyZS00ZWQ3LThhMjkt
NDVkNTQyZDVmNTVmLzEvZ082ZkdERTIzeWY2S012aW95UDRldUowRFVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9jNGMzMmMtMzIyZS00ZWQ3LThhMjktNDVkNTQyZDVmNTVm
LzEveUZNYTRzNVh5VjlhT1lrdzZrVlFOVUtBRzZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuU08AwQF
2XFAMA0EAgACMAcDBQAqA1QAMA0GCSqGSIb3DQEBCwUAA4IBAQAyCgCORbPjGbZm
Eh3WIKmTIG1vfsFzYOaYXlQamBFF5YBuLTwSSVpu5U1kvyZcMKfW1L72KVEsDeZA
j0xspfIruEz9E0cHnsrwUSmFYRflXX/x+kJ+fIKc+fI5ASPu/9iNhG+OAs1PIGtT
gixUyRO6tI19tMjGuOh50vL0YlnQJ9K3O0ZfiLSCbDj6RAvdDy+ikKtiCebHd1Xe
Jp/TUQjKOFSPZ51uO8WG85zoa/i+KDq3kMqFO9S77TY458bfKOTzDcC4px+AyVR9
A8CV1KTut/lBofN2m8oCyxWubEkKhLoU0UeT87y0w/3jXyvhFqQQkE2Hrvjfmiuc
oI011b7F
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:52 2024 by rpki-client on console-fra.rpki-client.org