Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c43d4f-f52c-4387-9362-b3c01d1a6c85/1/VXfEHjX5shdcOjvQ9tDMF1Q9s0o.roa
File: VXfEHjX5shdcOjvQ9tDMF1Q9s0o.roa (raw, json)
Hash identifier: +Nkd+DR417Y6iVQluBHjtubAk3KuK5vCbRkQ/RfzNIY=
Subject key identifier: 55:77:C4:1E:35:F9:B2:17:5C:3A:3B:D0:F6:D0:CC:17:54:3D:B3:4A
Certificate issuer: /CN=952156c8847f24d09da60d5f5b10542b2ecf9016
Certificate serial: 0185730CB32930A7252055999A7C528724B5
Authority key identifier: 95:21:56:C8:84:7F:24:D0:9D:A6:0D:5F:5B:10:54:2B:2E:CF:90:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSFWyIR_JNCdpg1fWxBUKy7PkBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c43d4f-f52c-4387-9362-b3c01d1a6c85/1/VXfEHjX5shdcOjvQ9tDMF1Q9s0o.roa
Signing time: Mon 02 Jan 2023 15:14:50 +0000
ROA not before: Mon 02 Jan 2023 15:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12387
IP address blocks: 77.237.192.0/19 maxlen: 19
77.237.206.0/23 maxlen: 23
77.237.204.0/23 maxlen: 23
77.237.208.0/23 maxlen: 23
2a00:c10::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:31:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:0c:b3:29:30:a7:25:20:55:99:9a:7c:52:87:24:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=952156c8847f24d09da60d5f5b10542b2ecf9016
Validity
Not Before: Jan 2 15:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5577c41e35f9b2175c3a3bd0f6d0cc17543db34a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2c:3f:98:78:7f:54:17:c4:e3:66:eb:b2:84:
43:43:ae:cb:b8:c7:fd:1b:e9:09:91:82:e0:c8:2b:
17:4f:35:61:97:f2:89:59:a7:9e:4e:bd:f6:33:1a:
c8:68:62:8a:f6:f5:3e:81:ee:53:56:89:4a:54:87:
aa:87:a4:9c:a1:18:89:61:dd:0d:e0:81:8c:d7:32:
c6:02:84:f1:d3:4b:d2:78:e5:8b:e5:b7:e9:a0:1e:
8c:8d:d3:44:a0:a9:a2:96:c9:01:53:28:c7:a5:a2:
8e:3a:6c:51:4d:06:6a:e6:7f:c8:f8:cf:43:2d:f0:
cc:e5:12:7d:30:ed:5c:d1:95:34:ad:92:ed:b1:a1:
9a:f9:0d:1f:8b:bc:2f:1c:52:8d:67:ce:80:3b:ac:
0c:21:24:75:cc:03:5f:24:b2:fc:0a:90:18:af:f3:
e7:98:bb:4d:0d:ab:6a:e8:d1:9d:dd:8e:ea:6b:82:
27:ce:0d:3d:69:9b:0b:67:de:56:e0:73:25:56:ec:
3b:12:1c:4d:a6:40:cf:c7:d3:8d:3c:7e:e0:ca:31:
43:b1:77:2e:c7:6f:90:e9:c6:ba:1b:81:b2:c6:f8:
5d:85:39:bb:5e:40:1b:31:4a:6a:26:54:fa:67:15:
81:67:e9:a3:db:e6:33:97:94:67:2a:0f:7a:b4:64:
d4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:77:C4:1E:35:F9:B2:17:5C:3A:3B:D0:F6:D0:CC:17:54:3D:B3:4A
X509v3 Authority Key Identifier:
keyid:95:21:56:C8:84:7F:24:D0:9D:A6:0D:5F:5B:10:54:2B:2E:CF:90:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSFWyIR_JNCdpg1fWxBUKy7PkBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c43d4f-f52c-4387-9362-b3c01d1a6c85/1/VXfEHjX5shdcOjvQ9tDMF1Q9s0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c43d4f-f52c-4387-9362-b3c01d1a6c85/1/lSFWyIR_JNCdpg1fWxBUKy7PkBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.237.192.0/19
IPv6:
2a00:c10::/32
Signature Algorithm: sha256WithRSAEncryption
16:a8:2b:b0:93:28:bd:1c:88:8b:8c:e2:cb:2b:8e:43:fa:41:
4e:07:84:c7:f9:5f:28:5b:8b:bd:63:3f:71:fb:43:df:db:7a:
96:d1:78:72:23:27:12:76:29:76:0d:68:f0:f4:2c:ff:7d:22:
1e:8e:9d:72:b7:37:38:b8:4b:44:30:83:2c:18:ec:52:a1:db:
c8:a1:31:0a:ff:d0:4e:cf:d3:6c:38:28:ac:6c:45:e0:38:4d:
88:d1:da:74:a3:b2:34:19:a3:89:b1:80:1f:8f:4c:3b:a3:ed:
b9:95:9b:e2:80:dc:b3:e5:c8:ae:ff:23:35:96:47:67:26:dc:
ad:6a:0c:ff:f8:72:b6:0b:b9:04:87:ed:ab:d3:0d:10:a7:fa:
98:a4:21:42:b2:90:77:0e:cd:ab:91:40:b2:e1:8e:38:74:3b:
2b:38:6c:01:9d:cd:92:26:74:ae:5e:06:ae:a6:a8:ae:ea:ed:
a7:a5:30:c7:6b:e0:03:1f:2a:2a:74:5f:99:0d:4c:21:e4:66:
2d:49:0c:56:f2:0a:13:e7:59:2c:34:22:78:e6:d5:fc:2e:52:
6e:aa:6a:3b:2d:73:cb:4e:65:eb:d2:61:ec:6b:3b:2e:4e:14:
47:3b:be:b6:72:17:4c:36:39:f9:26:e5:ac:4c:3d:f1:c0:17:
b7:30:bf:1e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzDLMpMKclIFWZmnxShyS1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjE1NmM4ODQ3ZjI0ZDA5ZGE2MGQ1ZjViMTA1NDJiMmVj
ZjkwMTYwHhcNMjMwMTAyMTUxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTc3YzQxZTM1ZjliMjE3NWMzYTNiZDBmNmQwY2MxNzU0M2RiMzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyw/mHh/VBfE42brsoRDQ67LuMf9
G+kJkYLgyCsXTzVhl/KJWaeeTr32MxrIaGKK9vU+ge5TVolKVIeqh6ScoRiJYd0N
4IGM1zLGAoTx00vSeOWL5bfpoB6MjdNEoKmilskBUyjHpaKOOmxRTQZq5n/I+M9D
LfDM5RJ9MO1c0ZU0rZLtsaGa+Q0fi7wvHFKNZ86AO6wMISR1zANfJLL8CpAYr/Pn
mLtNDatq6NGd3Y7qa4Inzg09aZsLZ95W4HMlVuw7EhxNpkDPx9ONPH7gyjFDsXcu
x2+Q6ca6G4GyxvhdhTm7XkAbMUpqJlT6ZxWBZ+mj2+Yzl5RnKg96tGTU8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFV3xB41+bIXXDo70PbQzBdUPbNKMB8GA1UdIwQY
MBaAFJUhVsiEfyTQnaYNX1sQVCsuz5AWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNGV3lJUl9KTkNkcGcxZld4QlVLeTdQa0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jNDNkNGYtZjUyYy00Mzg3LTkzNjIt
YjNjMDFkMWE2Yzg1LzEvVlhmRUhqWDVzaGRjT2p2UTl0RE1GMVE5czBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jNDNkNGYtZjUyYy00Mzg3LTkzNjItYjNjMDFkMWE2Yzg1
LzEvbFNGV3lJUl9KTkNkcGcxZld4QlVLeTdQa0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFTe3AMA0E
AgACMAcDBQAqAAwQMA0GCSqGSIb3DQEBCwUAA4IBAQAWqCuwkyi9HIiLjOLLK45D
+kFOB4TH+V8oW4u9Yz9x+0Pf23qW0XhyIycSdil2DWjw9Cz/fSIejp1ytzc4uEtE
MIMsGOxSodvIoTEK/9BOz9NsOCisbEXgOE2I0dp0o7I0GaOJsYAfj0w7o+25lZvi
gNyz5ciu/yM1lkdnJtytagz/+HK2C7kEh+2r0w0Qp/qYpCFCspB3Ds2rkUCy4Y44
dDsrOGwBnc2SJnSuXgaupqiu6u2npTDHa+ADHyoqdF+ZDUwh5GYtSQxW8goT51ks
NCJ45tX8LlJuqmo7LXPLTmXr0mHsazsuThRHO762chdMNjn5JuWsTD3xwBe3ML8e
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:26 2024 by rpki-client on console-ams.rpki-client.org