Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/MiF9SfZkBu1suAHGaOOT70HP3l4.roa
File: MiF9SfZkBu1suAHGaOOT70HP3l4.roa (raw, json)
Hash identifier: XlFLMSmXXP+Pd3v+2n5lypuPkEyaYutvzGF0cuN1Idw=
Subject key identifier: 32:21:7D:49:F6:64:06:ED:6C:B8:01:C6:68:E3:93:EF:41:CF:DE:5E
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 018BF864DC987F718F1D704E476B9548C8B0
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/MiF9SfZkBu1suAHGaOOT70HP3l4.roa
Signing time: Wed 22 Nov 2023 18:57:21 +0000
ROA not before: Wed 22 Nov 2023 18:57:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 88.80.134.0/23 maxlen: 24
88.80.138.0/24 maxlen: 24
77.246.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Nov 2023 22:25:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f8:64:dc:98:7f:71:8f:1d:70:4e:47:6b:95:48:c8:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Nov 22 18:57:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32217d49f66406ed6cb801c668e393ef41cfde5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:05:47:6d:cf:7f:9e:45:f6:8b:c3:39:19:66:
8d:c3:df:74:19:1c:95:52:9c:4e:49:6a:71:dd:15:
08:c2:5f:4d:2a:db:80:34:91:71:a2:b2:66:53:ff:
c9:3f:e7:a4:e3:c1:13:86:72:99:9e:94:fa:23:82:
6c:63:0f:46:e8:91:56:85:e0:c2:37:03:e9:8a:e0:
2d:de:ef:7b:9b:bd:41:fe:ae:21:2d:e1:46:32:e4:
32:ec:0c:ea:7b:6f:cc:60:c8:db:22:00:3e:18:c5:
85:41:1a:24:b6:7e:19:f8:46:da:89:0b:9d:99:62:
30:dd:9d:fd:a6:6f:49:2d:bc:f1:a5:90:7e:49:e9:
2e:b7:ca:51:d9:54:01:8f:67:8c:ad:4e:7e:21:a0:
74:61:35:09:71:b0:28:9e:15:25:b7:8e:73:12:6b:
4a:06:d2:b9:d4:1a:ae:25:77:49:51:fa:7a:db:d2:
63:30:55:8d:f5:32:70:9c:ba:9f:8f:50:1f:f2:a2:
9a:a3:ad:cd:99:99:66:24:6f:87:77:0a:8b:cc:9a:
61:57:04:d3:61:07:9e:8f:43:67:b0:95:c5:d6:08:
47:22:b7:b3:8b:9f:eb:80:98:61:46:c9:7a:a9:39:
b8:6c:2e:3f:48:6b:fa:cf:0a:04:36:b6:9a:01:d0:
f4:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:21:7D:49:F6:64:06:ED:6C:B8:01:C6:68:E3:93:EF:41:CF:DE:5E
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/MiF9SfZkBu1suAHGaOOT70HP3l4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.222.0/24
88.80.134.0/23
88.80.138.0/24
Signature Algorithm: sha256WithRSAEncryption
11:15:a6:91:44:e7:ce:c8:82:ba:05:7c:0f:63:60:c6:de:e5:
bd:c5:82:ae:26:e1:b7:a2:01:3a:5d:d4:ea:6e:28:a9:d9:12:
58:9c:e9:34:3c:22:5d:f4:39:8c:32:1f:c5:87:16:2e:6b:06:
16:94:01:87:68:08:bb:59:9f:3a:42:45:6e:35:ec:e5:04:d8:
5f:57:11:22:22:4f:30:8c:52:5d:6e:64:47:53:73:48:18:dd:
c4:39:00:e4:9f:6a:9c:93:bf:83:b7:3d:ff:51:83:9d:54:fe:
f3:11:73:3f:47:38:ab:0b:c9:ba:2c:e0:36:ab:7c:14:4c:d3:
80:3f:be:b1:86:94:bd:fa:38:16:8c:c6:64:e6:5d:ac:4e:02:
13:89:98:34:9c:7f:3d:12:3f:47:33:bf:b3:4a:d5:34:3f:29:
2e:4a:a3:67:75:d3:af:52:91:b7:c7:f7:5f:49:ef:95:5b:5b:
37:38:54:72:f2:bf:00:01:0f:fe:fe:0b:14:95:93:98:6b:de:
e6:ee:7a:9d:57:66:fb:e7:41:c7:fc:64:39:28:53:a0:24:bb:
85:b7:18:8f:d7:d2:01:3e:e5:73:f1:8f:71:64:95:38:d0:be:
64:e6:75:b3:4f:de:25:f7:ad:b6:43:a2:c5:78:1c:55:40:ed:
66:02:3f:fe
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYv4ZNyYf3GPHXBOR2uVSMiwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjMxMTIyMTg1NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjIxN2Q0OWY2NjQwNmVkNmNiODAxYzY2OGUzOTNlZjQxY2ZkZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgVHbc9/nkX2i8M5GWaNw990GRyV
UpxOSWpx3RUIwl9NKtuANJFxorJmU//JP+ek48EThnKZnpT6I4JsYw9G6JFWheDC
NwPpiuAt3u97m71B/q4hLeFGMuQy7Azqe2/MYMjbIgA+GMWFQRoktn4Z+EbaiQud
mWIw3Z39pm9JLbzxpZB+Sekut8pR2VQBj2eMrU5+IaB0YTUJcbAonhUlt45zEmtK
BtK51BquJXdJUfp629JjMFWN9TJwnLqfj1Af8qKao63NmZlmJG+HdwqLzJphVwTT
YQeej0NnsJXF1ghHIrezi5/rgJhhRsl6qTm4bC4/SGv6zwoENraaAdD0tQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDIhfUn2ZAbtbLgBxmjjk+9Bz95eMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvTWlGOVNmWmtCdTFzdUFIR2FPT1Q3MEhQM2w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATfbeAwQB
WFCGAwQAWFCKMA0GCSqGSIb3DQEBCwUAA4IBAQARFaaRROfOyIK6BXwPY2DG3uW9
xYKuJuG3ogE6XdTqbiip2RJYnOk0PCJd9DmMMh/FhxYuawYWlAGHaAi7WZ86QkVu
NezlBNhfVxEiIk8wjFJdbmRHU3NIGN3EOQDkn2qck7+Dtz3/UYOdVP7zEXM/Rzir
C8m6LOA2q3wUTNOAP76xhpS9+jgWjMZk5l2sTgITiZg0nH89Ej9HM7+zStU0Pyku
SqNnddOvUpG3x/dfSe+VW1s3OFRy8r8AAQ/+/gsUlZOYa97m7nqdV2b750HH/GQ5
KFOgJLuFtxiP19IBPuVz8Y9xZJU40L5k5nWzT94l9622Q6LFeBxVQO1mAj/+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:20 2024 by rpki-client on console-ams.rpki-client.org