Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9ee980-67a2-4d3c-b6ca-fde073588f0f/1/i9aGaknvfnapuHakA3b4W_tUPm0.roa
File: i9aGaknvfnapuHakA3b4W_tUPm0.roa (raw, json)
Hash identifier: x249LtpiI7UGwF4Y95IRTKz346XqfX1Wq53y2pIET3o=
Subject key identifier: 8B:D6:86:6A:49:EF:7E:76:A9:B8:76:A4:03:76:F8:5B:FB:54:3E:6D
Certificate issuer: /CN=b59909ed171b38c1fdc4362229e78d69851de11c
Certificate serial: 01856D2F5752253F56ACE6339AF7F872B82C
Authority key identifier: B5:99:09:ED:17:1B:38:C1:FD:C4:36:22:29:E7:8D:69:85:1D:E1:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tZkJ7RcbOMH9xDYiKeeNaYUd4Rw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9ee980-67a2-4d3c-b6ca-fde073588f0f/1/i9aGaknvfnapuHakA3b4W_tUPm0.roa
Signing time: Sun 01 Jan 2023 11:54:57 +0000
ROA not before: Sun 01 Jan 2023 11:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60447
IP address blocks: 77.246.219.0/24 maxlen: 24
77.246.218.0/24 maxlen: 24
77.246.217.0/24 maxlen: 24
77.246.216.0/22 maxlen: 22
77.246.216.0/24 maxlen: 24
185.97.73.0/24 maxlen: 24
185.97.72.0/24 maxlen: 24
185.97.72.0/22 maxlen: 22
185.97.75.0/24 maxlen: 24
185.97.74.0/24 maxlen: 24
95.214.104.0/22 maxlen: 22
95.214.104.0/23 maxlen: 23
95.214.106.0/23 maxlen: 23
2a06:4c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:57:52:25:3f:56:ac:e6:33:9a:f7:f8:72:b8:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b59909ed171b38c1fdc4362229e78d69851de11c
Validity
Not Before: Jan 1 11:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8bd6866a49ef7e76a9b876a40376f85bfb543e6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:2e:bb:15:04:1d:41:21:f1:2d:a6:18:40:cd:
2a:b1:e2:07:c7:80:e4:d9:f0:2d:00:2c:0f:71:51:
87:75:66:20:91:b4:23:3b:e9:cd:c3:8f:7c:22:88:
94:9d:a8:d7:1b:ec:91:7e:0e:66:6b:0f:29:e7:5a:
1d:ed:cf:3e:39:b5:9b:e5:c5:29:a9:35:05:37:e8:
c3:4a:e5:0c:61:01:8c:62:3a:91:87:fd:6c:3b:65:
e9:59:2a:b5:1a:ba:1d:fc:4d:37:cd:02:d8:ec:62:
85:7a:84:19:39:d2:09:e2:01:b5:e8:50:bb:8a:45:
77:16:3e:5c:11:74:ce:b5:39:4c:a7:9a:ba:4c:bc:
fb:a0:98:68:65:f9:2a:c2:d3:15:a8:b3:67:11:fa:
c1:93:6c:7f:9c:0d:34:71:b3:7e:45:78:78:85:c8:
78:2c:5f:24:67:e9:42:7e:93:ce:a3:14:3a:b3:83:
c6:b9:3e:eb:e1:51:be:27:88:25:d1:fd:7c:cc:3e:
e3:2d:47:36:00:1c:8d:eb:bb:7d:a9:99:1b:dc:b8:
20:de:ca:a3:f3:1a:1c:78:a3:eb:83:ed:98:46:17:
9a:f2:26:dd:fa:fe:d5:a1:33:97:d6:b8:fc:1c:83:
63:9e:52:37:ff:f4:31:cd:4c:99:8a:e8:b1:c2:7f:
a8:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:D6:86:6A:49:EF:7E:76:A9:B8:76:A4:03:76:F8:5B:FB:54:3E:6D
X509v3 Authority Key Identifier:
keyid:B5:99:09:ED:17:1B:38:C1:FD:C4:36:22:29:E7:8D:69:85:1D:E1:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tZkJ7RcbOMH9xDYiKeeNaYUd4Rw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9ee980-67a2-4d3c-b6ca-fde073588f0f/1/i9aGaknvfnapuHakA3b4W_tUPm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9ee980-67a2-4d3c-b6ca-fde073588f0f/1/tZkJ7RcbOMH9xDYiKeeNaYUd4Rw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.216.0/22
95.214.104.0/22
185.97.72.0/22
IPv6:
2a06:4c0::/32
Signature Algorithm: sha256WithRSAEncryption
a7:c0:b9:19:28:eb:65:25:37:6b:04:53:89:cf:d8:eb:e3:37:
99:c1:51:61:48:df:aa:74:41:87:40:ec:fd:8e:e2:bf:bd:6f:
f7:e0:87:53:ec:12:8f:81:fb:51:f1:2a:74:54:06:ea:21:2d:
b1:0d:d6:8e:16:b9:e5:5d:e9:0b:e8:4c:79:33:ef:2b:99:82:
a3:4a:14:1e:83:b8:e0:03:3a:05:31:5e:8a:00:77:5d:d0:6f:
29:d3:55:6f:9f:3d:a7:60:2a:78:82:34:43:4b:85:61:01:e6:
8f:4b:ef:b5:36:df:f4:88:57:7d:34:b0:79:db:68:6b:71:ec:
0f:a7:fe:45:bb:b5:ee:92:f2:a9:c4:15:93:0a:df:da:f7:a4:
ba:a9:8a:98:66:e3:34:47:18:61:eb:d1:f5:36:f9:a8:4f:93:
14:26:c9:83:83:13:b1:f3:ad:b9:b4:6f:64:e2:ca:fa:96:2b:
d8:01:64:4a:02:7e:e9:85:04:b1:8f:98:d0:15:f1:91:5d:3d:
48:1f:70:69:ce:ad:10:c7:35:e9:d9:8a:fe:5f:17:09:4b:a1:
59:a7:91:5e:3e:1c:e2:07:41:df:99:dd:35:75:70:db:9a:a3:
6b:c2:51:fa:10:80:84:1d:80:b8:b1:d5:24:45:cd:6b:44:c3:
3d:88:15:0f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVtL1dSJT9WrOYzmvf4crgsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OTkwOWVkMTcxYjM4YzFmZGM0MzYyMjI5ZTc4ZDY5ODUx
ZGUxMWMwHhcNMjMwMTAxMTE1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmQ2ODY2YTQ5ZWY3ZTc2YTliODc2YTQwMzc2Zjg1YmZiNTQzZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiS67FQQdQSHxLaYYQM0qseIHx4Dk
2fAtACwPcVGHdWYgkbQjO+nNw498IoiUnajXG+yRfg5maw8p51od7c8+ObWb5cUp
qTUFN+jDSuUMYQGMYjqRh/1sO2XpWSq1Grod/E03zQLY7GKFeoQZOdIJ4gG16FC7
ikV3Fj5cEXTOtTlMp5q6TLz7oJhoZfkqwtMVqLNnEfrBk2x/nA00cbN+RXh4hch4
LF8kZ+lCfpPOoxQ6s4PGuT7r4VG+J4gl0f18zD7jLUc2AByN67t9qZkb3Lgg3sqj
8xoceKPrg+2YRhea8ibd+v7VoTOX1rj8HINjnlI3//QxzUyZiuixwn+oAQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIvWhmpJ7352qbh2pAN2+Fv7VD5tMB8GA1UdIwQY
MBaAFLWZCe0XGzjB/cQ2IinnjWmFHeEcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFprSjdSY2JPTUg5eERZaUtlZU5hWVVkNFJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZWU5ODAtNjdhMi00ZDNjLWI2Y2Et
ZmRlMDczNTg4ZjBmLzEvaTlhR2FrbnZmbmFwdUhha0EzYjRXX3RVUG0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZWU5ODAtNjdhMi00ZDNjLWI2Y2EtZmRlMDczNTg4ZjBm
LzEvdFprSjdSY2JPTUg5eERZaUtlZU5hWVVkNFJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCTfbYAwQC
X9ZoAwQCuWFIMA0EAgACMAcDBQAqBgTAMA0GCSqGSIb3DQEBCwUAA4IBAQCnwLkZ
KOtlJTdrBFOJz9jr4zeZwVFhSN+qdEGHQOz9juK/vW/34IdT7BKPgftR8Sp0VAbq
IS2xDdaOFrnlXekL6Ex5M+8rmYKjShQeg7jgAzoFMV6KAHdd0G8p01Vvnz2nYCp4
gjRDS4VhAeaPS++1Nt/0iFd9NLB522hrcewPp/5Fu7XukvKpxBWTCt/a96S6qYqY
ZuM0Rxhh69H1NvmoT5MUJsmDgxOx8625tG9k4sr6livYAWRKAn7phQSxj5jQFfGR
XT1IH3Bpzq0QxzXp2Yr+XxcJS6FZp5FePhziB0Hfmd01dXDbmqNrwlH6EICEHYC4
sdUkRc1rRMM9iBUP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:38 2024 by rpki-client on console-fra.rpki-client.org