Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/2wtqTWkUeEzkTwsJXxHZxaVrkA0.roa
File: 2wtqTWkUeEzkTwsJXxHZxaVrkA0.roa (raw, json)
Hash identifier: Pw8fsmkhQ3ZXD0c/kjm3Pdnp/i4YTJFs4dBL9O8uTDc=
Subject key identifier: DB:0B:6A:4D:69:14:78:4C:E4:4F:0B:09:5F:11:D9:C5:A5:6B:90:0D
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018745E2F4B555ABB4DB4EBD8619D9510606
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/2wtqTWkUeEzkTwsJXxHZxaVrkA0.roa
Signing time: Mon 03 Apr 2023 06:51:54 +0000
ROA not before: Mon 03 Apr 2023 06:51:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8795
IP address blocks: 77.85.175.0/24 maxlen: 24
212.5.130.0/24 maxlen: 24
212.5.133.0/24 maxlen: 24
212.5.145.0/24 maxlen: 24
95.43.230.0/24 maxlen: 24
213.16.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Aug 2023 06:51:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:45:e2:f4:b5:55:ab:b4:db:4e:bd:86:19:d9:51:06:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Apr 3 06:51:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db0b6a4d6914784ce44f0b095f11d9c5a56b900d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:4a:4d:bd:dd:48:43:b4:b4:df:6a:05:d1:ee:
87:c4:44:06:da:e5:14:68:8a:ad:88:d4:da:c3:b2:
99:a1:f5:23:13:19:d9:df:c9:29:d4:00:23:52:23:
8d:a0:e2:40:05:54:7d:eb:72:2a:65:5e:af:8e:7c:
d8:74:5c:9f:36:55:93:37:93:d9:04:6a:d8:ed:a6:
66:22:3a:32:6d:cd:75:0c:b6:21:3e:58:cb:ff:42:
80:27:8d:ea:5e:66:40:f3:28:97:fa:19:1b:0b:65:
77:eb:14:73:54:5c:af:c6:d5:af:bb:cb:60:c9:4a:
91:60:64:aa:1b:2b:13:9a:17:3c:19:fd:a3:fb:91:
10:89:c2:2a:81:ee:1d:56:d8:2a:ee:ce:54:4d:87:
df:cb:d7:46:15:78:3a:a7:34:ed:2c:6a:b5:57:07:
42:99:f6:e6:3f:20:54:2b:c1:b8:78:4c:f0:10:2a:
4f:20:4e:e7:c8:5e:a5:9e:42:c0:95:ae:98:5d:f1:
0a:0e:65:40:1f:be:0b:17:88:1b:23:f5:af:40:e2:
a9:55:4a:a8:44:50:0a:32:e7:d4:30:2a:15:2b:93:
a3:6c:a9:49:00:c1:ec:ea:05:2e:92:81:a9:63:6a:
7e:4b:41:ef:c8:17:d3:94:8c:35:15:8b:9e:c8:f4:
86:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:0B:6A:4D:69:14:78:4C:E4:4F:0B:09:5F:11:D9:C5:A5:6B:90:0D
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/2wtqTWkUeEzkTwsJXxHZxaVrkA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.85.175.0/24
95.43.230.0/24
212.5.130.0/24
212.5.133.0/24
212.5.145.0/24
213.16.35.0/24
Signature Algorithm: sha256WithRSAEncryption
81:ed:29:a6:df:51:2e:5e:0d:90:42:52:d9:b0:1a:06:b6:0e:
29:12:bd:24:37:5c:cc:98:88:c2:2c:56:90:f9:e1:72:59:ac:
fe:df:a5:b4:7f:3f:7a:85:61:69:a4:3d:46:c9:4f:bc:53:de:
cf:e7:06:7b:89:c6:e6:ce:f0:52:35:8a:ec:54:98:ff:4b:d1:
d6:ef:d8:50:40:cf:da:48:cc:1d:16:e4:86:ea:08:3e:0f:cb:
f6:ae:18:ae:88:1d:0d:18:87:d5:a2:ea:e1:cb:db:f3:ef:76:
d5:40:af:97:ae:bb:86:6c:bc:db:8c:04:89:75:7b:cc:b9:90:
ca:f1:fa:26:a5:7d:82:e7:c5:81:db:83:5d:0b:dd:97:1b:bb:
d3:fc:a6:ee:44:fc:da:f7:1d:92:d2:b0:b9:d4:25:07:ab:c0:
83:30:7a:84:ec:5d:21:e8:e5:77:65:f6:a5:d9:df:d8:43:be:
e3:64:88:93:d5:84:e4:bc:76:04:66:99:10:42:64:41:3e:23:
b8:d7:db:04:35:01:0a:6e:37:44:7c:33:f4:57:97:be:49:07:
62:ca:a4:8d:44:00:9d:a1:74:a9:bd:2b:4c:c4:9b:ab:c7:d1:
0a:57:61:21:43:4a:e4:70:5d:f2:67:e2:c5:f9:1b:07:eb:85:
fb:8c:f3:da
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYdF4vS1Vau02069hhnZUQYGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwNDAzMDY1MTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjBiNmE0ZDY5MTQ3ODRjZTQ0ZjBiMDk1ZjExZDljNWE1NmI5MDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEpNvd1IQ7S032oF0e6HxEQG2uUU
aIqtiNTaw7KZofUjExnZ38kp1AAjUiONoOJABVR963IqZV6vjnzYdFyfNlWTN5PZ
BGrY7aZmIjoybc11DLYhPljL/0KAJ43qXmZA8yiX+hkbC2V36xRzVFyvxtWvu8tg
yUqRYGSqGysTmhc8Gf2j+5EQicIqge4dVtgq7s5UTYffy9dGFXg6pzTtLGq1VwdC
mfbmPyBUK8G4eEzwECpPIE7nyF6lnkLAla6YXfEKDmVAH74LF4gbI/WvQOKpVUqo
RFAKMufUMCoVK5OjbKlJAMHs6gUukoGpY2p+S0HvyBfTlIw1FYueyPSGtQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNsLak1pFHhM5E8LCV8R2cWla5ANMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvMnd0cVRXa1VlRXprVHdzSlh4SFp4YVZya0EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATVWvAwQA
XyvmAwQA1AWCAwQA1AWFAwQA1AWRAwQA1RAjMA0GCSqGSIb3DQEBCwUAA4IBAQCB
7Smm31EuXg2QQlLZsBoGtg4pEr0kN1zMmIjCLFaQ+eFyWaz+36W0fz96hWFppD1G
yU+8U97P5wZ7icbmzvBSNYrsVJj/S9HW79hQQM/aSMwdFuSG6gg+D8v2rhiuiB0N
GIfVourhy9vz73bVQK+XrruGbLzbjASJdXvMuZDK8fompX2C58WB24NdC92XG7vT
/KbuRPza9x2S0rC51CUHq8CDMHqE7F0h6OV3Zfal2d/YQ77jZIiT1YTkvHYEZpkQ
QmRBPiO419sENQEKbjdEfDP0V5e+SQdiyqSNRACdoXSpvStMxJurx9EKV2EhQ0rk
cF3yZ+LF+RsH64X7jPPa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:04 2024 by rpki-client on console-fra.rpki-client.org