Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/il6MqFjeEJZiX-eM6lkCGxTn_VE.roa
File: il6MqFjeEJZiX-eM6lkCGxTn_VE.roa (raw, json)
Hash identifier: q/ldZu0kyKVg/uvfY8FLzGbZj4WRvNSF4uWDM8frETo=
Subject key identifier: 8A:5E:8C:A8:58:DE:10:96:62:5F:E7:8C:EA:59:02:1B:14:E7:FD:51
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 0189B5042CFAB60B551CCD8C22A2213BB81B
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/il6MqFjeEJZiX-eM6lkCGxTn_VE.roa
Signing time: Wed 02 Aug 2023 06:51:36 +0000
ROA not before: Wed 02 Aug 2023 06:51:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8795
IP address blocks: 77.85.175.0/24 maxlen: 24
77.85.196.0/24 maxlen: 24
212.5.130.0/24 maxlen: 24
212.5.133.0/24 maxlen: 24
212.5.145.0/24 maxlen: 24
95.43.230.0/24 maxlen: 24
213.16.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Sep 2023 10:27:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b5:04:2c:fa:b6:0b:55:1c:cd:8c:22:a2:21:3b:b8:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Aug 2 06:51:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a5e8ca858de1096625fe78cea59021b14e7fd51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a9:0f:bc:30:d7:50:bd:24:e5:9d:09:58:10:
13:e9:95:2e:ce:be:e4:f1:6f:7e:29:91:bf:ed:ee:
2a:cd:58:f1:9c:de:45:ab:51:f0:38:72:b3:d9:b8:
5d:a5:a5:fa:e7:0e:c8:f5:49:e4:c4:0e:38:fb:f8:
9f:5b:27:ae:3b:df:b2:76:e1:a6:be:7c:77:60:af:
f7:a7:7a:29:1d:8d:57:11:f6:e0:26:b8:f2:83:8b:
37:86:c3:c6:fe:d5:e3:52:d8:1f:d3:d4:f9:56:78:
a1:a9:12:7f:e0:62:4a:c1:a7:37:d3:02:fe:d6:a5:
cb:95:3d:0a:a1:35:42:cb:a6:31:19:37:b7:e7:1c:
2b:ae:ae:f9:ac:65:56:30:9d:6b:9a:c3:84:7f:22:
ea:7a:e9:8d:ca:4d:9f:0e:6a:21:1c:66:d9:bd:9c:
cc:7a:1c:f2:20:60:c7:c0:26:f6:f7:d1:92:72:bc:
76:1d:df:57:0f:23:88:2e:fb:0b:22:8f:70:8b:26:
3d:e3:67:42:6b:56:f2:0e:f1:49:72:57:68:7b:de:
a6:ab:68:52:24:5c:0f:c1:40:63:f1:d5:77:77:77:
6b:99:a9:f3:e7:f2:50:41:35:80:33:fe:0a:20:57:
cf:e2:72:2d:48:b8:3f:b3:d0:1c:dd:6f:a8:b0:b2:
64:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:5E:8C:A8:58:DE:10:96:62:5F:E7:8C:EA:59:02:1B:14:E7:FD:51
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/il6MqFjeEJZiX-eM6lkCGxTn_VE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.85.175.0/24
77.85.196.0/24
95.43.230.0/24
212.5.130.0/24
212.5.133.0/24
212.5.145.0/24
213.16.35.0/24
Signature Algorithm: sha256WithRSAEncryption
02:fa:86:1d:81:34:92:36:05:ec:b6:4a:53:10:79:d4:ef:b8:
19:55:42:d3:97:ea:2d:f5:53:62:5e:1d:ad:c3:5e:d7:3b:37:
2b:b7:ee:79:cb:34:03:9c:51:76:4d:9c:c5:28:b9:e9:69:ae:
c3:c7:f3:fb:9b:cd:f5:c0:9d:df:31:92:46:c5:75:97:3b:64:
08:4c:9b:75:42:55:a7:88:e5:c8:ce:d4:ee:30:46:cc:2d:09:
5b:00:f7:08:f4:42:75:29:dd:e0:66:39:36:92:e3:ac:91:c9:
d3:72:e7:84:c9:fc:26:0c:bd:01:19:cf:71:19:45:5b:44:e7:
aa:ba:1f:e1:b2:9a:58:82:24:94:6f:d2:3f:a2:8f:b8:ce:44:
2d:34:17:b3:50:e4:57:4c:fc:60:9c:8e:0c:91:06:5b:4f:3b:
e0:e6:f9:4d:2b:a8:9e:00:1e:76:5b:f3:da:d7:3b:bb:4e:6c:
fa:08:9d:62:04:1a:15:0c:92:88:39:52:bb:cf:54:49:8f:c0:
d1:f7:e2:75:75:2e:9f:19:bd:24:78:96:69:e3:99:ef:ac:9b:
ab:10:f9:b6:32:b3:8b:b8:1f:fe:ca:6c:3e:7d:3c:0f:0d:4f:
e1:84:72:ae:32:7a:59:48:9d:84:0e:a5:01:2c:1f:25:bd:e6:
63:dc:d5:78
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYm1BCz6tgtVHM2MIqIhO7gbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwODAyMDY1MTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTVlOGNhODU4ZGUxMDk2NjI1ZmU3OGNlYTU5MDIxYjE0ZTdmZDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6kPvDDXUL0k5Z0JWBAT6ZUuzr7k
8W9+KZG/7e4qzVjxnN5Fq1HwOHKz2bhdpaX65w7I9UnkxA44+/ifWyeuO9+yduGm
vnx3YK/3p3opHY1XEfbgJrjyg4s3hsPG/tXjUtgf09T5VnihqRJ/4GJKwac30wL+
1qXLlT0KoTVCy6YxGTe35xwrrq75rGVWMJ1rmsOEfyLqeumNyk2fDmohHGbZvZzM
ehzyIGDHwCb299GScrx2Hd9XDyOILvsLIo9wiyY942dCa1byDvFJcldoe96mq2hS
JFwPwUBj8dV3d3drmanz5/JQQTWAM/4KIFfP4nItSLg/s9Ac3W+osLJkWQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIpejKhY3hCWYl/njOpZAhsU5/1RMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvaWw2TXFGamVFSlppWC1lTTZsa0NHeFRuX1ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQATVWvAwQA
TVXEAwQAXyvmAwQA1AWCAwQA1AWFAwQA1AWRAwQA1RAjMA0GCSqGSIb3DQEBCwUA
A4IBAQAC+oYdgTSSNgXstkpTEHnU77gZVULTl+ot9VNiXh2tw17XOzcrt+55yzQD
nFF2TZzFKLnpaa7Dx/P7m831wJ3fMZJGxXWXO2QITJt1QlWniOXIztTuMEbMLQlb
APcI9EJ1Kd3gZjk2kuOskcnTcueEyfwmDL0BGc9xGUVbROequh/hsppYgiSUb9I/
oo+4zkQtNBezUORXTPxgnI4MkQZbTzvg5vlNK6ieAB52W/Pa1zu7Tmz6CJ1iBBoV
DJKIOVK7z1RJj8DR9+J1dS6fGb0keJZp45nvrJurEPm2MrOLuB/+ymw+fTwPDU/h
hHKuMnpZSJ2EDqUBLB8lveZj3NV4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:05 2024 by rpki-client on console-fra.rpki-client.org