Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/litHdL0sma4Nl9AQxVd1yxtL4lQ.roa
File: litHdL0sma4Nl9AQxVd1yxtL4lQ.roa (raw, json)
Hash identifier: IkOlEhuZvSIRkpNMtXZw48oqLLeU9kwuS8GAUZt0LeU=
Subject key identifier: 96:2B:47:74:BD:2C:99:AE:0D:97:D0:10:C5:57:75:CB:1B:4B:E2:54
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 018CCA99316775DAD0B9FF53B4418CA50006
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/litHdL0sma4Nl9AQxVd1yxtL4lQ.roa
Signing time: Tue 02 Jan 2024 14:34:46 +0000
ROA not before: Tue 02 Jan 2024 14:34:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43395
IP address blocks: 87.107.85.0/24 maxlen: 24
81.12.64.0/23 maxlen: 23
81.12.66.0/24 maxlen: 24
81.12.90.0/23 maxlen: 23
87.107.31.0/24 maxlen: 24
87.107.142.0/23 maxlen: 23
87.107.32.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sun 03 Mar 2024 07:41:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:31:67:75:da:d0:b9:ff:53:b4:41:8c:a5:00:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 2 14:34:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=962b4774bd2c99ae0d97d010c55775cb1b4be254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:74:52:87:9c:00:64:f1:2b:b7:56:2e:69:10:
a1:28:80:79:51:a9:55:95:87:71:19:b7:66:68:33:
88:90:27:63:77:78:1c:23:b9:1b:9c:5a:85:14:45:
8e:ac:41:21:6d:75:45:70:c8:cd:70:bd:59:8b:9d:
14:ec:94:00:0f:f8:3c:cb:f3:55:52:7c:df:03:7a:
cd:e9:a4:f4:52:ff:1b:01:14:e8:e9:85:bd:50:50:
84:43:b3:c8:43:e7:d4:93:c0:bf:71:07:33:aa:14:
75:76:78:2c:aa:45:43:ac:4b:f0:e5:32:83:0d:78:
a2:ca:ef:4a:c4:5f:f7:21:9e:f1:bd:14:78:28:75:
d1:92:1e:6a:76:4c:fa:9d:fa:81:46:91:f5:30:a8:
4e:29:c0:41:7a:ef:46:17:6e:6a:69:bc:a7:b9:1b:
0f:88:76:79:b0:7c:44:35:a3:ed:fe:9d:d8:38:de:
8b:a3:6a:f0:3a:08:a4:b2:1e:b7:46:f6:87:ec:fe:
07:56:22:ea:da:7d:b6:c7:56:28:ad:b1:8d:99:4b:
4b:cd:dd:cf:78:9a:00:b5:02:f8:7a:37:d2:da:30:
17:43:ca:21:5e:95:e1:8b:b3:fc:46:15:fe:f3:6a:
26:d6:ad:2e:f2:f4:de:a5:56:78:55:25:31:0e:68:
95:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:2B:47:74:BD:2C:99:AE:0D:97:D0:10:C5:57:75:CB:1B:4B:E2:54
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/litHdL0sma4Nl9AQxVd1yxtL4lQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.12.64.0-81.12.66.255
81.12.90.0/23
87.107.31.0-87.107.33.255
87.107.85.0/24
87.107.142.0/23
Signature Algorithm: sha256WithRSAEncryption
27:de:06:47:b7:20:96:5c:4f:a8:77:ca:aa:aa:b4:e4:fb:90:
74:d1:1c:1e:a3:a2:79:73:4f:a1:e2:31:9c:c5:c4:a1:ee:66:
f0:b1:3f:15:08:db:31:7e:53:86:df:83:2c:90:61:dd:f5:c2:
c5:32:c6:bb:24:8a:73:91:c3:fc:fb:2a:1b:09:8c:ba:69:e3:
63:aa:c0:62:83:84:55:5f:c4:41:87:60:31:16:83:af:4c:dc:
8e:f7:37:2c:cf:b6:66:43:cc:e6:51:aa:2c:69:c2:71:87:bd:
a9:dc:20:a8:ab:f2:89:47:a1:13:e9:0d:4f:b0:54:ab:c9:98:
2f:cc:03:19:73:c3:b5:ab:e9:30:d2:f6:4d:88:9e:ff:0d:48:
1e:36:da:31:ca:36:f0:1c:a2:aa:ae:23:9a:97:b8:d6:86:e4:
51:4e:ea:00:78:31:b8:85:94:d9:82:0b:a2:36:6e:6c:a9:8b:
c1:d5:4b:b5:a1:8d:08:06:5a:74:48:1c:92:4f:3d:58:72:3f:
33:fd:91:90:39:a1:22:53:f6:ef:a7:88:40:6d:69:5e:05:b7:
8d:e6:58:2e:15:77:45:1b:c4:80:81:a3:df:5a:53:fe:9d:84:
35:38:1b:a2:a7:2e:c3:5e:78:cd:67:f6:8f:7e:3f:13:3b:22:
7c:75:1d:79
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzKmTFnddrQuf9TtEGMpQAGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjQwMTAyMTQzNDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjJiNDc3NGJkMmM5OWFlMGQ5N2QwMTBjNTU3NzVjYjFiNGJlMjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3RSh5wAZPErt1YuaRChKIB5UalV
lYdxGbdmaDOIkCdjd3gcI7kbnFqFFEWOrEEhbXVFcMjNcL1Zi50U7JQAD/g8y/NV
UnzfA3rN6aT0Uv8bARTo6YW9UFCEQ7PIQ+fUk8C/cQczqhR1dngsqkVDrEvw5TKD
DXiiyu9KxF/3IZ7xvRR4KHXRkh5qdkz6nfqBRpH1MKhOKcBBeu9GF25qabynuRsP
iHZ5sHxENaPt/p3YON6Lo2rwOgiksh63RvaH7P4HViLq2n22x1YorbGNmUtLzd3P
eJoAtQL4ejfS2jAXQ8ohXpXhi7P8RhX+82om1q0u8vTepVZ4VSUxDmiVrwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFJYrR3S9LJmuDZfQEMVXdcsbS+JUMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvbGl0SGRMMHNtYTRObDlBUXhWZDF5eHRMNGxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAZRDEAD
BABRDEIDBAFRDFowDAMEAFdrHwMEAVdrIAMEAFdrVQMEAVdrjjANBgkqhkiG9w0B
AQsFAAOCAQEAJ94GR7cgllxPqHfKqqq05PuQdNEcHqOieXNPoeIxnMXEoe5m8LE/
FQjbMX5Tht+DLJBh3fXCxTLGuySKc5HD/PsqGwmMumnjY6rAYoOEVV/EQYdgMRaD
r0zcjvc3LM+2ZkPM5lGqLGnCcYe9qdwgqKvyiUehE+kNT7BUq8mYL8wDGXPDtavp
MNL2TYie/w1IHjbaMco28Byiqq4jmpe41obkUU7qAHgxuIWU2YILojZubKmLwdVL
taGNCAZadEgckk89WHI/M/2RkDmhIlP276eIQG1pXgW3jeZYLhV3RRvEgIGj31pT
/p2ENTgboqcuw154zWf2j34/EzsifHUdeQ==
-----END CERTIFICATE-----
Generated at Sun Mar 3 10:08:20 2024 by rpki-client on console-ams.rpki-client.org