Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/jGSSCx4ERPEKgTf-nDBdUIJu1rI.roa
File: jGSSCx4ERPEKgTf-nDBdUIJu1rI.roa (raw, json)
Hash identifier: J8MMtjOwRNZwcQA5XDo3BQghxbVvDj31clp6zgE5idM=
Subject key identifier: 8C:64:92:0B:1E:04:44:F1:0A:81:37:FE:9C:30:5D:50:82:6E:D6:B2
Certificate issuer: /CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Certificate serial: 018987C8710575A5BDAA2701E71A97233FFA
Authority key identifier: AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/jGSSCx4ERPEKgTf-nDBdUIJu1rI.roa
Signing time: Mon 24 Jul 2023 12:03:27 +0000
ROA not before: Mon 24 Jul 2023 12:03:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15570
IP address blocks: 77.242.192.0/21 maxlen: 21
77.242.194.0/23 maxlen: 23
185.175.12.0/22 maxlen: 22
95.172.64.0/24 maxlen: 24
95.172.76.0/22 maxlen: 22
95.172.72.0/23 maxlen: 23
95.172.88.0/22 maxlen: 22
95.172.94.0/23 maxlen: 23
212.118.234.0/24 maxlen: 24
2a02:b50::/34 maxlen: 34
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:87:c8:71:05:75:a5:bd:aa:27:01:e7:1a:97:23:3f:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Validity
Not Before: Jul 24 12:03:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c64920b1e0444f10a8137fe9c305d50826ed6b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fe:04:ac:b5:40:5c:45:01:a3:03:68:6e:a0:
12:a4:23:da:6b:bb:fd:5c:05:8e:97:f7:45:a7:cd:
70:3d:2a:c6:a3:1a:b2:cd:1a:ba:46:f2:9f:a8:f0:
b5:84:6a:b5:ee:bd:09:87:3b:f4:2b:71:ed:ad:c5:
e8:b8:1c:e9:75:7d:be:1d:ac:6e:39:c0:f3:d8:b6:
2c:ed:55:65:4c:76:96:57:44:11:07:85:5d:c7:d1:
18:f4:51:da:9f:4b:a7:74:22:43:a8:39:6e:a6:56:
9a:ee:0b:2d:95:62:7e:f6:27:c0:36:ce:64:32:89:
58:44:7c:56:e4:21:a9:6b:f6:03:fb:30:57:d8:07:
f6:8a:12:98:8b:d9:b2:45:e2:47:5e:65:e4:f5:93:
8e:eb:e0:84:35:bb:0e:31:e3:ff:14:6b:00:d0:f3:
a7:a3:ff:db:94:0f:6a:37:ba:3b:71:22:86:3f:7b:
e8:7a:88:ea:dc:13:db:df:b2:90:8f:18:36:93:52:
6c:e6:b3:e7:d6:fa:b8:3a:ce:b6:60:c6:a3:20:2f:
47:a3:93:bf:83:c1:4b:8a:de:1a:05:95:b6:b9:77:
ec:e4:b1:2e:e0:bf:59:7b:a9:e8:f8:9b:4a:1e:8c:
4d:de:31:25:08:3b:26:03:f1:da:a5:95:55:4e:01:
67:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:64:92:0B:1E:04:44:F1:0A:81:37:FE:9C:30:5D:50:82:6E:D6:B2
X509v3 Authority Key Identifier:
keyid:AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/jGSSCx4ERPEKgTf-nDBdUIJu1rI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.192.0/21
95.172.64.0/24
95.172.72.0/23
95.172.76.0/22
95.172.88.0/22
95.172.94.0/23
185.175.12.0/22
212.118.234.0/24
IPv6:
2a02:b50::/34
Signature Algorithm: sha256WithRSAEncryption
ce:9d:09:5c:20:d5:3e:7a:e8:1b:00:3a:b1:c8:f1:e8:93:f4:
b0:cb:cb:06:09:00:31:9f:a4:2a:ff:08:da:d0:5d:e3:8c:67:
dc:d8:98:d3:f6:8a:89:b9:d0:50:5c:a4:39:f2:bf:9d:e0:8d:
88:ea:dd:e4:76:7d:67:f4:41:e0:79:68:d7:27:2a:54:16:e7:
f4:0b:36:28:cb:2e:73:39:b0:8f:5f:06:93:14:76:93:87:fe:
34:3b:2f:6b:74:2d:50:bc:91:1d:03:e9:23:b3:fc:da:6c:e4:
28:14:2d:a4:1c:96:71:73:68:77:41:0d:82:c3:56:c7:7c:d3:
45:15:ba:44:d2:bf:97:a3:78:93:e9:21:df:e1:4b:31:96:64:
dc:ef:62:14:ee:f1:8b:f1:3b:fd:da:1f:5a:70:2f:e7:c5:2d:
49:39:60:f5:6e:ca:9f:40:a3:21:c8:69:0d:5f:64:03:16:80:
23:39:f9:41:d4:5c:4c:fe:bf:b2:7a:d7:a3:92:9d:b7:8f:16:
35:53:99:a8:30:f9:ec:e7:bb:19:fd:dd:24:f8:0b:e2:ba:9e:
be:9e:8a:6d:99:14:ce:96:84:04:b0:d1:19:0c:6f:45:3d:44:
ad:92:50:e9:e5:a7:34:ad:d9:58:81:b5:46:5f:c6:42:d4:ee:
66:b5:ff:e3
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYmHyHEFdaW9qicB5xqXIz/6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZGFlZWE5MTE3YTFkNWNjYzMyMDIyMjk1NWEwOWZhYTA3
OThmZDkwHhcNMjMwNzI0MTIwMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzY0OTIwYjFlMDQ0NGYxMGE4MTM3ZmU5YzMwNWQ1MDgyNmVkNmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApv4ErLVAXEUBowNobqASpCPaa7v9
XAWOl/dFp81wPSrGoxqyzRq6RvKfqPC1hGq17r0Jhzv0K3HtrcXouBzpdX2+Haxu
OcDz2LYs7VVlTHaWV0QRB4Vdx9EY9FHan0undCJDqDluplaa7gstlWJ+9ifANs5k
MolYRHxW5CGpa/YD+zBX2Af2ihKYi9myReJHXmXk9ZOO6+CENbsOMeP/FGsA0POn
o//blA9qN7o7cSKGP3voeojq3BPb37KQjxg2k1Js5rPn1vq4Os62YMajIC9Ho5O/
g8FLit4aBZW2uXfs5LEu4L9Ze6no+JtKHoxN3jElCDsmA/HapZVVTgFntwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFIxkkgseBETxCoE3/pwwXVCCbtayMB8GA1UdIwQY
MBaAFK7a7qkReh1czDICIpVaCfqgeY/ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEt
OTk4NjhjNTEzMjlhLzEvakdTU0N4NEVSUEVLZ1RmLW5EQmRVSUp1MXJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEtOTk4NjhjNTEzMjlh
LzEvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDA2BAIAATAwAwQDTfLAAwQA
X6xAAwQBX6xIAwQCX6xMAwQCX6xYAwQBX6xeAwQCua8MAwQA1HbqMA4EAgACMAgD
BgYqAgtQADANBgkqhkiG9w0BAQsFAAOCAQEAzp0JXCDVPnroGwA6scjx6JP0sMvL
BgkAMZ+kKv8I2tBd44xn3NiY0/aKibnQUFykOfK/neCNiOrd5HZ9Z/RB4Hlo1ycq
VBbn9As2KMsuczmwj18GkxR2k4f+NDsva3QtULyRHQPpI7P82mzkKBQtpByWcXNo
d0ENgsNWx3zTRRW6RNK/l6N4k+kh3+FLMZZk3O9iFO7xi/E7/dofWnAv58UtSTlg
9W7Kn0CjIchpDV9kAxaAIzn5QdRcTP6/snrXo5Kdt48WNVOZqDD57Oe7Gf3dJPgL
4rqevp6KbZkUzpaEBLDRGQxvRT1ErZJQ6eWnNK3ZWIG1Rl/GQtTuZrX/4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:58 2024 by rpki-client on console-fra.rpki-client.org