Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/3UGmp_EMk9Db0S9RgoJ95-5qg-Y.roa
File: 3UGmp_EMk9Db0S9RgoJ95-5qg-Y.roa (raw, json)
Hash identifier: 7PgfpqkOgbm4UFDwxU6Ju9xs7DLMJZ5xjrxKr79HyY4=
Subject key identifier: DD:41:A6:A7:F1:0C:93:D0:DB:D1:2F:51:82:82:7D:E7:EE:6A:83:E6
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 018D304430E4395ACA145914297B04781548
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/3UGmp_EMk9Db0S9RgoJ95-5qg-Y.roa
Signing time: Mon 22 Jan 2024 08:23:11 +0000
ROA not before: Mon 22 Jan 2024 08:23:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49934
IP address blocks: 195.77.132.0/23 maxlen: 23
195.77.132.0/24 maxlen: 24
195.77.133.0/24 maxlen: 24
195.77.134.0/23 maxlen: 23
195.77.134.0/24 maxlen: 24
195.77.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 08:41:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:30:44:30:e4:39:5a:ca:14:59:14:29:7b:04:78:15:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Jan 22 08:23:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd41a6a7f10c93d0dbd12f5182827de7ee6a83e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:48:d8:98:de:73:fd:8c:3c:6f:dc:21:57:78:
cc:ae:e9:38:89:3b:fd:7f:62:8f:06:47:db:0c:e6:
62:94:b8:83:15:67:71:6a:3f:53:ff:3a:b1:e8:9f:
2a:d2:ad:d6:0f:d5:71:46:03:7c:3a:ba:7c:de:9a:
9c:6b:f9:3b:85:98:88:28:d1:a6:5c:42:44:03:18:
d6:16:77:90:e1:69:3a:1b:50:50:6f:9a:18:65:b1:
2f:14:cb:ff:3f:3d:70:ce:77:b7:f2:f0:c1:24:ea:
51:99:fe:85:03:82:46:7a:6a:bb:b7:bb:8c:24:f0:
a8:b9:f2:a0:5a:a2:a7:01:4b:cc:79:14:20:ad:ee:
d2:25:af:09:36:12:a3:e1:5c:fc:53:a7:cd:66:bf:
1f:98:b7:3c:b0:80:d0:9d:c9:cc:4a:3b:e0:ad:8c:
37:dc:d4:7f:7d:30:75:4a:33:94:ad:75:70:7f:5f:
15:ec:00:30:32:d0:65:56:48:0e:dd:01:47:a5:72:
20:5f:56:d8:72:e9:a4:35:2b:d9:02:50:a6:8f:10:
98:60:69:8f:81:aa:9c:08:51:35:67:5c:8f:f5:d8:
6f:8f:47:69:24:d9:67:39:bc:42:54:37:a3:88:1f:
84:b8:8e:58:e0:6d:8e:c2:8d:91:af:66:e7:dd:39:
4c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:41:A6:A7:F1:0C:93:D0:DB:D1:2F:51:82:82:7D:E7:EE:6A:83:E6
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/3UGmp_EMk9Db0S9RgoJ95-5qg-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.77.132.0/22
Signature Algorithm: sha256WithRSAEncryption
e3:a7:12:37:0d:25:bc:87:3d:c5:aa:3a:d1:40:a7:99:b8:eb:
41:a8:cc:57:a5:90:eb:9e:8c:33:ca:e3:18:f6:81:76:28:6b:
7c:bf:d4:17:56:44:8c:de:c6:0b:2c:c7:c1:0e:af:d8:d4:e1:
eb:2a:e1:5c:a2:55:fe:54:95:45:c1:be:56:0a:de:b0:17:4d:
73:b1:01:73:dd:2b:91:ce:3a:46:62:5e:ca:01:bd:27:a0:7e:
57:61:1b:25:73:41:52:43:a2:cb:71:97:a6:07:74:50:4d:59:
c8:88:a3:15:77:de:fa:fe:a0:bf:69:8b:d9:d0:b6:ce:e5:c8:
bb:21:15:c7:42:3c:ed:be:71:81:25:2d:8f:14:b2:c6:35:14:
22:2b:55:eb:db:5a:8e:eb:86:c8:79:d4:c7:f0:56:3f:4a:26:
db:89:bf:f6:40:e5:30:66:aa:f7:a4:07:7b:46:da:7b:0e:a3:
ba:f7:6b:1f:7c:b3:0b:81:96:6a:4d:c7:23:84:ae:ad:8c:2e:
96:f8:7c:47:94:1b:8d:97:53:12:73:44:de:fa:ac:ae:c1:a7:
70:79:ff:76:e9:0a:ea:b0:d8:ce:b0:d3:75:e1:ab:63:b6:b0:
b9:d7:75:b3:43:23:5a:5e:af:4c:cb:77:9d:b3:10:b3:96:d9:
ea:ab:4c:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0wRDDkOVrKFFkUKXsEeBVIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjQwMTIyMDgyMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDQxYTZhN2YxMGM5M2QwZGJkMTJmNTE4MjgyN2RlN2VlNmE4M2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUjYmN5z/Yw8b9whV3jMruk4iTv9
f2KPBkfbDOZilLiDFWdxaj9T/zqx6J8q0q3WD9VxRgN8Orp83pqca/k7hZiIKNGm
XEJEAxjWFneQ4Wk6G1BQb5oYZbEvFMv/Pz1wzne38vDBJOpRmf6FA4JGemq7t7uM
JPCoufKgWqKnAUvMeRQgre7SJa8JNhKj4Vz8U6fNZr8fmLc8sIDQncnMSjvgrYw3
3NR/fTB1SjOUrXVwf18V7AAwMtBlVkgO3QFHpXIgX1bYcumkNSvZAlCmjxCYYGmP
gaqcCFE1Z1yP9dhvj0dpJNlnObxCVDejiB+EuI5Y4G2Owo2Rr2bn3TlMLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN1BpqfxDJPQ29EvUYKCfefuaoPmMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvM1VHbXBfRU1rOURiMFM5UmdvSjk1LTVxZy1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw02EMA0G
CSqGSIb3DQEBCwUAA4IBAQDjpxI3DSW8hz3FqjrRQKeZuOtBqMxXpZDrnowzyuMY
9oF2KGt8v9QXVkSM3sYLLMfBDq/Y1OHrKuFcolX+VJVFwb5WCt6wF01zsQFz3SuR
zjpGYl7KAb0noH5XYRslc0FSQ6LLcZemB3RQTVnIiKMVd976/qC/aYvZ0LbO5ci7
IRXHQjztvnGBJS2PFLLGNRQiK1Xr21qO64bIedTH8FY/Sibbib/2QOUwZqr3pAd7
Rtp7DqO692sffLMLgZZqTccjhK6tjC6W+HxHlBuNl1MSc0Te+qyuwadwef926Qrq
sNjOsNN14atjtrC513WzQyNaXq9My3edsxCzltnqq0xk
-----END CERTIFICATE-----
Generated at Mon Jan 22 13:45:40 2024 by rpki-client on console-ams.rpki-client.org