Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/c1Yib1Fr5MEW1TSfWzFI2Oa6Tbo.roa
File: c1Yib1Fr5MEW1TSfWzFI2Oa6Tbo.roa (raw, json)
Hash identifier: cAw+CIHNNfJ68SdEjoeh/kxFj676mAB6iEmFdjTpkB8=
Subject key identifier: 73:56:22:6F:51:6B:E4:C1:16:D5:34:9F:5B:31:48:D8:E6:BA:4D:BA
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 018CC94AAD2AF8BD34A719675451D9FDD024
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/c1Yib1Fr5MEW1TSfWzFI2Oa6Tbo.roa
Signing time: Tue 02 Jan 2024 08:29:23 +0000
ROA not before: Tue 02 Jan 2024 08:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 77.223.200.0/23 maxlen: 24
176.222.48.0/22 maxlen: 24
79.139.64.0/23 maxlen: 24
95.178.8.0/21 maxlen: 24
116.50.16.0/21 maxlen: 24
121.127.56.0/21 maxlen: 24
66.9.96.0/20 maxlen: 24
93.119.184.0/21 maxlen: 24
198.145.112.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Feb 2024 17:46:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:ad:2a:f8:bd:34:a7:19:67:54:51:d9:fd:d0:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jan 2 08:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7356226f516be4c116d5349f5b3148d8e6ba4dba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e2:b8:bd:31:36:fd:b9:da:d9:13:d4:60:d8:
4c:26:d6:b7:46:44:7c:a4:c2:01:c5:08:6f:49:4f:
47:25:ae:39:b4:c3:d1:14:8b:00:5f:b1:a9:4b:8c:
d2:c3:d9:57:fb:42:ba:ee:fa:46:4f:85:2e:fa:5a:
5c:27:0d:d2:ca:d8:c1:4d:e3:88:59:ee:ff:97:09:
c0:a9:9a:c2:9e:99:2e:6a:56:e0:c9:eb:34:a8:50:
07:00:ec:85:ed:a3:10:47:a4:09:5a:66:ef:d8:93:
ef:82:b0:3d:13:dc:94:6b:04:27:25:1f:37:fa:fe:
ae:59:ec:f1:71:5b:92:a2:67:c4:44:be:6f:ef:c7:
6e:d8:33:d6:e2:f4:76:99:71:e8:ee:9c:c3:f3:b5:
d9:13:30:50:dd:2b:bd:30:8b:bb:dc:90:99:88:89:
d2:46:c7:65:33:41:46:e1:ee:a6:99:f9:88:ec:3d:
c2:0d:95:6c:7f:4b:fe:92:4e:f3:7a:e0:c1:29:95:
c9:97:04:4c:47:17:ef:50:fd:84:b3:db:0c:ca:aa:
8b:7a:97:36:e9:0d:a3:d6:79:28:1e:be:4e:8f:12:
da:08:ca:3e:3f:cd:a6:72:64:b0:46:df:20:5c:5e:
69:7c:b0:9a:70:5d:49:aa:dc:28:65:e9:2b:a5:1a:
83:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:56:22:6F:51:6B:E4:C1:16:D5:34:9F:5B:31:48:D8:E6:BA:4D:BA
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/c1Yib1Fr5MEW1TSfWzFI2Oa6Tbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.9.96.0/20
77.223.200.0/23
79.139.64.0/23
93.119.184.0/21
95.178.8.0/21
116.50.16.0/21
121.127.56.0/21
176.222.48.0/22
198.145.112.0/22
Signature Algorithm: sha256WithRSAEncryption
61:7c:00:1d:97:66:b6:c3:aa:38:0c:b2:1e:65:41:bb:b3:83:
af:5a:37:1b:47:2b:23:74:6d:4b:5a:a8:0c:95:86:35:38:3f:
f5:e5:7c:06:3f:ce:fc:b5:22:87:51:eb:c9:99:3f:c8:b0:d9:
e1:11:48:0d:af:71:70:f8:13:43:dc:ae:41:a1:0f:53:6a:70:
8b:a0:af:5e:09:59:84:9f:c8:57:93:49:49:b7:c5:a9:9b:c0:
e6:c9:ee:91:f1:06:1c:ab:94:ea:23:dc:34:08:d5:0b:a9:eb:
e1:e8:cd:38:e1:35:a0:37:07:96:bd:6f:93:b6:e1:d7:e5:87:
b8:8e:dc:18:69:8c:26:24:cb:99:8e:ec:ee:83:6e:73:c5:ca:
32:09:b2:0d:93:b8:68:75:d2:31:1a:d7:0c:2e:5e:c8:69:4a:
6b:d6:67:1d:93:ec:4d:ce:72:be:34:32:2f:2c:a2:bb:d7:67:
34:8a:31:d0:c9:4c:09:2b:99:89:d3:3e:c9:34:14:a4:e8:00:
e9:4e:63:90:fe:1c:a6:62:69:81:fc:8d:21:58:eb:1a:f2:37:
ae:89:22:49:a7:9f:1a:3e:fb:44:cf:f4:30:85:4a:31:80:b8:
02:f2:93:67:24:70:c7:98:63:8d:69:ea:73:41:f5:59:43:e2:
83:e1:69:c9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzJSq0q+L00pxlnVFHZ/dAkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwMTAyMDgyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzU2MjI2ZjUxNmJlNGMxMTZkNTM0OWY1YjMxNDhkOGU2YmE0ZGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+K4vTE2/bna2RPUYNhMJta3RkR8
pMIBxQhvSU9HJa45tMPRFIsAX7GpS4zSw9lX+0K67vpGT4Uu+lpcJw3SytjBTeOI
We7/lwnAqZrCnpkualbgyes0qFAHAOyF7aMQR6QJWmbv2JPvgrA9E9yUawQnJR83
+v6uWezxcVuSomfERL5v78du2DPW4vR2mXHo7pzD87XZEzBQ3Su9MIu73JCZiInS
RsdlM0FG4e6mmfmI7D3CDZVsf0v+kk7zeuDBKZXJlwRMRxfvUP2Es9sMyqqLepc2
6Q2j1nkoHr5OjxLaCMo+P82mcmSwRt8gXF5pfLCacF1JqtwoZekrpRqDgQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHNWIm9Ra+TBFtU0n1sxSNjmuk26MB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvYzFZaWIxRnI1TUVXMVRTZld6RkkyT2E2VGJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQEQglgAwQB
Td/IAwQBT4tAAwQDXXe4AwQDX7IIAwQDdDIQAwQDeX84AwQCsN4wAwQCxpFwMA0G
CSqGSIb3DQEBCwUAA4IBAQBhfAAdl2a2w6o4DLIeZUG7s4OvWjcbRysjdG1LWqgM
lYY1OD/15XwGP878tSKHUevJmT/IsNnhEUgNr3Fw+BND3K5BoQ9TanCLoK9eCVmE
n8hXk0lJt8Wpm8Dmye6R8QYcq5TqI9w0CNULqevh6M044TWgNweWvW+TtuHX5Ye4
jtwYaYwmJMuZjuzug25zxcoyCbINk7hoddIxGtcMLl7IaUpr1mcdk+xNznK+NDIv
LKK712c0ijHQyUwJK5mJ0z7JNBSk6ADpTmOQ/hymYmmB/I0hWOsa8jeuiSJJp58a
PvtEz/QwhUoxgLgC8pNnJHDHmGONaepzQfVZQ+KD4WnJ
Generated at Thu Feb 8 21:03:01 2024 by rpki-client on console-fra.rpki-client.org