Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/nJTGXr5vWAeubvZsUeu4qreHvjg.roa
File: nJTGXr5vWAeubvZsUeu4qreHvjg.roa (raw, json)
Hash identifier: 3ImUWnzwiztP9jlXlWyEt2a0UIZ3wdr45JznmKurXJk=
Subject key identifier: 9C:94:C6:5E:BE:6F:58:07:AE:6E:F6:6C:51:EB:B8:AA:B7:87:BE:38
Certificate issuer: /CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Certificate serial: 018674315D02D4E47773D47F0B70E7CB0F5C
Authority key identifier: 1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/nJTGXr5vWAeubvZsUeu4qreHvjg.roa
Signing time: Tue 21 Feb 2023 13:37:17 +0000
ROA not before: Tue 21 Feb 2023 13:37:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34568
IP address blocks: 193.138.81.0/24 maxlen: 24
193.28.228.0/24 maxlen: 24
194.116.234.0/23 maxlen: 24
77.87.248.0/21 maxlen: 24
185.217.192.0/22 maxlen: 24
84.246.120.0/21 maxlen: 24
2a01:1f8::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:74:31:5d:02:d4:e4:77:73:d4:7f:0b:70:e7:cb:0f:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Validity
Not Before: Feb 21 13:37:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c94c65ebe6f5807ae6ef66c51ebb8aab787be38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a7:05:88:54:78:c8:93:48:46:2c:a9:43:0c:
b2:ba:0b:a0:27:b0:d4:b5:70:85:36:ec:ae:9c:e4:
f7:3e:5b:fd:34:6e:10:34:24:79:67:9d:76:c8:40:
1e:b1:5e:76:55:50:5d:d1:73:6d:07:b1:df:cc:31:
00:f7:60:1e:eb:da:ac:f4:6e:8b:ce:71:95:5a:9e:
48:2f:38:21:50:74:f8:16:63:ff:8c:a1:b3:73:30:
53:de:50:ae:af:aa:b3:a5:07:a4:22:56:c0:00:78:
30:dd:ca:26:4d:46:b0:2b:d7:ee:46:35:76:25:4d:
e5:c9:e0:7e:73:bb:fe:ca:14:6a:74:e5:d2:7d:98:
89:92:09:23:68:d4:d8:93:47:86:a3:c9:71:a1:0f:
67:3f:1a:90:8c:c9:87:43:e9:9f:8a:b5:75:7b:74:
86:68:73:c5:00:8c:81:18:5c:08:33:72:1b:84:24:
ba:c3:4d:3e:f1:ae:69:8d:7b:65:99:8d:e2:0b:6d:
08:0f:5f:b9:03:43:5d:16:3d:07:d2:67:6d:4d:41:
f2:fd:e3:5b:2d:47:47:ad:a4:bc:10:68:49:97:6f:
1e:65:11:6f:41:6a:22:da:d5:3c:23:e2:08:b5:cc:
d6:fe:78:62:ab:34:e2:d1:9a:86:9d:8c:2a:0b:04:
67:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:94:C6:5E:BE:6F:58:07:AE:6E:F6:6C:51:EB:B8:AA:B7:87:BE:38
X509v3 Authority Key Identifier:
keyid:1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/nJTGXr5vWAeubvZsUeu4qreHvjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.248.0/21
84.246.120.0/21
185.217.192.0/22
193.28.228.0/24
193.138.81.0/24
194.116.234.0/23
IPv6:
2a01:1f8::/32
Signature Algorithm: sha256WithRSAEncryption
32:f4:f1:e0:64:51:3f:00:16:fe:e7:c7:fc:a9:d3:09:03:53:
fd:04:23:0f:b7:81:b1:8a:ea:17:ef:ec:e5:79:78:c2:9c:3c:
f9:3e:96:88:34:92:5e:42:fb:4a:c4:f5:6b:ca:82:ac:bb:53:
8c:ce:de:c3:39:f8:40:e1:6e:83:3c:21:b2:cd:13:bd:34:ca:
46:b3:54:b6:a6:c3:a4:24:04:5c:99:92:6d:d9:e5:ca:66:26:
8e:1f:37:54:b5:41:f0:c2:fc:cf:d7:f8:f5:53:cb:c6:b8:14:
7e:ef:4d:93:b8:f0:69:2e:2c:f8:c1:10:95:f0:59:57:eb:4e:
0d:1a:32:fe:3d:e1:be:43:8e:1f:f9:a0:06:77:cd:93:73:2b:
cd:f6:3a:13:0e:71:ff:9c:62:9a:93:0e:e8:75:30:1b:39:4c:
f7:ea:71:72:5d:4b:98:d0:c7:b1:fd:a6:9f:4a:6b:59:b4:66:
0e:5b:e1:78:8b:38:38:a4:bb:ae:89:47:79:c8:c9:be:87:13:
ee:d7:69:a9:ed:91:c1:1c:4a:c0:cc:6e:10:9b:fc:ab:6c:76:
3b:75:77:36:f2:c1:35:b5:e3:0c:7b:28:94:b8:eb:8e:ea:6a:
4d:a0:5c:85:99:26:40:f3:e9:1a:b7:13:ba:2b:c9:e6:08:c6:
a3:70:3e:69
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYZ0MV0C1OR3c9R/C3Dnyw9cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2FkNzc1NDc5NWRkZDYwNWYyODgzOGJiN2NjMzU5ZGY3
YTI2NmEwHhcNMjMwMjIxMTMzNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzk0YzY1ZWJlNmY1ODA3YWU2ZWY2NmM1MWViYjhhYWI3ODdiZTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6cFiFR4yJNIRiypQwyyugugJ7DU
tXCFNuyunOT3Plv9NG4QNCR5Z512yEAesV52VVBd0XNtB7HfzDEA92Ae69qs9G6L
znGVWp5ILzghUHT4FmP/jKGzczBT3lCur6qzpQekIlbAAHgw3comTUawK9fuRjV2
JU3lyeB+c7v+yhRqdOXSfZiJkgkjaNTYk0eGo8lxoQ9nPxqQjMmHQ+mfirV1e3SG
aHPFAIyBGFwIM3IbhCS6w00+8a5pjXtlmY3iC20ID1+5A0NdFj0H0mdtTUHy/eNb
LUdHraS8EGhJl28eZRFvQWoi2tU8I+IItczW/nhiqzTi0ZqGnYwqCwRnawIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJyUxl6+b1gHrm72bFHruKq3h744MB8GA1UdIwQY
MBaAFBx613VHld3WBfKIOLt8w1nfeiZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgt
YWRhNWMyMGUzZjdiLzEvbkpUR1hyNXZXQWV1YnZac1VldTRxcmVIdmpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgtYWRhNWMyMGUzZjdi
LzEvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDTVf4AwQD
VPZ4AwQCudnAAwQAwRzkAwQAwYpRAwQBwnTqMA0EAgACMAcDBQAqAQH4MA0GCSqG
SIb3DQEBCwUAA4IBAQAy9PHgZFE/ABb+58f8qdMJA1P9BCMPt4GxiuoX7+zleXjC
nDz5PpaINJJeQvtKxPVryoKsu1OMzt7DOfhA4W6DPCGyzRO9NMpGs1S2psOkJARc
mZJt2eXKZiaOHzdUtUHwwvzP1/j1U8vGuBR+702TuPBpLiz4wRCV8FlX604NGjL+
PeG+Q44f+aAGd82TcyvN9joTDnH/nGKakw7odTAbOUz36nFyXUuY0Mex/aafSmtZ
tGYOW+F4izg4pLuuiUd5yMm+hxPu12mp7ZHBHErAzG4Qm/yrbHY7dXc28sE1teMM
eyiUuOuO6mpNoFyFmSZA8+katxO6K8nmCMajcD5p
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:52 2023 by rpki-client on console-fra.rpki-client.org