Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/s-hL84WudHUX1rRufTE3YB3n8F0.roa
File: s-hL84WudHUX1rRufTE3YB3n8F0.roa (raw, json)
Hash identifier: 16J8oQNDpyVi4qX6/J6Ji0sPhdffV4Mxoubua/Cx/aw=
Subject key identifier: B3:E8:4B:F3:85:AE:74:75:17:D6:B4:6E:7D:31:37:60:1D:E7:F0:5D
Certificate issuer: /CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Certificate serial: 018CC8011CCEDDC280F966D9A68C1FE34563
Authority key identifier: 1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/s-hL84WudHUX1rRufTE3YB3n8F0.roa
Signing time: Tue 02 Jan 2024 02:29:25 +0000
ROA not before: Tue 02 Jan 2024 02:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34568
IP address blocks: 193.138.81.0/24 maxlen: 24
193.28.228.0/24 maxlen: 24
194.116.234.0/23 maxlen: 24
77.87.248.0/21 maxlen: 24
185.217.192.0/22 maxlen: 24
84.246.120.0/21 maxlen: 24
2a01:1f8::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 30 Jan 2024 07:50:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:1c:ce:dd:c2:80:f9:66:d9:a6:8c:1f:e3:45:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Validity
Not Before: Jan 2 02:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3e84bf385ae747517d6b46e7d3137601de7f05d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:97:da:d8:52:3b:cb:62:ee:c3:cf:3a:ac:ef:
6f:ca:db:4f:3b:73:4c:4e:ab:f3:2c:ad:5d:fa:e7:
3b:6b:61:50:d6:13:37:ae:65:87:bd:e7:88:61:e5:
cf:60:97:74:f5:4e:18:55:f4:43:db:58:77:37:55:
62:88:5d:2d:ef:71:e8:3a:e7:54:c1:80:e8:66:b8:
aa:8b:e0:a3:42:86:d4:ad:ca:8a:ce:78:1b:61:24:
55:61:11:22:9f:9f:dd:7c:0f:15:ef:bf:7b:0e:4f:
cd:fc:8d:46:fb:ac:25:5e:a5:b6:27:38:85:cc:6e:
81:ab:00:7a:7b:ee:26:ac:94:df:82:c3:26:e3:d3:
f0:dd:da:4c:e8:c1:a2:3b:5a:c7:9f:b3:5e:42:c9:
37:43:df:63:5b:b9:a5:13:fb:4f:c7:d2:b7:7d:18:
a7:14:7c:d2:37:49:fd:d0:75:1f:fa:b5:97:0d:80:
12:74:06:e9:24:61:50:19:6c:15:11:5e:64:02:85:
da:61:fa:a4:51:8e:cb:35:76:6c:ab:a6:41:5d:74:
f1:2c:4b:e8:f7:03:c1:38:1f:f0:30:47:bc:03:3d:
3a:75:f8:e3:3d:84:c4:12:27:4f:79:fe:62:a4:b3:
cc:92:0b:e3:d5:9a:14:62:f9:49:43:a0:bd:a8:92:
ab:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:E8:4B:F3:85:AE:74:75:17:D6:B4:6E:7D:31:37:60:1D:E7:F0:5D
X509v3 Authority Key Identifier:
keyid:1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/s-hL84WudHUX1rRufTE3YB3n8F0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.248.0/21
84.246.120.0/21
185.217.192.0/22
193.28.228.0/24
193.138.81.0/24
194.116.234.0/23
IPv6:
2a01:1f8::/32
Signature Algorithm: sha256WithRSAEncryption
8c:b7:69:d6:d0:d7:f0:6b:6a:67:80:a4:19:d8:37:1e:1b:d1:
03:5c:57:eb:21:00:5a:ae:89:0f:9d:93:9b:cf:ae:b2:33:f8:
88:eb:70:59:9c:0e:ba:eb:18:b9:a5:ea:5e:78:d1:0f:40:6a:
2f:4c:21:7a:61:41:63:f6:b3:4e:e4:79:18:69:66:90:e4:d6:
c2:c0:11:e9:1c:1d:ee:60:ab:c8:28:06:82:58:bb:8e:68:18:
47:5d:74:03:06:52:db:ea:3b:9d:00:26:f2:71:3b:53:5d:68:
9b:b8:5a:00:77:45:1d:1f:6f:0a:5d:6f:d2:ef:33:d9:da:df:
34:f6:20:45:f3:3d:a1:11:9a:84:1e:9e:f6:d4:43:4a:23:2f:
27:e5:4e:da:38:9b:f7:e2:18:9e:e4:22:40:64:c4:20:1a:44:
23:0e:cc:9c:0b:0e:0b:2d:81:73:e6:b6:d3:51:40:c0:60:21:
9f:f5:48:cc:4d:11:0c:ea:64:5c:13:1a:be:a8:fb:c5:e9:b0:
06:7a:e1:f6:7d:73:bb:98:00:e2:c7:13:52:53:cb:1e:35:24:
22:cd:28:7a:e7:0c:c0:ae:0d:35:66:5d:31:d2:ce:d5:f6:1a:
2c:13:29:a5:28:51:61:b8:b4:b5:bd:e6:41:ec:ac:6c:8a:79:
17:0f:01:b8
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzIARzO3cKA+WbZpowf40VjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2FkNzc1NDc5NWRkZDYwNWYyODgzOGJiN2NjMzU5ZGY3
YTI2NmEwHhcNMjQwMTAyMDIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2U4NGJmMzg1YWU3NDc1MTdkNmI0NmU3ZDMxMzc2MDFkZTdmMDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJfa2FI7y2Luw886rO9vyttPO3NM
TqvzLK1d+uc7a2FQ1hM3rmWHveeIYeXPYJd09U4YVfRD21h3N1ViiF0t73HoOudU
wYDoZriqi+CjQobUrcqKzngbYSRVYREin5/dfA8V7797Dk/N/I1G+6wlXqW2JziF
zG6BqwB6e+4mrJTfgsMm49Pw3dpM6MGiO1rHn7NeQsk3Q99jW7mlE/tPx9K3fRin
FHzSN0n90HUf+rWXDYASdAbpJGFQGWwVEV5kAoXaYfqkUY7LNXZsq6ZBXXTxLEvo
9wPBOB/wMEe8Az06dfjjPYTEEidPef5ipLPMkgvj1ZoUYvlJQ6C9qJKrTQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLPoS/OFrnR1F9a0bn0xN2Ad5/BdMB8GA1UdIwQY
MBaAFBx613VHld3WBfKIOLt8w1nfeiZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgt
YWRhNWMyMGUzZjdiLzEvcy1oTDg0V3VkSFVYMXJSdWZURTNZQjNuOEYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgtYWRhNWMyMGUzZjdi
LzEvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDTVf4AwQD
VPZ4AwQCudnAAwQAwRzkAwQAwYpRAwQBwnTqMA0EAgACMAcDBQAqAQH4MA0GCSqG
SIb3DQEBCwUAA4IBAQCMt2nW0Nfwa2pngKQZ2DceG9EDXFfrIQBarokPnZObz66y
M/iI63BZnA666xi5pepeeNEPQGovTCF6YUFj9rNO5HkYaWaQ5NbCwBHpHB3uYKvI
KAaCWLuOaBhHXXQDBlLb6judACbycTtTXWibuFoAd0UdH28KXW/S7zPZ2t809iBF
8z2hEZqEHp721ENKIy8n5U7aOJv34hie5CJAZMQgGkQjDsycCw4LLYFz5rbTUUDA
YCGf9UjMTREM6mRcExq+qPvF6bAGeuH2fXO7mADixxNSU8seNSQizSh65wzArg01
Zl0x0s7V9hosEymlKFFhuLS1veZB7KxsinkXDwG4
-----END CERTIFICATE-----
Generated at Tue Jan 30 11:24:33 2024 by rpki-client on console-ams.rpki-client.org