Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/uvXcWTG2dT3I1lgiBwOneYaS9dA.roa
File: uvXcWTG2dT3I1lgiBwOneYaS9dA.roa (raw, json)
Hash identifier: 99XwGXesR1hZhQ3TmDTbXHe0RJPa6KGpla71EbEFfe4=
Subject key identifier: BA:F5:DC:59:31:B6:75:3D:C8:D6:58:22:07:03:A7:79:86:92:F5:D0
Certificate issuer: /CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Certificate serial: 0188906CD6C804F8BC7E0BD74987FC6F9001
Authority key identifier: 1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/uvXcWTG2dT3I1lgiBwOneYaS9dA.roa
Signing time: Tue 06 Jun 2023 11:17:11 +0000
ROA not before: Tue 06 Jun 2023 11:17:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34568
IP address blocks: 193.138.81.0/24 maxlen: 24
193.28.228.0/24 maxlen: 24
194.116.234.0/23 maxlen: 24
77.87.248.0/21 maxlen: 24
185.217.192.0/22 maxlen: 24
84.246.120.0/21 maxlen: 24
2a01:1f8::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:90:6c:d6:c8:04:f8:bc:7e:0b:d7:49:87:fc:6f:90:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Validity
Not Before: Jun 6 11:17:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=baf5dc5931b6753dc8d658220703a7798692f5d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:cf:08:26:d5:bf:46:6b:b3:71:54:72:4a:69:
25:95:7b:e4:0e:aa:b2:1f:94:6a:a9:a1:94:84:b0:
c9:b1:20:90:71:82:7f:fc:d5:8a:14:ca:30:15:a8:
97:1d:a5:bf:75:0b:cb:64:69:09:11:7a:8b:02:67:
2b:b1:31:8a:f6:ef:29:12:75:2d:e0:49:13:ff:22:
5c:d0:3a:f4:35:00:cd:f9:b3:87:1c:74:6b:f8:04:
0e:e3:62:dc:dd:90:a1:8f:95:a2:91:df:b0:9a:44:
15:f8:83:7a:35:ac:b6:5e:d0:46:f7:07:d1:f4:f2:
89:b9:df:a5:c6:6a:8a:99:f4:56:70:8e:a1:02:58:
af:9b:48:b6:b6:08:bf:1e:5c:1e:f5:ad:24:ca:fd:
4b:cc:86:72:b2:a9:1c:1a:91:ac:4c:29:f3:de:81:
21:ab:20:1d:00:96:13:1a:b9:54:f1:71:4f:d3:51:
b7:78:09:3e:11:44:6e:8f:6d:a9:bd:af:ff:ed:c8:
59:a7:d4:a6:4b:ed:cb:92:d6:fc:82:1a:d4:85:2c:
ef:07:41:1d:64:d2:27:f7:4e:1b:09:73:b5:2e:d1:
17:5a:73:9f:fa:e1:9f:3c:de:c0:48:43:ce:c6:21:
4c:8f:d1:0a:8a:30:b5:22:6d:a5:0c:74:7c:a3:05:
40:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:F5:DC:59:31:B6:75:3D:C8:D6:58:22:07:03:A7:79:86:92:F5:D0
X509v3 Authority Key Identifier:
keyid:1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/uvXcWTG2dT3I1lgiBwOneYaS9dA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.248.0/21
84.246.120.0/21
185.217.192.0/22
193.28.228.0/24
193.138.81.0/24
194.116.234.0/23
IPv6:
2a01:1f8::/32
Signature Algorithm: sha256WithRSAEncryption
19:52:69:1c:79:ae:a9:df:82:7c:dd:7b:17:10:3c:9a:d5:8d:
95:03:26:f4:37:87:b6:a2:d3:30:b2:aa:c4:86:1b:7a:0c:bf:
65:9f:be:5f:36:d5:09:e5:8a:f8:c9:3c:89:ae:42:25:09:9e:
8d:eb:79:80:b2:44:bf:77:da:60:4e:b4:95:a8:f4:11:c7:98:
46:d6:15:09:d0:b4:37:8f:9a:a5:d5:9c:af:0d:83:e7:03:cf:
a1:b4:50:6a:96:96:7d:34:d2:91:0a:92:68:57:92:6a:0a:36:
14:4b:fd:65:06:59:c9:04:94:06:ef:1a:ad:85:7b:92:81:a6:
75:5d:a9:13:4c:ff:b0:8f:08:06:a6:1b:08:69:7e:07:c7:c4:
d8:a3:6c:40:54:08:10:f0:fd:a8:a5:65:c5:87:84:2f:0c:1b:
d3:1b:0b:4d:f3:45:07:ab:a3:ac:3a:36:d2:41:ea:19:ac:d2:
37:01:fc:a9:c8:7c:b0:7c:e3:4c:e6:81:44:f5:4b:86:55:a9:
5e:d6:5a:f4:81:c2:08:36:f6:a7:55:97:53:3c:6c:f8:de:3e:
b5:e9:28:21:88:88:6b:ee:48:6a:2d:90:84:e4:03:5a:6d:9e:
fa:fd:7f:d8:65:ff:be:a2:21:30:ab:3d:a8:34:da:98:f6:8a:
65:bf:2c:8e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYiQbNbIBPi8fgvXSYf8b5ABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2FkNzc1NDc5NWRkZDYwNWYyODgzOGJiN2NjMzU5ZGY3
YTI2NmEwHhcNMjMwNjA2MTExNzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWY1ZGM1OTMxYjY3NTNkYzhkNjU4MjIwNzAzYTc3OTg2OTJmNWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuM8IJtW/RmuzcVRySmkllXvkDqqy
H5RqqaGUhLDJsSCQcYJ//NWKFMowFaiXHaW/dQvLZGkJEXqLAmcrsTGK9u8pEnUt
4EkT/yJc0Dr0NQDN+bOHHHRr+AQO42Lc3ZChj5Wikd+wmkQV+IN6Nay2XtBG9wfR
9PKJud+lxmqKmfRWcI6hAlivm0i2tgi/Hlwe9a0kyv1LzIZysqkcGpGsTCnz3oEh
qyAdAJYTGrlU8XFP01G3eAk+EURuj22pva//7chZp9SmS+3Lktb8ghrUhSzvB0Ed
ZNIn904bCXO1LtEXWnOf+uGfPN7ASEPOxiFMj9EKijC1Im2lDHR8owVADwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLr13FkxtnU9yNZYIgcDp3mGkvXQMB8GA1UdIwQY
MBaAFBx613VHld3WBfKIOLt8w1nfeiZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgt
YWRhNWMyMGUzZjdiLzEvdXZYY1dURzJkVDNJMWxnaUJ3T25lWWFTOWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgtYWRhNWMyMGUzZjdi
LzEvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDTVf4AwQD
VPZ4AwQCudnAAwQAwRzkAwQAwYpRAwQBwnTqMA0EAgACMAcDBQAqAQH4MA0GCSqG
SIb3DQEBCwUAA4IBAQAZUmkcea6p34J83XsXEDya1Y2VAyb0N4e2otMwsqrEhht6
DL9ln75fNtUJ5Yr4yTyJrkIlCZ6N63mAskS/d9pgTrSVqPQRx5hG1hUJ0LQ3j5ql
1ZyvDYPnA8+htFBqlpZ9NNKRCpJoV5JqCjYUS/1lBlnJBJQG7xqthXuSgaZ1XakT
TP+wjwgGphsIaX4Hx8TYo2xAVAgQ8P2opWXFh4QvDBvTGwtN80UHq6OsOjbSQeoZ
rNI3AfypyHywfONM5oFE9UuGVale1lr0gcIINvanVZdTPGz43j616SghiIhr7khq
LZCE5ANabZ76/X/YZf++oiEwqz2oNNqY9oplvyyO
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:04 2024 by rpki-client on console-ams.rpki-client.org