Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/24cab4-0125-4383-85fa-3d388606da12/1/76VppPRm57e_xLktaI-nKWbYZTU.roa
File: 76VppPRm57e_xLktaI-nKWbYZTU.roa (raw, json)
Hash identifier: z+n/xSzDrjYKINRVwiS0Z7Ufw4tq2RDxu6S7H1fiKeM=
Subject key identifier: EF:A5:69:A4:F4:66:E7:B7:BF:C4:B9:2D:68:8F:A7:29:66:D8:65:35
Certificate issuer: /CN=e5a83b40b3f4d7d31fb3368dafaca1199a449892
Certificate serial: 018C97B56BA99AA38EBE0A58604632AEC3C9
Authority key identifier: E5:A8:3B:40:B3:F4:D7:D3:1F:B3:36:8D:AF:AC:A1:19:9A:44:98:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5ag7QLP019MfszaNr6yhGZpEmJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/24cab4-0125-4383-85fa-3d388606da12/1/76VppPRm57e_xLktaI-nKWbYZTU.roa
Signing time: Sat 23 Dec 2023 17:24:58 +0000
ROA not before: Sat 23 Dec 2023 17:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49058
IP address blocks: 95.131.176.0/21 maxlen: 32
185.25.9.0/24 maxlen: 32
185.25.10.0/23 maxlen: 32
2a00:7b60::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:97:b5:6b:a9:9a:a3:8e:be:0a:58:60:46:32:ae:c3:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5a83b40b3f4d7d31fb3368dafaca1199a449892
Validity
Not Before: Dec 23 17:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=efa569a4f466e7b7bfc4b92d688fa72966d86535
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:6e:53:87:8f:71:74:86:68:bd:c2:63:58:a5:
46:66:c4:cf:80:66:8a:89:d7:e4:56:52:e6:08:cd:
69:68:8a:41:fc:c5:93:0b:a4:10:50:58:20:ec:a6:
5d:ff:49:e7:71:ac:93:b9:61:c2:61:52:d7:8f:e1:
ab:e6:14:a0:a5:7e:33:f1:22:ae:ea:f7:80:93:c6:
58:29:51:d5:37:54:43:fd:d4:55:c9:7c:4a:94:02:
db:c3:16:18:9f:a3:f6:80:b2:db:89:bc:3d:f4:80:
41:be:9e:29:46:39:83:03:05:ad:de:dc:bf:95:72:
13:ae:20:8a:38:73:44:aa:cc:78:47:44:37:87:c4:
d0:b6:2c:1e:8b:7a:93:7f:ce:cd:40:55:8c:e5:ed:
e5:60:ef:a5:c1:ff:7a:43:f9:05:a6:c4:cb:50:4f:
7b:28:b1:d6:b6:c8:b8:26:dd:72:b0:7a:4c:2a:72:
98:ce:26:a1:56:a6:84:b3:e1:20:6a:35:c1:00:46:
57:d6:91:92:9b:9f:49:44:6e:f3:b3:d6:36:61:d4:
00:a1:5f:52:8b:10:57:1d:38:82:8b:b1:47:42:80:
ea:a1:e6:bd:24:0c:ca:a0:be:46:5c:63:5b:fb:dd:
ee:6d:30:17:55:ce:e7:5d:cc:16:61:d2:19:51:fd:
68:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:A5:69:A4:F4:66:E7:B7:BF:C4:B9:2D:68:8F:A7:29:66:D8:65:35
X509v3 Authority Key Identifier:
keyid:E5:A8:3B:40:B3:F4:D7:D3:1F:B3:36:8D:AF:AC:A1:19:9A:44:98:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5ag7QLP019MfszaNr6yhGZpEmJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/24cab4-0125-4383-85fa-3d388606da12/1/76VppPRm57e_xLktaI-nKWbYZTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/24cab4-0125-4383-85fa-3d388606da12/1/5ag7QLP019MfszaNr6yhGZpEmJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.131.176.0/21
185.25.9.0-185.25.11.255
IPv6:
2a00:7b60::/32
Signature Algorithm: sha256WithRSAEncryption
7d:85:0b:51:b2:26:50:db:dd:9e:4d:eb:cf:22:ab:b5:4e:93:
9c:27:12:84:ee:75:49:2e:b7:32:bf:b8:90:89:f6:ce:2b:45:
2b:78:d1:a5:46:df:9c:5d:80:63:58:62:1a:48:26:52:76:88:
d4:71:00:65:c5:5a:48:7f:a3:81:16:d3:73:bc:c3:0d:c3:a9:
f9:d4:8f:b9:81:0b:94:09:9d:49:e3:a0:8c:96:f9:b2:1d:1e:
c6:60:6f:24:90:0b:5d:6b:d0:11:28:20:2d:fb:d0:ba:c2:1f:
76:01:d9:ae:8f:f1:e6:3e:da:18:a0:25:12:93:df:2d:d3:9e:
50:8e:fc:03:ee:64:6e:82:dc:7d:f8:b3:65:69:11:86:bb:bb:
02:93:e9:64:21:1b:2a:27:06:be:33:6c:1d:b6:ac:37:cd:7a:
1d:1e:fb:e5:77:ae:75:a2:4c:89:ee:5b:42:eb:83:30:15:ec:
83:59:ea:1a:fc:3b:75:c6:2f:4e:54:a8:7f:10:c1:bf:3c:95:
2d:b9:e2:84:7e:f1:88:bd:8d:9f:9a:b3:2b:df:dd:a8:b7:49:
c8:dd:a0:4d:be:e6:72:e3:24:a6:e4:ec:69:35:b9:89:2e:04:
76:80:9e:8a:37:90:40:59:7c:2f:18:b0:dc:d0:e6:8a:81:32:
58:29:fc:2d
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYyXtWupmqOOvgpYYEYyrsPJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YTgzYjQwYjNmNGQ3ZDMxZmIzMzY4ZGFmYWNhMTE5OWE0
NDk4OTIwHhcNMjMxMjIzMTcyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmE1NjlhNGY0NjZlN2I3YmZjNGI5MmQ2ODhmYTcyOTY2ZDg2NTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgG5Th49xdIZovcJjWKVGZsTPgGaK
idfkVlLmCM1paIpB/MWTC6QQUFgg7KZd/0nncayTuWHCYVLXj+Gr5hSgpX4z8SKu
6veAk8ZYKVHVN1RD/dRVyXxKlALbwxYYn6P2gLLbibw99IBBvp4pRjmDAwWt3ty/
lXITriCKOHNEqsx4R0Q3h8TQtiwei3qTf87NQFWM5e3lYO+lwf96Q/kFpsTLUE97
KLHWtsi4Jt1ysHpMKnKYziahVqaEs+EgajXBAEZX1pGSm59JRG7zs9Y2YdQAoV9S
ixBXHTiCi7FHQoDqoea9JAzKoL5GXGNb+93ubTAXVc7nXcwWYdIZUf1oFwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFO+laaT0Zue3v8S5LWiPpylm2GU1MB8GA1UdIwQY
MBaAFOWoO0Cz9NfTH7M2ja+soRmaRJiSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWFnN1FMUDAxOU1mc3phTnI2eWhHWnBFbUpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8yNGNhYjQtMDEyNS00MzgzLTg1ZmEt
M2QzODg2MDZkYTEyLzEvNzZWcHBQUm01N2VfeExrdGFJLW5LV2JZWlRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8yNGNhYjQtMDEyNS00MzgzLTg1ZmEtM2QzODg2MDZkYTEy
LzEvNWFnN1FMUDAxOU1mc3phTnI2eWhHWnBFbUpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQDX4OwMAwD
BAC5GQkDBAK5GQgwDQQCAAIwBwMFACoAe2AwDQYJKoZIhvcNAQELBQADggEBAH2F
C1GyJlDb3Z5N688iq7VOk5wnEoTudUkutzK/uJCJ9s4rRSt40aVG35xdgGNYYhpI
JlJ2iNRxAGXFWkh/o4EW03O8ww3DqfnUj7mBC5QJnUnjoIyW+bIdHsZgbySQC11r
0BEoIC370LrCH3YB2a6P8eY+2higJRKT3y3TnlCO/APuZG6C3H34s2VpEYa7uwKT
6WQhGyonBr4zbB22rDfNeh0e++V3rnWiTInuW0LrgzAV7INZ6hr8O3XGL05UqH8Q
wb88lS254oR+8Yi9jZ+asyvf3ai3ScjdoE2+5nLjJKbk7Gk1uYkuBHaAnoo3kEBZ
fC8YsNzQ5oqBMlgp/C0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:20 2024 by rpki-client on console-ams.rpki-client.org