Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/63509c-5676-4eaf-99d4-eecd28e28e35/1/LXl5TYaqrpMPg2BX0Q9BEd6wDZc.roa
File: LXl5TYaqrpMPg2BX0Q9BEd6wDZc.roa (raw, json)
Hash identifier: vNtFXfKRA9xoq8Gwux9XkcZVJtjoEatLsLzOMSOZuYg=
Subject key identifier: 2D:79:79:4D:86:AA:AE:93:0F:83:60:57:D1:0F:41:11:DE:B0:0D:97
Certificate issuer: /CN=ee8ba8824c5c8d207326a4a3ab893ebb8f5096ad
Certificate serial: 01875667981D71ED6FD37F0FE60965A785DE
Authority key identifier: EE:8B:A8:82:4C:5C:8D:20:73:26:A4:A3:AB:89:3E:BB:8F:50:96:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7ouogkxcjSBzJqSjq4k-u49Qlq0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/63509c-5676-4eaf-99d4-eecd28e28e35/1/LXl5TYaqrpMPg2BX0Q9BEd6wDZc.roa
Signing time: Thu 06 Apr 2023 11:50:42 +0000
ROA not before: Thu 06 Apr 2023 11:50:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43766
IP address blocks: 79.170.120.0/22 maxlen: 22
79.170.124.0/22 maxlen: 22
77.232.103.0/24 maxlen: 24
77.232.102.0/24 maxlen: 24
77.232.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Apr 2023 12:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:56:67:98:1d:71:ed:6f:d3:7f:0f:e6:09:65:a7:85:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee8ba8824c5c8d207326a4a3ab893ebb8f5096ad
Validity
Not Before: Apr 6 11:50:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d79794d86aaae930f836057d10f4111deb00d97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:bf:20:e6:15:97:bd:50:b0:f3:06:2b:06:56:
91:25:62:55:0b:2d:98:83:4a:12:a4:9b:d5:1b:8d:
f3:dd:44:ea:dd:17:5a:df:72:06:4c:52:4a:94:ff:
0e:18:e7:83:c4:72:9e:be:45:38:b1:31:73:d5:27:
73:c1:93:33:b6:cf:ff:c5:2d:b4:3e:5a:a5:39:9d:
72:04:0b:bf:9c:2f:ca:fb:79:50:db:59:bf:bf:a3:
c4:45:f8:58:9f:06:3b:63:f8:06:de:9c:40:fe:31:
22:f0:87:bb:f5:19:10:f1:4e:b5:84:39:2d:d5:39:
b4:a3:d4:cc:73:5e:92:db:ec:b6:e1:a1:f0:5a:2b:
00:fa:1a:88:cc:22:a3:ee:80:f4:26:5c:c7:99:6d:
35:9c:1f:4a:3c:0d:1f:66:0f:1c:e3:00:2d:d6:a0:
fa:1a:21:73:a9:7f:7b:2b:8b:ca:25:af:11:2b:3b:
8e:8a:ba:07:b6:01:e2:e4:15:4e:83:90:e2:2f:08:
46:a1:fd:34:1c:13:a6:9c:df:5d:2f:c9:9d:be:e4:
1e:c6:17:9c:1d:d5:63:76:00:db:9f:9b:9d:bc:3f:
b7:e4:84:8a:a5:15:42:8d:b0:b8:3e:4c:af:4a:28:
12:57:3a:09:40:c4:9e:f9:f1:7a:98:0c:3c:f5:87:
b1:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:79:79:4D:86:AA:AE:93:0F:83:60:57:D1:0F:41:11:DE:B0:0D:97
X509v3 Authority Key Identifier:
keyid:EE:8B:A8:82:4C:5C:8D:20:73:26:A4:A3:AB:89:3E:BB:8F:50:96:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7ouogkxcjSBzJqSjq4k-u49Qlq0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/63509c-5676-4eaf-99d4-eecd28e28e35/1/LXl5TYaqrpMPg2BX0Q9BEd6wDZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/63509c-5676-4eaf-99d4-eecd28e28e35/1/7ouogkxcjSBzJqSjq4k-u49Qlq0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.232.102.0/23
77.232.126.0/24
79.170.120.0/21
Signature Algorithm: sha256WithRSAEncryption
0e:b1:d5:56:90:5d:fe:e5:02:f2:30:c1:ac:a6:60:a4:58:f5:
b9:49:b8:08:fe:d7:d8:e5:e7:13:dd:59:79:82:91:0f:14:34:
65:72:80:bf:3a:2f:c0:37:98:d0:ae:91:f0:e8:68:21:87:e0:
e0:68:66:fc:c0:20:fa:82:76:61:59:2f:e9:c3:e3:34:f1:6a:
48:8e:ba:90:80:a4:d7:e9:af:62:70:86:a2:92:2f:18:bb:1a:
6c:dd:35:1a:28:cd:bd:2e:bb:1e:ba:75:71:dc:a5:cf:f0:49:
79:a6:ab:70:ee:d2:21:db:a7:e9:c7:4c:4e:ff:cb:61:fa:26:
88:14:95:d8:c5:ab:94:5d:30:af:9d:08:1a:92:ac:58:f9:bc:
c2:af:c1:86:08:ba:af:0e:36:9f:cc:5e:de:fb:62:76:e1:bd:
45:0e:4d:68:4a:b1:c2:2c:2d:1f:dd:5b:c5:46:97:0b:da:71:
91:9e:4b:9c:ce:2f:59:06:d4:db:b2:d4:25:bd:4b:d6:2c:90:
a8:7d:90:cf:93:05:3b:20:7a:bf:b0:8b:86:16:5e:5f:e5:a1:
77:96:6d:d1:57:7a:ce:48:d4:92:77:d1:b7:03:8d:43:a8:b8:
a7:55:01:45:db:0b:cd:bc:ab:cc:b4:5b:9e:ac:3c:c4:46:43:
cf:07:0c:ba
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdWZ5gdce1v038P5gllp4XeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlOGJhODgyNGM1YzhkMjA3MzI2YTRhM2FiODkzZWJiOGY1
MDk2YWQwHhcNMjMwNDA2MTE1MDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDc5Nzk0ZDg2YWFhZTkzMGY4MzYwNTdkMTBmNDExMWRlYjAwZDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhL8g5hWXvVCw8wYrBlaRJWJVCy2Y
g0oSpJvVG43z3UTq3Rda33IGTFJKlP8OGOeDxHKevkU4sTFz1SdzwZMzts//xS20
PlqlOZ1yBAu/nC/K+3lQ21m/v6PERfhYnwY7Y/gG3pxA/jEi8Ie79RkQ8U61hDkt
1Tm0o9TMc16S2+y24aHwWisA+hqIzCKj7oD0JlzHmW01nB9KPA0fZg8c4wAt1qD6
GiFzqX97K4vKJa8RKzuOiroHtgHi5BVOg5DiLwhGof00HBOmnN9dL8mdvuQexhec
HdVjdgDbn5udvD+35ISKpRVCjbC4PkyvSigSVzoJQMSe+fF6mAw89YexdwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC15eU2Gqq6TD4NgV9EPQRHesA2XMB8GA1UdIwQY
MBaAFO6LqIJMXI0gcyako6uJPruPUJatMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN291b2dreGNqU0J6SnFTanE0ay11NDlRbHEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC82MzUwOWMtNTY3Ni00ZWFmLTk5ZDQt
ZWVjZDI4ZTI4ZTM1LzEvTFhsNVRZYXFycE1QZzJCWDBROUJFZDZ3RFpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC82MzUwOWMtNTY3Ni00ZWFmLTk5ZDQtZWVjZDI4ZTI4ZTM1
LzEvN291b2dreGNqU0J6SnFTanE0ay11NDlRbHEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBTehmAwQA
Teh+AwQDT6p4MA0GCSqGSIb3DQEBCwUAA4IBAQAOsdVWkF3+5QLyMMGspmCkWPW5
SbgI/tfY5ecT3Vl5gpEPFDRlcoC/Oi/AN5jQrpHw6Gghh+DgaGb8wCD6gnZhWS/p
w+M08WpIjrqQgKTX6a9icIaiki8Yuxps3TUaKM29LrseunVx3KXP8El5pqtw7tIh
26fpx0xO/8th+iaIFJXYxauUXTCvnQgakqxY+bzCr8GGCLqvDjafzF7e+2J24b1F
Dk1oSrHCLC0f3VvFRpcL2nGRnkuczi9ZBtTbstQlvUvWLJCofZDPkwU7IHq/sIuG
Fl5f5aF3lm3RV3rOSNSSd9G3A41DqLinVQFF2wvNvKvMtFuerDzERkPPBwy6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:24 2024 by rpki-client on console-ams.rpki-client.org