Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/63509c-5676-4eaf-99d4-eecd28e28e35/1/s_vALZsCeD-1l5G1rJ8uDG1Wmlc.roa
File: s_vALZsCeD-1l5G1rJ8uDG1Wmlc.roa (raw, json)
Hash identifier: Ugtpj+MA+8CfqZPky8rOuLCchW99FjY2PdgcoKIabt8=
Subject key identifier: B3:FB:C0:2D:9B:02:78:3F:B5:97:91:B5:AC:9F:2E:0C:6D:56:9A:57
Certificate issuer: /CN=ee8ba8824c5c8d207326a4a3ab893ebb8f5096ad
Certificate serial: 018756813C4B61721D2B1DEB2BAE33402687
Authority key identifier: EE:8B:A8:82:4C:5C:8D:20:73:26:A4:A3:AB:89:3E:BB:8F:50:96:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7ouogkxcjSBzJqSjq4k-u49Qlq0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/63509c-5676-4eaf-99d4-eecd28e28e35/1/s_vALZsCeD-1l5G1rJ8uDG1Wmlc.roa
Signing time: Thu 06 Apr 2023 12:18:42 +0000
ROA not before: Thu 06 Apr 2023 12:18:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43766
IP address blocks: 79.170.124.0/22 maxlen: 22
79.170.120.0/22 maxlen: 22
77.232.116.0/22 maxlen: 22
77.232.121.0/24 maxlen: 24
77.232.125.0/24 maxlen: 24
77.232.126.0/24 maxlen: 24
77.223.224.0/22 maxlen: 22
77.232.103.0/24 maxlen: 24
77.232.102.0/24 maxlen: 24
77.232.104.0/21 maxlen: 21
95.178.48.0/21 maxlen: 21
185.5.154.0/24 maxlen: 24
95.178.72.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:56:81:3c:4b:61:72:1d:2b:1d:eb:2b:ae:33:40:26:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee8ba8824c5c8d207326a4a3ab893ebb8f5096ad
Validity
Not Before: Apr 6 12:18:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3fbc02d9b02783fb59791b5ac9f2e0c6d569a57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:09:a7:5d:79:35:ba:5a:24:e5:64:7d:1e:33:
50:45:19:9a:78:dd:ae:46:ee:ea:97:0c:a3:fe:9c:
ca:a9:e1:96:b6:da:65:88:bd:8e:33:23:a2:59:89:
e6:9b:65:75:b8:e6:40:ba:07:b7:37:67:72:16:02:
61:ca:46:7d:3c:21:61:4b:20:be:28:6e:0e:6a:bd:
ef:85:34:16:4f:eb:1c:31:1f:58:20:80:00:f7:2c:
84:fc:68:91:02:83:ad:f4:5b:55:83:4e:df:5d:02:
e2:15:d8:34:35:61:97:22:ce:ab:bc:83:df:e1:b8:
31:d4:70:9b:10:27:e9:d9:a5:21:6b:df:49:ce:db:
86:c4:39:c7:7c:17:ea:8a:20:66:ab:d6:2f:01:a3:
92:2e:d7:0c:fd:d7:fa:9e:1e:2b:88:d3:39:d2:e0:
3c:64:fa:16:df:c6:2a:be:4f:65:62:de:ff:c4:58:
f1:84:67:92:66:6d:09:06:dd:4b:92:53:5d:1a:31:
cd:7a:3f:c4:ca:66:56:ac:aa:eb:64:4d:27:3d:49:
42:9d:54:eb:3a:87:b4:84:a3:f7:e6:a7:d6:4c:fd:
17:a0:4b:96:46:b3:5c:6d:04:3b:83:40:d9:93:a3:
4d:98:0f:ef:62:7f:80:a7:f5:22:fc:d1:86:1d:f8:
43:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:FB:C0:2D:9B:02:78:3F:B5:97:91:B5:AC:9F:2E:0C:6D:56:9A:57
X509v3 Authority Key Identifier:
keyid:EE:8B:A8:82:4C:5C:8D:20:73:26:A4:A3:AB:89:3E:BB:8F:50:96:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7ouogkxcjSBzJqSjq4k-u49Qlq0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/63509c-5676-4eaf-99d4-eecd28e28e35/1/s_vALZsCeD-1l5G1rJ8uDG1Wmlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/63509c-5676-4eaf-99d4-eecd28e28e35/1/7ouogkxcjSBzJqSjq4k-u49Qlq0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.223.224.0/22
77.232.102.0-77.232.111.255
77.232.116.0/22
77.232.121.0/24
77.232.125.0-77.232.126.255
79.170.120.0/21
95.178.48.0/21
95.178.72.0/21
185.5.154.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:36:66:f7:66:b5:3f:09:a3:81:32:89:9c:02:94:3e:81:58:
be:82:2f:f3:69:e2:0b:81:ac:a5:39:2c:74:64:dd:94:89:6d:
a7:15:16:c7:5a:76:b7:ef:27:96:9e:11:e3:90:d9:63:11:b7:
99:49:16:1f:ad:92:a8:26:5d:49:a3:16:11:34:65:23:e0:8f:
27:7d:77:ad:21:be:e7:26:b5:24:4d:fb:f4:e1:87:9e:01:c9:
c4:0b:10:a9:7c:40:e6:37:67:66:00:47:a0:c0:46:e3:9a:c7:
60:4e:e8:ae:71:a8:c4:cf:15:f7:c3:d2:36:1b:5a:fa:2d:8f:
61:e4:0d:f7:b7:2c:df:c3:1d:fe:f0:87:19:1e:82:85:66:9d:
41:f7:8c:cf:5a:c7:ab:96:a7:f5:10:ba:c1:f1:ff:c8:da:bd:
71:d7:d5:d6:e9:73:ab:da:0d:2a:ca:04:71:ff:68:69:fc:a0:
e2:45:6e:c1:bd:08:48:4c:39:84:34:10:f7:21:a7:73:f0:07:
93:61:46:26:1c:d3:35:04:46:2a:39:94:a3:51:3a:fc:ad:9c:
0e:a1:45:95:b2:78:1e:0b:69:f8:44:f5:7b:36:48:9b:65:40:
c9:70:3b:fa:25:20:16:a9:f0:80:85:2b:d9:ec:c8:1d:46:97:
79:37:e0:0d
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYdWgTxLYXIdKx3rK64zQCaHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlOGJhODgyNGM1YzhkMjA3MzI2YTRhM2FiODkzZWJiOGY1
MDk2YWQwHhcNMjMwNDA2MTIxODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2ZiYzAyZDliMDI3ODNmYjU5NzkxYjVhYzlmMmUwYzZkNTY5YTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwmnXXk1ulok5WR9HjNQRRmaeN2u
Ru7qlwyj/pzKqeGWttpliL2OMyOiWYnmm2V1uOZAuge3N2dyFgJhykZ9PCFhSyC+
KG4Oar3vhTQWT+scMR9YIIAA9yyE/GiRAoOt9FtVg07fXQLiFdg0NWGXIs6rvIPf
4bgx1HCbECfp2aUha99JztuGxDnHfBfqiiBmq9YvAaOSLtcM/df6nh4riNM50uA8
ZPoW38Yqvk9lYt7/xFjxhGeSZm0JBt1LklNdGjHNej/EymZWrKrrZE0nPUlCnVTr
Ooe0hKP35qfWTP0XoEuWRrNcbQQ7g0DZk6NNmA/vYn+Ap/Ui/NGGHfhDYQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFLP7wC2bAng/tZeRtayfLgxtVppXMB8GA1UdIwQY
MBaAFO6LqIJMXI0gcyako6uJPruPUJatMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN291b2dreGNqU0J6SnFTanE0ay11NDlRbHEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC82MzUwOWMtNTY3Ni00ZWFmLTk5ZDQt
ZWVjZDI4ZTI4ZTM1LzEvc192QUxac0NlRC0xbDVHMXJKOHVERzFXbWxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC82MzUwOWMtNTY3Ni00ZWFmLTk5ZDQtZWVjZDI4ZTI4ZTM1
LzEvN291b2dreGNqU0J6SnFTanE0ay11NDlRbHEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQCTd/gMAwD
BAFN6GYDBARN6GADBAJN6HQDBABN6HkwDAMEAE3ofQMEAE3ofgMEA0+qeAMEA1+y
MAMEA1+ySAMEALkFmjANBgkqhkiG9w0BAQsFAAOCAQEAPDZm92a1PwmjgTKJnAKU
PoFYvoIv82niC4GspTksdGTdlIltpxUWx1p2t+8nlp4R45DZYxG3mUkWH62SqCZd
SaMWETRlI+CPJ313rSG+5ya1JE379OGHngHJxAsQqXxA5jdnZgBHoMBG45rHYE7o
rnGoxM8V98PSNhta+i2PYeQN97cs38Md/vCHGR6ChWadQfeMz1rHq5an9RC6wfH/
yNq9cdfV1ulzq9oNKsoEcf9oafyg4kVuwb0ISEw5hDQQ9yGnc/AHk2FGJhzTNQRG
KjmUo1E6/K2cDqFFlbJ4Hgtp+ET1ezZIm2VAyXA7+iUgFqnwgIUr2ezIHUaXeTfg
DQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:07 2023 by rpki-client on console-fra.rpki-client.org