Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/eOHHwcTU3sKidsBkrUGKbZfVsU4.roa
File: eOHHwcTU3sKidsBkrUGKbZfVsU4.roa (raw, json)
Hash identifier: rRLQw9sIB2V9XRx9Rcl4HoQ27NGfpmLfTI7kVr08U9w=
Subject key identifier: 78:E1:C7:C1:C4:D4:DE:C2:A2:76:C0:64:AD:41:8A:6D:97:D5:B1:4E
Certificate issuer: /CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Certificate serial: 018E29E7A26531FD62B941026B6073FFA68C
Authority key identifier: 03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/eOHHwcTU3sKidsBkrUGKbZfVsU4.roa
Signing time: Sun 10 Mar 2024 19:47:10 +0000
ROA not before: Sun 10 Mar 2024 19:47:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212341
IP address blocks: 77.87.185.0/24 maxlen: 24
185.66.176.0/22 maxlen: 22
185.66.178.0/24 maxlen: 24
2a05:900::/32 maxlen: 32
2a05:901::/32 maxlen: 32
2a05:902::/32 maxlen: 32
2a05:903::/32 maxlen: 32
2a05:904::/32 maxlen: 32
2a05:905::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 20 Mar 2024 18:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:29:e7:a2:65:31:fd:62:b9:41:02:6b:60:73:ff:a6:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Validity
Not Before: Mar 10 19:47:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78e1c7c1c4d4dec2a276c064ad418a6d97d5b14e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d2:0f:ae:8d:05:8c:d4:2a:6c:d3:3d:81:aa:
ff:58:59:a2:63:7a:b6:38:3d:d9:4c:8d:5e:a7:81:
1b:e6:a9:03:58:d7:47:7f:04:be:68:82:be:48:15:
46:57:c7:cb:db:e4:e7:63:22:74:21:cc:93:d4:db:
95:dc:1a:be:eb:02:4e:ad:0a:07:47:4d:0a:7d:2c:
57:78:64:e1:2a:9c:13:29:21:8e:50:1f:9b:21:d6:
37:ad:eb:82:ab:99:19:88:a0:be:63:dc:e0:bb:4f:
e9:91:9f:5e:e9:d1:a5:1a:d8:78:05:d0:f1:9f:51:
c4:94:eb:6c:41:10:82:86:62:71:cb:8a:26:14:17:
ea:c0:5a:66:72:a2:53:c8:fe:7c:53:f8:1c:8e:2b:
ce:73:ff:c5:e1:27:63:d9:a1:7b:93:1e:5e:ff:40:
b0:7d:30:1d:4a:6f:80:dc:9f:35:9b:81:81:98:15:
66:2b:31:77:be:a8:2f:55:d4:0c:fa:ee:1e:04:e6:
37:ea:6f:04:d4:f0:68:02:50:fe:9e:68:ce:f2:1e:
c1:96:3d:f6:aa:8a:1d:b8:6d:51:30:12:8f:14:28:
e0:67:46:a1:19:cd:34:7f:89:cc:eb:a3:ba:72:35:
25:c5:29:c2:2f:58:d3:d9:dd:ec:2c:c6:1e:59:2f:
87:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:E1:C7:C1:C4:D4:DE:C2:A2:76:C0:64:AD:41:8A:6D:97:D5:B1:4E
X509v3 Authority Key Identifier:
keyid:03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/eOHHwcTU3sKidsBkrUGKbZfVsU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.185.0/24
185.66.176.0/22
IPv6:
2a05:900::-2a05:905:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1d:f3:4c:75:e2:14:37:72:11:83:10:6a:86:77:f4:1a:3e:04:
b8:a2:30:68:bc:51:ba:cb:28:4c:94:39:0a:b5:ba:60:3d:92:
0f:f8:5b:f0:1d:d0:7a:75:c8:34:3a:8a:67:b0:8e:f4:c0:36:
51:2d:31:bb:f8:57:9b:dd:ca:4b:bb:a5:e7:cb:3b:53:48:ef:
89:d1:28:bf:f0:43:0c:c5:ec:03:8f:3f:68:4e:f7:9a:e0:10:
89:33:4c:ce:ff:32:3b:d2:f5:7c:41:f8:42:4c:42:c8:79:3e:
ad:4b:1c:3a:9e:be:69:cc:a2:90:d2:f5:ed:92:bc:05:92:79:
1c:f8:ba:fc:a8:28:d0:9d:3b:c0:e8:bf:ab:ff:4f:57:1e:33:
b3:70:ce:34:2f:35:82:a7:f1:df:34:bf:b2:96:23:c5:a6:3c:
69:3e:81:81:b7:76:32:33:94:07:e6:fe:49:96:62:dd:e2:8b:
13:bc:53:fc:6c:f3:7b:7c:8a:d4:77:65:f0:46:1d:d6:e5:21:
a3:6e:2e:80:9c:fb:ec:0d:24:f7:dc:32:d3:32:3e:3d:39:f3:
12:69:2f:12:cd:d3:5b:6c:25:ae:ee:56:e7:2d:af:08:17:cd:
6c:1d:fb:3c:87:df:1f:fb:28:18:33:b6:72:c6:c3:78:fe:de:
6e:b3:f1:32
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY4p56JlMf1iuUECa2Bz/6aMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYzMzZTQzZWY1NjUyN2ExNjlkNmFjNmQ3ZTYyYzYzZDE5
NzMwNTEwHhcNMjQwMzEwMTk0NzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGUxYzdjMWM0ZDRkZWMyYTI3NmMwNjRhZDQxOGE2ZDk3ZDViMTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodIPro0FjNQqbNM9gar/WFmiY3q2
OD3ZTI1ep4Eb5qkDWNdHfwS+aIK+SBVGV8fL2+TnYyJ0IcyT1NuV3Bq+6wJOrQoH
R00KfSxXeGThKpwTKSGOUB+bIdY3reuCq5kZiKC+Y9zgu0/pkZ9e6dGlGth4BdDx
n1HElOtsQRCChmJxy4omFBfqwFpmcqJTyP58U/gcjivOc//F4Sdj2aF7kx5e/0Cw
fTAdSm+A3J81m4GBmBVmKzF3vqgvVdQM+u4eBOY36m8E1PBoAlD+nmjO8h7Blj32
qooduG1RMBKPFCjgZ0ahGc00f4nM66O6cjUlxSnCL1jT2d3sLMYeWS+HPwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHjhx8HE1N7ConbAZK1Bim2X1bFOMB8GA1UdIwQY
MBaAFAPDPkPvVlJ6Fp1qxtfmLGPRlzBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUt
YTNhM2ViODc5ZjJiLzEvZU9ISHdjVFUzc0tpZHNCa3JVR0tiWmZWc1U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUtYTNhM2ViODc5ZjJi
LzEvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzASBAIAATAMAwQATVe5AwQC
uUKwMBUEAgACMA8wDQMEACoFCQMFASoFCQQwDQYJKoZIhvcNAQELBQADggEBAB3z
THXiFDdyEYMQaoZ39Bo+BLiiMGi8UbrLKEyUOQq1umA9kg/4W/Ad0Hp1yDQ6imew
jvTANlEtMbv4V5vdyku7pefLO1NI74nRKL/wQwzF7AOPP2hO95rgEIkzTM7/MjvS
9XxB+EJMQsh5Pq1LHDqevmnMopDS9e2SvAWSeRz4uvyoKNCdO8Dov6v/T1ceM7Nw
zjQvNYKn8d80v7KWI8WmPGk+gYG3djIzlAfm/kmWYt3iixO8U/xs83t8itR3ZfBG
HdblIaNuLoCc++wNJPfcMtMyPj058xJpLxLN01tsJa7uVuctrwgXzWwd+zyH3x/7
KBgztnLGw3j+3m6z8TI=
-----END CERTIFICATE-----
Generated at Wed Mar 20 21:55:31 2024 by rpki-client on console-fra.rpki-client.org