Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/hAP1T3cibQ_97sJNhAC_SBt_d3M.roa
File: hAP1T3cibQ_97sJNhAC_SBt_d3M.roa (raw, json)
Hash identifier: OtBVklPRlnsvnYtpyx+xDES/Rf3JGki3GfFUW+dif0E=
Subject key identifier: 84:03:F5:4F:77:22:6D:0F:FD:EE:C2:4D:84:00:BF:48:1B:7F:77:73
Certificate issuer: /CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Certificate serial: 018E246B379BB4BE18E6F9EAE1C4088E7A8C
Authority key identifier: 03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/hAP1T3cibQ_97sJNhAC_SBt_d3M.roa
Signing time: Sat 09 Mar 2024 18:13:09 +0000
ROA not before: Sat 09 Mar 2024 18:13:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212341
IP address blocks: 77.87.185.0/24 maxlen: 24
185.66.176.0/22 maxlen: 22
185.66.178.0/24 maxlen: 24
2a05:900::/29 maxlen: 29
2a05:900::/32 maxlen: 32
2a05:901::/32 maxlen: 32
2a05:902::/32 maxlen: 32
2a05:903::/32 maxlen: 32
2a05:904::/32 maxlen: 32
2a05:905::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 10 Mar 2024 19:47:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:24:6b:37:9b:b4:be:18:e6:f9:ea:e1:c4:08:8e:7a:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Validity
Not Before: Mar 9 18:13:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8403f54f77226d0ffdeec24d8400bf481b7f7773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:01:60:0f:04:ce:be:5f:6d:3b:10:6a:8b:df:
cd:2d:04:9e:82:02:88:58:ef:e1:3d:04:32:4e:8e:
0a:0d:d6:5b:ed:48:51:7b:06:6a:64:fa:a4:e7:0f:
10:b2:cd:e5:1f:34:1b:6b:5d:1a:b7:bc:9d:0a:76:
4f:10:a9:51:95:29:68:ad:0a:13:60:25:41:9c:b2:
78:5e:6d:70:a3:0d:6c:b4:e8:90:5a:5c:29:6c:4c:
1a:40:72:78:19:a5:8d:0c:9f:0f:d5:bc:5e:b2:c5:
d9:4b:55:d9:b9:0b:56:f2:e3:e3:d8:df:81:86:db:
1c:fe:42:49:7b:a0:cf:29:17:41:6c:19:cd:36:fa:
86:a8:a9:bb:79:7b:ac:14:b1:ca:6a:be:13:7c:cf:
df:c8:05:6e:60:27:a1:78:67:66:94:09:a0:09:6f:
c3:2d:82:56:7f:d0:d6:96:2b:61:ad:5e:33:e1:35:
37:a7:4b:5c:db:fe:41:31:33:c4:d7:ee:7b:9d:69:
1a:05:0f:ed:bd:f0:02:7a:6d:3c:1a:5a:76:4c:be:
64:7e:ed:9f:57:1d:70:6b:17:9a:fd:00:65:f6:2f:
4f:41:50:71:f5:8e:da:68:f1:c5:f8:43:35:2b:32:
0f:d5:1e:d3:df:2f:69:9a:fa:6e:a3:7e:1d:f9:bb:
7b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:03:F5:4F:77:22:6D:0F:FD:EE:C2:4D:84:00:BF:48:1B:7F:77:73
X509v3 Authority Key Identifier:
keyid:03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/hAP1T3cibQ_97sJNhAC_SBt_d3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.185.0/24
185.66.176.0/22
IPv6:
2a05:900::/29
Signature Algorithm: sha256WithRSAEncryption
34:f4:c0:34:71:83:8b:9a:f7:d1:e5:4c:c5:e3:a4:a9:0f:da:
56:6c:e1:54:94:c8:80:bf:97:3c:d4:b8:be:34:fb:02:13:36:
1a:6d:28:67:48:08:af:da:fd:78:7d:d4:37:ae:e1:23:5c:d3:
a9:e9:b8:61:13:4b:e1:14:f8:0e:bd:55:f5:e3:ec:d5:a0:87:
6e:46:53:ee:9b:31:a7:24:3a:92:74:e2:17:c6:fd:cd:39:64:
4f:57:34:74:a5:90:26:43:f8:a3:8a:b1:1a:b4:56:45:9c:44:
22:9f:19:7e:1f:3c:47:38:84:8c:42:33:2c:c5:7e:ec:19:d0:
25:a7:f2:f7:e0:0f:ff:10:a8:1b:83:76:3d:19:a9:36:06:00:
fa:8b:99:63:c6:f7:db:50:b9:f1:8d:c7:c7:9f:a4:20:2c:a4:
e5:90:39:31:11:4c:b5:c7:14:8b:8e:fe:5c:46:c1:32:e6:ad:
33:64:af:8a:a1:20:1e:7d:77:cc:4b:10:6c:7b:51:53:25:7c:
a0:5b:88:28:73:88:a7:28:2e:49:96:89:80:3c:63:66:61:0d:
51:68:a6:f3:97:6d:7a:38:fc:b8:3f:ab:1d:96:c7:4e:75:88:
04:f0:40:4f:3d:23:e6:a7:52:ae:22:1b:78:c0:a1:7c:2a:8d:
4e:06:06:82
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY4kazebtL4Y5vnq4cQIjnqMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYzMzZTQzZWY1NjUyN2ExNjlkNmFjNmQ3ZTYyYzYzZDE5
NzMwNTEwHhcNMjQwMzA5MTgxMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDAzZjU0Zjc3MjI2ZDBmZmRlZWMyNGQ4NDAwYmY0ODFiN2Y3NzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgFgDwTOvl9tOxBqi9/NLQSeggKI
WO/hPQQyTo4KDdZb7UhRewZqZPqk5w8Qss3lHzQba10at7ydCnZPEKlRlSlorQoT
YCVBnLJ4Xm1wow1stOiQWlwpbEwaQHJ4GaWNDJ8P1bxessXZS1XZuQtW8uPj2N+B
htsc/kJJe6DPKRdBbBnNNvqGqKm7eXusFLHKar4TfM/fyAVuYCeheGdmlAmgCW/D
LYJWf9DWlithrV4z4TU3p0tc2/5BMTPE1+57nWkaBQ/tvfACem08Glp2TL5kfu2f
Vx1waxea/QBl9i9PQVBx9Y7aaPHF+EM1KzIP1R7T3y9pmvpuo34d+bt7dwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIQD9U93Im0P/e7CTYQAv0gbf3dzMB8GA1UdIwQY
MBaAFAPDPkPvVlJ6Fp1qxtfmLGPRlzBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUt
YTNhM2ViODc5ZjJiLzEvaEFQMVQzY2liUV85N3NKTmhBQ19TQnRfZDNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUtYTNhM2ViODc5ZjJi
LzEvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQATVe5AwQC
uUKwMA0EAgACMAcDBQMqBQkAMA0GCSqGSIb3DQEBCwUAA4IBAQA09MA0cYOLmvfR
5UzF46SpD9pWbOFUlMiAv5c81Li+NPsCEzYabShnSAiv2v14fdQ3ruEjXNOp6bhh
E0vhFPgOvVX14+zVoIduRlPumzGnJDqSdOIXxv3NOWRPVzR0pZAmQ/ijirEatFZF
nEQinxl+HzxHOISMQjMsxX7sGdAlp/L34A//EKgbg3Y9Gak2BgD6i5ljxvfbULnx
jcfHn6QgLKTlkDkxEUy1xxSLjv5cRsEy5q0zZK+KoSAefXfMSxBse1FTJXygW4go
c4inKC5JlomAPGNmYQ1RaKbzl216OPy4P6sdlsdOdYgE8EBPPSPmp1KuIht4wKF8
Ko1OBgaC
Generated at Sun Mar 10 21:06:30 2024 by rpki-client on console-fra.rpki-client.org