Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/D5vZpf9DNwVX4dU0JKULokxgdTw.roa
File: D5vZpf9DNwVX4dU0JKULokxgdTw.roa (raw, json)
Hash identifier: fXEgH5eB6wLQbD7zSHRPwHAf8Tmt5Y0GHiYw9zUX88Q=
Subject key identifier: 0F:9B:D9:A5:FF:43:37:05:57:E1:D5:34:24:A5:0B:A2:4C:60:75:3C
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0186EE60815ACC163D1DE3E1470F81406EE1
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/D5vZpf9DNwVX4dU0JKULokxgdTw.roa
Signing time: Fri 17 Mar 2023 07:02:27 +0000
ROA not before: Fri 17 Mar 2023 07:02:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24866
IP address blocks: 178.177.40.0/24 maxlen: 24
178.176.227.0/24 maxlen: 24
178.176.229.0/24 maxlen: 24
178.176.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Dec 2023 10:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ee:60:81:5a:cc:16:3d:1d:e3:e1:47:0f:81:40:6e:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Mar 17 07:02:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f9bd9a5ff43370557e1d53424a50ba24c60753c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:44:b5:f6:80:6c:c3:20:71:82:ac:cb:d5:57:
04:7d:b3:46:93:4d:97:d4:8b:02:83:06:21:c6:2d:
fe:dc:a2:3d:c8:8c:f4:9d:85:72:b3:22:da:fb:df:
c5:8b:bf:fe:fe:69:ec:1c:a8:16:f0:04:b5:8f:55:
3e:32:6c:3c:3f:fa:69:9d:65:42:87:3d:ab:fa:78:
0e:67:bb:5d:50:d0:4c:51:7c:b9:99:37:18:b3:39:
65:bf:91:68:17:2d:59:b3:3c:de:c6:2d:fd:5e:15:
92:93:cd:2e:64:12:06:82:d0:8c:0e:a4:20:06:15:
84:04:0f:5d:6a:95:19:c3:08:f8:74:71:90:e4:ba:
4b:c2:b9:af:81:ec:4a:df:79:83:e7:04:91:25:1e:
08:18:55:ee:e8:ad:84:ae:f3:d4:a5:01:a6:59:c2:
d4:cc:08:16:57:f2:e4:9a:dc:bf:af:30:e5:3c:94:
e5:77:de:15:fd:5d:07:21:10:2e:40:0b:c0:35:22:
ab:9f:85:2c:dd:00:f7:7f:9f:54:30:85:3e:64:7b:
98:7a:6a:49:f1:6d:2c:f9:cc:8d:e1:27:54:09:4c:
0f:e6:2c:33:b1:73:45:90:e2:72:c4:d6:01:03:af:
d5:06:a6:9a:02:01:02:cd:82:cc:41:e7:6b:a1:64:
e3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:9B:D9:A5:FF:43:37:05:57:E1:D5:34:24:A5:0B:A2:4C:60:75:3C
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/D5vZpf9DNwVX4dU0JKULokxgdTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.176.227.0-178.176.229.255
178.177.40.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:39:b1:1e:9b:5c:8e:6c:f0:04:96:09:2e:89:32:2b:fb:79:
de:b0:42:7d:46:ef:1e:9b:97:06:ee:fa:ab:f2:bd:21:5a:c4:
03:e5:5b:6d:01:cf:cd:35:2a:00:a5:0c:3c:ad:ca:7b:fe:e6:
0c:2a:8c:69:ac:51:d1:42:71:c7:3e:5e:b5:fe:f0:cc:b6:c4:
ac:55:7f:91:45:bc:74:e1:f4:a2:eb:5e:f7:3e:a2:6c:a7:76:
4b:45:1d:c0:e3:b0:3f:2e:cd:95:21:59:b1:27:75:18:82:b5:
9b:2c:5b:07:86:f0:b8:d0:0f:65:a2:03:00:d2:1d:9f:09:52:
cf:35:c4:f3:2e:31:ad:98:46:9f:13:2b:35:dc:b7:b3:68:ea:
3b:24:24:6f:64:97:56:69:c7:e3:60:29:4f:06:cf:5d:72:06:
48:6e:a5:68:9a:a5:f7:01:4e:e1:86:6a:c3:e8:e2:bb:5b:c4:
3f:d1:45:f4:4e:4f:76:8f:82:2c:96:0f:c8:d5:33:95:89:f0:
14:5a:f2:c9:fa:6c:78:54:0a:77:b2:81:ac:80:b5:b8:ef:dd:
bb:05:cc:2a:e8:8e:17:e0:0d:c7:25:7a:95:08:43:e3:90:f0:
81:52:61:13:c0:bd:b1:03:ff:d5:95:79:b1:ee:fe:ee:22:4a:
eb:d5:36:3a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYbuYIFazBY9HePhRw+BQG7hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMzE3MDcwMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjliZDlhNWZmNDMzNzA1NTdlMWQ1MzQyNGE1MGJhMjRjNjA3NTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0S19oBswyBxgqzL1VcEfbNGk02X
1IsCgwYhxi3+3KI9yIz0nYVysyLa+9/Fi7/+/mnsHKgW8AS1j1U+Mmw8P/ppnWVC
hz2r+ngOZ7tdUNBMUXy5mTcYszllv5FoFy1Zszzexi39XhWSk80uZBIGgtCMDqQg
BhWEBA9dapUZwwj4dHGQ5LpLwrmvgexK33mD5wSRJR4IGFXu6K2ErvPUpQGmWcLU
zAgWV/Lkmty/rzDlPJTld94V/V0HIRAuQAvANSKrn4Us3QD3f59UMIU+ZHuYempJ
8W0s+cyN4SdUCUwP5iwzsXNFkOJyxNYBA6/VBqaaAgECzYLMQedroWTjkQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFA+b2aX/QzcFV+HVNCSlC6JMYHU8MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvRDV2WnBmOUROd1ZYNGRVMEpLVUxva3hnZFR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACysOMD
BAGysOQDBACysSgwDQYJKoZIhvcNAQELBQADggEBAI45sR6bXI5s8ASWCS6JMiv7
ed6wQn1G7x6blwbu+qvyvSFaxAPlW20Bz801KgClDDytynv+5gwqjGmsUdFCccc+
XrX+8My2xKxVf5FFvHTh9KLrXvc+omyndktFHcDjsD8uzZUhWbEndRiCtZssWweG
8LjQD2WiAwDSHZ8JUs81xPMuMa2YRp8TKzXct7No6jskJG9kl1Zpx+NgKU8Gz11y
BkhupWiapfcBTuGGasPo4rtbxD/RRfROT3aPgiyWD8jVM5WJ8BRa8sn6bHhUCney
gayAtbjv3bsFzCrojhfgDcclepUIQ+OQ8IFSYRPAvbED/9WVebHu/u4iSuvVNjo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:34 2024 by rpki-client on console-ams.rpki-client.org