Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/pBGXHAfUSZ3mhoYbR2N-39zh8eg.roa
File: pBGXHAfUSZ3mhoYbR2N-39zh8eg.roa (raw, json)
Hash identifier: yCaZz1Dn+dn3QhOmreRTEQNMK7fFD0bbsm0ATaFOpkQ=
Subject key identifier: A4:11:97:1C:07:D4:49:9D:E6:86:86:1B:47:63:7E:DF:DC:E1:F1:E8
Certificate issuer: /CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Certificate serial: 01872378ED3E420177C17BF7D63B1FE01276
Authority key identifier: 0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/pBGXHAfUSZ3mhoYbR2N-39zh8eg.roa
Signing time: Mon 27 Mar 2023 14:29:00 +0000
ROA not before: Mon 27 Mar 2023 14:29:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41965
IP address blocks: 91.103.56.0/21 maxlen: 21
91.103.57.0/24 maxlen: 24
91.103.56.0/24 maxlen: 24
91.103.63.0/24 maxlen: 24
91.103.62.0/24 maxlen: 24
77.95.186.0/24 maxlen: 24
77.95.184.0/24 maxlen: 24
77.95.188.0/22 maxlen: 22
77.95.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:23:78:ed:3e:42:01:77:c1:7b:f7:d6:3b:1f:e0:12:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Validity
Not Before: Mar 27 14:29:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a411971c07d4499de686861b47637edfdce1f1e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:44:28:67:b3:8f:17:18:45:e8:b7:4e:aa:a4:
35:30:17:e4:74:1a:3b:2d:51:f8:89:5e:8d:3a:b4:
a3:8b:47:a9:80:a5:d6:e9:62:4b:6e:20:e8:e3:d0:
56:6e:ab:5c:16:74:d5:8c:0e:c8:a6:1a:7a:54:3b:
b2:9a:fe:55:7d:8d:a7:1b:fd:53:2d:ab:ae:5f:9d:
21:51:2a:db:42:28:ea:28:31:6b:d1:b1:a6:51:ec:
86:dd:ff:49:52:41:24:7f:3f:28:b4:96:59:74:b9:
7f:f8:47:30:a8:f2:c4:f8:f4:64:ee:10:0f:52:61:
59:7a:bb:2c:a1:1f:3e:66:4a:27:96:51:43:52:c8:
d0:25:c8:2d:94:6b:45:8d:fa:ac:72:8e:61:18:09:
62:f8:27:0f:93:c0:05:19:28:51:20:97:57:ac:48:
18:1b:47:0b:11:a6:12:e6:32:81:08:64:84:72:a2:
b0:c0:57:85:89:05:e1:b9:bf:12:2d:51:35:5d:f5:
66:70:e7:60:4f:fc:03:22:e9:77:23:fb:60:c4:d5:
8a:d0:f5:74:4f:21:2b:e2:86:98:c2:40:7a:16:42:
28:2b:00:6c:03:fe:4e:d8:dc:c0:c3:04:cc:8a:91:
73:73:de:b8:b6:98:f3:15:14:61:9a:66:5d:17:98:
5a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:11:97:1C:07:D4:49:9D:E6:86:86:1B:47:63:7E:DF:DC:E1:F1:E8
X509v3 Authority Key Identifier:
keyid:0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/pBGXHAfUSZ3mhoYbR2N-39zh8eg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.184.0/24
77.95.186.0-77.95.191.255
91.103.56.0/21
Signature Algorithm: sha256WithRSAEncryption
92:6e:90:ec:43:96:7d:8e:08:d9:14:21:aa:6a:bb:56:9b:d2:
23:c7:7f:d3:8a:17:68:39:1f:fe:15:cc:14:83:90:4b:b6:16:
34:40:17:74:d0:14:3c:9f:a4:81:c3:c4:48:e2:76:64:d3:b6:
bb:7a:87:af:7f:e8:0d:e1:71:3b:29:4a:66:5c:c1:30:fe:3d:
83:ba:13:b3:a4:13:62:54:6c:41:cc:71:49:10:f7:4c:a1:70:
15:a6:e7:5f:61:74:2e:5c:cc:ce:ab:f8:e8:8f:27:79:00:fc:
f1:51:75:40:05:72:40:1f:7e:b1:fd:c4:e4:b3:4e:ff:5c:15:
17:80:d1:ff:cb:bc:14:ee:8b:68:8e:48:13:c6:07:c5:31:e2:
ab:d1:a4:97:1b:ce:02:f7:cd:f3:20:d7:89:e5:51:15:60:46:
b7:c5:81:ee:8e:fd:4e:2b:bc:0d:f7:cb:5c:54:63:e5:d2:62:
5a:1a:20:a2:fc:b7:4a:90:7b:11:7a:c4:44:22:87:5e:5a:b4:
11:05:a7:29:18:e7:3a:98:cd:ff:42:48:64:d0:77:5b:c3:2f:
7f:c1:33:20:8b:d8:0a:0d:74:71:a3:ed:28:94:a3:41:ba:43:
db:49:ab:85:2d:f4:9a:e0:cd:71:68:e9:63:5d:78:ce:4e:2c:
85:3a:5d:1a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYcjeO0+QgF3wXv31jsf4BJ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNzVmYjRmNTJhODI5ZDEzNmUyOWE5YTAyNWM2MzZkMTlh
ZTMyOGUwHhcNMjMwMzI3MTQyOTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDExOTcxYzA3ZDQ0OTlkZTY4Njg2MWI0NzYzN2VkZmRjZTFmMWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0QoZ7OPFxhF6LdOqqQ1MBfkdBo7
LVH4iV6NOrSji0epgKXW6WJLbiDo49BWbqtcFnTVjA7Iphp6VDuymv5VfY2nG/1T
LauuX50hUSrbQijqKDFr0bGmUeyG3f9JUkEkfz8otJZZdLl/+EcwqPLE+PRk7hAP
UmFZerssoR8+ZkonllFDUsjQJcgtlGtFjfqsco5hGAli+CcPk8AFGShRIJdXrEgY
G0cLEaYS5jKBCGSEcqKwwFeFiQXhub8SLVE1XfVmcOdgT/wDIul3I/tgxNWK0PV0
TyEr4oaYwkB6FkIoKwBsA/5O2NzAwwTMipFzc964tpjzFRRhmmZdF5haswIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKQRlxwH1Emd5oaGG0djft/c4fHoMB8GA1UdIwQY
MBaAFA51+09SqCnRNuKamgJcY20ZrjKOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYt
MzViYTI2N2RlZDNiLzEvcEJHWEhBZlVTWjNtaG9ZYlIyTi0zOXpoOGVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYtMzViYTI2N2RlZDNi
LzEvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQATV+4MAwD
BAFNX7oDBAZNX4ADBANbZzgwDQYJKoZIhvcNAQELBQADggEBAJJukOxDln2OCNkU
Iapqu1ab0iPHf9OKF2g5H/4VzBSDkEu2FjRAF3TQFDyfpIHDxEjidmTTtrt6h69/
6A3hcTspSmZcwTD+PYO6E7OkE2JUbEHMcUkQ90yhcBWm519hdC5czM6r+OiPJ3kA
/PFRdUAFckAffrH9xOSzTv9cFReA0f/LvBTui2iOSBPGB8Ux4qvRpJcbzgL3zfMg
14nlURVgRrfFge6O/U4rvA33y1xUY+XSYloaIKL8t0qQexF6xEQih15atBEFpykY
5zqYzf9CSGTQd1vDL3/BMyCL2AoNdHGj7SiUo0G6Q9tJq4Ut9JrgzXFo6WNdeM5O
LIU6XRo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:32 2024 by rpki-client on console-fra.rpki-client.org