Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/Zr27n8bcUsRr6HZ4SiXlxfpDe90.roa
File: Zr27n8bcUsRr6HZ4SiXlxfpDe90.roa (raw, json)
Hash identifier: pqfEq2O3vzuQu939E4haQiRI2djrQbZeyrnpPRzX+es=
Subject key identifier: 66:BD:BB:9F:C6:DC:52:C4:6B:E8:76:78:4A:25:E5:C5:FA:43:7B:DD
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 01857246D1E83D98FF945A4615DB6EE07380
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/Zr27n8bcUsRr6HZ4SiXlxfpDe90.roa
Signing time: Mon 02 Jan 2023 11:38:41 +0000
ROA not before: Mon 02 Jan 2023 11:38:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39013
IP address blocks: 77.78.157.0/24 maxlen: 24
77.78.159.0/24 maxlen: 24
77.78.158.0/24 maxlen: 24
85.187.184.0/24 maxlen: 24
85.187.186.0/24 maxlen: 24
85.187.185.0/24 maxlen: 24
85.187.184.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 21 Jul 2023 14:05:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:d1:e8:3d:98:ff:94:5a:46:15:db:6e:e0:73:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 2 11:38:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66bdbb9fc6dc52c46be876784a25e5c5fa437bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8f:f1:86:67:65:be:e6:51:3d:84:7a:59:aa:
bb:84:da:be:e6:a2:9e:9d:13:65:cc:9e:1d:14:e0:
bd:41:8b:87:f3:d8:83:69:30:fd:73:60:f5:3d:2c:
fd:09:97:7c:64:b2:da:71:ed:f0:9e:0a:28:3a:09:
f6:ad:81:51:f4:75:d1:d8:b3:5f:74:c9:dd:94:3d:
54:87:f9:b0:46:7a:0e:1d:c3:60:07:df:b6:0e:d4:
c0:68:68:7e:a5:10:64:3b:27:d6:1b:f3:3a:29:5d:
8c:54:b3:4e:37:3d:a6:b5:b4:0c:b8:ab:30:91:c7:
13:38:6e:bd:ae:5b:b3:63:e8:b7:fa:2c:23:de:d1:
c2:b4:f8:e9:fc:46:5f:98:33:32:aa:2e:e2:a0:87:
8d:a2:99:9f:c3:5a:90:20:b3:95:2a:cf:37:db:a8:
de:98:f0:8f:b6:37:cf:86:26:9f:ff:b6:40:08:ee:
b1:49:c0:53:bb:1c:2b:60:1a:80:82:a2:22:ad:49:
76:b2:d3:b3:fd:07:f6:54:5a:7d:f1:9b:a0:1b:de:
64:24:25:21:38:f9:48:7c:f0:b0:da:c6:c9:50:83:
ff:71:5b:26:59:62:7a:75:96:e4:d1:1d:2a:14:32:
2b:b6:5f:85:8c:8f:c6:42:56:05:1e:81:84:30:63:
ae:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:BD:BB:9F:C6:DC:52:C4:6B:E8:76:78:4A:25:E5:C5:FA:43:7B:DD
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/Zr27n8bcUsRr6HZ4SiXlxfpDe90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.157.0-77.78.159.255
85.187.184.0-85.187.186.255
Signature Algorithm: sha256WithRSAEncryption
aa:be:81:b0:4d:58:20:f0:a0:3c:b8:0e:85:24:9b:8f:87:71:
30:bd:e8:1c:76:69:71:55:8a:d5:ae:15:16:f3:8c:76:77:9b:
23:61:e0:8d:a4:9f:b7:27:15:ee:50:92:73:d9:66:9d:ec:77:
68:95:39:d2:55:5b:bc:7a:a0:a0:28:7e:56:cc:f2:bf:75:e5:
6a:1d:28:50:dc:46:da:b5:00:a5:08:22:c4:5f:a9:3c:05:47:
39:d6:6f:c2:a8:24:23:22:1c:eb:66:86:3e:64:56:43:87:e2:
5e:ef:3b:1d:a6:90:84:74:d5:32:60:dd:71:63:89:30:ea:f7:
96:4b:03:7e:53:b2:ae:fa:8d:07:6c:72:62:3d:de:e3:85:b3:
21:65:1c:a6:24:ad:12:d6:c2:8c:b1:2f:cb:3c:ad:90:81:43:
d1:c2:72:74:80:03:1c:4f:10:ab:c2:12:04:62:b5:e9:56:00:
f4:69:35:7f:10:82:91:b9:ca:60:7b:e4:29:a0:6a:26:08:14:
65:1f:db:39:2d:0a:ee:c2:cb:c0:c5:1d:8b:42:e0:ed:6d:cd:
76:d6:23:ac:e1:d7:ff:49:16:76:b5:b0:d0:f3:e3:35:09:16:
13:39:65:f2:05:10:b9:d9:a0:71:5e:27:b1:d6:3e:ba:56:5f:
df:bf:9f:58
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVyRtHoPZj/lFpGFdtu4HOAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjMwMTAyMTEzODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmJkYmI5ZmM2ZGM1MmM0NmJlODc2Nzg0YTI1ZTVjNWZhNDM3YmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAso/xhmdlvuZRPYR6Waq7hNq+5qKe
nRNlzJ4dFOC9QYuH89iDaTD9c2D1PSz9CZd8ZLLace3wngooOgn2rYFR9HXR2LNf
dMndlD1Uh/mwRnoOHcNgB9+2DtTAaGh+pRBkOyfWG/M6KV2MVLNONz2mtbQMuKsw
kccTOG69rluzY+i3+iwj3tHCtPjp/EZfmDMyqi7ioIeNopmfw1qQILOVKs8326je
mPCPtjfPhiaf/7ZACO6xScBTuxwrYBqAgqIirUl2stOz/Qf2VFp98ZugG95kJCUh
OPlIfPCw2sbJUIP/cVsmWWJ6dZbk0R0qFDIrtl+FjI/GQlYFHoGEMGOuwQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGa9u5/G3FLEa+h2eEol5cX6Q3vdMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvWnIyN244YmNVc1JyNkhaNFNpWGx4ZnBEZTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBABNTp0D
BAVNToAwDAMEA1W7uAMEAFW7ujANBgkqhkiG9w0BAQsFAAOCAQEAqr6BsE1YIPCg
PLgOhSSbj4dxML3oHHZpcVWK1a4VFvOMdnebI2HgjaSftycV7lCSc9lmnex3aJU5
0lVbvHqgoCh+Vszyv3Xlah0oUNxG2rUApQgixF+pPAVHOdZvwqgkIyIc62aGPmRW
Q4fiXu87HaaQhHTVMmDdcWOJMOr3lksDflOyrvqNB2xyYj3e44WzIWUcpiStEtbC
jLEvyzytkIFD0cJydIADHE8Qq8ISBGK16VYA9Gk1fxCCkbnKYHvkKaBqJggUZR/b
OS0K7sLLwMUdi0Lg7W3NdtYjrOHX/0kWdrWw0PPjNQkWEzll8gUQudmgcV4nsdY+
ulZf37+fWA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:41 2024 by rpki-client on console-ams.rpki-client.org