Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/V_CBHgx9pB19J51_ooY3YjqJvV4.roa
File: V_CBHgx9pB19J51_ooY3YjqJvV4.roa (raw, json)
Hash identifier: nEaP8cnpZ0zb128xspLvouS9/TFZmRb6j2KNFFdKZZs=
Subject key identifier: 57:F0:81:1E:0C:7D:A4:1D:7D:27:9D:7F:A2:86:37:62:3A:89:BD:5E
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 01856FB11CE3D56DE4E6F120CDE2F5814AA1
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/V_CBHgx9pB19J51_ooY3YjqJvV4.roa
Signing time: Sun 01 Jan 2023 23:35:56 +0000
ROA not before: Sun 01 Jan 2023 23:35:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50495
IP address blocks: 176.119.202.0/24 maxlen: 24
91.223.99.0/24 maxlen: 24
91.223.102.0/24 maxlen: 24
195.234.99.0/24 maxlen: 24
91.223.126.0/24 maxlen: 24
194.39.32.0/22 maxlen: 22
83.136.221.0/24 maxlen: 24
91.223.163.0/24 maxlen: 24
91.239.64.0/24 maxlen: 24
77.83.232.0/22 maxlen: 22
2a06:ef40::/32 maxlen: 36
Validation: Failed, certificate revoked on Mon 26 Jun 2023 05:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:b1:1c:e3:d5:6d:e4:e6:f1:20:cd:e2:f5:81:4a:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Jan 1 23:35:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57f0811e0c7da41d7d279d7fa28637623a89bd5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:45:e7:f1:00:b7:c6:b8:98:1b:1e:20:e8:e9:
ac:62:b5:64:2a:55:98:96:52:7b:32:7f:97:64:5b:
9b:12:fd:37:03:98:d9:e8:48:6a:ce:f7:7a:90:08:
81:44:e8:3c:5f:67:af:39:e5:9a:92:9b:6f:08:3b:
5c:58:44:64:b4:93:53:25:45:2d:95:64:c7:7e:86:
e1:a2:45:f9:0e:82:fd:d2:02:a2:5d:bc:63:50:dd:
b3:c1:bc:38:91:fa:4f:d1:5c:f4:90:00:25:bf:f1:
fd:d9:1e:88:92:46:1f:e5:b1:6b:cd:61:14:5b:a7:
db:21:93:b9:6d:51:d5:eb:1c:de:de:c5:bb:d1:72:
ab:1b:36:c4:31:cf:f8:cc:6f:66:34:ec:0c:25:34:
36:96:ea:da:41:e3:dd:64:f5:22:bc:6c:07:b8:70:
70:07:4e:a3:c2:7c:07:05:c2:5b:ef:d9:12:b4:0e:
4e:79:87:9d:14:57:c4:53:b7:de:b2:2a:1e:38:8f:
74:45:49:4f:50:4e:a5:30:c3:12:ec:e8:41:63:3d:
37:51:eb:88:88:e5:62:b0:4b:71:ba:6e:99:6e:ca:
90:1e:57:14:f1:78:f5:4e:55:b3:86:74:5e:95:c6:
ae:73:7f:5b:c2:a6:18:6c:81:4b:00:5e:cd:51:15:
24:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:F0:81:1E:0C:7D:A4:1D:7D:27:9D:7F:A2:86:37:62:3A:89:BD:5E
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/V_CBHgx9pB19J51_ooY3YjqJvV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.232.0/22
83.136.221.0/24
91.223.99.0/24
91.223.102.0/24
91.223.126.0/24
91.223.163.0/24
91.239.64.0/24
176.119.202.0/24
194.39.32.0/22
195.234.99.0/24
IPv6:
2a06:ef40::/32
Signature Algorithm: sha256WithRSAEncryption
00:3f:e9:ff:aa:25:97:38:20:9e:c5:f0:22:4a:25:14:68:c2:
58:b3:71:e7:1f:7c:71:f3:53:1b:21:79:d4:17:7c:df:da:0c:
97:3f:75:53:6b:1c:5a:84:a3:a8:f6:35:62:00:7c:2f:3c:59:
5b:a4:40:e6:06:66:e5:33:64:8a:a9:72:31:97:35:3c:53:30:
87:91:d2:8e:62:1c:ee:ed:e8:33:df:56:97:59:3d:b4:a4:18:
77:91:71:5e:15:c9:22:5f:88:5c:7e:b4:70:4c:d7:23:cd:5b:
74:1f:be:cd:14:95:12:52:68:97:00:c5:46:1f:88:09:42:56:
b2:6f:30:4d:f8:e0:34:44:ba:55:dc:03:12:77:e2:17:aa:53:
e0:6f:45:95:f0:aa:77:e5:3d:61:ca:95:c6:39:7e:e4:93:a3:
df:07:34:7c:0d:ad:e7:ad:6f:85:b2:55:bc:bd:6d:20:4f:50:
54:8f:44:41:f1:33:40:81:02:22:fb:ab:94:1e:ea:03:ef:13:
a4:9a:75:1d:94:f0:c0:f4:c1:07:b6:fd:2a:b1:9a:87:b2:e3:
b4:c9:b7:be:92:10:b7:c1:89:b4:fa:ca:03:1e:74:0f:1e:de:
11:84:ab:ae:21:21:a8:a4:2a:6e:27:1a:b9:4a:0e:4f:06:c6:
a5:10:e4:cd
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYVvsRzj1W3k5vEgzeL1gUqhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjMwMTAxMjMzNTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2YwODExZTBjN2RhNDFkN2QyNzlkN2ZhMjg2Mzc2MjNhODliZDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUXn8QC3xriYGx4g6OmsYrVkKlWY
llJ7Mn+XZFubEv03A5jZ6Ehqzvd6kAiBROg8X2evOeWakptvCDtcWERktJNTJUUt
lWTHfobhokX5DoL90gKiXbxjUN2zwbw4kfpP0Vz0kAAlv/H92R6IkkYf5bFrzWEU
W6fbIZO5bVHV6xze3sW70XKrGzbEMc/4zG9mNOwMJTQ2luraQePdZPUivGwHuHBw
B06jwnwHBcJb79kStA5OeYedFFfEU7fesioeOI90RUlPUE6lMMMS7OhBYz03UeuI
iOVisEtxum6ZbsqQHlcU8Xj1TlWzhnRelcauc39bwqYYbIFLAF7NURUkXQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFFfwgR4MfaQdfSedf6KGN2I6ib1eMB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvVl9DQkhneDlwQjE5SjUxX29vWTNZanFKdlY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQCTVPoAwQA
U4jdAwQAW99jAwQAW99mAwQAW99+AwQAW9+jAwQAW+9AAwQAsHfKAwQCwicgAwQA
w+pjMA0EAgACMAcDBQAqBu9AMA0GCSqGSIb3DQEBCwUAA4IBAQAAP+n/qiWXOCCe
xfAiSiUUaMJYs3HnH3xx81MbIXnUF3zf2gyXP3VTaxxahKOo9jViAHwvPFlbpEDm
BmblM2SKqXIxlzU8UzCHkdKOYhzu7egz31aXWT20pBh3kXFeFckiX4hcfrRwTNcj
zVt0H77NFJUSUmiXAMVGH4gJQlaybzBN+OA0RLpV3AMSd+IXqlPgb0WV8Kp35T1h
ypXGOX7kk6PfBzR8Da3nrW+FslW8vW0gT1BUj0RB8TNAgQIi+6uUHuoD7xOkmnUd
lPDA9MEHtv0qsZqHsuO0ybe+khC3wYm0+soDHnQPHt4RhKuuISGopCpuJxq5Sg5P
BsalEOTN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:48 2024 by rpki-client on console-fra.rpki-client.org