Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/rxm6hhlpkn7_sElZ1qBY2cHBBbo.roa
File: rxm6hhlpkn7_sElZ1qBY2cHBBbo.roa (raw, json)
Hash identifier: xQZYOBwdgMNGXob0oR+1vH+4YZ84GjkaB8hUWqQ5wHQ=
Subject key identifier: AF:19:BA:86:19:69:92:7E:FF:B0:49:59:D6:A0:58:D9:C1:C1:05:BA
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 018C8B93F30E329D66879AEB9520E39186EE
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/rxm6hhlpkn7_sElZ1qBY2cHBBbo.roa
Signing time: Thu 21 Dec 2023 08:52:58 +0000
ROA not before: Thu 21 Dec 2023 08:52:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203380
IP address blocks: 82.118.245.0/24 maxlen: 24
79.124.7.0/24 maxlen: 24
77.76.13.0/24 maxlen: 24
91.148.141.0/24 maxlen: 24
78.128.99.0/24 maxlen: 24
94.72.141.0/24 maxlen: 24
94.72.143.0/24 maxlen: 24
94.72.140.0/23 maxlen: 24
82.118.227.0/24 maxlen: 24
82.118.230.0/24 maxlen: 24
82.118.234.0/24 maxlen: 24
82.118.235.0/24 maxlen: 24
130.185.251.0/24 maxlen: 24
79.124.77.0/24 maxlen: 24
78.128.127.0/24 maxlen: 24
2a01:8740:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8b:93:f3:0e:32:9d:66:87:9a:eb:95:20:e3:91:86:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Dec 21 08:52:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af19ba861969927effb04959d6a058d9c1c105ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:fe:1b:77:fe:73:e1:cd:c6:d8:9a:ce:77:09:
44:2b:56:7d:52:87:7a:9d:9b:d0:b9:fa:b5:4b:80:
ef:6d:6d:38:35:47:f0:f7:e7:35:d2:6d:e6:ed:a0:
33:aa:27:6a:91:18:06:a8:aa:e1:f4:7c:7d:66:0a:
bb:65:e0:31:da:48:80:3f:b2:d2:91:55:c8:1d:5f:
5b:f5:cc:1e:c4:af:58:62:a7:84:8d:e9:02:9b:db:
99:17:8d:9a:15:77:7a:65:fc:b9:39:10:35:b2:2c:
37:de:1b:61:a2:a5:e9:59:b1:5b:48:15:47:0c:fd:
64:ec:85:89:06:21:72:07:b1:12:24:41:a2:95:8c:
b5:38:ac:3f:64:75:b5:75:1f:bd:60:8e:a2:33:8a:
0b:51:ae:97:cd:be:e2:91:dc:9a:54:ee:7b:eb:dc:
dc:4e:fe:ea:d7:da:af:1d:ee:b4:61:bd:8a:07:1e:
5e:e5:3e:3e:cc:68:7d:1d:5e:ce:f9:4c:b9:63:2a:
b2:61:b2:cf:40:ff:77:e7:26:55:70:d8:39:ad:e6:
29:27:3f:de:69:a7:59:59:dc:95:6a:2a:88:b9:50:
89:03:4a:3d:94:df:36:7d:1d:6f:c4:04:7b:c5:80:
45:51:42:ec:9d:ba:97:4f:e5:78:d9:af:61:a0:86:
14:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:19:BA:86:19:69:92:7E:FF:B0:49:59:D6:A0:58:D9:C1:C1:05:BA
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/rxm6hhlpkn7_sElZ1qBY2cHBBbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.13.0/24
78.128.99.0/24
78.128.127.0/24
79.124.7.0/24
79.124.77.0/24
82.118.227.0/24
82.118.230.0/24
82.118.234.0/23
82.118.245.0/24
91.148.141.0/24
94.72.140.0/23
94.72.143.0/24
130.185.251.0/24
IPv6:
2a01:8740:1::/48
Signature Algorithm: sha256WithRSAEncryption
74:89:3a:70:89:b7:07:c3:1f:92:cc:e6:ea:f1:28:c3:af:1c:
14:d3:36:6d:d1:8d:99:77:83:24:c8:b9:69:29:0a:13:45:78:
78:65:47:04:4b:3c:60:fb:9b:2a:06:4f:e2:72:b6:2c:c7:0f:
ae:29:73:38:f3:8d:b5:9a:56:10:8b:65:78:37:f1:37:f8:b4:
8b:2a:e1:77:89:5e:00:d1:a5:43:b3:22:43:7e:3b:14:ed:2e:
f1:92:ad:57:6e:d5:ad:7c:7f:f4:6e:7b:2a:79:29:88:4d:f8:
1f:ff:c6:c4:8d:dc:44:a4:b8:8c:ac:41:4d:09:39:4a:b3:b3:
27:05:85:a0:ea:df:f4:69:2f:fb:fb:10:88:c6:19:d5:70:f6:
df:0a:46:ea:13:83:dd:5c:46:8a:8b:5e:7f:99:97:4d:da:3d:
5e:55:6b:97:a8:4a:25:12:70:be:32:ca:29:af:e4:c2:02:fa:
88:5d:4f:16:13:ae:c8:94:8f:e8:d6:e3:26:f7:89:f3:49:33:
41:49:a8:ff:3b:c7:66:65:34:2d:8b:19:a1:2d:02:25:7c:3e:
df:12:79:b9:0d:7d:00:11:2a:3f:ae:e2:30:83:a7:29:aa:1c:
10:c1:7c:cb:32:0c:f9:ea:c3:50:cf:9d:27:60:9f:9f:58:39:
82:a3:08:56
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAYyLk/MOMp1mh5rrlSDjkYbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjMxMjIxMDg1MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjE5YmE4NjE5Njk5MjdlZmZiMDQ5NTlkNmEwNThkOWMxYzEwNWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyv4bd/5z4c3G2JrOdwlEK1Z9Uod6
nZvQufq1S4DvbW04NUfw9+c10m3m7aAzqidqkRgGqKrh9Hx9Zgq7ZeAx2kiAP7LS
kVXIHV9b9cwexK9YYqeEjekCm9uZF42aFXd6Zfy5ORA1siw33hthoqXpWbFbSBVH
DP1k7IWJBiFyB7ESJEGilYy1OKw/ZHW1dR+9YI6iM4oLUa6Xzb7ikdyaVO5769zc
Tv7q19qvHe60Yb2KBx5e5T4+zGh9HV7O+Uy5YyqyYbLPQP935yZVcNg5reYpJz/e
aadZWdyVaiqIuVCJA0o9lN82fR1vxAR7xYBFUULsnbqXT+V42a9hoIYUSQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFK8ZuoYZaZJ+/7BJWdagWNnBwQW6MB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvcnhtNmhobHBrbjdfc0VsWjFxQlkyY0hCQmJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBUBAIAATBOAwQATUwNAwQA
ToBjAwQAToB/AwQAT3wHAwQAT3xNAwQAUnbjAwQAUnbmAwQBUnbqAwQAUnb1AwQA
W5SNAwQBXkiMAwQAXkiPAwQAgrn7MA8EAgACMAkDBwAqAYdAAAEwDQYJKoZIhvcN
AQELBQADggEBAHSJOnCJtwfDH5LM5urxKMOvHBTTNm3RjZl3gyTIuWkpChNFeHhl
RwRLPGD7myoGT+JytizHD64pczjzjbWaVhCLZXg38Tf4tIsq4XeJXgDRpUOzIkN+
OxTtLvGSrVdu1a18f/Rueyp5KYhN+B//xsSN3ESkuIysQU0JOUqzsycFhaDq3/Rp
L/v7EIjGGdVw9t8KRuoTg91cRoqLXn+Zl03aPV5Va5eoSiUScL4yyimv5MIC+ohd
TxYTrsiUj+jW4yb3ifNJM0FJqP87x2ZlNC2LGaEtAiV8Pt8SebkNfQARKj+u4jCD
pymqHBDBfMsyDPnqw1DPnSdgn59YOYKjCFY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:15 2024 by rpki-client on console-fra.rpki-client.org