Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/I6k0kfAjIaEAoAPVpsnrAxo9gLE.roa
File: I6k0kfAjIaEAoAPVpsnrAxo9gLE.roa (raw, json)
Hash identifier: c0kFbVH6/ZHUg29R74g5u7QEj9ZLBpfaZuHZXcnpM1M=
Subject key identifier: 23:A9:34:91:F0:23:21:A1:00:A0:03:D5:A6:C9:EB:03:1A:3D:80:B1
Certificate issuer: /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial: 018F2B4D13AB4471C79AB7794E36F6F77AD8
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/I6k0kfAjIaEAoAPVpsnrAxo9gLE.roa
Signing time: Mon 29 Apr 2024 19:20:22 +0000
ROA not before: Mon 29 Apr 2024 19:20:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 77.81.79.0/24 maxlen: 24
77.81.80.0/23 maxlen: 24
128.65.172.0/22 maxlen: 24
194.26.2.0/24 maxlen: 24
194.26.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 May 2024 22:15:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2b:4d:13:ab:44:71:c7:9a:b7:79:4e:36:f6:f7:7a:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Validity
Not Before: Apr 29 19:20:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23a93491f02321a100a003d5a6c9eb031a3d80b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a4:2a:c5:f6:ad:8e:b8:65:ca:26:7b:00:9a:
b8:45:06:16:70:b5:ce:6e:e5:05:2d:d4:9f:4a:78:
03:c7:11:b5:d1:8d:46:0d:20:70:10:2a:14:9b:09:
64:7a:ba:b7:73:03:d8:2d:93:1c:0a:08:4f:5d:5f:
da:ad:3c:50:ef:ad:61:8e:71:cc:39:06:f6:85:2a:
7b:72:18:d9:ff:90:a6:dc:89:01:8f:40:33:bf:5c:
f0:95:f1:48:90:4f:0b:b1:42:95:c2:c0:f2:ee:9a:
2b:af:62:c0:02:b6:82:c6:40:a9:fd:0e:b0:a3:df:
8f:f3:92:7c:58:02:70:b3:ed:57:42:44:75:60:af:
ee:98:72:16:0d:71:7f:ef:2a:e2:b7:24:87:73:70:
dc:77:60:f9:17:ad:2e:d5:47:8f:57:b9:3c:c6:47:
f0:83:12:ce:39:41:72:1b:00:e6:9a:82:87:27:88:
32:ce:9f:93:ad:65:53:90:18:91:20:3b:00:22:4d:
ee:0b:8c:88:05:37:34:7e:2f:c3:dc:81:6e:d6:6c:
51:8d:9a:bb:f4:24:ac:55:78:fe:98:ef:4f:a8:30:
45:c3:2d:67:ca:17:6b:80:cf:3e:e4:76:7e:4c:7d:
bf:aa:98:01:c4:15:49:17:32:39:25:c6:41:a9:6e:
82:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:A9:34:91:F0:23:21:A1:00:A0:03:D5:A6:C9:EB:03:1A:3D:80:B1
X509v3 Authority Key Identifier:
keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/I6k0kfAjIaEAoAPVpsnrAxo9gLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.79.0-77.81.81.255
128.65.172.0/22
194.26.2.0/24
194.26.21.0/24
Signature Algorithm: sha256WithRSAEncryption
25:6a:e2:6f:bc:25:08:4b:a8:85:26:e8:0a:bd:9a:a2:6e:60:
56:4e:1c:0a:26:84:a2:e6:f2:2e:d3:7b:e9:25:b6:19:72:77:
29:91:05:51:40:c6:ed:1f:fc:77:45:5b:4e:88:5a:72:a3:f7:
fc:3c:df:82:0c:6a:41:3a:9a:38:f7:7b:6f:43:e2:b7:0f:80:
b2:ce:db:6e:0e:57:c6:92:fe:49:29:36:7f:53:f5:7d:bb:d3:
71:3b:f8:a6:3f:98:b6:4f:37:5e:42:ed:3c:ce:b6:ef:f7:5f:
3f:f4:02:1d:1d:44:e3:25:9a:2b:96:46:e0:8f:cb:0d:3b:6f:
c2:55:34:ae:db:b5:13:15:1c:59:f7:97:14:69:4b:d1:e9:98:
63:96:dc:fa:61:eb:1b:3c:e5:b4:c7:83:ac:0d:76:11:4a:c9:
86:8d:8a:2e:39:50:5b:fb:c7:be:b2:4b:21:19:e6:73:7f:fb:
80:09:88:b1:10:e4:46:da:7d:68:08:c9:e1:d6:93:c0:43:a2:
9b:66:61:16:f5:b0:c5:78:53:29:b7:21:a2:1f:64:dc:52:d8:
28:cc:40:03:e9:6a:b9:f7:71:09:ce:c5:6d:d8:55:92:51:43:
26:fd:d1:78:19:69:e2:e8:89:fe:ad:9b:bf:1f:89:be:d5:39:
df:6e:3f:84
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY8rTROrRHHHmrd5Tjb293rYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjQwNDI5MTkyMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2E5MzQ5MWYwMjMyMWExMDBhMDAzZDVhNmM5ZWIwMzFhM2Q4MGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqQqxfatjrhlyiZ7AJq4RQYWcLXO
buUFLdSfSngDxxG10Y1GDSBwECoUmwlkerq3cwPYLZMcCghPXV/arTxQ761hjnHM
OQb2hSp7chjZ/5Cm3IkBj0Azv1zwlfFIkE8LsUKVwsDy7porr2LAAraCxkCp/Q6w
o9+P85J8WAJws+1XQkR1YK/umHIWDXF/7yritySHc3Dcd2D5F60u1UePV7k8xkfw
gxLOOUFyGwDmmoKHJ4gyzp+TrWVTkBiRIDsAIk3uC4yIBTc0fi/D3IFu1mxRjZq7
9CSsVXj+mO9PqDBFwy1nyhdrgM8+5HZ+TH2/qpgBxBVJFzI5JcZBqW6CJwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCOpNJHwIyGhAKAD1abJ6wMaPYCxMB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvSTZrMGtmQWpJYUVBb0FQVnBzbnJBeG85Z0xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABNUU8D
BAFNUVADBAKAQawDBADCGgIDBADCGhUwDQYJKoZIhvcNAQELBQADggEBACVq4m+8
JQhLqIUm6Aq9mqJuYFZOHAomhKLm8i7Te+klthlydymRBVFAxu0f/HdFW06IWnKj
9/w834IMakE6mjj3e29D4rcPgLLO224OV8aS/kkpNn9T9X2703E7+KY/mLZPN15C
7TzOtu/3Xz/0Ah0dROMlmiuWRuCPyw07b8JVNK7btRMVHFn3lxRpS9HpmGOW3Pph
6xs85bTHg6wNdhFKyYaNii45UFv7x76ySyEZ5nN/+4AJiLEQ5EbafWgIyeHWk8BD
optmYRb1sMV4Uym3IaIfZNxS2CjMQAPparn3cQnOxW3YVZJRQyb90XgZaeLoif6t
m78fib7VOd9uP4Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:23 2024 by rpki-client on console-fra.rpki-client.org