Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/540da5-27fb-46e6-a132-b54d82d8be7b/1/LAQJgw7OqcBH1NIWY6jqd-8QldI.roa
File: LAQJgw7OqcBH1NIWY6jqd-8QldI.roa (raw, json)
Hash identifier: nkI+Z4Gm15xebGQdRnyoayrgnwvHF25FVASK7pdRNgU=
Subject key identifier: 2C:04:09:83:0E:CE:A9:C0:47:D4:D2:16:63:A8:EA:77:EF:10:95:D2
Certificate issuer: /CN=f76fd568674856415eb1e21342aaf323b37b7a2e
Certificate serial: 018A7DE01634BC3E7A88C04C0422D5DDD358
Authority key identifier: F7:6F:D5:68:67:48:56:41:5E:B1:E2:13:42:AA:F3:23:B3:7B:7A:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92_VaGdIVkFeseITQqrzI7N7ei4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/540da5-27fb-46e6-a132-b54d82d8be7b/1/LAQJgw7OqcBH1NIWY6jqd-8QldI.roa
Signing time: Sun 10 Sep 2023 06:55:52 +0000
ROA not before: Sun 10 Sep 2023 06:55:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216376
IP address blocks: 185.77.98.0/24 maxlen: 24
185.77.98.0/23 maxlen: 23
2a13:ab40::/32 maxlen: 32
2a13:ab40::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 18 Sep 2023 14:05:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7d:e0:16:34:bc:3e:7a:88:c0:4c:04:22:d5:dd:d3:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f76fd568674856415eb1e21342aaf323b37b7a2e
Validity
Not Before: Sep 10 06:55:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c0409830ecea9c047d4d21663a8ea77ef1095d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:73:5c:9e:98:88:4e:80:b1:ad:36:64:6d:0e:
40:a9:fb:d3:25:9f:5e:1c:dc:fa:12:b8:07:81:98:
0c:33:82:fc:f4:21:57:c2:ec:bb:e0:63:93:22:76:
04:87:38:14:01:30:74:7d:a0:c2:4c:b4:e7:00:99:
d6:eb:ce:af:10:57:a5:7a:e7:e1:bf:ed:fb:65:7d:
de:fc:85:de:ea:ba:44:d5:f7:41:91:ec:49:fc:b4:
95:ea:08:d5:96:59:07:7a:48:6e:13:33:84:8c:5a:
28:84:a9:9b:27:ce:22:33:c8:b6:56:31:04:08:cb:
2e:59:b9:20:93:94:a7:dd:26:ae:50:9d:ef:8d:83:
c0:06:83:29:a1:c5:23:16:43:23:93:73:f2:20:4d:
c7:c5:8e:00:70:34:ab:27:b7:e3:15:21:ef:a4:1c:
6b:6b:bd:41:bc:41:a1:9e:09:66:34:dc:16:7a:80:
98:5c:58:78:c0:cc:bf:8b:cc:6e:3d:e2:9c:61:51:
5e:58:82:59:10:bd:f7:19:dc:30:34:d6:c5:80:b0:
3f:26:8e:c1:3b:49:7f:da:8a:1f:4c:52:0e:d7:15:
67:eb:7a:b3:da:85:0a:40:23:33:4d:e8:b7:43:ec:
c2:6f:c2:0b:a8:7d:b1:20:d8:a3:6c:fb:91:ed:25:
2d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:04:09:83:0E:CE:A9:C0:47:D4:D2:16:63:A8:EA:77:EF:10:95:D2
X509v3 Authority Key Identifier:
keyid:F7:6F:D5:68:67:48:56:41:5E:B1:E2:13:42:AA:F3:23:B3:7B:7A:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92_VaGdIVkFeseITQqrzI7N7ei4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/540da5-27fb-46e6-a132-b54d82d8be7b/1/LAQJgw7OqcBH1NIWY6jqd-8QldI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/540da5-27fb-46e6-a132-b54d82d8be7b/1/92_VaGdIVkFeseITQqrzI7N7ei4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.98.0/23
IPv6:
2a13:ab40::/32
Signature Algorithm: sha256WithRSAEncryption
47:42:bb:b1:ea:62:ff:4c:2a:a4:57:17:b6:e2:c3:70:a1:71:
da:68:8f:c0:5f:01:1f:85:13:b3:00:dd:dc:3d:2c:f5:e8:d4:
f3:7d:b0:18:3e:ae:26:a1:30:28:41:6c:83:be:b6:9d:73:5c:
0e:4d:4e:49:44:4d:07:77:f8:75:fc:9a:0f:e2:73:95:3f:50:
03:ee:db:2b:a6:16:d8:ae:9b:f6:ca:41:15:28:71:26:3a:24:
ea:92:7d:04:da:44:51:2c:55:d2:6e:ec:63:ec:e3:fa:44:f1:
79:33:36:bb:93:d7:70:34:c6:da:64:57:66:fb:10:c9:eb:00:
9e:35:e9:45:f4:62:0d:19:d4:b6:82:08:c1:6c:dc:ac:a6:0b:
4d:9c:fa:b6:27:16:f0:5c:af:e1:f8:80:10:d6:67:71:bf:16:
d9:78:2e:35:5e:6d:23:89:f3:e1:34:2a:b8:ff:06:67:f5:3f:
95:2d:2e:96:a9:ff:e6:d1:b9:a9:bc:19:54:5f:68:4c:97:6c:
53:23:b5:9a:46:cb:7b:d7:68:1b:f7:dd:b1:0c:da:33:b3:39:
7e:66:da:42:30:58:b9:44:b7:68:7b:75:57:58:6a:b6:af:59:
66:7b:b6:e7:f7:43:5d:99:66:e0:b6:d1:88:79:b9:b4:0a:1f:
59:27:1d:ff
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYp94BY0vD56iMBMBCLV3dNYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NmZkNTY4Njc0ODU2NDE1ZWIxZTIxMzQyYWFmMzIzYjM3
YjdhMmUwHhcNMjMwOTEwMDY1NTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzA0MDk4MzBlY2VhOWMwNDdkNGQyMTY2M2E4ZWE3N2VmMTA5NWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XNcnpiIToCxrTZkbQ5AqfvTJZ9e
HNz6ErgHgZgMM4L89CFXwuy74GOTInYEhzgUATB0faDCTLTnAJnW686vEFeleufh
v+37ZX3e/IXe6rpE1fdBkexJ/LSV6gjVllkHekhuEzOEjFoohKmbJ84iM8i2VjEE
CMsuWbkgk5Sn3SauUJ3vjYPABoMpocUjFkMjk3PyIE3HxY4AcDSrJ7fjFSHvpBxr
a71BvEGhnglmNNwWeoCYXFh4wMy/i8xuPeKcYVFeWIJZEL33GdwwNNbFgLA/Jo7B
O0l/2oofTFIO1xVn63qz2oUKQCMzTei3Q+zCb8ILqH2xINijbPuR7SUtnQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCwECYMOzqnAR9TSFmOo6nfvEJXSMB8GA1UdIwQY
MBaAFPdv1WhnSFZBXrHiE0Kq8yOze3ouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTJfVmFHZElWa0Zlc2VJVFFxcnpJN043ZWk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi81NDBkYTUtMjdmYi00NmU2LWExMzIt
YjU0ZDgyZDhiZTdiLzEvTEFRSmd3N09xY0JIMU5JV1k2anFkLThRbGRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi81NDBkYTUtMjdmYi00NmU2LWExMzItYjU0ZDgyZDhiZTdi
LzEvOTJfVmFHZElWa0Zlc2VJVFFxcnpJN043ZWk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuU1iMA0E
AgACMAcDBQAqE6tAMA0GCSqGSIb3DQEBCwUAA4IBAQBHQrux6mL/TCqkVxe24sNw
oXHaaI/AXwEfhROzAN3cPSz16NTzfbAYPq4moTAoQWyDvradc1wOTU5JRE0Hd/h1
/JoP4nOVP1AD7tsrphbYrpv2ykEVKHEmOiTqkn0E2kRRLFXSbuxj7OP6RPF5Mza7
k9dwNMbaZFdm+xDJ6wCeNelF9GINGdS2ggjBbNyspgtNnPq2JxbwXK/h+IAQ1mdx
vxbZeC41Xm0jifPhNCq4/wZn9T+VLS6Wqf/m0bmpvBlUX2hMl2xTI7WaRst712gb
992xDNozszl+ZtpCMFi5RLdoe3VXWGq2r1lme7bn90NdmWbgttGIebm0Ch9ZJx3/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:09 2024 by rpki-client on console-fra.rpki-client.org