Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/CES08eTtYvFcBx07Xnv1UetgFsU.roa
File: CES08eTtYvFcBx07Xnv1UetgFsU.roa (raw, json)
Hash identifier: YjXaNjFxAf+rE6TUmcOYOz+egJh8Um/Y0hSvcOAMpjM=
Subject key identifier: 08:44:B4:F1:E4:ED:62:F1:5C:07:1D:3B:5E:7B:F5:51:EB:60:16:C5
Certificate issuer: /CN=1a99c75fe5777e136573e1e51efba6781f3a5b16
Certificate serial: 01856DC1AECAAE9052B42322377A53C0EDF4
Authority key identifier: 1A:99:C7:5F:E5:77:7E:13:65:73:E1:E5:1E:FB:A6:78:1F:3A:5B:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GpnHX-V3fhNlc-HlHvumeB86WxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/CES08eTtYvFcBx07Xnv1UetgFsU.roa
Signing time: Sun 01 Jan 2023 14:34:47 +0000
ROA not before: Sun 01 Jan 2023 14:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42306
IP address blocks: 77.236.192.0/19 maxlen: 19
37.44.208.0/22 maxlen: 22
2a03:f280::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 08 Feb 2023 14:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:ae:ca:ae:90:52:b4:23:22:37:7a:53:c0:ed:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a99c75fe5777e136573e1e51efba6781f3a5b16
Validity
Not Before: Jan 1 14:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0844b4f1e4ed62f15c071d3b5e7bf551eb6016c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:90:94:ba:03:3d:01:d2:0f:f9:85:63:71:44:
80:6d:d5:af:8b:8c:85:ea:bc:b0:76:71:7d:3c:a4:
4e:9f:e8:60:9f:db:32:1d:73:87:3c:c9:9e:94:5d:
3e:f7:b7:5b:8f:00:e8:75:0d:ed:fc:c4:cc:e2:f6:
77:0e:48:4e:14:5b:ad:dc:99:26:a6:90:30:73:b8:
5e:10:e2:ce:9f:ea:73:03:76:ba:bb:22:d1:8c:31:
f3:94:6b:3b:5a:77:68:a3:79:cf:8e:f4:2c:b6:3a:
d0:c2:f0:ad:65:b1:8b:df:6c:cb:f3:2b:71:73:74:
ea:8a:27:3f:d0:e6:5d:ce:b0:b7:c0:90:02:73:3f:
ed:0c:19:b4:8b:75:5f:a2:62:5a:fe:d1:75:76:94:
c9:c2:b9:4e:67:50:e1:ff:6c:e6:6d:c1:34:fd:f4:
83:67:4f:2b:3e:96:e1:60:1a:f8:9d:7a:e7:5b:21:
ee:01:c9:d5:b7:34:38:22:a7:ce:21:bd:de:31:44:
8a:13:e8:96:d0:4e:eb:7c:85:ae:c4:5a:7b:74:2f:
32:cd:0a:25:ca:c5:7e:5d:96:50:11:f9:a4:1d:8f:
89:c2:e6:a0:dd:46:44:ef:84:14:e4:f9:7b:e4:cd:
58:4b:43:ff:86:30:20:60:35:c2:d1:12:9e:23:3e:
54:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:44:B4:F1:E4:ED:62:F1:5C:07:1D:3B:5E:7B:F5:51:EB:60:16:C5
X509v3 Authority Key Identifier:
keyid:1A:99:C7:5F:E5:77:7E:13:65:73:E1:E5:1E:FB:A6:78:1F:3A:5B:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpnHX-V3fhNlc-HlHvumeB86WxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/CES08eTtYvFcBx07Xnv1UetgFsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/71173b-1938-4835-af00-a699bcb08ae3/1/GpnHX-V3fhNlc-HlHvumeB86WxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.208.0/22
77.236.192.0/19
IPv6:
2a03:f280::/29
Signature Algorithm: sha256WithRSAEncryption
37:2c:ee:c2:66:05:ed:cb:62:0a:ce:f9:0d:80:d1:e1:f6:5c:
34:58:24:72:98:8a:c9:d5:e8:51:9d:75:3e:8a:c9:a1:41:c0:
be:22:9b:88:bd:79:21:24:76:b5:ae:e8:0d:fc:80:0b:a7:84:
12:a7:6c:55:d0:3d:84:b1:61:d4:12:56:3d:aa:43:cc:0a:eb:
b0:13:24:da:23:59:39:2c:2a:36:e8:2f:b9:1e:ea:6f:7a:05:
5e:db:bb:55:09:a8:f9:f5:e6:3d:f2:46:84:fd:7f:e4:e0:34:
65:13:81:84:3e:b9:dc:5d:07:1c:bc:33:ea:8f:65:3b:cb:b1:
f7:09:dc:9d:e5:dc:c8:43:7f:da:50:7a:37:2b:9c:4e:db:70:
92:19:3c:17:9b:cb:af:e0:40:a0:6f:57:3f:e7:3a:82:f2:4e:
83:2e:51:0e:80:9a:e8:4e:f0:77:51:31:7f:a6:5d:dd:ec:dd:
85:47:87:1b:0a:24:a3:13:73:21:1b:88:4f:56:c9:22:3e:5f:
2d:36:d6:b7:1c:0d:bc:05:f2:ed:ff:5d:d2:db:1b:ac:28:11:
36:07:83:2f:0d:75:de:d4:51:60:f8:95:53:f6:1d:4f:8a:0c:
a1:9f:1a:42:91:e3:6d:ac:de:82:61:70:15:ba:fc:37:41:08:
e5:f5:65:27
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtwa7KrpBStCMiN3pTwO30MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhOTljNzVmZTU3NzdlMTM2NTczZTFlNTFlZmJhNjc4MWYz
YTViMTYwHhcNMjMwMTAxMTQzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODQ0YjRmMWU0ZWQ2MmYxNWMwNzFkM2I1ZTdiZjU1MWViNjAxNmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZCUugM9AdIP+YVjcUSAbdWvi4yF
6rywdnF9PKROn+hgn9syHXOHPMmelF0+97dbjwDodQ3t/MTM4vZ3DkhOFFut3Jkm
ppAwc7heEOLOn+pzA3a6uyLRjDHzlGs7Wndoo3nPjvQstjrQwvCtZbGL32zL8ytx
c3Tqiic/0OZdzrC3wJACcz/tDBm0i3VfomJa/tF1dpTJwrlOZ1Dh/2zmbcE0/fSD
Z08rPpbhYBr4nXrnWyHuAcnVtzQ4IqfOIb3eMUSKE+iW0E7rfIWuxFp7dC8yzQol
ysV+XZZQEfmkHY+Jwuag3UZE74QU5Pl75M1YS0P/hjAgYDXC0RKeIz5UrQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAhEtPHk7WLxXAcdO1579VHrYBbFMB8GA1UdIwQY
MBaAFBqZx1/ld34TZXPh5R77pngfOlsWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3BuSFgtVjNmaE5sYy1IbEh2dW1lQjg2V3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi83MTE3M2ItMTkzOC00ODM1LWFmMDAt
YTY5OWJjYjA4YWUzLzEvQ0VTMDhlVHRZdkZjQngwN1hudjFVZXRnRnNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi83MTE3M2ItMTkzOC00ODM1LWFmMDAtYTY5OWJjYjA4YWUz
LzEvR3BuSFgtVjNmaE5sYy1IbEh2dW1lQjg2V3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCJSzQAwQF
TezAMA0EAgACMAcDBQMqA/KAMA0GCSqGSIb3DQEBCwUAA4IBAQA3LO7CZgXty2IK
zvkNgNHh9lw0WCRymIrJ1ehRnXU+ismhQcC+IpuIvXkhJHa1rugN/IALp4QSp2xV
0D2EsWHUElY9qkPMCuuwEyTaI1k5LCo26C+5HupvegVe27tVCaj59eY98kaE/X/k
4DRlE4GEPrncXQccvDPqj2U7y7H3Cdyd5dzIQ3/aUHo3K5xO23CSGTwXm8uv4ECg
b1c/5zqC8k6DLlEOgJroTvB3UTF/pl3d7N2FR4cbCiSjE3MhG4hPVskiPl8tNta3
HA28BfLt/13S2xusKBE2B4MvDXXe1FFg+JVT9h1PigyhnxpCkeNtrN6CYXAVuvw3
QQjl9WUn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:07 2024 by rpki-client on console-fra.rpki-client.org