Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/decb7d-0388-4e3c-8db4-a302f51d382c/1/tjApyRgI-cJ9J2jBMhwmPP-oAf0.roa
File: tjApyRgI-cJ9J2jBMhwmPP-oAf0.roa (raw, json)
Hash identifier: TJnVZUku6GdkttQBjaGQvnOyY7kiGCts1q4mJxbiuA0=
Subject key identifier: B6:30:29:C9:18:08:F9:C2:7D:27:68:C1:32:1C:26:3C:FF:A8:01:FD
Certificate issuer: /CN=0b934c36b773008865b9c9fb0fd48669395ac730
Certificate serial: 01856D66237FCE234E59F38C4B94B9453F32
Authority key identifier: 0B:93:4C:36:B7:73:00:88:65:B9:C9:FB:0F:D4:86:69:39:5A:C7:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C5NMNrdzAIhlucn7D9SGaTlaxzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/decb7d-0388-4e3c-8db4-a302f51d382c/1/tjApyRgI-cJ9J2jBMhwmPP-oAf0.roa
Signing time: Sun 01 Jan 2023 12:54:48 +0000
ROA not before: Sun 01 Jan 2023 12:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2906
IP address blocks: 37.77.184.0/21 maxlen: 24
185.2.220.0/22 maxlen: 24
2a00:86c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:23:7f:ce:23:4e:59:f3:8c:4b:94:b9:45:3f:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b934c36b773008865b9c9fb0fd48669395ac730
Validity
Not Before: Jan 1 12:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b63029c91808f9c27d2768c1321c263cffa801fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:8e:c3:b3:c6:97:cd:bd:e7:59:45:e8:65:49:
34:83:2c:2b:2f:e8:fb:26:9e:45:96:e8:c0:47:e3:
ed:1d:e8:d0:59:cd:46:7f:a3:c2:e7:81:0b:1c:3c:
b2:8f:8b:ad:02:88:ca:c4:fd:92:7e:17:b1:e4:82:
3d:b7:46:a1:7d:47:50:a6:cc:70:ac:41:7c:bc:f7:
98:93:c2:99:1b:1c:1f:78:3c:56:31:93:f3:6c:0c:
14:a4:41:73:6c:79:b2:4c:16:d2:28:7f:be:43:f3:
2e:c5:56:fa:be:b0:11:9c:81:bb:c1:90:64:5f:05:
c9:d0:e9:58:f5:b2:a3:8d:12:2b:c4:d6:3a:63:6b:
38:9a:6c:e2:7f:9a:f4:71:d0:49:9b:d4:da:a5:07:
ec:2e:f4:78:4e:ab:ac:d4:67:1e:5f:00:3c:2e:35:
8b:26:0b:ee:ef:70:67:2c:7a:6d:6c:0b:e5:27:65:
52:c7:d0:5c:6e:cc:29:df:7e:14:fc:0a:94:03:03:
99:d2:1a:06:28:ce:ea:7b:31:e4:f8:0e:48:c6:ab:
6d:6b:d9:e4:44:43:0b:2d:c7:79:94:fe:a3:6c:f5:
d1:99:9e:71:72:ec:1f:1a:3d:76:52:8e:a3:bf:7b:
b3:37:3e:5e:48:63:7a:aa:06:60:d3:31:5e:e9:e5:
8f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:30:29:C9:18:08:F9:C2:7D:27:68:C1:32:1C:26:3C:FF:A8:01:FD
X509v3 Authority Key Identifier:
keyid:0B:93:4C:36:B7:73:00:88:65:B9:C9:FB:0F:D4:86:69:39:5A:C7:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C5NMNrdzAIhlucn7D9SGaTlaxzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/decb7d-0388-4e3c-8db4-a302f51d382c/1/tjApyRgI-cJ9J2jBMhwmPP-oAf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/decb7d-0388-4e3c-8db4-a302f51d382c/1/C5NMNrdzAIhlucn7D9SGaTlaxzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.184.0/21
185.2.220.0/22
IPv6:
2a00:86c0::/32
Signature Algorithm: sha256WithRSAEncryption
93:0a:a6:4c:d6:c6:36:ae:4c:ea:e0:c4:2e:72:8a:4a:85:3e:
9e:a2:69:71:cd:1a:fa:4b:5c:8b:36:22:54:dd:f2:4c:3d:bf:
8a:25:94:e6:bb:e1:a6:b5:8f:f3:11:12:d1:d1:ee:8f:6b:3f:
ad:91:6e:49:79:57:e7:6c:03:f5:09:2d:e6:99:53:a7:d3:ca:
15:2d:8b:4c:fb:45:a0:80:1b:40:44:0d:47:3e:07:3a:e9:af:
e4:c1:7d:0d:25:02:65:4e:a1:bb:b5:91:35:76:b0:1b:d6:cb:
a7:3f:e8:cd:cf:0d:12:66:fd:a9:de:a7:b8:66:a6:46:fc:6b:
f5:09:b1:65:e1:41:14:24:81:fc:12:06:6c:3b:82:6f:c3:b7:
b4:a6:df:61:7f:33:30:15:ad:0c:0f:e2:b6:59:57:e8:fc:95:
51:02:ac:c4:26:aa:4d:8b:78:ca:30:91:95:cc:65:4c:3f:d2:
40:d2:a5:93:14:c5:f3:0f:3b:d1:9c:f3:95:9f:98:ff:42:2a:
0b:a3:e6:59:69:88:7f:bd:67:d1:18:56:59:26:9e:7d:46:56:
c3:83:86:fe:5a:8f:68:de:6d:bb:ea:ab:e5:3d:37:82:92:dd:
9f:0d:f5:6b:16:33:24:d4:f7:b3:8d:52:65:df:e8:82:a1:50:
84:bf:84:2f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtZiN/ziNOWfOMS5S5RT8yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiOTM0YzM2Yjc3MzAwODg2NWI5YzlmYjBmZDQ4NjY5Mzk1
YWM3MzAwHhcNMjMwMTAxMTI1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjMwMjljOTE4MDhmOWMyN2QyNzY4YzEzMjFjMjYzY2ZmYTgwMWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjY7Ds8aXzb3nWUXoZUk0gywrL+j7
Jp5FlujAR+PtHejQWc1Gf6PC54ELHDyyj4utAojKxP2Sfhex5II9t0ahfUdQpsxw
rEF8vPeYk8KZGxwfeDxWMZPzbAwUpEFzbHmyTBbSKH++Q/MuxVb6vrARnIG7wZBk
XwXJ0OlY9bKjjRIrxNY6Y2s4mmzif5r0cdBJm9TapQfsLvR4Tqus1GceXwA8LjWL
Jgvu73BnLHptbAvlJ2VSx9Bcbswp334U/AqUAwOZ0hoGKM7qezHk+A5Ixqtta9nk
REMLLcd5lP6jbPXRmZ5xcuwfGj12Uo6jv3uzNz5eSGN6qgZg0zFe6eWPNQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLYwKckYCPnCfSdowTIcJjz/qAH9MB8GA1UdIwQY
MBaAFAuTTDa3cwCIZbnJ+w/Uhmk5WscwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzVOTU5yZHpBSWhsdWNuN0Q5U0dhVGxheHpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9kZWNiN2QtMDM4OC00ZTNjLThkYjQt
YTMwMmY1MWQzODJjLzEvdGpBcHlSZ0ktY0o5SjJqQk1od21QUC1vQWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9kZWNiN2QtMDM4OC00ZTNjLThkYjQtYTMwMmY1MWQzODJj
LzEvQzVOTU5yZHpBSWhsdWNuN0Q5U0dhVGxheHpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJU24AwQC
uQLcMA0EAgACMAcDBQAqAIbAMA0GCSqGSIb3DQEBCwUAA4IBAQCTCqZM1sY2rkzq
4MQucopKhT6eomlxzRr6S1yLNiJU3fJMPb+KJZTmu+GmtY/zERLR0e6Paz+tkW5J
eVfnbAP1CS3mmVOn08oVLYtM+0WggBtARA1HPgc66a/kwX0NJQJlTqG7tZE1drAb
1sunP+jNzw0SZv2p3qe4ZqZG/Gv1CbFl4UEUJIH8EgZsO4Jvw7e0pt9hfzMwFa0M
D+K2WVfo/JVRAqzEJqpNi3jKMJGVzGVMP9JA0qWTFMXzDzvRnPOVn5j/QioLo+ZZ
aYh/vWfRGFZZJp59RlbDg4b+Wo9o3m276qvlPTeCkt2fDfVrFjMk1PezjVJl3+iC
oVCEv4Qv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:30 2024 by rpki-client on console-fra.rpki-client.org