Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/6e2cbf-7056-4419-b51c-62b1da261329/1/NLkdXs23S24-UlqaZJ6TqSNd8N8.roa
File: NLkdXs23S24-UlqaZJ6TqSNd8N8.roa (raw, json)
Hash identifier: d8YVeqnOgnNnBZ90lsW5ajz9BKzEFwrMNPnnu555lT4=
Subject key identifier: 34:B9:1D:5E:CD:B7:4B:6E:3E:52:5A:9A:64:9E:93:A9:23:5D:F0:DF
Certificate issuer: /CN=478c7fc6b211e271f7483f721d45f238dd7de5c4
Certificate serial: 0189BB412FA01D221B774A5E2ACA9BBAE66F
Authority key identifier: 47:8C:7F:C6:B2:11:E2:71:F7:48:3F:72:1D:45:F2:38:DD:7D:E5:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R4x_xrIR4nH3SD9yHUXyON195cQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/6e2cbf-7056-4419-b51c-62b1da261329/1/NLkdXs23S24-UlqaZJ6TqSNd8N8.roa
Signing time: Thu 03 Aug 2023 11:55:58 +0000
ROA not before: Thu 03 Aug 2023 11:55:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51898
IP address blocks: 77.220.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bb:41:2f:a0:1d:22:1b:77:4a:5e:2a:ca:9b:ba:e6:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=478c7fc6b211e271f7483f721d45f238dd7de5c4
Validity
Not Before: Aug 3 11:55:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34b91d5ecdb74b6e3e525a9a649e93a9235df0df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8b:a0:27:aa:b3:a9:30:ec:fc:cc:dd:e9:bf:
e5:2d:0f:0d:f0:a3:f1:2d:09:0b:d2:6c:5e:39:f8:
c9:05:95:c2:75:7f:e6:3d:7e:25:33:50:ad:8d:5b:
ef:3d:9e:37:d5:f2:61:f8:01:44:25:6a:a7:d7:8d:
70:59:d0:d3:f5:7a:8e:a3:43:46:df:ca:55:e8:ac:
02:77:62:a2:2d:1f:87:f1:9d:09:10:fb:88:e4:e6:
e5:b7:0c:08:8f:e3:62:cf:1e:49:d3:1b:de:18:6b:
fc:7f:74:16:bf:d8:f5:2c:47:c6:29:98:77:21:61:
a2:eb:70:2d:2a:97:e9:37:0d:6d:f5:f8:43:83:76:
45:b8:6b:57:41:d3:04:64:04:7c:e1:e0:08:56:96:
9c:3d:ea:90:fb:95:5f:96:33:ba:23:11:b9:70:0e:
de:03:f0:18:3c:fe:4b:05:8e:4c:d3:0a:8b:d2:d8:
94:e1:ad:b4:b1:a4:1e:91:06:8d:7a:21:04:19:23:
0c:e2:bb:00:f9:14:0e:ef:98:0f:11:b9:33:f8:81:
c9:e1:46:45:b0:86:1a:47:df:3b:05:3b:18:26:40:
0e:3c:3d:32:03:a5:f2:8e:25:e1:5d:24:94:96:0e:
b2:26:f1:76:eb:40:03:de:6d:41:33:09:cb:a0:16:
13:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B9:1D:5E:CD:B7:4B:6E:3E:52:5A:9A:64:9E:93:A9:23:5D:F0:DF
X509v3 Authority Key Identifier:
keyid:47:8C:7F:C6:B2:11:E2:71:F7:48:3F:72:1D:45:F2:38:DD:7D:E5:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R4x_xrIR4nH3SD9yHUXyON195cQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6e2cbf-7056-4419-b51c-62b1da261329/1/NLkdXs23S24-UlqaZJ6TqSNd8N8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6e2cbf-7056-4419-b51c-62b1da261329/1/R4x_xrIR4nH3SD9yHUXyON195cQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.220.204.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:e1:01:87:76:08:c1:71:cf:da:52:46:9e:ff:b1:20:ea:33:
65:19:f1:d5:a4:2e:9f:ce:18:52:0a:e9:67:ca:1f:64:dc:db:
f2:fe:62:e1:02:91:9a:c0:ee:50:1f:56:30:59:36:bd:37:3f:
f9:60:5a:97:b0:7b:88:2e:27:d4:ff:f9:95:69:94:65:d0:18:
fa:1d:1e:53:3e:02:2f:2b:fd:d6:ab:5d:21:13:8b:d3:ba:dc:
d2:9f:35:bc:d9:5c:bd:4c:4a:aa:39:26:23:cf:b2:59:7d:93:
af:aa:c8:7c:77:d5:ca:10:c6:e5:6f:3e:c5:75:e2:e0:4e:3f:
11:5a:31:67:bb:30:2a:1b:38:5d:f6:fd:30:db:d1:a5:6f:4e:
76:1f:b9:25:91:7b:8a:1e:87:07:88:24:7f:09:d6:7c:a4:a6:
d6:9e:0e:94:a2:a9:ef:23:12:b3:fc:12:b4:8f:19:8f:1c:31:
e2:10:a9:7e:30:68:4b:14:ea:0d:89:ff:e2:7f:c4:f3:5a:ef:
3d:f3:c2:76:cd:b1:48:0c:f6:0d:9b:83:1d:93:7c:12:8a:d7:
45:a0:8a:23:9e:8a:b6:33:eb:4b:73:a7:cd:d3:c5:70:51:98:
b7:64:b5:83:57:5a:08:ab:d9:0b:03:45:18:6a:97:cc:62:4d:
cb:c7:93:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYm7QS+gHSIbd0peKsqbuuZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3OGM3ZmM2YjIxMWUyNzFmNzQ4M2Y3MjFkNDVmMjM4ZGQ3
ZGU1YzQwHhcNMjMwODAzMTE1NTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGI5MWQ1ZWNkYjc0YjZlM2U1MjVhOWE2NDllOTNhOTIzNWRmMGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqougJ6qzqTDs/Mzd6b/lLQ8N8KPx
LQkL0mxeOfjJBZXCdX/mPX4lM1CtjVvvPZ431fJh+AFEJWqn141wWdDT9XqOo0NG
38pV6KwCd2KiLR+H8Z0JEPuI5ObltwwIj+Nizx5J0xveGGv8f3QWv9j1LEfGKZh3
IWGi63AtKpfpNw1t9fhDg3ZFuGtXQdMEZAR84eAIVpacPeqQ+5VfljO6IxG5cA7e
A/AYPP5LBY5M0wqL0tiU4a20saQekQaNeiEEGSMM4rsA+RQO75gPEbkz+IHJ4UZF
sIYaR987BTsYJkAOPD0yA6XyjiXhXSSUlg6yJvF260AD3m1BMwnLoBYTfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDS5HV7Nt0tuPlJammSek6kjXfDfMB8GA1UdIwQY
MBaAFEeMf8ayEeJx90g/ch1F8jjdfeXEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjR4X3hySVI0bkgzU0Q5eUhVWHlPTjE5NWNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS82ZTJjYmYtNzA1Ni00NDE5LWI1MWMt
NjJiMWRhMjYxMzI5LzEvTkxrZFhzMjNTMjQtVWxxYVpKNlRxU05kOE44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS82ZTJjYmYtNzA1Ni00NDE5LWI1MWMtNjJiMWRhMjYxMzI5
LzEvUjR4X3hySVI0bkgzU0Q5eUhVWHlPTjE5NWNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATdzMMA0G
CSqGSIb3DQEBCwUAA4IBAQA74QGHdgjBcc/aUkae/7Eg6jNlGfHVpC6fzhhSCuln
yh9k3Nvy/mLhApGawO5QH1YwWTa9Nz/5YFqXsHuILifU//mVaZRl0Bj6HR5TPgIv
K/3Wq10hE4vTutzSnzW82Vy9TEqqOSYjz7JZfZOvqsh8d9XKEMblbz7FdeLgTj8R
WjFnuzAqGzhd9v0w29Glb052H7klkXuKHocHiCR/CdZ8pKbWng6UoqnvIxKz/BK0
jxmPHDHiEKl+MGhLFOoNif/if8TzWu8988J2zbFIDPYNm4Mdk3wSitdFoIojnoq2
M+tLc6fN08VwUZi3ZLWDV1oIq9kLA0UYapfMYk3Lx5Mw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:20 2024 by rpki-client on console-fra.rpki-client.org