Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/_yoH2b6XZo37bsceoUv0n8X-5c0.roa
File: _yoH2b6XZo37bsceoUv0n8X-5c0.roa (raw, json)
Hash identifier: 7X0fqoshw0QX8MgfjHwLxlySvgmpjxdtdoXFn2q3EVc=
Subject key identifier: FF:2A:07:D9:BE:97:66:8D:FB:6E:C7:1E:A1:4B:F4:9F:C5:FE:E5:CD
Certificate issuer: /CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Certificate serial: 01856FA70094861D3896043C48B657961A14
Authority key identifier: A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/_yoH2b6XZo37bsceoUv0n8X-5c0.roa
Signing time: Sun 01 Jan 2023 23:24:53 +0000
ROA not before: Sun 01 Jan 2023 23:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42632
IP address blocks: 176.58.36.0/23 maxlen: 23
176.58.32.0/22 maxlen: 23
176.58.40.0/24 maxlen: 24
176.58.62.0/23 maxlen: 23
146.255.201.0/24 maxlen: 24
146.255.200.0/24 maxlen: 24
146.255.200.0/23 maxlen: 23
146.255.216.0/22 maxlen: 22
146.255.220.0/22 maxlen: 22
146.255.192.0/22 maxlen: 23
146.255.198.0/23 maxlen: 24
146.255.197.0/24 maxlen: 24
146.255.196.0/24 maxlen: 24
77.220.160.0/23 maxlen: 23
77.220.164.0/22 maxlen: 23
77.220.168.0/22 maxlen: 23
77.220.172.0/23 maxlen: 23
83.222.96.0/22 maxlen: 22
77.220.174.0/23 maxlen: 23
77.220.176.0/21 maxlen: 24
77.220.180.0/24 maxlen: 24
77.220.184.0/21 maxlen: 21
83.222.100.0/22 maxlen: 22
83.222.104.0/22 maxlen: 22
83.222.112.0/22 maxlen: 22
83.222.108.0/22 maxlen: 22
83.222.116.0/22 maxlen: 22
212.76.128.0/21 maxlen: 23
212.76.136.0/21 maxlen: 23
212.76.144.0/22 maxlen: 22
212.76.152.0/22 maxlen: 24
212.76.156.0/22 maxlen: 22
2a02:878:a::/48 maxlen: 48
2a02:878:1::/48 maxlen: 48
2a02:878:a801::/48 maxlen: 48
2a02:878:10::/48 maxlen: 48
2a02:878:a80e::/48 maxlen: 48
2a02:878:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 23 Jun 2023 10:49:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:00:94:86:1d:38:96:04:3c:48:b6:57:96:1a:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Validity
Not Before: Jan 1 23:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff2a07d9be97668dfb6ec71ea14bf49fc5fee5cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:bf:2a:f2:89:bb:0d:55:d8:5f:ab:e9:93:a1:
50:7c:ad:04:a5:7d:1c:61:6a:ae:64:24:31:35:45:
33:f5:9c:1a:30:d5:9f:77:29:95:a5:be:5b:5b:aa:
c0:18:9c:37:32:bd:c4:68:d0:71:09:e3:31:9b:f9:
3a:3e:24:33:44:42:55:24:54:87:32:4a:37:f1:21:
90:4e:3a:b6:1a:9d:74:cb:e0:fd:25:15:92:42:96:
32:0c:41:c9:ee:53:9d:6b:a0:d0:e9:cf:f9:b7:50:
be:69:1b:ab:78:4c:e4:93:56:a9:a3:f9:08:95:50:
b8:6a:31:17:66:1e:31:ae:51:af:db:b4:2f:ac:8f:
4d:3d:f3:14:77:99:3c:c7:81:a0:92:36:0f:c2:c2:
03:97:5c:7c:55:01:20:5f:92:45:88:24:ef:61:09:
7d:87:18:3c:7e:9b:0a:d5:0d:6b:a2:15:a0:02:bd:
e5:95:e3:45:60:4c:bf:f3:82:cd:58:72:29:85:84:
96:01:76:18:1a:bc:f4:2c:f3:10:4a:d9:d0:71:8c:
01:9e:71:a4:0b:02:c7:01:a4:e9:60:43:12:63:82:
68:30:f1:09:78:71:19:65:a9:dc:65:b0:ee:03:a0:
4c:6c:69:05:1b:6a:3a:a7:74:6e:0d:dc:df:92:8c:
51:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:2A:07:D9:BE:97:66:8D:FB:6E:C7:1E:A1:4B:F4:9F:C5:FE:E5:CD
X509v3 Authority Key Identifier:
keyid:A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/_yoH2b6XZo37bsceoUv0n8X-5c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.220.160.0/23
77.220.164.0-77.220.191.255
83.222.96.0-83.222.119.255
146.255.192.0-146.255.201.255
146.255.216.0/21
176.58.32.0-176.58.37.255
176.58.40.0/24
176.58.62.0/23
212.76.128.0-212.76.147.255
212.76.152.0/21
IPv6:
2a02:878:1::-2a02:878:2:ffff:ffff:ffff:ffff:ffff
2a02:878:a::/48
2a02:878:10::/48
2a02:878:a801::/48
2a02:878:a80e::/48
Signature Algorithm: sha256WithRSAEncryption
32:a0:2e:0e:66:34:43:f3:87:03:73:43:79:b3:de:7e:06:70:
2f:31:2f:f7:2e:ea:cb:f0:89:94:87:a3:cf:86:7e:51:d5:6e:
22:8c:fc:df:0f:6a:9c:18:c3:45:c4:db:97:b3:4b:21:42:39:
7b:72:6b:2e:3b:8f:82:66:6a:2d:f5:be:98:f2:e9:3b:d7:b3:
6f:79:46:12:e8:14:54:bb:21:95:72:94:39:c2:cf:31:30:fa:
f3:43:05:72:e9:f4:1a:9e:21:6b:0d:af:81:90:a2:55:f5:7d:
2f:4a:a4:de:71:d1:ae:48:7e:28:e7:96:82:e3:0c:74:ae:29:
a2:16:3c:95:bf:f4:70:87:ad:f4:45:0a:ba:0f:5e:52:85:00:
f4:e3:3c:c0:00:f4:a0:75:bb:df:b3:ba:ba:f6:72:15:2a:5b:
e9:9e:90:0e:eb:84:5a:f6:0a:9c:94:e9:8e:91:09:55:b3:90:
6a:4d:e6:1e:3e:84:f2:c7:a7:da:2f:5a:b2:d9:a7:69:16:5d:
71:af:eb:21:7d:93:77:73:04:84:9b:9f:2a:8d:e8:48:54:3b:
e9:be:ca:b7:e3:14:14:49:13:f8:b8:dd:bb:2b:5d:fb:09:36:
26:85:81:2f:02:3a:53:79:62:d4:70:87:d1:55:61:84:e7:2d:
d6:66:d0:d0
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAYVvpwCUhh04lgQ8SLZXlhoUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjc0ZDU4ODRhNTBhODRlMDdkYmRmNjc5OGRkY2JiOWNj
MjAzMmUwHhcNMjMwMTAxMjMyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjJhMDdkOWJlOTc2NjhkZmI2ZWM3MWVhMTRiZjQ5ZmM1ZmVlNWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0b8q8om7DVXYX6vpk6FQfK0EpX0c
YWquZCQxNUUz9ZwaMNWfdymVpb5bW6rAGJw3Mr3EaNBxCeMxm/k6PiQzREJVJFSH
Mko38SGQTjq2Gp10y+D9JRWSQpYyDEHJ7lOda6DQ6c/5t1C+aRureEzkk1apo/kI
lVC4ajEXZh4xrlGv27QvrI9NPfMUd5k8x4GgkjYPwsIDl1x8VQEgX5JFiCTvYQl9
hxg8fpsK1Q1rohWgAr3lleNFYEy/84LNWHIphYSWAXYYGrz0LPMQStnQcYwBnnGk
CwLHAaTpYEMSY4JoMPEJeHEZZancZbDuA6BMbGkFG2o6p3RuDdzfkoxRVQIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFP8qB9m+l2aN+27HHqFL9J/F/uXNMB8GA1UdIwQY
MBaAFKNnTViEpQqE4H299nmN3LucwgMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTct
OWUyMjBmMDRhOTAxLzEvX3lvSDJiNlhabzM3YnNjZW9VdjBuOFgtNWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTctOWUyMjBmMDRhOTAx
LzEvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDBqBAIAATBkAwQBTdyg
MAwDBAJN3KQDBAZN3IAwDAMEBVPeYAMEA1PecDAMAwQGkv/AAwQBkv/IAwQDkv/Y
MAwDBAWwOiADBAGwOiQDBACwOigDBAGwOj4wDAMEB9RMgAMEAtRMkAMEA9RMmDA+
BAIAAjA4MBIDBwAqAgh4AAEDBwAqAgh4AAIDBwAqAgh4AAoDBwAqAgh4ABADBwAq
Agh4qAEDBwAqAgh4qA4wDQYJKoZIhvcNAQELBQADggEBADKgLg5mNEPzhwNzQ3mz
3n4GcC8xL/cu6svwiZSHo8+GflHVbiKM/N8PapwYw0XE25ezSyFCOXtyay47j4Jm
ai31vpjy6TvXs295RhLoFFS7IZVylDnCzzEw+vNDBXLp9BqeIWsNr4GQolX1fS9K
pN5x0a5IfijnloLjDHSuKaIWPJW/9HCHrfRFCroPXlKFAPTjPMAA9KB1u9+zurr2
chUqW+mekA7rhFr2CpyU6Y6RCVWzkGpN5h4+hPLHp9ovWrLZp2kWXXGv6yF9k3dz
BISbnyqN6EhUO+m+yrfjFBRJE/i43bsrXfsJNiaFgS8COlN5YtRwh9FVYYTnLdZm
0NA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:27 2024 by rpki-client on console-ams.rpki-client.org