Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1e36e8-8fa6-4c17-a240-32e57bc5474b/1/aZ78PCBIOExP-oMxmJU7qecGSgc.roa
File: aZ78PCBIOExP-oMxmJU7qecGSgc.roa (raw, json)
Hash identifier: 95FrvVX1t6V9I2tB5yMhGTVj4oDcO1CinhdUTdwtNTc=
Subject key identifier: 69:9E:FC:3C:20:48:38:4C:4F:FA:83:31:98:95:3B:A9:E7:06:4A:07
Certificate issuer: /CN=4f2fc3e86035a0b8e9380ffb23f23f57430b7acb
Certificate serial: 0185DDD0AC1F92550BCDDCAD0A397AD03498
Authority key identifier: 4F:2F:C3:E8:60:35:A0:B8:E9:38:0F:FB:23:F2:3F:57:43:0B:7A:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ty_D6GA1oLjpOA_7I_I_V0MLess.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/1e36e8-8fa6-4c17-a240-32e57bc5474b/1/aZ78PCBIOExP-oMxmJU7qecGSgc.roa
Signing time: Mon 23 Jan 2023 08:48:38 +0000
ROA not before: Mon 23 Jan 2023 08:48:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48576
IP address blocks: 185.77.44.0/22 maxlen: 22
2a03:5260::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:dd:d0:ac:1f:92:55:0b:cd:dc:ad:0a:39:7a:d0:34:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f2fc3e86035a0b8e9380ffb23f23f57430b7acb
Validity
Not Before: Jan 23 08:48:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=699efc3c2048384c4ffa833198953ba9e7064a07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:2a:db:cf:53:7f:78:88:8c:db:92:a6:cf:f5:
28:b6:80:f7:6b:15:81:aa:2a:44:1b:4c:98:ec:11:
d2:f5:05:68:df:16:43:33:b9:20:1c:14:99:27:8b:
2d:44:1e:e9:65:be:65:35:e2:08:c0:7d:57:8d:75:
14:9c:4c:60:f3:ef:50:1f:fe:1b:6c:0c:ce:8e:cf:
e5:3a:07:76:79:3d:28:45:3d:f4:28:4c:9c:5f:a1:
62:dd:e6:d7:54:13:73:5b:e6:69:c7:cd:9e:5d:39:
51:b7:69:74:04:6e:8c:aa:c4:e9:a2:e5:ab:73:2f:
da:46:2d:eb:b8:0e:ab:9d:78:6e:84:bc:b2:29:46:
84:85:c7:65:e4:ce:4c:52:66:c6:f3:1f:bc:71:5c:
75:aa:80:b6:df:94:a8:28:76:42:7b:0a:7b:07:2b:
c8:07:9e:53:de:40:57:98:df:5d:52:43:54:74:24:
b5:0c:60:92:30:39:14:47:b7:b3:fd:0f:eb:3d:6e:
27:18:42:5b:49:c7:32:bd:bf:47:94:44:11:2e:9f:
32:a9:4c:8a:43:ba:f7:7c:40:78:3d:68:74:0e:cc:
a7:56:73:da:44:f6:82:bd:fd:9c:1e:71:24:95:4e:
4c:1b:4d:65:4e:8f:ec:88:05:78:55:f9:d6:e4:4a:
39:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:9E:FC:3C:20:48:38:4C:4F:FA:83:31:98:95:3B:A9:E7:06:4A:07
X509v3 Authority Key Identifier:
keyid:4F:2F:C3:E8:60:35:A0:B8:E9:38:0F:FB:23:F2:3F:57:43:0B:7A:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ty_D6GA1oLjpOA_7I_I_V0MLess.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1e36e8-8fa6-4c17-a240-32e57bc5474b/1/aZ78PCBIOExP-oMxmJU7qecGSgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1e36e8-8fa6-4c17-a240-32e57bc5474b/1/Ty_D6GA1oLjpOA_7I_I_V0MLess.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.44.0/22
IPv6:
2a03:5260::/32
Signature Algorithm: sha256WithRSAEncryption
5c:32:b6:e6:b9:c8:2b:49:87:cb:41:6a:31:df:b2:56:00:89:
dc:78:d0:43:a2:d6:13:f0:6e:68:01:ef:f8:c9:17:54:0e:c9:
4f:3e:9b:bd:f4:a0:54:dc:91:d4:89:d4:dc:e4:e1:ab:c6:8b:
04:15:03:55:66:43:c5:cd:dd:e7:98:54:0f:37:78:b7:04:3b:
96:0a:5f:38:87:5f:e0:1a:ae:ab:ff:d4:bd:46:97:38:e1:d8:
d5:eb:f1:c3:db:db:4b:e4:cb:82:6b:37:78:a7:b3:8d:8d:f2:
6e:01:1c:ee:62:88:a3:1f:63:e8:c9:d8:c4:bf:73:1c:58:85:
04:af:27:74:0d:75:b2:b6:c6:c0:e7:3c:2a:8d:d5:eb:19:fd:
68:2b:41:0f:38:fe:05:83:c8:49:20:ec:fa:93:59:11:2c:c2:
a0:93:90:e2:98:f0:53:60:db:5a:69:d6:9c:5d:4c:91:0a:ba:
d9:d6:77:7b:e6:18:a5:82:55:2b:76:77:0e:54:8f:59:21:a2:
6f:39:02:4f:e6:e5:07:23:3c:db:3e:f2:cd:96:e9:25:cc:aa:
d8:bf:b4:83:10:4e:a9:f3:91:90:43:45:04:01:ef:e7:92:6e:
92:25:cd:ff:83:9f:cb:26:d9:bf:8a:ca:a3:55:be:66:7d:cd:
94:70:f3:20
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYXd0KwfklULzdytCjl60DSYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMmZjM2U4NjAzNWEwYjhlOTM4MGZmYjIzZjIzZjU3NDMw
YjdhY2IwHhcNMjMwMTIzMDg0ODM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTllZmMzYzIwNDgzODRjNGZmYTgzMzE5ODk1M2JhOWU3MDY0YTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCrbz1N/eIiM25Kmz/UotoD3axWB
qipEG0yY7BHS9QVo3xZDM7kgHBSZJ4stRB7pZb5lNeIIwH1XjXUUnExg8+9QH/4b
bAzOjs/lOgd2eT0oRT30KEycX6Fi3ebXVBNzW+Zpx82eXTlRt2l0BG6MqsTpouWr
cy/aRi3ruA6rnXhuhLyyKUaEhcdl5M5MUmbG8x+8cVx1qoC235SoKHZCewp7ByvI
B55T3kBXmN9dUkNUdCS1DGCSMDkUR7ez/Q/rPW4nGEJbSccyvb9HlEQRLp8yqUyK
Q7r3fEB4PWh0DsynVnPaRPaCvf2cHnEklU5MG01lTo/siAV4VfnW5Eo5MQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGme/DwgSDhMT/qDMZiVO6nnBkoHMB8GA1UdIwQY
MBaAFE8vw+hgNaC46TgP+yPyP1dDC3rLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHlfRDZHQTFvTGpwT0FfN0lfSV9WME1MZXNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8xZTM2ZTgtOGZhNi00YzE3LWEyNDAt
MzJlNTdiYzU0NzRiLzEvYVo3OFBDQklPRXhQLW9NeG1KVTdxZWNHU2djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8xZTM2ZTgtOGZhNi00YzE3LWEyNDAtMzJlNTdiYzU0NzRi
LzEvVHlfRDZHQTFvTGpwT0FfN0lfSV9WME1MZXNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuU0sMA0E
AgACMAcDBQAqA1JgMA0GCSqGSIb3DQEBCwUAA4IBAQBcMrbmucgrSYfLQWox37JW
AInceNBDotYT8G5oAe/4yRdUDslPPpu99KBU3JHUidTc5OGrxosEFQNVZkPFzd3n
mFQPN3i3BDuWCl84h1/gGq6r/9S9Rpc44djV6/HD29tL5MuCazd4p7ONjfJuARzu
YoijH2PoydjEv3McWIUEryd0DXWytsbA5zwqjdXrGf1oK0EPOP4Fg8hJIOz6k1kR
LMKgk5DimPBTYNtaadacXUyRCrrZ1nd75hilglUrdncOVI9ZIaJvOQJP5uUHIzzb
PvLNluklzKrYv7SDEE6p85GQQ0UEAe/nkm6SJc3/g5/LJtm/isqjVb5mfc2UcPMg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:55 2024 by rpki-client on console-ams.rpki-client.org