Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/cVdG9_tntmHAuCp45O0AggbKauk.roa
File: cVdG9_tntmHAuCp45O0AggbKauk.roa (raw, json)
Hash identifier: cazLmyTlpPT/phkJvj2N4vtcPk92nFUsa9ZXn4QmLJU=
Subject key identifier: 71:57:46:F7:FB:67:B6:61:C0:B8:2A:78:E4:ED:00:82:06:CA:6A:E9
Certificate issuer: /CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Certificate serial: 018C4E79E55DE0AF3DD7211A0D88B59A5C78
Authority key identifier: C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/cVdG9_tntmHAuCp45O0AggbKauk.roa
Signing time: Sat 09 Dec 2023 12:07:40 +0000
ROA not before: Sat 09 Dec 2023 12:07:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31400
IP address blocks: 93.127.128.0/17 maxlen: 17
77.37.0.0/17 maxlen: 17
2a01:4d0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4e:79:e5:5d:e0:af:3d:d7:21:1a:0d:88:b5:9a:5c:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Validity
Not Before: Dec 9 12:07:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=715746f7fb67b661c0b82a78e4ed008206ca6ae9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2f:20:1f:d0:d5:44:d2:08:4a:71:c0:56:70:
6a:3c:2c:d1:53:4f:13:9a:49:63:c6:c3:84:48:2f:
ec:d8:e2:c7:03:66:b7:f2:4e:d6:25:c3:f5:01:9c:
e6:1c:a3:5d:76:12:c1:5f:6e:7f:d8:ef:01:fb:61:
87:70:74:8b:ab:cd:ea:0a:2c:66:e2:0c:5c:d8:0a:
cf:96:71:b8:5e:db:84:5e:e4:4d:a9:83:4d:a8:ee:
f9:8a:7b:c8:aa:1c:8f:dc:27:78:c5:a6:1a:d3:45:
64:29:cc:be:fb:de:ac:1f:a1:bb:56:e2:ca:95:69:
87:ae:38:f8:20:49:e4:8b:1d:ea:69:42:33:54:a1:
d5:c7:33:52:f0:35:a9:77:eb:03:b4:83:70:c0:32:
61:e3:db:c4:92:09:8a:42:97:f8:ca:2b:24:5c:18:
b1:5a:91:a8:7c:5b:e0:4e:49:1a:82:6c:94:a2:34:
7d:99:3f:74:f0:cb:3f:b2:ae:8d:ff:bc:05:43:c2:
f9:96:45:09:b6:23:54:b8:ed:79:2b:5b:6b:92:4c:
fa:56:e7:8c:5f:15:ab:70:e5:53:aa:40:6c:fc:ea:
81:6d:05:2c:52:b9:fb:35:ab:c9:c9:0f:fe:7c:0c:
41:d5:72:f5:0f:29:c1:4e:8b:af:df:df:91:02:98:
6a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:57:46:F7:FB:67:B6:61:C0:B8:2A:78:E4:ED:00:82:06:CA:6A:E9
X509v3 Authority Key Identifier:
keyid:C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/cVdG9_tntmHAuCp45O0AggbKauk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.37.0.0/17
93.127.128.0/17
IPv6:
2a01:4d0::/32
Signature Algorithm: sha256WithRSAEncryption
3e:eb:57:1d:df:53:8a:3d:13:dc:05:f7:a4:35:60:77:f2:42:
b4:85:b8:ff:9e:0f:0f:7f:d4:48:29:0e:cd:4e:7a:e6:a9:04:
64:93:07:31:82:29:f0:26:a7:df:8d:c8:22:dd:c8:20:8c:c0:
62:87:8b:97:dc:3c:ad:7f:61:17:d2:3c:b6:dc:58:a9:9c:78:
38:88:df:b4:55:eb:8c:cb:f9:24:1b:36:d7:76:b1:76:60:79:
3a:9c:58:89:67:92:9d:a2:5e:1b:95:6f:7b:28:fc:36:43:cb:
b8:3d:77:dc:4a:52:74:2b:5f:9c:40:41:6f:cc:61:f1:52:64:
f4:cf:74:83:53:7e:7a:df:63:b9:28:47:13:89:1a:37:76:22:
9e:c6:37:ba:7e:e7:64:dd:ed:ec:d3:fe:87:20:cf:71:b8:e5:
b1:a7:bc:15:f0:b4:a7:f9:5b:39:67:26:10:70:47:31:e5:a2:
53:ee:a9:c8:bb:40:53:3c:e3:40:ce:cf:1f:27:92:4e:ce:98:
0d:d5:8e:6d:a5:21:8f:cd:ba:90:13:d2:4d:8e:42:9f:27:c9:
80:05:bd:75:65:82:92:9a:ea:1f:c6:11:b9:60:7c:e5:a1:b9:
3f:cd:4a:8f:b9:96:b5:b9:07:cb:b7:ff:ce:86:5f:04:c7:f3:
31:41:0b:87
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYxOeeVd4K891yEaDYi1mlx4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzhiYzNiZDM1MGVlZGM0ZjM3N2MyMjQ1NTZiMjUwZGE2
ZGRlNmYwHhcNMjMxMjA5MTIwNzQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTU3NDZmN2ZiNjdiNjYxYzBiODJhNzhlNGVkMDA4MjA2Y2E2YWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlC8gH9DVRNIISnHAVnBqPCzRU08T
mkljxsOESC/s2OLHA2a38k7WJcP1AZzmHKNddhLBX25/2O8B+2GHcHSLq83qCixm
4gxc2ArPlnG4XtuEXuRNqYNNqO75invIqhyP3Cd4xaYa00VkKcy++96sH6G7VuLK
lWmHrjj4IEnkix3qaUIzVKHVxzNS8DWpd+sDtINwwDJh49vEkgmKQpf4yiskXBix
WpGofFvgTkkagmyUojR9mT908Ms/sq6N/7wFQ8L5lkUJtiNUuO15K1trkkz6VueM
XxWrcOVTqkBs/OqBbQUsUrn7NavJyQ/+fAxB1XL1DynBTouv39+RAphqcQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHFXRvf7Z7ZhwLgqeOTtAIIGymrpMB8GA1UdIwQY
MBaAFMN4vDvTUO7cTzd8IkVWslDabd5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYt
NDQxNDU1OGZkY2JiLzEvY1ZkRzlfdG50bUhBdUNwNDVPMEFnZ2JLYXVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYtNDQxNDU1OGZkY2Ji
LzEvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHTSUAAwQH
XX+AMA0EAgACMAcDBQAqAQTQMA0GCSqGSIb3DQEBCwUAA4IBAQA+61cd31OKPRPc
BfekNWB38kK0hbj/ng8Pf9RIKQ7NTnrmqQRkkwcxginwJqffjcgi3cggjMBih4uX
3Dytf2EX0jy23FipnHg4iN+0VeuMy/kkGzbXdrF2YHk6nFiJZ5Kdol4blW97KPw2
Q8u4PXfcSlJ0K1+cQEFvzGHxUmT0z3SDU35632O5KEcTiRo3diKexje6fudk3e3s
0/6HIM9xuOWxp7wV8LSn+Vs5ZyYQcEcx5aJT7qnIu0BTPONAzs8fJ5JOzpgN1Y5t
pSGPzbqQE9JNjkKfJ8mABb11ZYKSmuofxhG5YHzlobk/zUqPuZa1uQfLt//Ohl8E
x/MxQQuH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:04 2024 by rpki-client on console-ams.rpki-client.org