Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/dxKQgMpJ8PjiEDcIwRd6SUmuC2k.roa
File: dxKQgMpJ8PjiEDcIwRd6SUmuC2k.roa (raw, json)
Hash identifier: 4O67gu3zI67DbMFSGurhBZxgSM/oY/xE2q79xOYUp1M=
Subject key identifier: 77:12:90:80:CA:49:F0:F8:E2:10:37:08:C1:17:7A:49:49:AE:0B:69
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 018E3350028A2AF01CFE42A819F8CFBA872C
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/dxKQgMpJ8PjiEDcIwRd6SUmuC2k.roa
Signing time: Tue 12 Mar 2024 15:37:45 +0000
ROA not before: Tue 12 Mar 2024 15:37:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.204.212.0/22 maxlen: 24
188.94.16.0/21 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 15:57:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:33:50:02:8a:2a:f0:1c:fe:42:a8:19:f8:cf:ba:87:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Mar 12 15:37:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77129080ca49f0f8e2103708c1177a4949ae0b69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:37:0b:61:1e:94:a2:75:8f:39:ba:92:1a:6c:
ee:3f:5a:b0:78:a0:45:48:07:58:4d:55:af:8d:d7:
61:7f:f7:77:45:19:e6:b9:73:7a:65:80:bc:95:ef:
63:30:0f:dc:f2:dd:5f:a5:ff:e6:11:a2:96:e2:cb:
d2:95:0b:2f:21:ae:f1:9b:0e:e2:86:41:a0:ff:99:
67:e0:ea:8b:71:a9:05:31:3a:29:98:36:a6:d6:58:
08:38:1f:9b:0a:69:cc:1a:9b:57:eb:c5:db:cb:f7:
b1:7f:a4:87:3e:8d:8e:7b:b1:20:9f:11:c0:e2:2d:
5c:8b:8c:89:5b:71:52:53:00:c0:fa:47:49:55:9c:
ac:ff:6b:25:01:33:01:a3:64:fa:1a:46:e3:8b:92:
96:b8:43:cc:82:5f:fd:53:73:3e:c8:33:98:9c:28:
c2:a7:17:c1:cb:b5:f0:f2:aa:80:c7:d1:31:00:7e:
b5:39:cc:34:b6:ba:b4:64:40:69:45:88:89:3a:be:
40:00:31:21:69:eb:46:dc:54:35:0b:92:cd:19:57:
39:7b:e5:87:07:60:54:6b:3e:7e:7a:60:c4:cd:5c:
d5:49:8b:26:aa:64:c6:1e:f8:7b:0a:8f:a7:05:49:
81:af:51:13:ca:b2:21:e0:19:28:a4:23:b5:64:96:
5f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:12:90:80:CA:49:F0:F8:E2:10:37:08:C1:17:7A:49:49:AE:0B:69
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/dxKQgMpJ8PjiEDcIwRd6SUmuC2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.74.240.0/20
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
185.79.184.0/22
185.94.204.0/22
185.99.76.0/22
185.178.216.0/22
185.204.212.0/22
188.94.16.0/21
193.24.3.0/24
193.24.13.0/24
195.26.32.0/19
Signature Algorithm: sha256WithRSAEncryption
89:97:7a:e7:0f:d0:e2:26:19:d3:fe:f8:96:7f:54:dc:46:4d:
5f:bd:db:a2:9d:ae:0c:a0:b3:64:2c:28:84:65:4e:27:1b:ae:
92:2a:68:68:6c:31:7f:2d:f6:07:2f:9a:80:52:c4:b6:39:20:
62:33:d3:92:a7:6b:70:51:71:db:82:dc:bf:0a:38:8f:ba:34:
a7:65:ff:4a:0b:a0:87:02:04:10:7e:2f:7b:0d:d5:cf:8d:d9:
b7:68:22:1a:65:11:6d:56:6b:be:d2:b6:8b:f0:6c:2f:37:32:
62:a7:dc:ce:0c:f8:4d:5f:a2:28:1e:16:b9:7e:9c:ba:ef:37:
b7:fd:f0:6e:c6:0b:cb:74:a4:9d:dd:83:aa:19:ac:ab:81:a8:
b6:e6:b2:ef:73:83:4f:00:9b:29:42:0c:ee:f2:1c:4f:8e:b7:
ac:22:42:fb:80:1c:35:e6:35:8d:80:b0:0f:5b:c1:da:eb:50:
e3:75:0b:f5:20:56:9e:7e:b4:a0:bf:3f:57:1d:35:1c:1b:3f:
99:e0:dc:03:98:ee:51:d9:33:82:50:58:5c:97:45:ad:b8:1b:
1f:ce:db:1a:33:6c:84:31:97:6d:70:73:23:a9:95:33:ae:cc:
06:53:9e:86:c7:68:35:64:e4:39:82:93:0b:4a:dd:8d:16:80:
12:e6:3b:c4
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAY4zUAKKKvAc/kKoGfjPuocsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwMzEyMTUzNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzEyOTA4MGNhNDlmMGY4ZTIxMDM3MDhjMTE3N2E0OTQ5YWUwYjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjcLYR6UonWPObqSGmzuP1qweKBF
SAdYTVWvjddhf/d3RRnmuXN6ZYC8le9jMA/c8t1fpf/mEaKW4svSlQsvIa7xmw7i
hkGg/5ln4OqLcakFMTopmDam1lgIOB+bCmnMGptX68Xby/exf6SHPo2Oe7EgnxHA
4i1ci4yJW3FSUwDA+kdJVZys/2slATMBo2T6Gkbji5KWuEPMgl/9U3M+yDOYnCjC
pxfBy7Xw8qqAx9ExAH61Ocw0trq0ZEBpRYiJOr5AADEhaetG3FQ1C5LNGVc5e+WH
B2BUaz5+emDEzVzVSYsmqmTGHvh7Co+nBUmBr1ETyrIh4BkopCO1ZJZfSQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFHcSkIDKSfD44hA3CMEXeklJrgtpMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvZHhLUWdNcEo4UGppRURjSXdSZDZTVW11QzJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQEUErwAwQF
VV9gAwQDXCp4AwQDX4FAAwQCuU+4AwQCuV7MAwQCuWNMAwQCubLYAwQCuczUAwQD
vF4QAwQAwRgDAwQAwRgNAwQFwxogMA0GCSqGSIb3DQEBCwUAA4IBAQCJl3rnD9Di
JhnT/viWf1TcRk1fvduina4MoLNkLCiEZU4nG66SKmhobDF/LfYHL5qAUsS2OSBi
M9OSp2twUXHbgty/CjiPujSnZf9KC6CHAgQQfi97DdXPjdm3aCIaZRFtVmu+0raL
8GwvNzJip9zODPhNX6IoHha5fpy67ze3/fBuxgvLdKSd3YOqGayrgai25rLvc4NP
AJspQgzu8hxPjresIkL7gBw15jWNgLAPW8Ha61DjdQv1IFaefrSgvz9XHTUcGz+Z
4NwDmO5R2TOCUFhcl0WtuBsfztsaM2yEMZdtcHMjqZUzrswGU56Gx2g1ZOQ5gpML
St2NFoAS5jvE
-----END CERTIFICATE-----
Generated at Tue Mar 12 23:02:58 2024 by rpki-client on console.sobornost.net