Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/t3d8y8M69fbTia1b_PgNmwBbqCc.roa
File: t3d8y8M69fbTia1b_PgNmwBbqCc.roa (raw, json)
Hash identifier: ZPn6ls926ufRPgjF3BkUX3UepkGs/6yN63sl1JyQRXc=
Subject key identifier: B7:77:7C:CB:C3:3A:F5:F6:D3:89:AD:5B:FC:F8:0D:9B:00:5B:A8:27
Certificate issuer: /CN=c224b69ed4a23b7b3e0674a3f994601d73b7baff
Certificate serial: 018E23856C1781C266E5216D4FF43F0EF287
Authority key identifier: C2:24:B6:9E:D4:A2:3B:7B:3E:06:74:A3:F9:94:60:1D:73:B7:BA:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/t3d8y8M69fbTia1b_PgNmwBbqCc.roa
Signing time: Sat 09 Mar 2024 14:02:10 +0000
ROA not before: Sat 09 Mar 2024 14:02:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59655
IP address blocks: 176.97.156.0/24 maxlen: 24
176.97.157.0/24 maxlen: 24
178.255.202.0/24 maxlen: 24
178.255.203.0/24 maxlen: 24
178.255.204.0/24 maxlen: 24
185.199.12.0/24 maxlen: 24
185.199.13.0/24 maxlen: 24
185.199.14.0/24 maxlen: 24
185.199.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 09 Mar 2024 15:35:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:23:85:6c:17:81:c2:66:e5:21:6d:4f:f4:3f:0e:f2:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c224b69ed4a23b7b3e0674a3f994601d73b7baff
Validity
Not Before: Mar 9 14:02:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7777ccbc33af5f6d389ad5bfcf80d9b005ba827
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c0:cf:9f:f2:7c:5b:86:80:b6:5b:a1:57:63:
1e:00:fb:3d:82:f5:4f:30:9b:38:56:e4:93:03:cb:
d8:8a:ae:14:71:4c:27:d7:fc:9b:14:52:91:7e:b6:
4a:8a:60:47:55:3d:91:b9:a8:1b:0b:af:0e:1b:a7:
24:20:ab:d1:84:27:01:86:73:09:f6:eb:ba:92:e0:
12:1e:04:c4:05:c2:4d:15:e3:ca:cf:2a:bd:52:30:
9c:9e:15:34:6f:58:d8:c9:8b:d3:10:7a:5e:d8:98:
1f:24:87:37:91:02:0e:db:66:44:59:00:4c:63:2a:
d4:67:43:23:9e:eb:82:cd:a8:f9:64:f4:97:93:66:
ee:ce:fd:06:17:69:33:90:70:ca:59:29:a0:cc:e6:
cf:67:10:28:5f:79:6b:76:a3:1d:1c:ed:1e:81:06:
86:55:c0:05:ac:80:fd:b7:58:0c:ab:77:5e:31:a0:
cf:17:66:6b:02:6f:d8:0a:40:1c:f2:21:e7:f9:38:
6b:d8:c0:cf:a3:20:32:91:a4:43:81:39:62:95:c2:
05:2a:02:4e:cc:78:fc:8b:86:01:bb:15:c1:44:a9:
45:9d:d6:aa:95:86:1d:9f:ea:fb:70:35:80:b1:c2:
3f:73:3e:39:09:55:38:60:70:a5:79:5b:dd:53:0a:
69:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:77:7C:CB:C3:3A:F5:F6:D3:89:AD:5B:FC:F8:0D:9B:00:5B:A8:27
X509v3 Authority Key Identifier:
keyid:C2:24:B6:9E:D4:A2:3B:7B:3E:06:74:A3:F9:94:60:1D:73:B7:BA:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/t3d8y8M69fbTia1b_PgNmwBbqCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.156.0/23
178.255.202.0-178.255.204.255
185.199.12.0/22
Signature Algorithm: sha256WithRSAEncryption
03:79:4e:a7:87:d8:69:9f:e2:26:aa:39:53:de:37:cd:27:0a:
6a:7c:2e:2d:c4:1a:a4:4b:ee:3c:c8:75:ee:ca:b8:87:36:c7:
d2:b2:4a:5b:32:3f:6c:cf:42:dd:d1:b4:2a:07:2c:f5:9f:33:
75:17:96:6c:74:43:58:9f:f5:06:1c:80:d0:4c:a7:cd:0a:79:
fb:f0:05:fe:89:95:08:10:34:1a:ce:85:81:31:8f:14:c3:a5:
fc:ee:0b:f1:22:14:87:e0:3e:94:77:d7:c6:6e:69:db:f0:4c:
33:22:2e:17:81:35:ca:8a:96:8a:85:b3:0f:3d:b9:f6:ae:d8:
cc:d5:89:9c:05:18:3e:76:b2:a9:c6:00:11:a6:25:72:ac:03:
38:c8:1b:e6:fb:7d:2d:e2:61:e3:c2:30:1e:2f:c0:aa:59:f5:
1a:3b:60:70:8d:84:79:d8:31:c0:6c:00:d0:6b:16:87:97:c2:
a9:b9:77:aa:d7:18:43:3a:05:de:12:81:28:b6:56:45:30:12:
f3:3c:74:fc:10:f9:6b:ed:68:8d:a0:62:da:4f:49:82:9e:7d:
33:6f:a4:4b:c8:8a:60:77:3a:cf:77:ec:74:ae:6c:63:f2:43:
be:d0:62:e7:f7:4c:65:10:6b:85:05:3b:dc:b9:4c:8e:06:c0:
fa:80:06:a9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY4jhWwXgcJm5SFtT/Q/DvKHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjRiNjllZDRhMjNiN2IzZTA2NzRhM2Y5OTQ2MDFkNzNi
N2JhZmYwHhcNMjQwMzA5MTQwMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzc3N2NjYmMzM2FmNWY2ZDM4OWFkNWJmY2Y4MGQ5YjAwNWJhODI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsDPn/J8W4aAtluhV2MeAPs9gvVP
MJs4VuSTA8vYiq4UcUwn1/ybFFKRfrZKimBHVT2RuagbC68OG6ckIKvRhCcBhnMJ
9uu6kuASHgTEBcJNFePKzyq9UjCcnhU0b1jYyYvTEHpe2JgfJIc3kQIO22ZEWQBM
YyrUZ0MjnuuCzaj5ZPSXk2buzv0GF2kzkHDKWSmgzObPZxAoX3lrdqMdHO0egQaG
VcAFrID9t1gMq3deMaDPF2ZrAm/YCkAc8iHn+Thr2MDPoyAykaRDgTlilcIFKgJO
zHj8i4YBuxXBRKlFndaqlYYdn+r7cDWAscI/cz45CVU4YHCleVvdUwppbQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLd3fMvDOvX204mtW/z4DZsAW6gnMB8GA1UdIwQY
MBaAFMIktp7Uojt7PgZ0o/mUYB1zt7r/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lTMm50U2lPM3MtQm5Tai1aUmdIWE8zdXY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wYWYxOTktZmU0Ny00ZjViLTljNjgt
MTViOTQ0NTc3Yzg2LzEvdDNkOHk4TTY5ZmJUaWExYl9QZ05td0JicUNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wYWYxOTktZmU0Ny00ZjViLTljNjgtMTViOTQ0NTc3Yzg2
LzEvd2lTMm50U2lPM3MtQm5Tai1aUmdIWE8zdXY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBsGGcMAwD
BAGy/8oDBACy/8wDBAK5xwwwDQYJKoZIhvcNAQELBQADggEBAAN5TqeH2Gmf4iaq
OVPeN80nCmp8Li3EGqRL7jzIde7KuIc2x9KySlsyP2zPQt3RtCoHLPWfM3UXlmx0
Q1if9QYcgNBMp80KefvwBf6JlQgQNBrOhYExjxTDpfzuC/EiFIfgPpR318Zuadvw
TDMiLheBNcqKloqFsw89ufau2MzViZwFGD52sqnGABGmJXKsAzjIG+b7fS3iYePC
MB4vwKpZ9Ro7YHCNhHnYMcBsANBrFoeXwqm5d6rXGEM6Bd4SgSi2VkUwEvM8dPwQ
+WvtaI2gYtpPSYKefTNvpEvIimB3Os937HSubGPyQ77QYuf3TGUQa4UFO9y5TI4G
wPqABqk=
-----END CERTIFICATE-----
Generated at Sat Mar 9 20:22:27 2024 by rpki-client on console.sobornost.net