Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/575172-f7a2-4e43-962c-edc5ab995dbf/1/SfrsaGQsNcb-PDC0vpJxawBg0N0.roa
File: SfrsaGQsNcb-PDC0vpJxawBg0N0.roa (raw, json)
Hash identifier: wzE00dXfPR2zUv5MAVcGkmk7f3mDy5NeQE30brt6Ujs=
Subject key identifier: 49:FA:EC:68:64:2C:35:C6:FE:3C:30:B4:BE:92:71:6B:00:60:D0:DD
Certificate issuer: /CN=f0150b3a9419627fdbcdb6580e878a1c9fa0cc58
Certificate serial: 01856B0A2A5DF9CC27D4723DE7FB38207CB1
Authority key identifier: F0:15:0B:3A:94:19:62:7F:DB:CD:B6:58:0E:87:8A:1C:9F:A0:CC:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8BULOpQZYn_bzbZYDoeKHJ-gzFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/575172-f7a2-4e43-962c-edc5ab995dbf/1/SfrsaGQsNcb-PDC0vpJxawBg0N0.roa
Signing time: Sun 01 Jan 2023 01:55:06 +0000
ROA not before: Sun 01 Jan 2023 01:55:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42451
IP address blocks: 77.242.1.0/24 maxlen: 24
77.242.4.0/24 maxlen: 24
77.242.2.0/24 maxlen: 24
77.242.3.0/24 maxlen: 24
77.242.0.0/24 maxlen: 24
77.242.8.0/24 maxlen: 24
77.242.5.0/24 maxlen: 24
77.242.6.0/24 maxlen: 24
77.242.7.0/24 maxlen: 24
2a02:5c40::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:0a:2a:5d:f9:cc:27:d4:72:3d:e7:fb:38:20:7c:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0150b3a9419627fdbcdb6580e878a1c9fa0cc58
Validity
Not Before: Jan 1 01:55:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49faec68642c35c6fe3c30b4be92716b0060d0dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:1b:4c:3a:6c:37:da:f6:27:f1:bc:1d:01:89:
93:7a:59:87:2f:ae:fb:55:8a:55:e0:c8:70:c5:6c:
04:3a:ca:65:25:96:1b:14:65:8c:76:ac:a5:86:9e:
05:3d:91:63:15:48:44:ae:6a:ea:91:0f:00:8e:16:
02:bb:ab:20:eb:22:46:aa:96:0f:15:3b:ff:62:e0:
90:74:dc:01:0c:7a:05:0c:1a:df:f3:cb:c7:0a:26:
64:9d:e4:8b:17:7f:34:99:1d:d0:29:5e:74:c1:51:
8a:e1:6a:a0:0b:e0:63:f8:07:51:7a:4c:ae:58:c8:
58:a7:db:61:62:d6:10:58:30:09:52:05:4c:b1:fc:
43:4c:fc:b2:b7:83:b8:b7:56:f2:1f:9d:04:1b:b8:
0a:3d:80:91:e4:4f:a5:0f:26:55:05:f9:ff:af:ff:
4e:b8:44:4f:cd:aa:94:97:7d:b1:9b:5d:40:57:6f:
39:4a:ba:1e:6a:c3:18:c3:17:a3:98:68:97:23:22:
1a:ca:1c:ba:8a:27:61:39:0c:c2:1e:c9:75:b6:51:
b1:b6:a1:3e:55:ab:9e:b5:44:ac:28:0b:a3:0f:95:
b8:cd:9e:3d:0b:dc:35:93:50:a4:1e:fb:60:2b:dd:
c5:2a:60:e7:9a:3d:17:09:51:36:1e:64:64:2c:75:
9a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:FA:EC:68:64:2C:35:C6:FE:3C:30:B4:BE:92:71:6B:00:60:D0:DD
X509v3 Authority Key Identifier:
keyid:F0:15:0B:3A:94:19:62:7F:DB:CD:B6:58:0E:87:8A:1C:9F:A0:CC:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8BULOpQZYn_bzbZYDoeKHJ-gzFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/575172-f7a2-4e43-962c-edc5ab995dbf/1/SfrsaGQsNcb-PDC0vpJxawBg0N0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/575172-f7a2-4e43-962c-edc5ab995dbf/1/8BULOpQZYn_bzbZYDoeKHJ-gzFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.0.0-77.242.8.255
IPv6:
2a02:5c40::/32
Signature Algorithm: sha256WithRSAEncryption
66:50:8a:c7:ef:10:93:0d:c4:72:0b:d1:5d:1f:06:3d:06:28:
dc:e9:80:6a:60:fb:e0:c8:ec:30:1a:68:12:83:ed:0e:24:89:
ed:1e:0e:87:1f:cc:64:eb:99:5c:82:40:fc:5d:1f:14:f3:8c:
c9:0c:94:16:aa:52:52:43:ff:ec:f7:2a:6f:ea:36:f7:97:4d:
42:24:64:d6:0c:06:c1:15:8c:2d:d4:84:a5:9a:4d:0b:8d:3d:
d1:31:cc:56:a2:53:87:fb:77:44:12:8c:d4:f6:03:68:d0:a4:
79:d9:42:ca:8d:2a:75:44:4a:a8:67:46:f3:b3:5a:61:88:3a:
33:68:49:5b:8e:df:19:c2:a1:6b:ff:16:3d:78:10:f7:8c:1e:
a2:7d:71:9c:c1:db:e5:44:d5:b0:f7:3e:35:66:20:6f:ab:59:
6d:52:bb:5a:f5:9e:4b:50:93:1e:9c:88:83:e5:19:b7:83:c3:
f8:7c:a4:70:a1:4c:a2:35:02:eb:ca:3b:d0:e3:18:54:57:8f:
93:20:44:34:40:59:8f:e6:7b:e5:9c:d7:6e:61:2c:55:8d:7a:
11:d2:b2:0a:4c:fc:62:cb:ca:16:49:2c:84:21:a0:72:75:90:
4b:6f:00:4f:e6:3d:e7:01:8c:02:92:df:d3:c9:21:9a:64:df:
34:0b:bf:dc
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVrCipd+cwn1HI95/s4IHyxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMTUwYjNhOTQxOTYyN2ZkYmNkYjY1ODBlODc4YTFjOWZh
MGNjNTgwHhcNMjMwMTAxMDE1NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWZhZWM2ODY0MmMzNWM2ZmUzYzMwYjRiZTkyNzE2YjAwNjBkMGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRtMOmw32vYn8bwdAYmTelmHL677
VYpV4MhwxWwEOsplJZYbFGWMdqylhp4FPZFjFUhErmrqkQ8AjhYCu6sg6yJGqpYP
FTv/YuCQdNwBDHoFDBrf88vHCiZkneSLF380mR3QKV50wVGK4WqgC+Bj+AdRekyu
WMhYp9thYtYQWDAJUgVMsfxDTPyyt4O4t1byH50EG7gKPYCR5E+lDyZVBfn/r/9O
uERPzaqUl32xm11AV285SroeasMYwxejmGiXIyIayhy6iidhOQzCHsl1tlGxtqE+
VauetUSsKAujD5W4zZ49C9w1k1CkHvtgK93FKmDnmj0XCVE2HmRkLHWa3QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFEn67GhkLDXG/jwwtL6ScWsAYNDdMB8GA1UdIwQY
MBaAFPAVCzqUGWJ/2822WA6HihyfoMxYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEJVTE9wUVpZbl9iemJaWURvZUtISi1nekZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC81NzUxNzItZjdhMi00ZTQzLTk2MmMt
ZWRjNWFiOTk1ZGJmLzEvU2Zyc2FHUXNOY2ItUERDMHZwSnhhd0JnME4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC81NzUxNzItZjdhMi00ZTQzLTk2MmMtZWRjNWFiOTk1ZGJm
LzEvOEJVTE9wUVpZbl9iemJaWURvZUtISi1nekZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDATBAIAATANMAsDAwFN8gME
AE3yCDANBAIAAjAHAwUAKgJcQDANBgkqhkiG9w0BAQsFAAOCAQEAZlCKx+8Qkw3E
cgvRXR8GPQYo3OmAamD74MjsMBpoEoPtDiSJ7R4Ohx/MZOuZXIJA/F0fFPOMyQyU
FqpSUkP/7Pcqb+o295dNQiRk1gwGwRWMLdSEpZpNC4090THMVqJTh/t3RBKM1PYD
aNCkedlCyo0qdURKqGdG87NaYYg6M2hJW47fGcKha/8WPXgQ94weon1xnMHb5UTV
sPc+NWYgb6tZbVK7WvWeS1CTHpyIg+UZt4PD+HykcKFMojUC68o70OMYVFePkyBE
NEBZj+Z75ZzXbmEsVY16EdKyCkz8YsvKFkkshCGgcnWQS28AT+Y95wGMApLf08kh
mmTfNAu/3A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:11 2024 by rpki-client on console-fra.rpki-client.org