Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/91ep_a_ZNeLsLaFGLa5j3wtzzds.roa
File: 91ep_a_ZNeLsLaFGLa5j3wtzzds.roa (raw, json)
Hash identifier: +bYHnaFg/ddGW1MqFWcPDZNtlsLpHzWdtQ7mm6xH+fs=
Subject key identifier: F7:57:A9:FD:AF:D9:35:E2:EC:2D:A1:46:2D:AE:63:DF:0B:73:CD:DB
Certificate issuer: /CN=815780532ed29a3f80e7ba414efcb379d9ec97c9
Certificate serial: 0187BD95769852E39ACC90D40281B2829F3E
Authority key identifier: 81:57:80:53:2E:D2:9A:3F:80:E7:BA:41:4E:FC:B3:79:D9:EC:97:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gVeAUy7Smj-A57pBTvyzednsl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/91ep_a_ZNeLsLaFGLa5j3wtzzds.roa
Signing time: Wed 26 Apr 2023 12:41:41 +0000
ROA not before: Wed 26 Apr 2023 12:41:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24232
IP address blocks: 77.247.3.0/24 maxlen: 24
77.247.2.0/24 maxlen: 24
77.247.7.0/24 maxlen: 24
77.247.6.0/24 maxlen: 24
77.247.12.0/24 maxlen: 24
212.11.80.0/24 maxlen: 24
46.235.105.0/24 maxlen: 24
46.235.104.0/24 maxlen: 24
46.235.106.0/24 maxlen: 24
46.235.107.0/24 maxlen: 24
46.235.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bd:95:76:98:52:e3:9a:cc:90:d4:02:81:b2:82:9f:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=815780532ed29a3f80e7ba414efcb379d9ec97c9
Validity
Not Before: Apr 26 12:41:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f757a9fdafd935e2ec2da1462dae63df0b73cddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:09:86:77:d1:f9:84:65:bb:77:7e:51:f3:81:
56:6f:52:47:a4:06:17:1b:5e:80:ca:f1:ca:09:e2:
d9:b4:7f:3f:94:52:0f:fc:91:e4:95:03:bf:64:a5:
5b:f9:22:87:1d:a2:ae:85:94:83:04:0f:fc:d4:c7:
63:0d:cd:01:92:32:7c:ea:6a:dd:8d:55:9c:b6:65:
fa:3b:33:f2:53:d6:c4:3f:f5:30:c5:2f:0d:d6:16:
04:41:d6:ce:ac:c6:a6:46:27:ec:a5:31:49:39:50:
0e:26:11:03:48:56:ed:4f:d5:c2:89:8b:cb:df:2f:
87:26:a1:e2:c5:f4:e7:92:39:a6:d3:e3:dd:c0:f2:
3c:52:d4:17:ca:f8:98:b4:ba:4d:a8:79:21:1f:aa:
46:cf:87:61:bd:40:01:af:0a:9c:1c:7f:2a:5a:70:
ed:31:4a:80:dd:d1:99:52:2f:8e:19:98:79:3a:d5:
75:9c:4a:f1:8a:3f:f4:1b:5d:cf:d1:f2:e6:d5:4e:
bb:23:10:24:82:19:1d:f0:be:16:93:b9:67:12:31:
08:c0:ec:ec:78:ba:62:1f:f0:8d:8c:23:99:31:d4:
03:e6:fa:38:b7:4e:97:8a:c8:86:ca:a8:33:e8:f7:
ae:2d:f6:28:16:52:6d:cd:e5:78:ee:23:dc:7b:c6:
12:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:57:A9:FD:AF:D9:35:E2:EC:2D:A1:46:2D:AE:63:DF:0B:73:CD:DB
X509v3 Authority Key Identifier:
keyid:81:57:80:53:2E:D2:9A:3F:80:E7:BA:41:4E:FC:B3:79:D9:EC:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gVeAUy7Smj-A57pBTvyzednsl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/91ep_a_ZNeLsLaFGLa5j3wtzzds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/gVeAUy7Smj-A57pBTvyzednsl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.104.0/22
46.235.110.0/24
77.247.2.0/23
77.247.6.0/23
77.247.12.0/24
212.11.80.0/24
Signature Algorithm: sha256WithRSAEncryption
07:1c:84:f6:91:76:6f:21:38:2d:d6:4b:cf:03:51:28:62:55:
f0:9c:9e:f9:ad:66:77:92:5f:be:00:53:39:1c:72:35:2b:63:
96:ef:38:b9:89:96:7d:42:f8:6b:45:ad:f7:28:5f:90:16:6d:
e9:41:eb:e0:8f:1a:60:8d:38:4f:14:93:20:79:c3:ab:75:53:
ee:1a:b1:de:74:56:06:c6:8d:8f:98:97:94:7f:4d:e6:7a:18:
8d:0a:97:a0:d0:2c:d8:f5:57:61:c5:fa:ae:46:da:76:18:71:
ad:a5:c8:09:e6:73:f5:59:a7:f0:29:6d:d4:65:5c:3b:67:41:
95:f1:21:0a:0f:34:a4:c8:c4:c3:57:a0:5e:83:c8:3f:ba:d8:
30:52:dd:a1:2e:d9:80:76:0e:d5:09:2a:9f:cd:0a:8b:62:6b:
e1:b5:a8:07:63:d7:1b:95:ef:c8:15:76:20:63:9e:9a:cd:0a:
2f:cb:93:b1:46:6c:95:df:b2:91:0d:47:85:25:10:85:86:4f:
dd:ea:26:f3:7f:67:bf:c8:b8:de:b0:d3:52:cc:04:f1:f1:3b:
97:b2:08:68:05:dd:bf:c9:b5:e6:64:cf:74:3e:3c:e4:6a:ff:
9d:8f:1a:ff:39:2c:95:b1:66:eb:00:94:5d:37:4f:cc:0b:2a:
8a:da:bd:2e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYe9lXaYUuOazJDUAoGygp8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNTc4MDUzMmVkMjlhM2Y4MGU3YmE0MTRlZmNiMzc5ZDll
Yzk3YzkwHhcNMjMwNDI2MTI0MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzU3YTlmZGFmZDkzNWUyZWMyZGExNDYyZGFlNjNkZjBiNzNjZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQmGd9H5hGW7d35R84FWb1JHpAYX
G16AyvHKCeLZtH8/lFIP/JHklQO/ZKVb+SKHHaKuhZSDBA/81MdjDc0BkjJ86mrd
jVWctmX6OzPyU9bEP/UwxS8N1hYEQdbOrMamRifspTFJOVAOJhEDSFbtT9XCiYvL
3y+HJqHixfTnkjmm0+PdwPI8UtQXyviYtLpNqHkhH6pGz4dhvUABrwqcHH8qWnDt
MUqA3dGZUi+OGZh5OtV1nErxij/0G13P0fLm1U67IxAkghkd8L4Wk7lnEjEIwOzs
eLpiH/CNjCOZMdQD5vo4t06XisiGyqgz6PeuLfYoFlJtzeV47iPce8YScwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPdXqf2v2TXi7C2hRi2uY98Lc83bMB8GA1UdIwQY
MBaAFIFXgFMu0po/gOe6QU78s3nZ7JfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1ZlQVV5N1Ntai1BNTdwQlR2eXplZG5zbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kZTMxYTYtYWFhMy00MDlkLThkNGYt
ZjYxNTU0YzZjMTQ1LzEvOTFlcF9hX1pOZUxzTGFGR0xhNWozd3R6emRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kZTMxYTYtYWFhMy00MDlkLThkNGYtZjYxNTU0YzZjMTQ1
LzEvZ1ZlQVV5N1Ntai1BNTdwQlR2eXplZG5zbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLutoAwQA
LutuAwQBTfcCAwQBTfcGAwQATfcMAwQA1AtQMA0GCSqGSIb3DQEBCwUAA4IBAQAH
HIT2kXZvITgt1kvPA1EoYlXwnJ75rWZ3kl++AFM5HHI1K2OW7zi5iZZ9QvhrRa33
KF+QFm3pQevgjxpgjThPFJMgecOrdVPuGrHedFYGxo2PmJeUf03mehiNCpeg0CzY
9VdhxfquRtp2GHGtpcgJ5nP1WafwKW3UZVw7Z0GV8SEKDzSkyMTDV6Beg8g/utgw
Ut2hLtmAdg7VCSqfzQqLYmvhtagHY9cble/IFXYgY56azQovy5OxRmyV37KRDUeF
JRCFhk/d6ibzf2e/yLjesNNSzATx8TuXsghoBd2/ybXmZM90Pjzkav+djxr/OSyV
sWbrAJRdN0/MCyqK2r0u
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:13 2024 by rpki-client on console-ams.rpki-client.org