Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/D_iWcq7AmUX5EKfkUzflp5oYjFM.roa
File: D_iWcq7AmUX5EKfkUzflp5oYjFM.roa (raw, json)
Hash identifier: rbRTAAtgHkjjhclt2jS5IUDwXPshWH8EWm7Sv9EoK9o=
Subject key identifier: 0F:F8:96:72:AE:C0:99:45:F9:10:A7:E4:53:37:E5:A7:9A:18:8C:53
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01922237B435DA3C7C48F4E650F0067DCF88
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/D_iWcq7AmUX5EKfkUzflp5oYjFM.roa
Signing time: Tue 24 Sep 2024 04:08:48 +0000
ROA not before: Tue 24 Sep 2024 04:08:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 77.90.54.0/24 maxlen: 24
85.118.162.0/24 maxlen: 24
94.249.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 13:55:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:22:37:b4:35:da:3c:7c:48:f4:e6:50:f0:06:7d:cf:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Sep 24 04:08:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ff89672aec09945f910a7e45337e5a79a188c53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:35:41:41:c2:bb:75:01:61:78:60:82:f8:61:
d1:6f:2c:e7:89:19:7f:c5:9b:08:b7:92:99:a1:6b:
e0:a7:b1:e3:cf:5d:28:63:76:7d:ca:7c:41:4c:68:
ed:a8:5e:54:26:46:4a:c8:de:4a:9c:1d:6d:f2:04:
e8:60:c1:2c:b9:22:2a:e9:44:60:db:42:3a:a7:9c:
3e:fe:36:96:18:71:a4:8b:1a:3e:b9:f7:ed:7c:a3:
a4:f1:88:56:1c:64:73:30:49:2b:d0:a3:c7:a8:ea:
b6:08:42:5a:ec:04:95:7b:fc:44:1d:86:3f:28:92:
91:d1:b8:58:0e:ee:cf:ba:ea:d2:4f:f3:a8:05:a9:
44:21:41:6b:54:c8:f2:19:8b:f1:10:23:a8:f4:7f:
ba:e8:10:24:b9:06:f2:53:01:11:27:e4:45:d3:53:
73:9d:22:0a:90:b1:70:aa:97:cc:bc:4b:e4:e4:ad:
00:4b:23:39:ba:f2:bf:50:54:0b:d7:52:80:ad:94:
6b:1e:14:3c:83:0e:08:66:13:4b:2a:ac:28:00:86:
9c:ea:f1:65:20:89:87:12:aa:18:46:f8:48:33:4b:
55:ab:a1:c5:49:8c:84:ea:7c:0d:c0:68:35:9a:43:
f9:a7:8c:f6:f1:c8:d8:aa:6a:2b:c9:52:a8:38:0d:
94:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:F8:96:72:AE:C0:99:45:F9:10:A7:E4:53:37:E5:A7:9A:18:8C:53
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/D_iWcq7AmUX5EKfkUzflp5oYjFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.54.0/24
85.118.162.0/24
94.249.148.0/24
Signature Algorithm: sha256WithRSAEncryption
95:1c:c4:32:6f:07:33:c9:c6:ef:fb:ab:ca:50:2b:ae:c9:ad:
a2:88:32:a7:90:7b:88:8a:70:d7:68:5e:9f:5a:a8:f9:d4:37:
a9:26:73:ea:73:b9:0a:17:17:2b:f3:db:c8:f4:5d:24:fe:5d:
7d:71:17:30:a8:09:ef:c6:bd:4b:a9:81:d3:66:1c:92:4f:bd:
36:3b:99:7d:60:1d:93:aa:5c:6b:08:65:56:e7:28:47:cf:ea:
31:5a:85:8e:1d:e4:03:5f:24:aa:17:71:ea:d5:bf:93:9a:08:
41:9d:77:5b:96:a3:aa:fd:b9:cd:ad:16:00:84:34:a3:1b:de:
72:31:2d:ec:f5:b8:89:8a:cd:b9:b8:81:d3:d3:73:da:04:e7:
01:a1:ba:b2:04:44:f5:7d:a4:75:d3:92:61:19:30:4c:74:44:
76:8d:e0:57:75:06:8e:31:19:68:14:af:b0:ba:9f:bc:03:10:
8f:66:52:d7:6d:64:48:64:38:1c:54:34:ad:33:1e:9d:ad:b3:
67:14:f9:71:3c:58:75:d0:29:12:2f:17:5b:a0:40:6c:15:50:
97:bf:ef:bf:bc:cc:57:80:02:26:92:2a:2f:9c:f3:d3:93:3a:
db:2b:d8:6b:46:ff:9e:de:ae:f9:e1:a4:dc:ab:ba:84:2a:a2:
78:85:66:54
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZIiN7Q12jx8SPTmUPAGfc+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwOTI0MDQwODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmY4OTY3MmFlYzA5OTQ1ZjkxMGE3ZTQ1MzM3ZTVhNzlhMTg4YzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTVBQcK7dQFheGCC+GHRbyzniRl/
xZsIt5KZoWvgp7Hjz10oY3Z9ynxBTGjtqF5UJkZKyN5KnB1t8gToYMEsuSIq6URg
20I6p5w+/jaWGHGkixo+ufftfKOk8YhWHGRzMEkr0KPHqOq2CEJa7ASVe/xEHYY/
KJKR0bhYDu7PuurST/OoBalEIUFrVMjyGYvxECOo9H+66BAkuQbyUwERJ+RF01Nz
nSIKkLFwqpfMvEvk5K0ASyM5uvK/UFQL11KArZRrHhQ8gw4IZhNLKqwoAIac6vFl
IImHEqoYRvhIM0tVq6HFSYyE6nwNwGg1mkP5p4z28cjYqmoryVKoOA2URQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA/4lnKuwJlF+RCn5FM35aeaGIxTMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvRF9pV2NxN0FtVVg1RUtma1V6ZmxwNW9ZakZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVo2AwQA
VXaiAwQAXvmUMA0GCSqGSIb3DQEBCwUAA4IBAQCVHMQybwczycbv+6vKUCuuya2i
iDKnkHuIinDXaF6fWqj51DepJnPqc7kKFxcr89vI9F0k/l19cRcwqAnvxr1LqYHT
ZhyST702O5l9YB2TqlxrCGVW5yhHz+oxWoWOHeQDXySqF3Hq1b+TmghBnXdblqOq
/bnNrRYAhDSjG95yMS3s9biJis25uIHT03PaBOcBobqyBET1faR105JhGTBMdER2
jeBXdQaOMRloFK+wup+8AxCPZlLXbWRIZDgcVDStMx6drbNnFPlxPFh10CkSLxdb
oEBsFVCXv++/vMxXgAImkiovnPPTkzrbK9hrRv+e3q754aTcq7qEKqJ4hWZU
-----END CERTIFICATE-----
Generated at Tue Sep 24 16:53:35 2024 by rpki-client on console-fra.rpki-client.org