Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/knjIM9MN8gh_ElzaITH47qmpfEA.roa
File: knjIM9MN8gh_ElzaITH47qmpfEA.roa (raw, json)
Hash identifier: y5KPNh4kz6pfBToelNzJSS7nUSdXgLbOMr0ikq18XIg=
Subject key identifier: 92:78:C8:33:D3:0D:F2:08:7F:12:5C:DA:21:31:F8:EE:A9:A9:7C:40
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01916DF8B9E0E2EF16EE7227F07C5530061A
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/knjIM9MN8gh_ElzaITH47qmpfEA.roa
Signing time: Tue 20 Aug 2024 04:08:22 +0000
ROA not before: Tue 20 Aug 2024 04:08:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48314
IP address blocks: 77.90.0.0/24 maxlen: 24
77.90.2.0/24 maxlen: 24
77.90.8.0/24 maxlen: 24
77.90.13.0/24 maxlen: 24
77.90.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Sep 2024 16:20:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6d:f8:b9:e0:e2:ef:16:ee:72:27:f0:7c:55:30:06:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Aug 20 04:08:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9278c833d30df2087f125cda2131f8eea9a97c40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6e:fe:cc:07:79:76:0f:2a:43:fc:4f:18:58:
5e:71:eb:81:42:c5:58:3c:01:bb:11:71:a7:73:e6:
81:77:b5:97:e6:22:7f:d4:82:02:60:b3:c5:d3:80:
13:5a:e1:c8:d1:9d:94:62:55:36:84:31:88:25:31:
f1:09:5d:23:5f:5d:d5:d4:f3:a4:e4:91:9e:d4:a3:
8e:6a:f3:2d:eb:11:79:12:21:72:0d:6c:c9:62:16:
83:c3:97:96:e3:0f:a0:bb:12:e0:11:42:2a:fd:da:
24:8b:3d:5f:a4:e5:b8:28:0c:00:ff:02:9e:ce:c9:
dd:97:ac:6d:c1:1d:ae:02:93:bc:43:63:ec:f3:3c:
61:c2:2b:66:bc:59:49:21:ec:35:d4:73:b9:18:07:
5a:db:1b:73:d6:b0:dc:27:73:1d:e4:dc:01:64:97:
e6:cb:16:91:84:6b:34:ce:89:01:0d:84:52:87:a1:
17:c9:d4:9f:88:ca:14:d2:6c:85:a3:a5:ae:ea:52:
4a:20:fc:bd:ba:5a:4a:0b:26:31:75:73:6d:fa:20:
f9:64:db:01:02:6f:3e:4d:48:a3:54:e6:28:a1:ba:
d3:32:e7:c0:15:06:e3:07:26:4e:22:ac:4a:b6:e3:
6b:e9:de:24:68:f0:60:fd:ad:2a:fc:1c:0f:7d:d2:
a2:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:78:C8:33:D3:0D:F2:08:7F:12:5C:DA:21:31:F8:EE:A9:A9:7C:40
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/knjIM9MN8gh_ElzaITH47qmpfEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.0.0/24
77.90.2.0/24
77.90.8.0/24
77.90.13.0/24
77.90.51.0/24
Signature Algorithm: sha256WithRSAEncryption
48:99:ab:c1:d9:8f:d6:74:1b:09:db:f5:6b:6b:86:15:e9:6b:
86:f9:c0:de:a0:a5:82:ba:12:90:f7:b5:fb:3c:fb:26:ac:33:
bb:e7:2c:a2:28:1b:97:b8:95:33:dc:99:b7:52:1d:c0:93:bb:
df:d7:5f:1b:f0:51:4f:9f:d9:e3:81:d1:2c:da:72:79:1f:b3:
cf:07:54:77:8a:34:2b:11:c5:57:fe:a9:06:05:0b:a0:c3:f5:
db:3e:86:0a:6b:10:06:4d:9c:fa:3d:54:8a:1c:29:81:56:a5:
26:9a:52:f3:b4:51:d8:0a:da:4e:a0:c1:51:f4:b7:ee:e0:9f:
88:6f:69:4f:c6:6a:84:b9:f9:94:30:c2:81:90:fa:e2:43:c3:
63:bc:96:56:4c:f1:b1:10:c7:27:f7:41:91:50:4f:40:b9:e0:
7f:80:8f:5b:a6:6b:4b:87:ee:3f:0c:d4:9d:66:55:d4:92:70:
c0:c7:af:77:a7:02:a3:31:8a:21:6f:22:02:df:6b:f0:b8:91:
e4:6c:61:54:17:14:61:f9:3c:9c:e1:ac:54:cd:1c:58:80:f5:
2b:b2:08:23:ed:44:e5:f0:23:f7:03:16:04:73:ed:c2:6b:f1:
8a:f1:0c:39:8e:17:ea:16:a7:90:69:49:65:3e:10:d8:43:fc:
65:fe:8e:78
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZFt+Lng4u8W7nIn8HxVMAYaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwODIwMDQwODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mjc4YzgzM2QzMGRmMjA4N2YxMjVjZGEyMTMxZjhlZWE5YTk3YzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtG7+zAd5dg8qQ/xPGFheceuBQsVY
PAG7EXGnc+aBd7WX5iJ/1IICYLPF04ATWuHI0Z2UYlU2hDGIJTHxCV0jX13V1POk
5JGe1KOOavMt6xF5EiFyDWzJYhaDw5eW4w+guxLgEUIq/dokiz1fpOW4KAwA/wKe
zsndl6xtwR2uApO8Q2Ps8zxhwitmvFlJIew11HO5GAda2xtz1rDcJ3Md5NwBZJfm
yxaRhGs0zokBDYRSh6EXydSfiMoU0myFo6Wu6lJKIPy9ulpKCyYxdXNt+iD5ZNsB
Am8+TUijVOYoobrTMufAFQbjByZOIqxKtuNr6d4kaPBg/a0q/BwPfdKiPQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJJ4yDPTDfIIfxJc2iEx+O6pqXxAMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEva25qSU05TU44Z2hfRWx6YUlUSDQ3cW1wZkVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATVoAAwQA
TVoCAwQATVoIAwQATVoNAwQATVozMA0GCSqGSIb3DQEBCwUAA4IBAQBImavB2Y/W
dBsJ2/Vra4YV6WuG+cDeoKWCuhKQ97X7PPsmrDO75yyiKBuXuJUz3Jm3Uh3Ak7vf
118b8FFPn9njgdEs2nJ5H7PPB1R3ijQrEcVX/qkGBQugw/XbPoYKaxAGTZz6PVSK
HCmBVqUmmlLztFHYCtpOoMFR9Lfu4J+Ib2lPxmqEufmUMMKBkPriQ8NjvJZWTPGx
EMcn90GRUE9AueB/gI9bpmtLh+4/DNSdZlXUknDAx693pwKjMYohbyIC32vwuJHk
bGFUFxRh+Tyc4axUzRxYgPUrsggj7UTl8CP3AxYEc+3Ca/GK8Qw5jhfqFqeQaUll
PhDYQ/xl/o54
-----END CERTIFICATE-----
Generated at Thu Sep 19 18:52:24 2024 by rpki-client on console-fra.rpki-client.org