Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Ly_g9OrwE5shUnLUQ5tKFqFUwY8.roa
File: Ly_g9OrwE5shUnLUQ5tKFqFUwY8.roa (raw, json)
Hash identifier: qfiGZsLXmKqDCknUxp0RAaGF941eY8Kgdi0gF0rMFY0=
Subject key identifier: 2F:2F:E0:F4:EA:F0:13:9B:21:52:72:D4:43:9B:4A:16:A1:54:C1:8F
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01906FF49656661873D4110E54FA390BD938
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Ly_g9OrwE5shUnLUQ5tKFqFUwY8.roa
Signing time: Mon 01 Jul 2024 20:20:18 +0000
ROA not before: Mon 01 Jul 2024 20:20:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215133
IP address blocks: 77.72.81.0/24 maxlen: 24
146.19.93.0/24 maxlen: 24
188.93.138.0/24 maxlen: 24
194.26.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jul 2024 16:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6f:f4:96:56:66:18:73:d4:11:0e:54:fa:39:0b:d9:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jul 1 20:20:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f2fe0f4eaf0139b215272d4439b4a16a154c18f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d3:6a:32:c4:5a:41:75:d2:9c:13:8f:5d:cb:
b1:23:ea:14:0a:90:59:5a:a4:ab:2f:51:df:8e:30:
04:ce:18:39:9d:84:e8:f2:33:11:2e:4d:07:06:1c:
9a:25:5d:84:d6:64:3c:80:d2:79:a3:4d:4a:a2:9f:
4a:e6:5e:6d:c2:5c:bc:72:b8:c8:aa:9e:61:fb:83:
cb:20:2c:82:bf:e2:8e:82:f8:43:37:23:15:a0:3a:
79:af:43:d5:d5:c5:33:e9:4d:61:b7:1e:32:c5:ee:
4c:92:6d:7f:ea:0f:fa:6f:e0:d5:c5:e7:4a:04:dc:
e5:71:3e:52:b8:be:ad:6f:7e:a5:55:a4:0d:88:45:
1d:6e:66:9b:e2:ff:00:1f:85:07:2f:72:1a:4d:c8:
41:78:47:00:fa:13:12:db:88:7a:24:52:54:4c:e3:
e0:19:4b:38:32:4a:42:3d:89:4e:05:b5:6b:ea:18:
eb:e1:91:19:53:bf:bb:d4:72:f8:60:67:84:6b:2a:
7b:12:af:22:61:d2:dd:c5:8b:e4:03:34:e9:b8:9a:
4a:00:4d:02:b1:21:0d:3e:cd:22:38:ee:0d:31:bc:
31:2c:74:29:74:00:b1:48:42:e8:8b:2c:97:18:7b:
f9:ec:94:45:d1:c6:cd:29:aa:6f:5a:ca:e7:8f:ac:
38:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:2F:E0:F4:EA:F0:13:9B:21:52:72:D4:43:9B:4A:16:A1:54:C1:8F
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Ly_g9OrwE5shUnLUQ5tKFqFUwY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.81.0/24
146.19.93.0/24
188.93.138.0/24
194.26.215.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:38:a1:45:8b:cc:2f:bb:ed:5f:b2:5c:15:c2:f5:38:25:fc:
4a:f7:e2:1a:89:58:98:59:6a:fe:e9:f8:39:1d:60:5f:de:8a:
95:d7:eb:53:86:1d:fd:50:82:4d:fd:4e:38:d7:90:c4:2e:03:
ad:05:f1:0d:53:2e:38:b1:23:dc:b2:66:10:f0:29:7a:a1:15:
6f:a7:2e:18:be:29:17:b7:bd:ad:d0:40:f7:0f:39:92:04:31:
38:ce:a5:ed:90:16:42:21:98:2d:34:f6:f6:7b:b6:5c:bb:51:
43:54:e6:f0:64:8b:cb:0f:df:b1:44:26:7c:d1:93:86:8d:49:
ec:8f:6a:82:1f:17:67:f9:df:18:4e:cf:c2:e5:37:75:1d:da:
57:2f:34:a7:a3:d4:1a:8b:4b:64:7e:b0:0a:32:47:13:7a:79:
03:fa:01:85:c5:ba:31:54:2e:b2:20:a1:00:5e:76:b0:fa:f4:
39:bb:0a:6a:38:29:3a:71:1d:0d:b9:80:64:6d:8e:db:6c:6e:
e6:f5:97:fa:9f:0f:8b:8e:27:1f:72:c5:de:70:dc:bf:7c:94:
64:ae:7e:3a:a1:af:f0:83:11:db:38:75:f8:c6:07:6e:d6:aa:
59:d0:1c:f4:1e:7b:3b:4e:3a:a7:65:56:db:e9:46:45:b5:92:
dd:26:bf:a7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZBv9JZWZhhz1BEOVPo5C9k4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwNzAxMjAyMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjJmZTBmNGVhZjAxMzliMjE1MjcyZDQ0MzliNGExNmExNTRjMThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9NqMsRaQXXSnBOPXcuxI+oUCpBZ
WqSrL1HfjjAEzhg5nYTo8jMRLk0HBhyaJV2E1mQ8gNJ5o01Kop9K5l5twly8crjI
qp5h+4PLICyCv+KOgvhDNyMVoDp5r0PV1cUz6U1htx4yxe5Mkm1/6g/6b+DVxedK
BNzlcT5SuL6tb36lVaQNiEUdbmab4v8AH4UHL3IaTchBeEcA+hMS24h6JFJUTOPg
GUs4MkpCPYlOBbVr6hjr4ZEZU7+71HL4YGeEayp7Eq8iYdLdxYvkAzTpuJpKAE0C
sSENPs0iOO4NMbwxLHQpdACxSELoiyyXGHv57JRF0cbNKapvWsrnj6w4BwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC8v4PTq8BObIVJy1EObShahVMGPMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvTHlfZzlPcndFNXNoVW5MVVE1dEtGcUZVd1k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATUhRAwQA
khNdAwQAvF2KAwQAwhrXMA0GCSqGSIb3DQEBCwUAA4IBAQCqOKFFi8wvu+1fslwV
wvU4JfxK9+IaiViYWWr+6fg5HWBf3oqV1+tThh39UIJN/U4415DELgOtBfENUy44
sSPcsmYQ8Cl6oRVvpy4YvikXt72t0ED3DzmSBDE4zqXtkBZCIZgtNPb2e7Zcu1FD
VObwZIvLD9+xRCZ80ZOGjUnsj2qCHxdn+d8YTs/C5Td1HdpXLzSno9Qai0tkfrAK
MkcTenkD+gGFxboxVC6yIKEAXnaw+vQ5uwpqOCk6cR0NuYBkbY7bbG7m9Zf6nw+L
jicfcsXecNy/fJRkrn46oa/wgxHbOHX4xgdu1qpZ0Bz0Hns7TjqnZVbb6UZFtZLd
Jr+n
-----END CERTIFICATE-----
Generated at Tue Jul 2 18:52:33 2024 by rpki-client on console-ams.rpki-client.org