Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/yqfMYgNN8bsQIYdBi6nttUemqSw.roa
File: yqfMYgNN8bsQIYdBi6nttUemqSw.roa (raw, json)
Hash identifier: GXR9yYnB6fgqLFaA15W6GFG9c6N3FaElxkLsTQcikvo=
Subject key identifier: CA:A7:CC:62:03:4D:F1:BB:10:21:87:41:8B:A9:ED:B5:47:A6:A9:2C
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 018DFAE68755A94B2201248DF880888D8720
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/yqfMYgNN8bsQIYdBi6nttUemqSw.roa
Signing time: Fri 01 Mar 2024 16:43:48 +0000
ROA not before: Fri 01 Mar 2024 16:43:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 149020
IP address blocks: 77.72.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Apr 2024 17:46:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fa:e6:87:55:a9:4b:22:01:24:8d:f8:80:88:8d:87:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 1 16:43:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=caa7cc62034df1bb102187418ba9edb547a6a92c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:de:cf:ce:c2:70:87:58:cc:96:0c:a3:0e:51:
c9:47:67:d5:9b:ff:93:66:ff:57:cc:a8:ce:1a:f5:
24:d7:65:e5:20:a8:1c:e3:9d:d0:ef:16:2f:95:a7:
45:dd:62:77:c0:5e:0f:47:de:2d:c3:fb:b8:84:f0:
49:f2:4b:7b:b1:17:89:e1:6b:ae:1b:a2:fd:47:51:
cb:f2:0d:9c:2b:e0:df:d0:78:f1:0a:0f:83:49:95:
4b:61:48:53:3a:58:92:2c:1f:23:c1:86:40:9c:00:
31:4b:fa:b8:98:96:32:28:d7:d1:b8:6b:0e:be:5c:
d2:59:5e:80:93:19:f7:63:fc:6c:d7:de:28:30:5b:
21:ab:4c:c3:85:f1:34:53:a7:ee:19:4b:49:a7:fd:
08:39:23:7c:a4:c0:b4:a9:38:02:8d:85:0e:35:b0:
b7:54:d9:d6:e1:ff:cc:b5:7b:21:04:e3:2e:cc:52:
73:66:1b:e2:dd:fd:91:76:fa:f0:2d:92:c4:0c:8e:
e9:0c:08:64:cf:dc:14:70:11:5e:ff:1e:51:3e:94:
79:e1:11:11:d7:68:3e:d2:e5:aa:fd:93:8e:d3:d7:
dc:be:71:ff:5b:71:2c:2a:4c:53:51:d5:31:d3:a8:
46:01:1a:bc:f7:d0:61:6c:eb:78:29:ab:42:c3:ae:
1d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:A7:CC:62:03:4D:F1:BB:10:21:87:41:8B:A9:ED:B5:47:A6:A9:2C
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/yqfMYgNN8bsQIYdBi6nttUemqSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.81.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:8b:6d:12:bc:f0:ec:91:c9:de:e1:e7:18:31:35:64:52:2c:
fb:43:2d:a6:e1:b5:e5:62:fb:d5:62:1a:4f:6b:b5:f6:97:12:
cb:06:5e:fb:4b:95:35:83:32:ce:60:76:b5:11:a2:45:ed:bb:
ea:b2:dd:e7:48:f9:0d:35:b3:b2:da:ce:a7:17:1e:ec:39:1c:
e5:fa:00:ff:e2:14:e2:15:4a:21:f1:d8:72:4e:22:71:04:f4:
bb:2c:65:f0:eb:93:3e:79:43:81:39:ae:93:8f:4c:d1:78:a9:
d7:3f:53:e0:2e:e2:87:1c:a7:47:aa:d5:ef:59:a8:44:bb:96:
22:5b:df:c5:aa:c1:aa:5b:4a:06:db:1d:33:4f:96:d3:6c:71:
26:9a:fe:2f:41:3f:b9:b9:86:97:fc:0c:c1:21:a9:86:4c:eb:
8c:99:a7:18:a0:55:37:01:5a:d0:bb:54:81:9b:e3:95:09:e7:
22:67:39:e7:f9:a1:79:f0:0f:ae:81:21:47:e4:f9:3f:d3:ab:
17:25:dc:26:dc:b2:c7:41:10:fa:7c:ed:18:83:77:ad:6c:28:
a8:8a:bb:93:c3:05:5e:75:fe:dc:be:17:62:8d:16:af:17:7a:
8e:bb:f8:c2:07:e3:a6:d5:17:38:f4:d9:f9:15:65:05:7e:5f:
09:bf:6c:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY365odVqUsiASSN+ICIjYcgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwMzAxMTY0MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWE3Y2M2MjAzNGRmMWJiMTAyMTg3NDE4YmE5ZWRiNTQ3YTZhOTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnN7PzsJwh1jMlgyjDlHJR2fVm/+T
Zv9XzKjOGvUk12XlIKgc453Q7xYvladF3WJ3wF4PR94tw/u4hPBJ8kt7sReJ4Wuu
G6L9R1HL8g2cK+Df0HjxCg+DSZVLYUhTOliSLB8jwYZAnAAxS/q4mJYyKNfRuGsO
vlzSWV6Akxn3Y/xs194oMFshq0zDhfE0U6fuGUtJp/0IOSN8pMC0qTgCjYUONbC3
VNnW4f/MtXshBOMuzFJzZhvi3f2RdvrwLZLEDI7pDAhkz9wUcBFe/x5RPpR54RER
12g+0uWq/ZOO09fcvnH/W3EsKkxTUdUx06hGARq899BhbOt4KatCw64d9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMqnzGIDTfG7ECGHQYup7bVHpqksMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEveXFmTVlnTk44YnNRSVlkQmk2bnR0VWVtcVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUhRMA0G
CSqGSIb3DQEBCwUAA4IBAQCKi20SvPDskcne4ecYMTVkUiz7Qy2m4bXlYvvVYhpP
a7X2lxLLBl77S5U1gzLOYHa1EaJF7bvqst3nSPkNNbOy2s6nFx7sORzl+gD/4hTi
FUoh8dhyTiJxBPS7LGXw65M+eUOBOa6Tj0zReKnXP1PgLuKHHKdHqtXvWahEu5Yi
W9/FqsGqW0oG2x0zT5bTbHEmmv4vQT+5uYaX/AzBIamGTOuMmacYoFU3AVrQu1SB
m+OVCeciZznn+aF58A+ugSFH5Pk/06sXJdwm3LLHQRD6fO0Yg3etbCioiruTwwVe
df7cvhdijRavF3qOu/jCB+Om1Rc49Nn5FWUFfl8Jv2zI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:45 2024 by rpki-client on console-fra.rpki-client.org