Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/3YAHz38BU3ziZCMyipIvP7Bajgs.roa
File: 3YAHz38BU3ziZCMyipIvP7Bajgs.roa (raw, json)
Hash identifier: H2x3TW1947wqMwFg5XlUIwr/dvDk31jpTvj5AqARNpc=
Subject key identifier: DD:80:07:CF:7F:01:53:7C:E2:64:23:32:8A:92:2F:3F:B0:5A:8E:0B
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 01892A8AC2EB3AC2624F7E835463B8CCF95A
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/3YAHz38BU3ziZCMyipIvP7Bajgs.roa
Signing time: Thu 06 Jul 2023 09:31:24 +0000
ROA not before: Thu 06 Jul 2023 09:31:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 77.74.231.0/24 maxlen: 24
109.105.197.0/24 maxlen: 24
109.105.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Oct 2023 09:51:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2a:8a:c2:eb:3a:c2:62:4f:7e:83:54:63:b8:cc:f9:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Jul 6 09:31:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd8007cf7f01537ce26423328a922f3fb05a8e0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c0:5a:d8:b8:c5:46:6d:61:26:c4:fb:55:5b:
83:3b:42:3a:9f:9a:e3:56:38:d1:21:1c:48:cd:d2:
9f:de:a1:f4:51:b2:88:61:15:ec:c7:51:2e:20:04:
06:71:1d:35:dd:ff:28:ce:ca:39:e0:0f:92:5b:98:
84:18:8d:18:27:23:ef:a0:60:f6:c7:b4:fd:a9:58:
ba:20:18:31:3d:02:47:53:18:43:ca:00:21:b4:b6:
8d:ce:87:7d:34:bb:20:95:1c:24:4f:f5:f8:9d:bf:
b2:07:fc:96:d1:aa:a3:8e:71:c4:f8:7c:de:c2:2e:
13:3b:a9:c1:29:7a:93:e5:8d:28:c0:c4:5f:57:fa:
92:3b:14:c3:a9:17:b3:e2:f0:a0:4e:81:a4:0e:c4:
db:c1:c4:b3:0f:69:e8:34:7f:40:79:14:3f:e4:27:
90:87:0f:9b:3d:35:b7:9f:76:72:2d:ab:98:04:86:
f9:e5:42:4b:fb:89:89:f7:6f:79:6c:f3:fd:08:d0:
30:40:23:bf:f8:8a:a8:fb:a8:71:d4:59:b1:0d:2b:
38:9a:67:00:e7:7a:e6:9b:23:a2:2d:dc:62:a0:e9:
a7:85:b4:ec:f0:8c:7a:eb:7c:e0:7a:74:1a:ca:74:
e2:9c:89:db:c5:dd:03:87:24:0e:4f:10:c4:0a:bc:
3f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:80:07:CF:7F:01:53:7C:E2:64:23:32:8A:92:2F:3F:B0:5A:8E:0B
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/3YAHz38BU3ziZCMyipIvP7Bajgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.231.0/24
109.105.197.0/24
109.105.199.0/24
Signature Algorithm: sha256WithRSAEncryption
31:cf:5e:19:f9:a8:1d:84:65:74:b5:5e:33:3a:81:f8:7a:8e:
f4:8f:8d:62:af:e3:ba:5a:a9:00:d5:4a:be:b0:50:cf:ac:62:
5e:61:20:d8:7d:93:89:bc:4a:e1:9b:39:80:e0:51:cf:f2:59:
71:8e:84:12:6c:cf:4e:dc:87:ae:e5:e1:92:99:d3:0c:00:5b:
f0:b7:ad:2d:f3:91:e2:54:aa:6a:13:c4:fa:16:f5:ea:ed:42:
dd:b7:44:d3:d8:b7:c0:a1:63:bd:82:18:da:ab:03:3b:d4:02:
70:6d:2f:d2:a3:cf:eb:aa:91:85:86:cc:a8:c8:bd:40:61:e1:
57:e6:f2:21:80:76:cc:e8:76:70:de:cf:cd:28:45:27:9f:a4:
10:dd:40:97:03:34:a4:08:8f:fa:13:c4:46:75:a1:aa:d1:a3:
02:7b:43:f4:08:ca:c3:8b:c0:2c:35:17:f6:39:b5:d0:28:52:
68:dd:ac:b6:94:9a:66:b6:9a:2d:2d:3b:54:d3:2f:3a:87:2d:
24:a0:6a:15:e0:d4:68:0a:46:c7:c7:1c:be:cc:cd:d8:1f:22:
ee:aa:62:73:ff:97:6a:8d:3f:3e:f4:a8:87:08:49:d3:84:51:
bc:a6:30:c5:1e:e9:35:72:16:18:64:c9:35:11:ad:83:ca:65:
7e:7b:80:ec
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYkqisLrOsJiT36DVGO4zPlaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjMwNzA2MDkzMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDgwMDdjZjdmMDE1MzdjZTI2NDIzMzI4YTkyMmYzZmIwNWE4ZTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8Ba2LjFRm1hJsT7VVuDO0I6n5rj
VjjRIRxIzdKf3qH0UbKIYRXsx1EuIAQGcR013f8ozso54A+SW5iEGI0YJyPvoGD2
x7T9qVi6IBgxPQJHUxhDygAhtLaNzod9NLsglRwkT/X4nb+yB/yW0aqjjnHE+Hze
wi4TO6nBKXqT5Y0owMRfV/qSOxTDqRez4vCgToGkDsTbwcSzD2noNH9AeRQ/5CeQ
hw+bPTW3n3ZyLauYBIb55UJL+4mJ9295bPP9CNAwQCO/+Iqo+6hx1FmxDSs4mmcA
53rmmyOiLdxioOmnhbTs8Ix663zgenQaynTinInbxd0DhyQOTxDECrw/cQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN2AB89/AVN84mQjMoqSLz+wWo4LMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvM1lBSHozOEJVM3ppWkNNeWlwSXZQN0JhamdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATUrnAwQA
bWnFAwQAbWnHMA0GCSqGSIb3DQEBCwUAA4IBAQAxz14Z+agdhGV0tV4zOoH4eo70
j41ir+O6WqkA1Uq+sFDPrGJeYSDYfZOJvErhmzmA4FHP8llxjoQSbM9O3Ieu5eGS
mdMMAFvwt60t85HiVKpqE8T6FvXq7ULdt0TT2LfAoWO9ghjaqwM71AJwbS/So8/r
qpGFhsyoyL1AYeFX5vIhgHbM6HZw3s/NKEUnn6QQ3UCXAzSkCI/6E8RGdaGq0aMC
e0P0CMrDi8AsNRf2ObXQKFJo3ay2lJpmtpotLTtU0y86hy0koGoV4NRoCkbHxxy+
zM3YHyLuqmJz/5dqjT8+9KiHCEnThFG8pjDFHuk1chYYZMk1Ea2DymV+e4Ds
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:28 2024 by rpki-client on console-ams.rpki-client.org