Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/_WIfrUMk6TLFMaNU_9T7dIQsUkM.roa
File: _WIfrUMk6TLFMaNU_9T7dIQsUkM.roa (raw, json)
Hash identifier: 4h0LFahKNlJuixwrTE/v4Yt+tCrw8wXgaH9j5IczhZw=
Subject key identifier: FD:62:1F:AD:43:24:E9:32:C5:31:A3:54:FF:D4:FB:74:84:2C:52:43
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01920EA5053425EEE68130B6AEFB245AD5ED
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/_WIfrUMk6TLFMaNU_9T7dIQsUkM.roa
Signing time: Fri 20 Sep 2024 08:55:48 +0000
ROA not before: Fri 20 Sep 2024 08:55:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211306
IP address blocks: 77.36.56.0/24 maxlen: 24
77.232.216.0/23 maxlen: 23
77.232.218.0/24 maxlen: 24
91.200.132.0/24 maxlen: 24
91.237.49.0/24 maxlen: 24
91.239.225.0/24 maxlen: 24
93.120.44.0/23 maxlen: 23
176.96.92.0/24 maxlen: 24
176.116.230.0/23 maxlen: 23
178.159.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Sep 2024 07:58:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0e:a5:05:34:25:ee:e6:81:30:b6:ae:fb:24:5a:d5:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Sep 20 08:55:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd621fad4324e932c531a354ffd4fb74842c5243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:41:da:95:dd:35:b0:52:82:67:65:79:4f:69:
75:36:ef:65:e0:e4:17:4a:6b:bf:d7:50:af:8c:51:
cf:28:e6:4c:c0:76:a1:e1:6c:27:93:87:35:9a:b3:
84:ae:21:1d:e0:33:2d:71:f5:55:e3:d5:d2:dc:9f:
27:16:74:78:bd:f3:16:cb:1a:b6:16:83:27:96:d0:
14:54:03:fb:79:a1:1d:cb:d3:14:c2:a3:62:70:4c:
9e:ab:01:2f:07:fe:c9:a9:9e:5c:1f:62:94:13:35:
d5:4f:48:f0:cf:dc:be:5c:3a:83:17:8f:5d:8e:26:
5b:62:4d:df:04:05:2d:3d:0e:17:93:97:ba:b1:63:
58:5d:5b:2e:f3:c7:f8:71:11:16:83:2f:ce:22:1e:
18:54:12:d8:f1:15:ea:a4:2a:45:7a:b9:d6:23:aa:
6d:61:c6:92:bf:17:34:de:02:b3:7c:ee:e0:c2:96:
0a:34:e1:33:97:e7:c6:f3:04:93:17:b0:20:0f:2c:
15:4a:8e:35:12:c9:4f:fc:4c:c2:e6:03:d6:14:83:
05:f3:a8:d2:cb:e0:98:01:bd:f1:e4:20:94:02:4d:
8e:e7:7f:43:eb:b9:1d:45:ae:71:26:5c:02:6f:d0:
bf:5f:5b:d6:2a:14:46:25:16:68:09:86:66:17:25:
ad:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:62:1F:AD:43:24:E9:32:C5:31:A3:54:FF:D4:FB:74:84:2C:52:43
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/_WIfrUMk6TLFMaNU_9T7dIQsUkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.36.56.0/24
77.232.216.0-77.232.218.255
91.200.132.0/24
91.237.49.0/24
91.239.225.0/24
93.120.44.0/23
176.96.92.0/24
176.116.230.0/23
178.159.146.0/24
Signature Algorithm: sha256WithRSAEncryption
27:04:d5:5b:e0:99:14:f4:33:f9:cd:25:e7:18:a9:87:44:51:
81:a2:7a:ae:27:9c:4b:1e:76:f1:0f:2d:b1:94:1e:6a:e3:6d:
0e:6f:7d:4c:ed:86:7e:83:25:ac:d4:1f:9e:8e:e9:2b:f0:3b:
8d:f6:20:80:61:b1:3e:b2:59:69:7c:6d:c6:81:2f:cc:b2:21:
e0:12:2e:57:6b:c9:f1:6e:16:00:fb:19:33:2b:d8:31:bb:20:
6c:33:10:e0:19:2b:6e:df:fd:ae:d1:71:14:3b:26:6e:14:35:
14:5e:7d:c8:9e:a0:16:f6:06:bb:03:28:9f:d6:c3:9d:75:6c:
8e:7d:84:1c:3d:51:ad:10:88:b1:06:24:a0:87:d5:68:6d:48:
d2:fb:82:a1:c2:60:8a:1c:62:84:51:01:75:46:77:87:7c:c7:
c2:78:1a:6a:71:2f:f2:bd:5e:ed:19:6e:81:65:03:a8:9f:dc:
2d:02:be:4f:61:bf:25:3e:d2:45:95:14:eb:fe:ee:74:74:4b:
31:6d:f4:34:3a:49:43:43:d6:69:95:74:d3:06:28:e1:b8:73:
fc:6c:22:83:d5:e0:9e:95:9f:e1:94:94:4b:71:ba:1f:8c:a0:
5a:dc:71:e7:9f:4f:9d:6c:ad:81:8e:22:18:ae:92:52:79:80:
0a:61:1b:80
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZIOpQU0Je7mgTC2rvskWtXtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwOTIwMDg1NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDYyMWZhZDQzMjRlOTMyYzUzMWEzNTRmZmQ0ZmI3NDg0MmM1MjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA70Hald01sFKCZ2V5T2l1Nu9l4OQX
Smu/11CvjFHPKOZMwHah4Wwnk4c1mrOEriEd4DMtcfVV49XS3J8nFnR4vfMWyxq2
FoMnltAUVAP7eaEdy9MUwqNicEyeqwEvB/7JqZ5cH2KUEzXVT0jwz9y+XDqDF49d
jiZbYk3fBAUtPQ4Xk5e6sWNYXVsu88f4cREWgy/OIh4YVBLY8RXqpCpFernWI6pt
YcaSvxc03gKzfO7gwpYKNOEzl+fG8wSTF7AgDywVSo41EslP/EzC5gPWFIMF86jS
y+CYAb3x5CCUAk2O539D67kdRa5xJlwCb9C/X1vWKhRGJRZoCYZmFyWtIwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFP1iH61DJOkyxTGjVP/U+3SELFJDMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvX1dJZnJVTWs2VExGTWFOVV85VDdkSVFzVWtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQATSQ4MAwD
BANN6NgDBABN6NoDBABbyIQDBABb7TEDBABb7+EDBAFdeCwDBACwYFwDBAGwdOYD
BACyn5IwDQYJKoZIhvcNAQELBQADggEBACcE1VvgmRT0M/nNJecYqYdEUYGieq4n
nEsedvEPLbGUHmrjbQ5vfUzthn6DJazUH56O6SvwO432IIBhsT6yWWl8bcaBL8yy
IeASLldryfFuFgD7GTMr2DG7IGwzEOAZK27f/a7RcRQ7Jm4UNRRefcieoBb2BrsD
KJ/Ww511bI59hBw9Ua0QiLEGJKCH1WhtSNL7gqHCYIocYoRRAXVGd4d8x8J4Gmpx
L/K9Xu0ZboFlA6if3C0Cvk9hvyU+0kWVFOv+7nR0SzFt9DQ6SUND1mmVdNMGKOG4
c/xsIoPV4J6Vn+GUlEtxuh+MoFrcceefT51srYGOIhiuklJ5gAphG4A=
-----END CERTIFICATE-----
Generated at Fri Sep 27 09:46:39 2024 by rpki-client on console-fra.rpki-client.org