Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/tgG1hZF77CHZij0dd2VIBCl7HF4.roa
File: tgG1hZF77CHZij0dd2VIBCl7HF4.roa (raw, json)
Hash identifier: 8ONiLSx6eNtyaj5eIQuq9vlHTOKk3VfJWyFSIs3KZW4=
Subject key identifier: B6:01:B5:85:91:7B:EC:21:D9:8A:3D:1D:77:65:48:04:29:7B:1C:5E
Certificate issuer: /CN=8a5a3417fbe25c2e467c18485c181a7776f96ff4
Certificate serial: 01930D00445DCA2F0534B766E6AA148D452D
Authority key identifier: 8A:5A:34:17:FB:E2:5C:2E:46:7C:18:48:5C:18:1A:77:76:F9:6F:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ilo0F_viXC5GfBhIXBgad3b5b_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/tgG1hZF77CHZij0dd2VIBCl7HF4.roa
Signing time: Fri 08 Nov 2024 18:19:01 +0000
ROA not before: Fri 08 Nov 2024 18:19:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 77.93.140.0/22 maxlen: 24
77.93.152.0/22 maxlen: 24
185.101.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Nov 2024 10:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0d:00:44:5d:ca:2f:05:34:b7:66:e6:aa:14:8d:45:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a5a3417fbe25c2e467c18485c181a7776f96ff4
Validity
Not Before: Nov 8 18:19:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b601b585917bec21d98a3d1d77654804297b1c5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f3:c1:38:99:e6:6d:44:a5:18:fd:76:77:6c:
1e:ac:44:e4:9f:51:14:bd:b4:b8:c1:5c:92:b3:5f:
6f:3a:a3:7f:b3:0e:b5:4c:b9:a7:e5:db:47:e1:54:
30:9b:7d:80:a5:cd:46:97:76:2f:61:6d:d2:2c:78:
4c:2c:b4:d3:01:d5:00:b9:d7:f6:13:09:75:3e:50:
5e:c9:12:fd:b0:20:6b:a5:b5:7a:0a:fe:2d:4c:b4:
89:e1:cc:e8:dd:52:09:63:b1:c7:41:c2:c0:a9:4c:
03:43:78:10:17:f0:b0:be:a5:73:9b:9b:29:48:eb:
71:9f:8a:d8:51:12:d9:64:19:e8:71:3a:30:04:ca:
7c:61:3f:76:20:9c:66:9f:d2:03:04:79:ff:51:5f:
e1:27:62:47:25:dd:61:61:41:51:b9:de:bb:d9:75:
52:f1:54:40:bd:d4:ae:c0:08:2c:3f:f9:5d:64:44:
de:9a:2a:6e:90:b2:19:e2:77:79:a3:48:0d:cf:fb:
cd:f5:a1:f8:50:3d:aa:d7:32:68:99:1c:0f:45:de:
0e:53:2f:14:09:d5:c6:21:64:e8:e2:7b:c1:01:6e:
0c:10:e9:bb:e6:29:56:9f:9d:89:44:74:e5:7b:c6:
79:98:a8:85:17:d4:75:5e:f6:4f:b4:f6:70:c1:f7:
f7:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:01:B5:85:91:7B:EC:21:D9:8A:3D:1D:77:65:48:04:29:7B:1C:5E
X509v3 Authority Key Identifier:
keyid:8A:5A:34:17:FB:E2:5C:2E:46:7C:18:48:5C:18:1A:77:76:F9:6F:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ilo0F_viXC5GfBhIXBgad3b5b_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/tgG1hZF77CHZij0dd2VIBCl7HF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/ilo0F_viXC5GfBhIXBgad3b5b_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.140.0/22
77.93.152.0/22
185.101.46.0/24
Signature Algorithm: sha256WithRSAEncryption
47:6a:4b:6c:5e:88:2e:ff:2f:21:4b:0b:d2:ec:d7:9c:fa:b8:
5a:15:e2:5a:65:4e:dc:c3:07:00:ff:32:ab:2c:79:b8:d0:dd:
0e:83:9a:01:a7:5c:da:12:5a:82:54:8b:32:cd:2e:66:ca:cb:
2a:58:36:4b:94:f3:a7:10:41:10:e6:3c:f5:53:35:ca:1c:22:
d6:35:3e:ef:59:8c:ad:f7:e4:10:44:4d:21:84:81:e8:b9:d9:
05:32:4e:31:12:6b:7c:52:fc:ba:f7:5d:c3:eb:bc:4a:2a:b5:
4b:77:72:49:de:2e:e6:f7:22:dc:e4:ef:ca:51:de:9f:14:53:
ec:46:f0:bf:74:10:df:f9:bd:8c:72:85:6d:1a:31:95:fa:e4:
7e:d2:f2:2a:83:88:2b:0c:f9:da:2e:4d:40:cd:af:9c:95:d8:
65:a3:73:28:27:17:bf:db:c8:f2:bb:4c:8b:52:20:ea:fe:74:
ed:01:6a:f7:45:42:0c:44:2a:bd:3d:b7:1b:c9:79:8c:b6:ed:
e6:a2:e9:9b:47:60:a1:81:be:d8:1f:9a:95:4e:36:56:e4:21:
b7:4a:15:20:ae:e5:fd:40:03:93:2c:d7:9f:b2:71:3e:fa:43:
05:6c:7e:63:1e:5a:d1:eb:50:e4:ea:f4:22:f2:4f:91:3e:e1:
c4:8d:d6:bc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZMNAERdyi8FNLdm5qoUjUUtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNWEzNDE3ZmJlMjVjMmU0NjdjMTg0ODVjMTgxYTc3NzZm
OTZmZjQwHhcNMjQxMTA4MTgxOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjAxYjU4NTkxN2JlYzIxZDk4YTNkMWQ3NzY1NDgwNDI5N2IxYzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPPBOJnmbUSlGP12d2werETkn1EU
vbS4wVySs19vOqN/sw61TLmn5dtH4VQwm32Apc1Gl3YvYW3SLHhMLLTTAdUAudf2
Ewl1PlBeyRL9sCBrpbV6Cv4tTLSJ4czo3VIJY7HHQcLAqUwDQ3gQF/CwvqVzm5sp
SOtxn4rYURLZZBnocTowBMp8YT92IJxmn9IDBHn/UV/hJ2JHJd1hYUFRud672XVS
8VRAvdSuwAgsP/ldZETemipukLIZ4nd5o0gNz/vN9aH4UD2q1zJomRwPRd4OUy8U
CdXGIWTo4nvBAW4MEOm75ilWn52JRHTle8Z5mKiFF9R1XvZPtPZwwff3gwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLYBtYWRe+wh2Yo9HXdlSAQpexxeMB8GA1UdIwQY
MBaAFIpaNBf74lwuRnwYSFwYGnd2+W/0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWxvMEZfdmlYQzVHZkJoSVhCZ2FkM2I1Yl9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC85YzZlMDctNjkzZi00NmNlLTg2NDYt
ZDdhYmNkMGVmNjRhLzEvdGdHMWhaRjc3Q0haaWowZGQyVklCQ2w3SEY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC85YzZlMDctNjkzZi00NmNlLTg2NDYtZDdhYmNkMGVmNjRh
LzEvaWxvMEZfdmlYQzVHZkJoSVhCZ2FkM2I1Yl9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCTV2MAwQC
TV2YAwQAuWUuMA0GCSqGSIb3DQEBCwUAA4IBAQBHaktsXogu/y8hSwvS7Nec+rha
FeJaZU7cwwcA/zKrLHm40N0Og5oBp1zaElqCVIsyzS5myssqWDZLlPOnEEEQ5jz1
UzXKHCLWNT7vWYyt9+QQRE0hhIHoudkFMk4xEmt8Uvy6913D67xKKrVLd3JJ3i7m
9yLc5O/KUd6fFFPsRvC/dBDf+b2McoVtGjGV+uR+0vIqg4grDPnaLk1Aza+cldhl
o3MoJxe/28jyu0yLUiDq/nTtAWr3RUIMRCq9PbcbyXmMtu3moumbR2Chgb7YH5qV
TjZW5CG3ShUgruX9QAOTLNefsnE++kMFbH5jHlrR61Dk6vQi8k+RPuHEjda8
-----END CERTIFICATE-----
Generated at Wed Nov 13 14:06:16 2024 by rpki-client on console-ams.rpki-client.org