Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/779928-881c-433a-b243-c9f57e959ef1/1/CFr6eNem9Jr4YjuDcRng805adC0.roa
File: CFr6eNem9Jr4YjuDcRng805adC0.roa (raw, json)
Hash identifier: viYWFtB8Th7ZTHNijUHtku0QF6QIcDjx5qBAn9O9Ix0=
Subject key identifier: 08:5A:FA:78:D7:A6:F4:9A:F8:62:3B:83:71:19:E0:F3:4E:5A:74:2D
Certificate issuer: /CN=0692c5f16313653425bc467105875e3a297cff9b
Certificate serial: 018CCA2A9016AE962E06973E339AA0C3BD97
Authority key identifier: 06:92:C5:F1:63:13:65:34:25:BC:46:71:05:87:5E:3A:29:7C:FF:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BpLF8WMTZTQlvEZxBYdeOil8_5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/779928-881c-433a-b243-c9f57e959ef1/1/CFr6eNem9Jr4YjuDcRng805adC0.roa
Signing time: Tue 02 Jan 2024 12:33:56 +0000
ROA not before: Tue 02 Jan 2024 12:33:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 77.91.103.0/24 maxlen: 24
77.91.102.0/24 maxlen: 24
77.91.101.0/24 maxlen: 24
77.91.100.0/24 maxlen: 24
77.91.123.0/24 maxlen: 24
77.91.122.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:90:16:ae:96:2e:06:97:3e:33:9a:a0:c3:bd:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0692c5f16313653425bc467105875e3a297cff9b
Validity
Not Before: Jan 2 12:33:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=085afa78d7a6f49af8623b837119e0f34e5a742d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b2:d7:ad:a5:4e:ef:0e:84:8d:2d:7f:be:90:
b3:9a:dd:52:e7:17:cf:34:9d:92:04:d7:6d:7c:4f:
5e:74:7c:b4:29:c8:12:57:e1:9e:e4:d1:c3:8d:5f:
59:7b:50:14:ec:54:c8:87:d5:ab:50:b7:bd:44:37:
5f:77:69:dd:a7:f0:20:c0:70:d2:9c:13:fa:83:93:
21:ee:3f:d1:3f:33:e6:2e:14:17:be:49:f6:f9:7c:
7e:b2:c9:7e:27:c2:33:d7:8d:75:ff:0e:89:ce:1b:
b1:72:74:cb:4d:76:bd:c3:dc:47:dd:64:91:b4:33:
e2:5c:d9:05:63:38:18:eb:6c:81:a1:05:a1:97:ca:
31:4b:f2:13:b5:49:4d:9c:6e:3b:62:73:06:ae:05:
65:e1:c9:8b:a4:40:4f:db:74:df:d6:d7:f1:28:98:
eb:17:7e:d5:de:91:3d:91:33:7f:81:4b:47:e0:63:
3b:e8:5d:d4:86:74:d3:41:d8:ac:e8:a1:2a:a9:73:
8e:61:92:26:91:be:34:4e:d3:86:69:3e:49:03:c5:
7c:30:48:24:f4:29:f1:fe:f5:7d:ac:42:47:18:3c:
c6:e4:02:91:51:95:ae:4c:20:74:26:51:57:ea:21:
a4:b5:58:a2:1e:94:02:b9:bd:59:df:82:7b:bc:56:
cf:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:5A:FA:78:D7:A6:F4:9A:F8:62:3B:83:71:19:E0:F3:4E:5A:74:2D
X509v3 Authority Key Identifier:
keyid:06:92:C5:F1:63:13:65:34:25:BC:46:71:05:87:5E:3A:29:7C:FF:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BpLF8WMTZTQlvEZxBYdeOil8_5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/779928-881c-433a-b243-c9f57e959ef1/1/CFr6eNem9Jr4YjuDcRng805adC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/779928-881c-433a-b243-c9f57e959ef1/1/BpLF8WMTZTQlvEZxBYdeOil8_5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.100.0/22
77.91.122.0/23
Signature Algorithm: sha256WithRSAEncryption
05:60:50:ca:2d:84:95:b7:6f:f8:5f:36:43:d5:8f:13:21:ba:
eb:86:0e:b2:aa:cd:c8:41:36:4b:92:63:cc:4a:e7:d5:a8:1e:
09:0b:88:a4:0a:29:43:dc:94:29:60:8b:d6:b9:b9:5e:05:68:
36:4d:b9:f8:66:44:d7:d3:42:ab:ea:d3:cd:a6:4e:b4:a6:29:
da:f2:d1:7d:fe:70:a2:de:71:1c:53:75:32:8f:ad:67:2a:3d:
ba:e6:c1:ea:4b:d6:da:45:8c:d2:41:d6:50:28:c6:6c:a8:be:
c5:3b:66:bc:ca:c8:8d:3a:af:b8:66:87:4d:f3:45:95:76:2f:
63:9a:b8:5c:6e:c9:a9:b8:02:cf:b2:4d:be:33:ed:33:da:61:
ff:f9:b6:0d:8a:69:f4:08:eb:2c:11:1f:44:8f:53:a0:e1:65:
c2:6b:41:c1:0e:36:7a:5f:c0:fc:95:a6:d2:2e:4b:2d:90:34:
7a:84:fd:0e:4a:b4:f1:83:cc:b3:ce:a4:21:03:d0:b1:94:23:
8e:92:ec:08:a0:ea:14:ca:f8:4d:17:74:4f:8f:ce:e5:73:ca:
e0:54:97:56:e4:b2:1e:78:2f:ae:d7:0e:80:55:70:7a:e1:52:
a2:d4:82:b1:f2:08:d3:e8:e1:4d:b4:c9:b2:d6:07:45:e5:50:
03:8b:00:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKpAWrpYuBpc+M5qgw72XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2OTJjNWYxNjMxMzY1MzQyNWJjNDY3MTA1ODc1ZTNhMjk3
Y2ZmOWIwHhcNMjQwMTAyMTIzMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODVhZmE3OGQ3YTZmNDlhZjg2MjNiODM3MTE5ZTBmMzRlNWE3NDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrLXraVO7w6EjS1/vpCzmt1S5xfP
NJ2SBNdtfE9edHy0KcgSV+Ge5NHDjV9Ze1AU7FTIh9WrULe9RDdfd2ndp/AgwHDS
nBP6g5Mh7j/RPzPmLhQXvkn2+Xx+ssl+J8Iz1411/w6JzhuxcnTLTXa9w9xH3WSR
tDPiXNkFYzgY62yBoQWhl8oxS/ITtUlNnG47YnMGrgVl4cmLpEBP23Tf1tfxKJjr
F37V3pE9kTN/gUtH4GM76F3UhnTTQdis6KEqqXOOYZImkb40TtOGaT5JA8V8MEgk
9Cnx/vV9rEJHGDzG5AKRUZWuTCB0JlFX6iGktViiHpQCub1Z34J7vFbPAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAha+njXpvSa+GI7g3EZ4PNOWnQtMB8GA1UdIwQY
MBaAFAaSxfFjE2U0JbxGcQWHXjopfP+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnBMRjhXTVRaVFFsdkVaeEJZZGVPaWw4XzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Nzk5MjgtODgxYy00MzNhLWIyNDMt
YzlmNTdlOTU5ZWYxLzEvQ0ZyNmVOZW05SnI0WWp1RGNSbmc4MDVhZEMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Nzk5MjgtODgxYy00MzNhLWIyNDMtYzlmNTdlOTU5ZWYx
LzEvQnBMRjhXTVRaVFFsdkVaeEJZZGVPaWw4XzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCTVtkAwQB
TVt6MA0GCSqGSIb3DQEBCwUAA4IBAQAFYFDKLYSVt2/4XzZD1Y8TIbrrhg6yqs3I
QTZLkmPMSufVqB4JC4ikCilD3JQpYIvWubleBWg2Tbn4ZkTX00Kr6tPNpk60pina
8tF9/nCi3nEcU3Uyj61nKj265sHqS9baRYzSQdZQKMZsqL7FO2a8ysiNOq+4ZodN
80WVdi9jmrhcbsmpuALPsk2+M+0z2mH/+bYNimn0COssER9Ej1Og4WXCa0HBDjZ6
X8D8labSLkstkDR6hP0OSrTxg8yzzqQhA9CxlCOOkuwIoOoUyvhNF3RPj87lc8rg
VJdW5LIeeC+u1w6AVXB64VKi1IKx8gjT6OFNtMmy1gdF5VADiwBt
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:55:49 2025 by rpki-client