Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/3LxWCGVC5pq3dBL_nr353fejukQ.roa
File: 3LxWCGVC5pq3dBL_nr353fejukQ.roa (raw, json)
Hash identifier: LVcNiwkqasFmuobxxsWEo1ZMl6K7ktpwQXEQovhFc+k=
Subject key identifier: DC:BC:56:08:65:42:E6:9A:B7:74:12:FF:9E:BD:F9:DD:F7:A3:BA:44
Certificate issuer: /CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Certificate serial: 018EA939147C49B55C9011491873E32C4CB0
Authority key identifier: 6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/3LxWCGVC5pq3dBL_nr353fejukQ.roa
Signing time: Thu 04 Apr 2024 13:07:54 +0000
ROA not before: Thu 04 Apr 2024 13:07:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215428
IP address blocks: 77.91.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 Apr 2024 12:41:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a9:39:14:7c:49:b5:5c:90:11:49:18:73:e3:2c:4c:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Validity
Not Before: Apr 4 13:07:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dcbc56086542e69ab77412ff9ebdf9ddf7a3ba44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:8a:68:fe:a3:51:3b:6a:7d:fe:bd:9b:ec:0d:
33:6f:c9:00:98:24:4c:0f:a8:36:29:1d:3e:ce:2c:
be:dc:04:13:40:2b:0b:32:67:16:81:c7:bc:b2:aa:
e9:7b:68:b7:d5:51:ef:41:02:3d:54:fe:69:3c:9b:
ff:32:7f:e5:df:5c:8c:97:ff:6f:79:01:7c:3d:f8:
25:c3:66:84:21:5e:a4:e9:3b:7d:d0:38:df:6a:63:
38:74:08:9f:10:71:c8:f5:59:48:2b:7f:94:e0:b3:
24:6f:02:d0:89:b4:33:19:81:54:02:9a:e3:d6:d9:
4e:4b:10:34:6b:0e:39:b9:bb:d5:ce:a5:5f:40:62:
0d:3c:3d:cb:2a:d3:52:1c:b1:fb:22:85:41:bf:f3:
1a:b5:12:92:58:20:56:5f:cf:0b:70:28:ee:8b:e8:
58:90:3f:a1:96:5f:05:c7:f0:4b:7b:a6:89:ca:88:
b7:cc:a4:1c:e7:f4:82:c4:b8:6c:6d:1a:c7:41:b7:
b1:6c:9b:0e:b3:54:46:3d:7b:0a:2e:ee:13:0c:f3:
84:59:20:e4:16:f4:ad:54:fb:a3:7c:0c:04:45:16:
1f:ef:8e:7c:f3:b8:f4:b2:90:0b:56:06:fe:21:46:
e4:93:4a:82:74:0f:4d:e8:02:fd:27:d8:5b:0d:89:
74:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:BC:56:08:65:42:E6:9A:B7:74:12:FF:9E:BD:F9:DD:F7:A3:BA:44
X509v3 Authority Key Identifier:
keyid:6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/3LxWCGVC5pq3dBL_nr353fejukQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.66.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:16:ff:28:08:c4:b7:be:61:7b:75:b4:dc:59:78:a1:af:81:
4f:f7:6f:9b:e1:95:ec:0c:c5:f0:df:63:8a:4b:88:ca:fa:11:
09:35:45:b1:d3:d0:54:c3:c1:ae:59:3d:1f:57:c2:f6:57:68:
68:d3:47:db:22:75:2b:72:94:f8:fb:c9:f6:c4:d4:5c:01:c9:
68:3a:f8:6e:64:ae:5e:47:4b:15:86:66:6a:e5:6d:97:25:38:
91:75:2c:41:13:a4:ae:42:c5:fc:24:d3:be:ac:b9:cc:78:d9:
72:3d:d5:77:1b:50:be:99:89:9f:ea:df:1e:26:4a:93:3a:27:
ea:f0:0e:bf:03:1d:21:4d:14:88:82:d1:9c:e6:9f:fc:e7:a7:
63:e2:74:b5:65:4b:45:63:7b:ec:7a:70:85:d8:b1:30:b8:49:
9e:63:8b:82:e5:6e:10:7f:50:71:6a:7b:34:be:21:3c:06:a6:
8b:80:53:72:a9:81:65:79:3f:8a:cc:cd:49:bb:4e:ff:f0:59:
3b:16:b9:cc:bd:2a:19:3d:a1:dd:9a:05:a4:15:93:b6:10:e4:
dd:86:4f:00:62:c6:ce:95:f3:5b:c5:6d:f1:ac:47:6d:80:e2:
5e:de:62:0b:42:15:43:b7:73:9b:cd:13:7d:71:88:c4:ae:a7:
a3:48:8a:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6pORR8SbVckBFJGHPjLEywMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDg4Y2VmMjhlMDJhZjdkMDBmMjk3ODE2YzU1ZjhlM2M0
M2Q1MzUwHhcNMjQwNDA0MTMwNzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2JjNTYwODY1NDJlNjlhYjc3NDEyZmY5ZWJkZjlkZGY3YTNiYTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYpo/qNRO2p9/r2b7A0zb8kAmCRM
D6g2KR0+ziy+3AQTQCsLMmcWgce8sqrpe2i31VHvQQI9VP5pPJv/Mn/l31yMl/9v
eQF8Pfglw2aEIV6k6Tt90DjfamM4dAifEHHI9VlIK3+U4LMkbwLQibQzGYFUAprj
1tlOSxA0aw45ubvVzqVfQGINPD3LKtNSHLH7IoVBv/MatRKSWCBWX88LcCjui+hY
kD+hll8Fx/BLe6aJyoi3zKQc5/SCxLhsbRrHQbexbJsOs1RGPXsKLu4TDPOEWSDk
FvStVPujfAwERRYf745887j0spALVgb+IUbkk0qCdA9N6AL9J9hbDYl0iQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNy8VghlQuaat3QS/569+d33o7pEMB8GA1UdIwQY
MBaAFG0IjO8o4Cr30A8peBbFX448Q9U1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYt
ZmVlOGVhZjczYjBkLzEvM0x4V0NHVkM1cHEzZEJMX25yMzUzZmVqdWtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYtZmVlOGVhZjczYjBk
LzEvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVtCMA0G
CSqGSIb3DQEBCwUAA4IBAQCuFv8oCMS3vmF7dbTcWXihr4FP92+b4ZXsDMXw32OK
S4jK+hEJNUWx09BUw8GuWT0fV8L2V2ho00fbInUrcpT4+8n2xNRcAcloOvhuZK5e
R0sVhmZq5W2XJTiRdSxBE6SuQsX8JNO+rLnMeNlyPdV3G1C+mYmf6t8eJkqTOifq
8A6/Ax0hTRSIgtGc5p/856dj4nS1ZUtFY3vsenCF2LEwuEmeY4uC5W4Qf1Bxans0
viE8BqaLgFNyqYFleT+KzM1Ju07/8Fk7FrnMvSoZPaHdmgWkFZO2EOTdhk8AYsbO
lfNbxW3xrEdtgOJe3mILQhVDt3ObzRN9cYjErqejSIrd
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:33:42 2025 by rpki-client