Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/AyF9IXcIuYEW1B3OUPth2W4iBFI.roa
File: AyF9IXcIuYEW1B3OUPth2W4iBFI.roa (raw, json)
Hash identifier: ffn+oBM1T0D2vh09De0epPP/P+5Mawsa8Cirb9uYgd0=
Subject key identifier: 03:21:7D:21:77:08:B9:81:16:D4:1D:CE:50:FB:61:D9:6E:22:04:52
Certificate issuer: /CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Certificate serial: 018CC9BC08666330E5FA5AD3563DB924E3E9
Authority key identifier: 6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/AyF9IXcIuYEW1B3OUPth2W4iBFI.roa
Signing time: Tue 02 Jan 2024 10:33:12 +0000
ROA not before: Tue 02 Jan 2024 10:33:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203727
IP address blocks: 77.91.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jul 2024 19:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:08:66:63:30:e5:fa:5a:d3:56:3d:b9:24:e3:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Validity
Not Before: Jan 2 10:33:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03217d217708b98116d41dce50fb61d96e220452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:69:ec:a9:83:1e:17:f0:f4:c0:57:85:f5:86:
d2:0d:38:97:e3:23:07:a6:4c:ff:b5:0e:43:47:23:
26:f3:43:f4:9e:e5:61:31:49:62:a4:23:c5:89:b2:
fd:eb:4c:d6:ce:55:ef:9b:f2:7c:1b:fe:7a:f1:e7:
56:ab:08:72:ab:41:d2:e4:00:91:17:30:ac:bc:e2:
d7:c4:eb:7b:4b:f0:49:fb:f8:f5:51:9c:64:c3:98:
a7:76:a0:e8:ee:37:3f:35:d5:26:54:29:23:36:90:
c4:af:96:92:ef:b2:f5:a7:d7:3f:3d:81:26:12:ca:
dd:81:a2:a1:f2:1f:ee:11:dc:42:fb:c0:a6:fa:ed:
c7:c9:92:3b:25:28:52:36:9e:e9:ec:cb:f1:93:43:
e7:b3:b6:8d:e2:cf:1c:07:1f:66:20:fd:60:82:43:
ac:4f:a3:43:7d:fb:45:85:39:7c:b3:62:17:0b:44:
cb:a6:22:4c:5d:77:e8:60:ad:7e:11:09:8e:91:a9:
62:9f:3c:af:45:9b:50:f0:92:a5:1a:e1:e3:74:9d:
8a:c0:b1:87:72:3d:5f:ea:ec:04:7e:e3:4c:87:57:
05:c2:4c:71:b9:59:03:0f:64:ed:78:ca:47:2f:8f:
b4:3e:44:b8:ae:46:f6:8f:1a:c0:3b:02:eb:d5:af:
38:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:21:7D:21:77:08:B9:81:16:D4:1D:CE:50:FB:61:D9:6E:22:04:52
X509v3 Authority Key Identifier:
keyid:6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/AyF9IXcIuYEW1B3OUPth2W4iBFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.68.0/24
Signature Algorithm: sha256WithRSAEncryption
28:fa:33:da:ac:fd:9a:b0:b5:fc:e5:98:0f:9e:bd:01:b1:e2:
cf:55:a8:b2:36:8e:2b:ca:30:75:0b:78:bd:2e:5c:7a:e2:8a:
ab:ca:65:70:c3:b8:38:4e:f4:24:3b:95:17:c5:1b:0f:be:fd:
10:20:0e:74:27:4a:01:ba:d5:32:9b:78:eb:db:25:5d:89:7a:
48:7d:2b:86:83:76:4a:b8:25:d9:d2:b8:67:e0:ba:4c:c2:06:
35:17:19:84:1e:44:d5:e9:6d:ff:83:5a:d4:1e:1e:0e:36:a5:
3c:e6:70:ed:d5:22:36:ee:d8:83:18:c2:cf:c9:25:d9:e3:32:
ff:99:aa:a7:ea:2f:05:29:59:9f:91:2b:da:84:e5:70:bb:49:
63:9c:54:b2:fe:79:35:bc:b3:c3:d4:ac:5d:07:7e:6c:c6:98:
55:fd:39:11:ff:1e:99:5a:d0:56:3a:3b:f6:cb:8c:af:c1:0f:
ac:b5:ea:c5:ae:89:65:33:a6:ef:f3:6a:91:a9:ab:7e:5c:d5:
2d:56:ac:c3:ff:75:68:14:a8:8e:95:78:d2:c0:48:79:66:f9:
ad:74:50:29:3a:52:e7:c1:0b:d1:58:86:f1:ab:6e:34:ba:d1:
f1:92:ed:bf:3f:79:bb:fa:6d:6f:d5:e9:b6:f1:11:58:6e:33:
15:f0:de:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvAhmYzDl+lrTVj25JOPpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDg4Y2VmMjhlMDJhZjdkMDBmMjk3ODE2YzU1ZjhlM2M0
M2Q1MzUwHhcNMjQwMTAyMTAzMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzIxN2QyMTc3MDhiOTgxMTZkNDFkY2U1MGZiNjFkOTZlMjIwNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGnsqYMeF/D0wFeF9YbSDTiX4yMH
pkz/tQ5DRyMm80P0nuVhMUlipCPFibL960zWzlXvm/J8G/568edWqwhyq0HS5ACR
FzCsvOLXxOt7S/BJ+/j1UZxkw5indqDo7jc/NdUmVCkjNpDEr5aS77L1p9c/PYEm
EsrdgaKh8h/uEdxC+8Cm+u3HyZI7JShSNp7p7Mvxk0Pns7aN4s8cBx9mIP1ggkOs
T6NDfftFhTl8s2IXC0TLpiJMXXfoYK1+EQmOkalinzyvRZtQ8JKlGuHjdJ2KwLGH
cj1f6uwEfuNMh1cFwkxxuVkDD2TteMpHL4+0PkS4rkb2jxrAOwLr1a84NQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAMhfSF3CLmBFtQdzlD7YdluIgRSMB8GA1UdIwQY
MBaAFG0IjO8o4Cr30A8peBbFX448Q9U1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYt
ZmVlOGVhZjczYjBkLzEvQXlGOUlYY0l1WUVXMUIzT1VQdGgyVzRpQkZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYtZmVlOGVhZjczYjBk
LzEvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVtEMA0G
CSqGSIb3DQEBCwUAA4IBAQAo+jParP2asLX85ZgPnr0BseLPVaiyNo4ryjB1C3i9
Llx64oqrymVww7g4TvQkO5UXxRsPvv0QIA50J0oButUym3jr2yVdiXpIfSuGg3ZK
uCXZ0rhn4LpMwgY1FxmEHkTV6W3/g1rUHh4ONqU85nDt1SI27tiDGMLPySXZ4zL/
maqn6i8FKVmfkSvahOVwu0ljnFSy/nk1vLPD1KxdB35sxphV/TkR/x6ZWtBWOjv2
y4yvwQ+sterFrollM6bv82qRqat+XNUtVqzD/3VoFKiOlXjSwEh5ZvmtdFApOlLn
wQvRWIbxq240utHxku2/P3m7+m1v1em28RFYbjMV8N5T
-----END CERTIFICATE-----
Generated at Thu Jul 11 20:57:29 2024 by rpki-client on console-ams.rpki-client.org