Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/KvNv2GqBMWaVhhsPF7l9rU6oq4o.roa
File: KvNv2GqBMWaVhhsPF7l9rU6oq4o.roa (raw, json)
Hash identifier: Mf4eZ5Z/AbM1OhRmCwMYm2nrxbt7a8ctyN3QTRNwHDk=
Subject key identifier: 2A:F3:6F:D8:6A:81:31:66:95:86:1B:0F:17:B9:7D:AD:4E:A8:AB:8A
Certificate issuer: /CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Certificate serial: 018EDCA027503656EA996CEA30E8C89675F8
Authority key identifier: 6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/KvNv2GqBMWaVhhsPF7l9rU6oq4o.roa
Signing time: Sun 14 Apr 2024 12:41:07 +0000
ROA not before: Sun 14 Apr 2024 12:41:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215428
IP address blocks: 77.91.65.0/24 maxlen: 24
77.91.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 May 2024 09:28:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:dc:a0:27:50:36:56:ea:99:6c:ea:30:e8:c8:96:75:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Validity
Not Before: Apr 14 12:41:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2af36fd86a81316695861b0f17b97dad4ea8ab8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3d:0f:cb:27:89:88:93:77:c4:6f:bc:99:b8:
73:94:e9:a1:f1:46:6d:7b:28:b2:ba:07:8d:97:8c:
ef:9e:9d:fa:93:c5:e7:bc:68:91:63:d7:9c:da:b4:
c3:b4:31:d4:28:04:64:19:73:2a:e8:13:0a:97:e9:
47:78:4f:37:a8:b0:1b:ba:6a:ef:85:5a:72:f7:1e:
6b:b2:7b:8f:a6:85:06:11:dd:9b:a4:7f:6b:5e:35:
31:7d:48:fa:8c:38:da:81:09:7d:33:88:b6:f6:40:
38:7e:45:23:e2:8b:00:f6:8c:c6:e7:1a:48:cd:63:
4d:a8:8b:82:60:d9:00:fe:90:af:b0:89:28:71:66:
77:28:0a:bc:9b:65:44:39:62:cf:6b:26:8e:c3:0d:
a9:01:88:ef:05:75:14:93:21:73:ed:48:bb:20:4e:
cb:b1:32:e9:b9:05:2c:4e:be:d6:3d:2e:a1:a8:9a:
d4:1e:1f:be:65:b5:f5:a7:00:58:53:8c:69:19:16:
a7:6b:7b:20:ba:6a:9b:f4:38:9c:e3:a5:ad:8b:7a:
5b:ce:c6:18:57:4e:ff:77:ce:a8:5c:5f:7d:5c:85:
d6:3c:77:18:26:37:7b:53:c5:8e:84:93:d5:da:7f:
e5:8d:99:3a:77:75:e2:ae:11:3d:a4:49:ca:bf:3e:
56:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F3:6F:D8:6A:81:31:66:95:86:1B:0F:17:B9:7D:AD:4E:A8:AB:8A
X509v3 Authority Key Identifier:
keyid:6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/KvNv2GqBMWaVhhsPF7l9rU6oq4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.65.0-77.91.66.255
Signature Algorithm: sha256WithRSAEncryption
29:46:93:e3:d4:29:db:47:ba:88:6b:bd:c5:e6:55:e4:05:10:
b8:66:77:66:71:d1:6b:91:c1:13:26:e8:c0:f1:a8:e3:7b:4e:
03:bf:ea:06:17:a1:96:17:67:e3:2a:0b:b8:0a:6b:b6:29:ea:
2f:34:d5:8e:9b:fc:0c:56:41:94:f5:34:9d:b4:cb:36:19:aa:
d8:5a:c7:35:34:75:d5:e4:2c:6e:94:ce:93:cc:f2:33:ad:d7:
69:4d:84:6a:58:3f:1c:e0:30:bb:a7:2c:32:ac:59:e5:b5:fb:
a9:ac:96:40:62:44:f5:10:8e:91:c2:e1:f1:2d:31:6b:02:c7:
d5:b1:ae:e2:34:7a:c5:06:7c:0e:0e:8f:a4:42:b8:09:93:64:
e2:01:82:42:1a:48:1d:9f:cc:94:af:ff:11:13:4e:0a:b1:9a:
03:88:02:9d:65:b1:65:67:92:72:e5:ec:0d:11:18:4f:ee:59:
a6:79:75:49:b0:d0:00:80:84:b7:7f:5f:f1:2a:64:5e:4b:64:
b5:21:9e:40:07:1d:4d:24:60:1f:92:c9:5f:01:6f:b4:a1:77:
b5:65:5a:24:d7:c2:8f:13:80:f7:1c:59:fd:51:18:04:13:e6:
f5:e8:9b:f5:24:c4:d5:36:6f:47:e9:2f:b8:3e:2e:d0:e3:4c:
68:8b:a0:f0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY7coCdQNlbqmWzqMOjIlnX4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDg4Y2VmMjhlMDJhZjdkMDBmMjk3ODE2YzU1ZjhlM2M0
M2Q1MzUwHhcNMjQwNDE0MTI0MTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWYzNmZkODZhODEzMTY2OTU4NjFiMGYxN2I5N2RhZDRlYThhYjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApj0PyyeJiJN3xG+8mbhzlOmh8UZt
eyiyugeNl4zvnp36k8XnvGiRY9ec2rTDtDHUKARkGXMq6BMKl+lHeE83qLAbumrv
hVpy9x5rsnuPpoUGEd2bpH9rXjUxfUj6jDjagQl9M4i29kA4fkUj4osA9ozG5xpI
zWNNqIuCYNkA/pCvsIkocWZ3KAq8m2VEOWLPayaOww2pAYjvBXUUkyFz7Ui7IE7L
sTLpuQUsTr7WPS6hqJrUHh++ZbX1pwBYU4xpGRana3sgumqb9Dic46Wti3pbzsYY
V07/d86oXF99XIXWPHcYJjd7U8WOhJPV2n/ljZk6d3XirhE9pEnKvz5WSQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCrzb9hqgTFmlYYbDxe5fa1OqKuKMB8GA1UdIwQY
MBaAFG0IjO8o4Cr30A8peBbFX448Q9U1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYt
ZmVlOGVhZjczYjBkLzEvS3ZOdjJHcUJNV2FWaGhzUEY3bDlyVTZvcTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYtZmVlOGVhZjczYjBk
LzEvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABNW0ED
BABNW0IwDQYJKoZIhvcNAQELBQADggEBAClGk+PUKdtHuohrvcXmVeQFELhmd2Zx
0WuRwRMm6MDxqON7TgO/6gYXoZYXZ+MqC7gKa7Yp6i801Y6b/AxWQZT1NJ20yzYZ
qthaxzU0ddXkLG6UzpPM8jOt12lNhGpYPxzgMLunLDKsWeW1+6mslkBiRPUQjpHC
4fEtMWsCx9WxruI0esUGfA4Oj6RCuAmTZOIBgkIaSB2fzJSv/xETTgqxmgOIAp1l
sWVnknLl7A0RGE/uWaZ5dUmw0ACAhLd/X/EqZF5LZLUhnkAHHU0kYB+SyV8Bb7Sh
d7VlWiTXwo8TgPccWf1RGAQT5vXom/UkxNU2b0fpL7g+LtDjTGiLoPA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:42 2024 by rpki-client on console-ams.rpki-client.org