Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/SnBlBSCpZInM8iENTnPnNv7Tp54.roa
File: SnBlBSCpZInM8iENTnPnNv7Tp54.roa (raw, json)
Hash identifier: FRBfTdjdA06ydt1isVA18tWfRQ87f8Hz1djmXeu5wFA=
Subject key identifier: 4A:70:65:05:20:A9:64:89:CC:F2:21:0D:4E:73:E7:36:FE:D3:A7:9E
Certificate issuer: /CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Certificate serial: 018CA5C19D2B867F97B9EC8361974CDE4445
Authority key identifier: 6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/SnBlBSCpZInM8iENTnPnNv7Tp54.roa
Signing time: Tue 26 Dec 2023 10:52:58 +0000
ROA not before: Tue 26 Dec 2023 10:52:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42861
IP address blocks: 77.91.66.0/24 maxlen: 24
77.91.65.0/24 maxlen: 24
77.91.76.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a5:c1:9d:2b:86:7f:97:b9:ec:83:61:97:4c:de:44:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Validity
Not Before: Dec 26 10:52:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a70650520a96489ccf2210d4e73e736fed3a79e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a5:1a:26:44:08:ac:d2:2b:6f:e9:36:47:ab:
21:8b:e9:d2:e5:a4:d0:f1:6b:bb:dd:26:ec:84:25:
b7:4c:2d:3a:4e:30:c2:55:8b:65:03:2f:61:b5:3f:
fb:26:e5:c9:05:4b:63:98:0f:2f:d0:0f:90:74:8b:
9e:32:c1:82:30:bc:05:88:7f:4a:ca:7a:98:6b:21:
bd:5b:cd:7c:4f:e6:73:b4:40:af:16:ef:b0:42:6f:
b5:68:04:76:4d:4c:13:ea:35:45:4a:62:f2:af:01:
da:bc:db:61:17:8f:80:70:f9:f4:4e:31:57:8a:39:
d9:27:a1:27:5a:69:f5:d1:6a:1a:a5:f9:c2:d6:a4:
7f:52:35:47:f2:bf:73:47:a1:f7:72:7b:30:9d:b9:
1c:74:be:64:5c:11:09:d7:47:e7:47:89:53:d1:6d:
5e:71:be:46:3c:e1:3b:03:a4:3e:8d:20:a1:85:31:
71:f1:ef:83:7c:3a:0e:44:af:46:94:c6:b1:36:88:
7f:6d:ae:f9:20:71:c4:41:b7:e0:a5:84:44:7a:ca:
38:68:00:43:f7:43:d6:10:98:cc:d9:66:2e:5b:ac:
78:ac:d1:7d:64:d7:0a:f1:e6:9e:f9:69:02:bb:03:
bb:1f:4f:da:df:d4:84:59:36:12:af:b5:6d:bc:f7:
47:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:70:65:05:20:A9:64:89:CC:F2:21:0D:4E:73:E7:36:FE:D3:A7:9E
X509v3 Authority Key Identifier:
keyid:6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/SnBlBSCpZInM8iENTnPnNv7Tp54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.65.0-77.91.66.255
77.91.76.0/24
Signature Algorithm: sha256WithRSAEncryption
67:84:8e:12:99:97:d5:05:87:d1:3f:3a:fc:95:0b:47:52:af:
ce:22:fe:23:d8:15:72:82:a7:c2:12:f6:9c:b2:ec:86:1c:68:
d4:57:d4:21:1c:45:1a:46:12:14:a5:7a:3e:cf:ef:74:7f:6d:
ec:de:58:68:f7:4f:73:df:a0:8a:fb:f7:9d:99:8c:bf:29:6b:
2a:83:6b:75:80:bd:b8:12:17:21:e1:51:7c:3b:91:68:4f:31:
76:c3:a2:b5:d2:4b:45:95:df:53:2e:48:d3:5a:fd:50:58:be:
ac:03:a4:8f:9f:7a:3b:29:ad:c9:94:b5:cc:19:6e:89:12:ba:
06:7b:c0:7d:42:4d:a0:31:a3:36:41:48:e6:c9:14:17:71:34:
16:b6:1b:55:bb:94:70:8c:81:14:f6:84:46:c8:f3:56:35:21:
8a:f0:41:2c:c2:77:ad:cf:45:85:57:2e:16:9e:1a:ae:8b:7e:
7f:83:c9:00:42:55:cd:1a:36:32:84:b5:a5:3d:16:8b:68:ed:
b1:2a:8b:5b:c8:1f:84:cf:8b:0b:96:28:8b:2e:00:87:3e:19:
2a:1e:91:b8:3e:ee:9d:47:df:d1:36:d7:8b:5e:e2:12:28:0f:
be:7b:63:0d:99:3e:00:93:b6:49:74:e6:24:05:66:e8:80:b5:
08:e6:10:f4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYylwZ0rhn+XueyDYZdM3kRFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDg4Y2VmMjhlMDJhZjdkMDBmMjk3ODE2YzU1ZjhlM2M0
M2Q1MzUwHhcNMjMxMjI2MTA1MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTcwNjUwNTIwYTk2NDg5Y2NmMjIxMGQ0ZTczZTczNmZlZDNhNzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6UaJkQIrNIrb+k2R6shi+nS5aTQ
8Wu73SbshCW3TC06TjDCVYtlAy9htT/7JuXJBUtjmA8v0A+QdIueMsGCMLwFiH9K
ynqYayG9W818T+ZztECvFu+wQm+1aAR2TUwT6jVFSmLyrwHavNthF4+AcPn0TjFX
ijnZJ6EnWmn10WoapfnC1qR/UjVH8r9zR6H3cnswnbkcdL5kXBEJ10fnR4lT0W1e
cb5GPOE7A6Q+jSChhTFx8e+DfDoORK9GlMaxNoh/ba75IHHEQbfgpYREeso4aABD
90PWEJjM2WYuW6x4rNF9ZNcK8eae+WkCuwO7H0/a39SEWTYSr7VtvPdH1wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEpwZQUgqWSJzPIhDU5z5zb+06eeMB8GA1UdIwQY
MBaAFG0IjO8o4Cr30A8peBbFX448Q9U1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYt
ZmVlOGVhZjczYjBkLzEvU25CbEJTQ3BaSW5NOGlFTlRuUG5OdjdUcDU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYtZmVlOGVhZjczYjBk
LzEvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABNW0ED
BABNW0IDBABNW0wwDQYJKoZIhvcNAQELBQADggEBAGeEjhKZl9UFh9E/OvyVC0dS
r84i/iPYFXKCp8IS9pyy7IYcaNRX1CEcRRpGEhSlej7P73R/bezeWGj3T3PfoIr7
952ZjL8payqDa3WAvbgSFyHhUXw7kWhPMXbDorXSS0WV31MuSNNa/VBYvqwDpI+f
ejsprcmUtcwZbokSugZ7wH1CTaAxozZBSObJFBdxNBa2G1W7lHCMgRT2hEbI81Y1
IYrwQSzCd63PRYVXLhaeGq6Lfn+DyQBCVc0aNjKEtaU9Foto7bEqi1vIH4TPiwuW
KIsuAIc+GSoekbg+7p1H39E214te4hIoD757Yw2ZPgCTtkl05iQFZuiAtQjmEPQ=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:30 2024 by rpki-client on console-ams.rpki-client.org