Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/zahsGbt--L1oUwSm1eUlXzZSyew.roa
File: zahsGbt--L1oUwSm1eUlXzZSyew.roa (raw, json)
Hash identifier: CSYF8Wv1YNjcCXK6QeIHnOG/aDbvtuj72t7M0287aE8=
Subject key identifier: CD:A8:6C:19:BB:7E:F8:BD:68:53:04:A6:D5:E5:25:5F:36:52:C9:EC
Certificate issuer: /CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Certificate serial: 0193F64A4E4ECEEC8E23AACE08FA4E0565A9
Authority key identifier: 6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/zahsGbt--L1oUwSm1eUlXzZSyew.roa
Signing time: Tue 24 Dec 2024 01:31:25 +0000
ROA not before: Tue 24 Dec 2024 01:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 77.91.70.0/24 maxlen: 24
77.91.76.0/24 maxlen: 24
77.91.77.0/24 maxlen: 24
77.91.78.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:53:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f6:4a:4e:4e:ce:ec:8e:23:aa:ce:08:fa:4e:05:65:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Validity
Not Before: Dec 24 01:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cda86c19bb7ef8bd685304a6d5e5255f3652c9ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:be:79:2d:1f:b9:b5:fe:28:54:e2:04:ca:fb:
ae:18:5d:e4:76:9a:48:b1:14:90:cb:b2:0a:f7:e1:
7c:dc:6e:5a:8c:9d:3a:0a:6d:0c:1d:60:81:be:a1:
13:81:74:ed:46:3f:b4:bb:5b:42:42:3c:c7:ee:62:
34:73:5d:b2:d0:4b:36:09:ea:03:20:88:7b:e8:84:
fa:ac:18:1a:60:9a:d6:f2:90:fe:04:70:28:f4:6b:
82:08:f3:af:2d:d9:79:82:2b:46:5d:b7:b3:e9:db:
86:bb:17:c2:71:c0:c1:ea:93:c8:95:b6:16:ea:d2:
50:f2:4b:9a:a4:5d:e3:2f:4e:3f:0e:70:d1:25:bb:
b2:6d:c7:4d:f8:74:09:26:1e:4b:87:86:70:ff:89:
c4:ce:0a:ca:a5:d3:0e:8c:b9:cc:77:0e:e3:eb:b0:
bc:72:90:32:77:31:03:a3:69:41:e0:00:44:9e:92:
18:e5:14:aa:2d:ab:24:90:25:ae:2c:24:7d:37:37:
76:08:66:68:5c:ce:a9:bc:bb:d7:d4:80:42:1d:dd:
70:3c:6b:fa:9c:a6:02:40:23:38:7d:f9:2a:17:2a:
ad:fb:91:87:af:69:4b:18:6e:7f:bc:b6:96:cb:db:
10:06:58:9f:76:55:a2:50:9c:ed:fa:e6:2a:76:4b:
83:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:A8:6C:19:BB:7E:F8:BD:68:53:04:A6:D5:E5:25:5F:36:52:C9:EC
X509v3 Authority Key Identifier:
keyid:6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/zahsGbt--L1oUwSm1eUlXzZSyew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.70.0/24
77.91.76.0-77.91.78.255
Signature Algorithm: sha256WithRSAEncryption
9d:f1:4f:90:ca:2c:01:0f:d8:b3:01:b6:8a:72:7c:94:91:06:
76:c5:fa:53:9b:fe:d6:b8:45:3e:cc:b2:78:17:db:91:e6:b2:
58:2c:02:63:c6:0f:04:b5:9f:eb:5e:30:2f:7f:0e:59:77:34:
24:b8:17:e4:76:cc:20:c7:a2:29:d1:e8:7d:7d:e3:db:71:49:
58:7b:e8:17:81:14:3d:66:d1:9d:e4:bd:34:b0:83:99:08:85:
78:85:86:94:7f:a6:bd:16:9b:ac:40:48:4b:c9:f3:a9:ee:5a:
b2:fe:33:e3:f3:34:dd:02:18:70:bd:9f:de:70:e6:24:a3:4f:
fe:da:66:cd:11:f2:12:4a:29:14:03:d2:af:93:19:88:99:53:
1c:ca:46:31:41:6a:d7:cb:39:b7:66:8c:0e:bb:fa:2e:a6:db:
24:79:f2:ca:2e:53:f5:0f:a1:c4:cc:f4:ea:d7:b7:27:b6:2b:
e5:20:97:84:c4:96:21:c2:c7:a4:10:b1:ab:a8:fd:40:f2:23:
64:c5:20:e7:95:ee:ce:e6:4f:9c:a4:6a:a4:0f:3e:1b:2b:03:
0c:14:06:30:fd:91:c9:a4:af:70:35:fe:64:55:55:79:6a:06:
4e:45:38:72:2d:45:35:12:c8:da:cf:03:2f:84:3f:3b:f3:c0:
4a:7a:f7:4f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZP2Sk5OzuyOI6rOCPpOBWWpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDg4Y2VmMjhlMDJhZjdkMDBmMjk3ODE2YzU1ZjhlM2M0
M2Q1MzUwHhcNMjQxMjI0MDEzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGE4NmMxOWJiN2VmOGJkNjg1MzA0YTZkNWU1MjU1ZjM2NTJjOWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2r55LR+5tf4oVOIEyvuuGF3kdppI
sRSQy7IK9+F83G5ajJ06Cm0MHWCBvqETgXTtRj+0u1tCQjzH7mI0c12y0Es2CeoD
IIh76IT6rBgaYJrW8pD+BHAo9GuCCPOvLdl5gitGXbez6duGuxfCccDB6pPIlbYW
6tJQ8kuapF3jL04/DnDRJbuybcdN+HQJJh5Lh4Zw/4nEzgrKpdMOjLnMdw7j67C8
cpAydzEDo2lB4ABEnpIY5RSqLaskkCWuLCR9Nzd2CGZoXM6pvLvX1IBCHd1wPGv6
nKYCQCM4ffkqFyqt+5GHr2lLGG5/vLaWy9sQBlifdlWiUJzt+uYqdkuD/QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFM2obBm7fvi9aFMEptXlJV82UsnsMB8GA1UdIwQY
MBaAFG0IjO8o4Cr30A8peBbFX448Q9U1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYt
ZmVlOGVhZjczYjBkLzEvemFoc0didC0tTDFvVXdTbTFlVWxYelpTeWV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYtZmVlOGVhZjczYjBk
LzEvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQATVtGMAwD
BAJNW0wDBABNW04wDQYJKoZIhvcNAQELBQADggEBAJ3xT5DKLAEP2LMBtopyfJSR
BnbF+lOb/ta4RT7MsngX25HmslgsAmPGDwS1n+teMC9/Dll3NCS4F+R2zCDHoinR
6H1949txSVh76BeBFD1m0Z3kvTSwg5kIhXiFhpR/pr0Wm6xASEvJ86nuWrL+M+Pz
NN0CGHC9n95w5iSjT/7aZs0R8hJKKRQD0q+TGYiZUxzKRjFBatfLObdmjA67+i6m
2yR58souU/UPocTM9OrXtye2K+Ugl4TEliHCx6QQsauo/UDyI2TFIOeV7s7mT5yk
aqQPPhsrAwwUBjD9kcmkr3A1/mRVVXlqBk5FOHItRTUSyNrPAy+EPzvzwEp6908=
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:00:25 2025 by rpki-client