Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/I4pYRIfUPDaB4qhOGbgAB-9KAU4.roa
File: I4pYRIfUPDaB4qhOGbgAB-9KAU4.roa (raw, json)
Hash identifier: Z4Di0WZwmbYzgx0kAhAfvHk6wE1CTr0j+aWdJxtAnBU=
Subject key identifier: 23:8A:58:44:87:D4:3C:36:81:E2:A8:4E:19:B8:00:07:EF:4A:01:4E
Certificate issuer: /CN=8f3818554a51808eefb829ec7465a3222f270123
Certificate serial: 0191701A8509B9974A1C3E766C8494C979A8
Authority key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/I4pYRIfUPDaB4qhOGbgAB-9KAU4.roa
Signing time: Tue 20 Aug 2024 14:04:31 +0000
ROA not before: Tue 20 Aug 2024 14:04:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42484
IP address blocks: 77.73.24.0/21 maxlen: 21
77.73.24.0/22 maxlen: 22
77.73.28.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 21 Aug 2024 08:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:70:1a:85:09:b9:97:4a:1c:3e:76:6c:84:94:c9:79:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3818554a51808eefb829ec7465a3222f270123
Validity
Not Before: Aug 20 14:04:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=238a584487d43c3681e2a84e19b80007ef4a014e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2c:ef:8c:04:7c:f8:31:de:6f:d8:a6:9c:2b:
f0:8d:52:dc:ec:a3:16:e2:28:f2:9e:65:9d:e5:32:
2e:d4:99:c7:ee:d1:84:b0:7a:f5:64:31:e4:16:45:
d7:f4:a5:e0:7c:0a:1d:23:18:84:96:b9:49:e3:65:
09:f1:10:8e:75:b2:1b:57:03:eb:dd:2f:91:2e:83:
aa:09:cc:a9:33:db:ae:96:72:2b:14:cc:69:ff:ab:
bf:8e:ce:b8:9c:97:3f:b3:2f:a8:7d:7a:b3:3a:9d:
bb:ef:ac:85:c3:0f:05:87:22:2e:1d:d9:16:f6:cc:
7c:09:64:cc:ad:41:47:50:91:e1:66:62:43:10:60:
51:97:c1:0b:3e:de:2e:03:39:32:fe:1f:94:28:87:
59:1b:03:ad:25:ac:06:fe:6c:e9:e8:0b:9e:30:79:
92:75:f3:e7:15:70:f3:28:15:83:0d:e7:da:52:40:
ae:51:7d:49:c8:4a:28:e4:bd:af:dc:08:28:a7:b0:
a3:03:ce:de:49:39:ab:c5:71:b2:96:17:e5:d0:5e:
c1:51:51:3a:2b:14:ef:0c:5a:96:4e:25:fa:e0:3b:
26:e9:4f:13:27:36:55:78:bf:99:34:ba:e5:a3:4f:
2b:16:1b:78:12:84:ec:02:28:d9:a0:85:0e:9b:29:
be:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:8A:58:44:87:D4:3C:36:81:E2:A8:4E:19:B8:00:07:EF:4A:01:4E
X509v3 Authority Key Identifier:
keyid:8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/I4pYRIfUPDaB4qhOGbgAB-9KAU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.24.0/21
Signature Algorithm: sha256WithRSAEncryption
7d:cc:c4:7d:95:2a:8e:e0:d1:b5:88:03:82:75:5c:d9:b8:e1:
7b:5e:02:61:df:81:ed:13:a9:fb:89:95:7d:ab:bd:f4:1b:aa:
ca:6b:b7:3a:a4:f3:34:25:1d:aa:2a:d1:91:6f:dd:18:74:f9:
f1:8b:9f:44:42:c4:45:06:a2:aa:ed:d4:2e:06:61:87:8b:4a:
48:80:35:5e:ea:06:82:56:26:8b:3a:b1:73:e1:02:92:8b:f1:
54:84:97:c5:84:5a:d1:24:38:db:f6:de:82:86:6b:3e:e6:fa:
72:06:d9:c4:8e:b6:05:6a:5d:2b:87:f8:48:69:77:4c:ce:12:
55:31:2c:8a:ea:2d:cb:1b:c4:5c:5f:40:ce:98:e4:d4:e4:86:
74:80:dd:60:29:b7:24:be:ba:ef:cf:67:e3:4e:a5:84:f2:c1:
4f:79:57:b8:10:fd:1d:f0:e3:c7:5c:22:69:d9:81:d2:70:19:
18:40:55:a3:71:e1:97:45:48:2d:4c:76:68:02:a2:8a:0e:3d:
34:aa:62:20:01:39:16:6c:b6:f4:94:c9:c4:a8:a8:44:ab:be:
2c:63:bb:35:ee:39:9d:a9:ad:d0:16:9c:75:ca:4c:01:f2:4b:
dd:4a:19:bc:e5:5a:c4:1a:7e:7a:75:e7:3d:e0:2b:5e:de:bb:
89:26:c2:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFwGoUJuZdKHD52bISUyXmoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzgxODU1NGE1MTgwOGVlZmI4MjllYzc0NjVhMzIyMmYy
NzAxMjMwHhcNMjQwODIwMTQwNDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzhhNTg0NDg3ZDQzYzM2ODFlMmE4NGUxOWI4MDAwN2VmNGEwMTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSzvjAR8+DHeb9imnCvwjVLc7KMW
4ijynmWd5TIu1JnH7tGEsHr1ZDHkFkXX9KXgfAodIxiElrlJ42UJ8RCOdbIbVwPr
3S+RLoOqCcypM9uulnIrFMxp/6u/js64nJc/sy+ofXqzOp2776yFww8FhyIuHdkW
9sx8CWTMrUFHUJHhZmJDEGBRl8ELPt4uAzky/h+UKIdZGwOtJawG/mzp6AueMHmS
dfPnFXDzKBWDDefaUkCuUX1JyEoo5L2v3Agop7CjA87eSTmrxXGylhfl0F7BUVE6
KxTvDFqWTiX64Dsm6U8TJzZVeL+ZNLrlo08rFht4EoTsAijZoIUOmym+gwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCOKWESH1Dw2geKoThm4AAfvSgFOMB8GA1UdIwQY
MBaAFI84GFVKUYCO77gp7HRloyIvJwEjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgt
YmZiNGJhMzBlNDVhLzEvSTRwWVJJZlVQRGFCNHFoT0diZ0FCLTlLQVU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgtYmZiNGJhMzBlNDVh
LzEvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDTUkYMA0G
CSqGSIb3DQEBCwUAA4IBAQB9zMR9lSqO4NG1iAOCdVzZuOF7XgJh34HtE6n7iZV9
q730G6rKa7c6pPM0JR2qKtGRb90YdPnxi59EQsRFBqKq7dQuBmGHi0pIgDVe6gaC
ViaLOrFz4QKSi/FUhJfFhFrRJDjb9t6Chms+5vpyBtnEjrYFal0rh/hIaXdMzhJV
MSyK6i3LG8RcX0DOmOTU5IZ0gN1gKbckvrrvz2fjTqWE8sFPeVe4EP0d8OPHXCJp
2YHScBkYQFWjceGXRUgtTHZoAqKKDj00qmIgATkWbLb0lMnEqKhEq74sY7s17jmd
qa3QFpx1ykwB8kvdShm85VrEGn56dec94Cte3ruJJsJL
-----END CERTIFICATE-----
Generated at Wed Aug 21 09:58:21 2024 by rpki-client on console-fra.rpki-client.org