Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/2hYWHBkfr6j0c0IE9aj7EkXReNk.roa
File: 2hYWHBkfr6j0c0IE9aj7EkXReNk.roa (raw, json)
Hash identifier: 5YXKN2KuK9LgUoCWtepHjYh2FMDT6p+bxvWSYvVxN1A=
Subject key identifier: DA:16:16:1C:19:1F:AF:A8:F4:73:42:04:F5:A8:FB:12:45:D1:78:D9
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0189791B1B5F172A36D8F01EED5333CC85ED
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/2hYWHBkfr6j0c0IE9aj7EkXReNk.roa
Signing time: Fri 21 Jul 2023 15:39:26 +0000
ROA not before: Fri 21 Jul 2023 15:39:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48678
IP address blocks: 77.92.153.0/24 maxlen: 24
188.132.185.0/24 maxlen: 24
78.135.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Sep 2023 13:14:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:79:1b:1b:5f:17:2a:36:d8:f0:1e:ed:53:33:cc:85:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jul 21 15:39:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da16161c191fafa8f4734204f5a8fb1245d178d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ac:e4:13:a3:a3:53:22:a4:c4:63:c0:83:d1:
3d:b1:50:83:e1:3a:17:6b:0c:f7:9b:ab:8f:2c:c5:
a3:3a:71:ff:48:95:ef:5a:00:5a:63:63:7e:23:c5:
f6:7b:12:7f:aa:43:0b:82:6c:2b:f3:a1:0c:f9:dc:
03:f9:0d:7a:cd:d5:94:db:a9:f9:58:89:a7:b7:cc:
0a:e6:b6:97:67:04:82:97:58:cd:8a:46:4f:3c:6e:
9a:69:cb:0d:ac:99:9e:eb:9b:4d:3f:7c:ca:95:85:
07:31:4d:9e:d3:61:18:87:37:f3:64:6a:28:dc:90:
b5:c0:8a:d0:de:93:05:f9:71:96:a4:cf:b6:a5:43:
92:55:70:e7:8f:c7:b4:7a:7c:39:c7:02:1b:d0:1b:
a9:1b:f9:1f:3c:b9:ae:5a:14:75:72:fb:2b:b4:e6:
93:b3:3d:22:96:84:77:1f:e8:a3:e4:8c:d4:c3:fb:
67:de:db:4d:cd:ce:4c:5a:32:b8:2d:f8:9a:51:c9:
33:99:f1:ba:06:2c:6c:1a:7a:5e:d7:c2:be:d2:ab:
de:64:b0:95:fb:eb:1d:0b:b7:3d:6a:c1:a1:0b:5e:
9d:fa:24:3b:7f:9e:60:37:92:0d:90:b3:fa:f1:cb:
9a:ea:87:7a:5b:77:16:9b:f2:17:8d:ab:6b:79:b8:
8d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:16:16:1C:19:1F:AF:A8:F4:73:42:04:F5:A8:FB:12:45:D1:78:D9
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/2hYWHBkfr6j0c0IE9aj7EkXReNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.153.0/24
78.135.66.0/24
188.132.185.0/24
Signature Algorithm: sha256WithRSAEncryption
68:3c:e9:0d:56:f6:7d:44:c1:aa:16:42:1c:2a:2e:1f:26:d9:
e7:f7:af:9a:eb:fb:a6:3b:56:c2:26:c7:9c:44:9e:7e:7b:af:
d2:aa:31:ce:e6:73:33:24:0c:a0:42:61:2f:34:aa:03:c5:ab:
c6:14:65:21:e9:87:fb:8f:80:02:25:65:b9:b9:bf:ca:98:9a:
fd:17:f8:1d:d9:bb:50:12:c4:1f:53:a5:4a:f8:65:09:c3:1b:
f8:c0:39:b0:bf:45:a1:31:a5:c6:0e:9f:34:17:5a:3b:43:00:
d0:30:be:dd:04:4f:51:62:2b:01:64:ef:12:7d:61:bf:ea:2c:
ec:bf:c5:7e:08:a4:1e:68:c6:ef:1d:08:e5:d1:59:76:b6:a9:
dd:d7:c5:6a:71:da:9e:da:26:ba:c7:15:54:a6:e8:2d:70:7c:
33:8b:75:6f:63:c3:79:4b:72:13:c6:e7:bd:a3:24:a7:15:cb:
ba:e1:ed:c7:02:e1:80:3c:0f:bf:88:6b:5d:c4:3f:48:b0:e4:
7f:46:22:f1:66:26:a5:46:1c:ee:97:bc:3e:15:75:8f:94:a7:
51:8f:ca:4d:dd:e3:c2:17:8d:e5:0e:5a:c0:e8:bc:46:be:2b:
5a:a4:8e:38:71:b9:b0:d0:f9:50:2c:19:27:11:ca:74:db:ef:
7d:63:6c:e6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYl5GxtfFyo22PAe7VMzzIXtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjMwNzIxMTUzOTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTE2MTYxYzE5MWZhZmE4ZjQ3MzQyMDRmNWE4ZmIxMjQ1ZDE3OGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwazkE6OjUyKkxGPAg9E9sVCD4ToX
awz3m6uPLMWjOnH/SJXvWgBaY2N+I8X2exJ/qkMLgmwr86EM+dwD+Q16zdWU26n5
WImnt8wK5raXZwSCl1jNikZPPG6aacsNrJme65tNP3zKlYUHMU2e02EYhzfzZGoo
3JC1wIrQ3pMF+XGWpM+2pUOSVXDnj8e0enw5xwIb0BupG/kfPLmuWhR1cvsrtOaT
sz0iloR3H+ij5IzUw/tn3ttNzc5MWjK4LfiaUckzmfG6BixsGnpe18K+0qveZLCV
++sdC7c9asGhC16d+iQ7f55gN5INkLP68cua6od6W3cWm/IXjatrebiNKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNoWFhwZH6+o9HNCBPWo+xJF0XjZMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvMmhZV0hCa2ZyNmowYzBJRTlhajdFa1hSZU5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVyZAwQA
TodCAwQAvIS5MA0GCSqGSIb3DQEBCwUAA4IBAQBoPOkNVvZ9RMGqFkIcKi4fJtnn
96+a6/umO1bCJsecRJ5+e6/SqjHO5nMzJAygQmEvNKoDxavGFGUh6Yf7j4ACJWW5
ub/KmJr9F/gd2btQEsQfU6VK+GUJwxv4wDmwv0WhMaXGDp80F1o7QwDQML7dBE9R
YisBZO8SfWG/6izsv8V+CKQeaMbvHQjl0Vl2tqnd18Vqcdqe2ia6xxVUpugtcHwz
i3VvY8N5S3ITxue9oySnFcu64e3HAuGAPA+/iGtdxD9IsOR/RiLxZialRhzul7w+
FXWPlKdRj8pN3ePCF43lDlrA6LxGvitapI44cbmw0PlQLBknEcp02+99Y2zm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:43 2024 by rpki-client on console-fra.rpki-client.org