Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/4RZqQitBoXvtSHXJtdG7wL4Y2SM.roa
File: 4RZqQitBoXvtSHXJtdG7wL4Y2SM.roa (raw, json)
Hash identifier: QE3mr62ZdedEIuYFkujJ9cHmiA4y7t+tKSAOIIrmwFI=
Subject key identifier: E1:16:6A:42:2B:41:A1:7B:ED:48:75:C9:B5:D1:BB:C0:BE:18:D9:23
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018CC8DF8E9FC68E6D751DED1C47559F37FD
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/4RZqQitBoXvtSHXJtdG7wL4Y2SM.roa
Signing time: Tue 02 Jan 2024 06:32:23 +0000
ROA not before: Tue 02 Jan 2024 06:32:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212193
IP address blocks: 77.92.147.0/24 maxlen: 24
77.92.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jan 2024 22:32:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:8e:9f:c6:8e:6d:75:1d:ed:1c:47:55:9f:37:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 06:32:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1166a422b41a17bed4875c9b5d1bbc0be18d923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:60:0d:d3:01:84:47:9f:90:f1:5b:92:6d:54:
0b:5a:03:a3:f5:9c:3a:74:0a:f8:7e:5a:98:84:b7:
b0:dd:ba:30:38:cd:ed:57:66:a4:53:30:64:9b:a3:
9a:d8:2a:b6:9e:90:44:46:dc:bf:a1:ea:f9:11:5c:
b3:b7:ba:76:af:eb:0c:d8:95:6b:34:e4:69:c0:0f:
f1:bf:2e:79:7e:36:6d:ff:ac:01:17:e3:35:ec:68:
1f:e6:5e:91:2a:1a:dd:33:06:c8:60:67:01:b1:37:
cf:d7:79:3a:65:14:82:0a:cd:8c:15:56:7b:cd:cb:
39:24:79:60:fa:13:89:d3:7e:f4:71:ed:62:33:e7:
a2:a1:81:8e:58:1c:8b:10:42:18:87:d9:91:9d:88:
f7:ce:72:d9:58:a7:b6:d8:49:c3:4b:c7:98:a4:5f:
45:1b:eb:2e:74:6c:c2:e4:ba:02:80:e7:0d:44:62:
2f:01:47:c1:0f:97:ea:9d:8c:4e:cd:cb:07:4e:33:
60:ec:1b:5a:7d:52:99:7b:a5:22:3a:e5:f5:a0:eb:
48:22:a1:4e:59:28:63:fb:d6:ae:ce:1a:58:23:42:
7f:25:3d:fe:d4:ed:c2:42:1b:d1:f4:97:b6:a7:d1:
1c:0b:c1:25:4b:b3:49:f2:ed:8d:73:5c:80:84:57:
85:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:16:6A:42:2B:41:A1:7B:ED:48:75:C9:B5:D1:BB:C0:BE:18:D9:23
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/4RZqQitBoXvtSHXJtdG7wL4Y2SM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.147.0/24
77.92.152.0/24
Signature Algorithm: sha256WithRSAEncryption
63:13:65:a3:cb:e3:c5:f7:40:43:0f:f1:1b:f0:ef:c5:a5:0a:
db:a8:88:a6:53:0e:ec:6e:49:04:61:2f:1a:fd:cc:45:92:c2:
9e:e3:37:f0:f9:b0:6e:1f:44:f9:32:82:c3:ce:6f:05:fa:40:
f1:6b:5c:56:59:68:ad:e0:da:12:2b:f0:6c:82:f3:a0:87:09:
3b:f3:1b:aa:a9:0b:1d:59:2e:e4:9c:f1:69:df:15:44:bc:b7:
12:b8:3c:2a:fd:54:14:7e:10:40:91:d3:e1:05:50:8a:a8:37:
94:54:73:4e:6b:4f:eb:54:d0:f6:c0:91:2e:58:d2:ee:73:90:
ff:64:c1:35:b3:59:7f:5e:9d:ac:e2:6e:cc:e6:93:73:ec:35:
33:43:20:ae:93:f5:9f:96:77:11:9e:18:fe:26:45:21:53:2c:
2d:c9:3e:c0:bf:f9:b3:00:1d:7f:68:ec:30:46:f0:8b:29:29:
3d:32:4a:b4:66:83:6d:dd:5d:3f:45:ef:93:da:97:36:00:5a:
1c:d2:a0:17:78:7e:54:a0:f5:44:7e:80:70:6d:ef:61:4e:5f:
4f:c4:94:c4:9d:23:18:99:fc:c0:c8:77:4a:fc:7a:51:f8:fd:
dc:27:10:51:f3:9d:ce:8e:bc:21:bf:03:b3:a3:93:cc:91:5a:
9f:58:c2:7a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI346fxo5tdR3tHEdVnzf9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQwMTAyMDYzMjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTE2NmE0MjJiNDFhMTdiZWQ0ODc1YzliNWQxYmJjMGJlMThkOTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmAN0wGER5+Q8VuSbVQLWgOj9Zw6
dAr4flqYhLew3bowOM3tV2akUzBkm6Oa2Cq2npBERty/oer5EVyzt7p2r+sM2JVr
NORpwA/xvy55fjZt/6wBF+M17Ggf5l6RKhrdMwbIYGcBsTfP13k6ZRSCCs2MFVZ7
zcs5JHlg+hOJ0370ce1iM+eioYGOWByLEEIYh9mRnYj3znLZWKe22EnDS8eYpF9F
G+sudGzC5LoCgOcNRGIvAUfBD5fqnYxOzcsHTjNg7BtafVKZe6UiOuX1oOtIIqFO
WShj+9auzhpYI0J/JT3+1O3CQhvR9Je2p9EcC8ElS7NJ8u2Nc1yAhFeFcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOEWakIrQaF77Uh1ybXRu8C+GNkjMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvNFJacVFpdEJvWHZ0U0hYSnRkRzd3TDRZMlNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVyTAwQA
TVyYMA0GCSqGSIb3DQEBCwUAA4IBAQBjE2Wjy+PF90BDD/Eb8O/FpQrbqIimUw7s
bkkEYS8a/cxFksKe4zfw+bBuH0T5MoLDzm8F+kDxa1xWWWit4NoSK/BsgvOghwk7
8xuqqQsdWS7knPFp3xVEvLcSuDwq/VQUfhBAkdPhBVCKqDeUVHNOa0/rVND2wJEu
WNLuc5D/ZME1s1l/Xp2s4m7M5pNz7DUzQyCuk/WflncRnhj+JkUhUywtyT7Av/mz
AB1/aOwwRvCLKSk9Mkq0ZoNt3V0/Re+T2pc2AFoc0qAXeH5UoPVEfoBwbe9hTl9P
xJTEnSMYmfzAyHdK/HpR+P3cJxBR853OjrwhvwOzo5PMkVqfWMJ6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:43 2024 by rpki-client on console-fra.rpki-client.org