Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ThA78eMDLnLo0K9480DrLHUaG0k.roa
File: ThA78eMDLnLo0K9480DrLHUaG0k.roa (raw, json)
Hash identifier: xzuRhYnMAi8+XyTstJjdUvrc1DCwBxr2yihnlNx7H4M=
Subject key identifier: 4E:10:3B:F1:E3:03:2E:72:E8:D0:AF:78:F3:40:EB:2C:75:1A:1B:49
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018B673A9B6F74C4F5CF216A0BECC56524C1
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ThA78eMDLnLo0K9480DrLHUaG0k.roa
Signing time: Wed 25 Oct 2023 14:26:16 +0000
ROA not before: Wed 25 Oct 2023 14:26:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42216
IP address blocks: 77.92.142.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:67:3a:9b:6f:74:c4:f5:cf:21:6a:0b:ec:c5:65:24:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Oct 25 14:26:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e103bf1e3032e72e8d0af78f340eb2c751a1b49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f1:6b:5c:31:31:cc:c0:ad:8d:af:1b:dc:eb:
ef:d8:51:6c:8c:1a:f5:a2:c7:78:7d:50:ce:94:58:
98:72:d5:37:fb:4a:84:14:09:4d:aa:a1:64:e2:08:
94:19:38:fb:94:45:d9:37:6b:48:0d:7c:e4:94:e1:
e6:1d:c9:19:89:fa:e5:33:2c:25:b6:21:57:f8:3b:
9c:16:fa:19:5e:c9:94:64:56:88:71:b4:67:45:0c:
82:96:67:4f:b7:de:51:2b:8b:d7:8c:5d:8e:c7:10:
3c:8c:eb:13:81:cb:3c:4c:f0:5f:05:6d:ff:57:8a:
38:8b:42:52:47:5e:4d:9b:ee:0c:86:10:62:0b:8a:
fc:d9:f1:6c:cd:f3:68:46:24:33:f2:2e:f6:b9:27:
47:81:e9:98:7d:71:81:15:c1:d1:0e:4a:6a:20:12:
c9:58:e8:0e:44:f0:bf:64:83:b7:3d:70:be:ec:a6:
36:5e:d9:ee:2b:ff:4f:e6:76:0b:61:12:8e:e2:a6:
9f:55:16:87:25:f0:ee:bf:1a:05:8d:e6:35:59:25:
95:ba:3b:a9:22:71:9d:64:24:63:8e:ae:68:91:50:
0a:f6:59:23:6a:96:78:ed:2d:ff:9b:82:77:ee:62:
f3:5d:fa:a2:31:e7:85:a7:34:d6:4b:b3:6c:ac:f8:
f5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:10:3B:F1:E3:03:2E:72:E8:D0:AF:78:F3:40:EB:2C:75:1A:1B:49
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ThA78eMDLnLo0K9480DrLHUaG0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.142.0/24
78.135.86.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:a5:d8:3c:0a:4b:0e:89:39:2a:19:e2:04:5b:e8:12:f9:e0:
dc:f8:5e:f9:7e:48:90:5e:dd:3e:25:b5:e8:6f:bc:d4:ff:0e:
c0:dd:2c:43:ed:90:4f:0f:ae:c4:db:a1:3b:80:f9:33:21:f4:
b6:17:bd:4b:d0:1c:2c:5b:a9:e3:16:70:bf:76:a9:f4:05:b3:
54:9a:3b:2a:d3:cd:e8:e7:78:3f:62:3d:e2:8a:d1:00:bc:33:
a0:b7:58:2e:94:4a:3c:08:cd:bc:dd:ea:32:2b:7c:d2:16:be:
31:74:d3:bd:1e:7a:69:98:ac:cc:85:7e:a0:57:3e:29:13:41:
a9:15:d7:36:b1:74:cc:f4:ac:cb:d0:59:76:3b:9b:e6:26:53:
51:e2:52:41:5f:52:f0:af:93:18:0d:e6:51:04:12:fd:ca:a3:
56:06:3b:ca:f2:27:13:e9:53:ad:b2:25:12:c7:ef:fd:a7:bd:
2c:11:6a:2a:75:de:37:ed:07:90:ad:d2:64:b1:62:1a:a5:64:
92:4b:1f:25:16:91:6d:b8:f6:db:56:58:7c:df:1f:91:09:fa:
64:73:0c:e6:6e:fc:b4:75:d2:cd:e1:0c:fa:28:f0:73:f9:09:
f8:67:b2:55:ed:42:63:49:67:0c:04:2f:fc:50:53:26:10:85:
99:8d:66:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtnOptvdMT1zyFqC+zFZSTBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjMxMDI1MTQyNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTEwM2JmMWUzMDMyZTcyZThkMGFmNzhmMzQwZWIyYzc1MWExYjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPFrXDExzMCtja8b3Ovv2FFsjBr1
osd4fVDOlFiYctU3+0qEFAlNqqFk4giUGTj7lEXZN2tIDXzklOHmHckZifrlMywl
tiFX+DucFvoZXsmUZFaIcbRnRQyClmdPt95RK4vXjF2OxxA8jOsTgcs8TPBfBW3/
V4o4i0JSR15Nm+4MhhBiC4r82fFszfNoRiQz8i72uSdHgemYfXGBFcHRDkpqIBLJ
WOgORPC/ZIO3PXC+7KY2XtnuK/9P5nYLYRKO4qafVRaHJfDuvxoFjeY1WSWVujup
InGdZCRjjq5okVAK9lkjapZ47S3/m4J37mLzXfqiMeeFpzTWS7NsrPj1IQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE4QO/HjAy5y6NCvePNA6yx1GhtJMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvVGhBNzhlTURMbkxvMEs5NDgwRHJMSFVhRzBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVyOAwQA
TodWMA0GCSqGSIb3DQEBCwUAA4IBAQBfpdg8CksOiTkqGeIEW+gS+eDc+F75fkiQ
Xt0+JbXob7zU/w7A3SxD7ZBPD67E26E7gPkzIfS2F71L0BwsW6njFnC/dqn0BbNU
mjsq083o53g/Yj3iitEAvDOgt1gulEo8CM283eoyK3zSFr4xdNO9HnppmKzMhX6g
Vz4pE0GpFdc2sXTM9KzL0Fl2O5vmJlNR4lJBX1Lwr5MYDeZRBBL9yqNWBjvK8icT
6VOtsiUSx+/9p70sEWoqdd437QeQrdJksWIapWSSSx8lFpFtuPbbVlh83x+RCfpk
cwzmbvy0ddLN4Qz6KPBz+Qn4Z7JV7UJjSWcMBC/8UFMmEIWZjWbC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:44 2024 by rpki-client on console-fra.rpki-client.org