Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/yvFOwn2zYVEAJ2YX14_ELkCFwV0.roa
File: yvFOwn2zYVEAJ2YX14_ELkCFwV0.roa (raw, json)
Hash identifier: NKg8a91K5GnDDkYLnuxhi9v3V4oC+l/4EqU5FjGopus=
Subject key identifier: CA:F1:4E:C2:7D:B3:61:51:00:27:66:17:D7:8F:C4:2E:40:85:C1:5D
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018F7C15F9DD37E2CA0C6ED169B0A9165B45
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/yvFOwn2zYVEAJ2YX14_ELkCFwV0.roa
Signing time: Wed 15 May 2024 11:49:25 +0000
ROA not before: Wed 15 May 2024 11:49:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207459
IP address blocks: 77.92.154.0/24 maxlen: 24
78.135.80.0/24 maxlen: 24
78.135.87.0/24 maxlen: 24
78.135.88.0/24 maxlen: 24
185.17.136.0/24 maxlen: 24
188.132.188.0/24 maxlen: 24
188.132.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jul 2024 21:21:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7c:15:f9:dd:37:e2:ca:0c:6e:d1:69:b0:a9:16:5b:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: May 15 11:49:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=caf14ec27db3615100276617d78fc42e4085c15d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:14:1c:0d:95:74:5a:e4:70:ac:01:4f:4d:41:
28:3f:29:bf:0f:17:b4:c5:50:43:d8:ba:50:7b:ae:
36:a4:7c:40:38:49:37:ba:1d:c7:62:8d:6b:7a:57:
92:74:8b:5a:ae:0d:f6:36:3b:02:45:b1:09:59:81:
3b:d3:db:25:77:2d:0e:1b:ad:de:e3:d5:d3:54:c9:
0b:05:2b:e5:0f:11:4b:0c:5f:e0:bc:b1:cc:10:7c:
16:8c:0e:34:53:fb:c2:d8:61:3f:6c:db:71:f5:79:
3d:46:b5:02:46:3e:9e:c6:7d:42:e0:e5:bc:76:2d:
32:0d:a3:f1:47:8f:56:e2:40:cf:f8:6a:82:d7:1a:
1b:8f:75:9c:af:25:ed:7d:74:c3:45:5f:89:31:cb:
bc:02:27:b9:25:d2:04:94:af:72:c0:2f:46:0e:4f:
05:c4:85:20:fc:3c:8f:45:98:d6:13:a8:6f:a9:1b:
17:90:ff:70:0c:f4:1a:88:2c:2c:72:97:ed:0c:0b:
85:02:71:43:17:56:3d:a0:0d:f1:ce:b0:6d:ec:90:
12:b0:29:59:69:28:ac:30:5d:57:1c:05:e7:fe:56:
71:c4:aa:c4:95:cf:c5:e5:f7:c8:36:40:e7:ae:fa:
69:0a:18:05:30:9d:4e:46:60:dd:a3:cf:0c:d8:8f:
08:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:F1:4E:C2:7D:B3:61:51:00:27:66:17:D7:8F:C4:2E:40:85:C1:5D
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/yvFOwn2zYVEAJ2YX14_ELkCFwV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.154.0/24
78.135.80.0/24
78.135.87.0-78.135.88.255
185.17.136.0/24
188.132.188.0/24
188.132.209.0/24
Signature Algorithm: sha256WithRSAEncryption
70:00:51:9e:f9:59:61:1f:47:27:6f:d4:bf:7d:d8:04:dc:78:
fc:b6:ce:35:90:f3:32:7f:49:a7:b5:43:6e:f0:19:1b:0d:31:
44:2e:de:bf:46:7b:20:33:8c:cd:bc:16:c9:60:cc:28:6e:08:
b2:94:79:b1:2b:09:bd:25:e7:33:18:08:e4:e5:3e:34:12:ff:
fb:00:d9:ff:7b:1a:dc:02:4e:c9:35:20:cf:93:bc:d3:71:98:
a3:8f:23:d4:08:9d:0c:26:80:da:41:98:51:78:48:33:8f:d5:
34:81:b8:20:4f:3b:7c:69:9d:20:cb:fe:3e:8e:a9:73:bb:7f:
43:87:78:39:b7:76:07:42:1b:c4:fe:d5:96:7b:61:72:81:3b:
ec:fc:8c:d1:0e:8c:93:32:2a:7f:00:fa:51:b8:0c:51:91:71:
72:30:de:0a:38:da:3f:19:e0:d3:70:0d:41:3d:c0:3c:6e:15:
74:10:6c:b7:00:c1:c7:db:94:a1:f2:44:b7:f7:1c:1e:69:41:
cc:05:f0:31:90:7a:05:3c:26:2e:9e:b8:93:50:ec:ef:d1:d4:
b7:ca:86:2c:d2:1d:e1:7a:bd:24:92:f6:58:27:e7:5a:88:e5:
bb:d6:07:13:ca:6a:86:13:26:71:3c:ab:4a:72:a0:a0:af:79:
b3:81:a4:ef
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY98FfndN+LKDG7RabCpFltFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQwNTE1MTE0OTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWYxNGVjMjdkYjM2MTUxMDAyNzY2MTdkNzhmYzQyZTQwODVjMTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRQcDZV0WuRwrAFPTUEoPym/Dxe0
xVBD2LpQe642pHxAOEk3uh3HYo1releSdItarg32NjsCRbEJWYE709sldy0OG63e
49XTVMkLBSvlDxFLDF/gvLHMEHwWjA40U/vC2GE/bNtx9Xk9RrUCRj6exn1C4OW8
di0yDaPxR49W4kDP+GqC1xobj3WcryXtfXTDRV+JMcu8Aie5JdIElK9ywC9GDk8F
xIUg/DyPRZjWE6hvqRsXkP9wDPQaiCwscpftDAuFAnFDF1Y9oA3xzrBt7JASsClZ
aSisMF1XHAXn/lZxxKrElc/F5ffINkDnrvppChgFMJ1ORmDdo88M2I8I7wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFMrxTsJ9s2FRACdmF9ePxC5AhcFdMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEveXZGT3duMnpZVkVBSjJZWDE0X0VMa0NGd1YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQATVyaAwQA
TodQMAwDBABOh1cDBABOh1gDBAC5EYgDBAC8hLwDBAC8hNEwDQYJKoZIhvcNAQEL
BQADggEBAHAAUZ75WWEfRydv1L992ATcePy2zjWQ8zJ/Sae1Q27wGRsNMUQu3r9G
eyAzjM28FslgzChuCLKUebErCb0l5zMYCOTlPjQS//sA2f97GtwCTsk1IM+TvNNx
mKOPI9QInQwmgNpBmFF4SDOP1TSBuCBPO3xpnSDL/j6OqXO7f0OHeDm3dgdCG8T+
1ZZ7YXKBO+z8jNEOjJMyKn8A+lG4DFGRcXIw3go42j8Z4NNwDUE9wDxuFXQQbLcA
wcfblKHyRLf3HB5pQcwF8DGQegU8Ji6euJNQ7O/R1LfKhizSHeF6vSSS9lgn51qI
5bvWBxPKaoYTJnE8q0pyoKCvebOBpO8=
-----END CERTIFICATE-----
Generated at Wed Jul 17 23:29:16 2024 by rpki-client on console-fra.rpki-client.org