Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/kZtu_0zYwPYSZj90H1IS1_bQnGw.roa
File: kZtu_0zYwPYSZj90H1IS1_bQnGw.roa (raw, json)
Hash identifier: JZoG4+FFqg0nWLwwVh8/jNYMDH+PTJigU/DsDuonuwM=
Subject key identifier: 91:9B:6E:FF:4C:D8:C0:F6:12:66:3F:74:1F:52:12:D7:F6:D0:9C:6C
Certificate issuer: /CN=da70c441fb892b8c9816534885069fcd3300c9a4
Certificate serial: 018C5FFE89D1BFB2B7720D16180CFF092C8B
Authority key identifier: DA:70:C4:41:FB:89:2B:8C:98:16:53:48:85:06:9F:CD:33:00:C9:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2nDEQfuJK4yYFlNIhQafzTMAyaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/kZtu_0zYwPYSZj90H1IS1_bQnGw.roa
Signing time: Tue 12 Dec 2023 21:46:06 +0000
ROA not before: Tue 12 Dec 2023 21:46:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210644
IP address blocks: 77.105.166.0/24 maxlen: 24
77.105.167.0/24 maxlen: 24
185.225.201.0/24 maxlen: 24
185.225.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5f:fe:89:d1:bf:b2:b7:72:0d:16:18:0c:ff:09:2c:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da70c441fb892b8c9816534885069fcd3300c9a4
Validity
Not Before: Dec 12 21:46:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=919b6eff4cd8c0f612663f741f5212d7f6d09c6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f1:6a:b3:18:53:dc:fe:2b:d9:65:63:a0:6a:
ed:4d:2b:f3:1a:99:76:60:a9:de:cd:b7:65:98:e4:
4a:4f:1f:b8:a9:a9:7d:cd:ee:a4:a9:36:20:14:37:
12:95:d0:8f:24:af:9a:3e:b2:b9:a6:42:6a:7e:9a:
27:3c:78:b9:5a:98:8c:85:44:77:c9:7d:4b:27:9a:
3c:53:02:22:9f:25:c0:2c:13:2a:0e:63:ce:51:0f:
88:cc:96:bb:2a:04:e2:27:63:e7:6a:bc:29:6a:cf:
45:7e:a1:f7:c4:68:dc:72:f0:34:1a:dc:31:33:60:
5d:07:94:d3:ad:e3:26:0c:b7:fd:c4:78:0d:8e:26:
b6:72:b0:85:55:da:33:bc:90:4e:3d:6d:8a:6c:75:
56:79:16:28:e4:cb:34:a9:f4:00:79:98:fc:3f:27:
c3:1f:5b:7b:54:d6:e6:20:8e:27:03:43:3e:b5:df:
27:29:23:16:65:55:a7:45:9a:28:d2:93:35:6d:ef:
48:0c:20:91:c7:d9:05:9e:60:90:f4:fd:04:7a:e6:
2b:0e:4b:42:fd:29:4b:4f:5f:b9:af:6d:f0:17:db:
0b:c3:7e:d9:9f:36:15:65:4a:33:f8:0a:e0:40:6a:
17:44:47:ab:39:b4:dc:8f:25:4a:81:f3:f2:76:92:
d2:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:9B:6E:FF:4C:D8:C0:F6:12:66:3F:74:1F:52:12:D7:F6:D0:9C:6C
X509v3 Authority Key Identifier:
keyid:DA:70:C4:41:FB:89:2B:8C:98:16:53:48:85:06:9F:CD:33:00:C9:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nDEQfuJK4yYFlNIhQafzTMAyaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/kZtu_0zYwPYSZj90H1IS1_bQnGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/e53de5-1b5f-4467-a68c-15fc0b68f844/1/2nDEQfuJK4yYFlNIhQafzTMAyaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.166.0/23
185.225.200.0/23
Signature Algorithm: sha256WithRSAEncryption
41:7b:80:59:3d:2b:22:43:19:d6:91:46:87:4c:ab:cf:a1:22:
7a:3f:26:c7:ab:45:a7:d2:c3:75:16:27:15:bf:c9:82:72:82:
cc:dc:93:97:04:f5:e5:ff:84:91:47:e0:4a:9f:91:5e:d0:68:
8f:1b:bc:d2:51:34:72:a7:eb:7b:9d:ab:47:c5:d6:54:04:34:
4f:0a:3f:9e:7e:fb:7b:bb:c4:3e:ed:db:d9:75:33:0e:7f:e1:
37:ef:90:85:fa:05:59:92:bc:95:0e:be:84:6b:9d:41:55:21:
90:e0:e5:72:d8:c5:8b:9d:85:d9:91:15:ce:fb:8f:f3:8a:a1:
15:ca:52:69:4f:7e:8c:d0:32:46:60:8a:34:1a:1d:35:d8:92:
19:bb:eb:88:74:42:b7:56:18:cc:71:82:97:7c:49:4a:0b:8e:
d6:35:d7:3b:46:0c:5d:59:64:40:7e:d0:86:15:ff:64:62:21:
24:11:d7:27:b4:f1:c5:4b:4c:b9:6f:42:0a:6c:77:0f:d4:ec:
9c:34:b4:5c:af:27:4c:e7:c2:70:bb:19:b6:18:95:85:c4:c5:
20:66:59:e1:d1:bc:9a:61:32:65:55:85:ca:f3:d4:73:8d:91:
9a:84:bb:dd:5d:97:54:e9:8d:7b:37:17:fe:f7:3c:02:b1:84:
e0:f9:fd:c5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxf/onRv7K3cg0WGAz/CSyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzBjNDQxZmI4OTJiOGM5ODE2NTM0ODg1MDY5ZmNkMzMw
MGM5YTQwHhcNMjMxMjEyMjE0NjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTliNmVmZjRjZDhjMGY2MTI2NjNmNzQxZjUyMTJkN2Y2ZDA5YzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/FqsxhT3P4r2WVjoGrtTSvzGpl2
YKnezbdlmORKTx+4qal9ze6kqTYgFDcSldCPJK+aPrK5pkJqfponPHi5WpiMhUR3
yX1LJ5o8UwIinyXALBMqDmPOUQ+IzJa7KgTiJ2Pnarwpas9FfqH3xGjccvA0Gtwx
M2BdB5TTreMmDLf9xHgNjia2crCFVdozvJBOPW2KbHVWeRYo5Ms0qfQAeZj8PyfD
H1t7VNbmII4nA0M+td8nKSMWZVWnRZoo0pM1be9IDCCRx9kFnmCQ9P0EeuYrDktC
/SlLT1+5r23wF9sLw37ZnzYVZUoz+ArgQGoXREerObTcjyVKgfPydpLS0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJGbbv9M2MD2EmY/dB9SEtf20JxsMB8GA1UdIwQY
MBaAFNpwxEH7iSuMmBZTSIUGn80zAMmkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5ERVFmdUpLNHlZRmxOSWhRYWZ6VE1BeWFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lNTNkZTUtMWI1Zi00NDY3LWE2OGMt
MTVmYzBiNjhmODQ0LzEva1p0dV8well3UFlTWmo5MEgxSVMxX2JRbkd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lNTNkZTUtMWI1Zi00NDY3LWE2OGMtMTVmYzBiNjhmODQ0
LzEvMm5ERVFmdUpLNHlZRmxOSWhRYWZ6VE1BeWFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBTWmmAwQB
ueHIMA0GCSqGSIb3DQEBCwUAA4IBAQBBe4BZPSsiQxnWkUaHTKvPoSJ6PybHq0Wn
0sN1FicVv8mCcoLM3JOXBPXl/4SRR+BKn5Fe0GiPG7zSUTRyp+t7natHxdZUBDRP
Cj+efvt7u8Q+7dvZdTMOf+E375CF+gVZkryVDr6Ea51BVSGQ4OVy2MWLnYXZkRXO
+4/ziqEVylJpT36M0DJGYIo0Gh012JIZu+uIdEK3VhjMcYKXfElKC47WNdc7Rgxd
WWRAftCGFf9kYiEkEdcntPHFS0y5b0IKbHcP1OycNLRcrydM58Jwuxm2GJWFxMUg
Zlnh0byaYTJlVYXK89RzjZGahLvdXZdU6Y17Nxf+9zwCsYTg+f3F
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:21 2024 by rpki-client on console-ams.rpki-client.org