Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/76cNKjRwYbW_yzidUKOKRMEVGa8.roa
File: 76cNKjRwYbW_yzidUKOKRMEVGa8.roa (raw, json)
Hash identifier: ZZlca4txC+mnRhyZQRPsvyQC7/GrDbKH2ebKssV6vq0=
Subject key identifier: EF:A7:0D:2A:34:70:61:B5:BF:CB:38:9D:50:A3:8A:44:C1:15:19:AF
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018DD2AE81B02CFD01E84CD3F6E09395752A
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/76cNKjRwYbW_yzidUKOKRMEVGa8.roa
Signing time: Thu 22 Feb 2024 21:17:48 +0000
ROA not before: Thu 22 Feb 2024 21:17:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 77.81.182.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
89.40.215.0/24 maxlen: 24
91.132.49.0/24 maxlen: 24
91.132.51.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
128.0.41.0/24 maxlen: 24
185.212.119.0/24 maxlen: 24
188.215.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 08:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d2:ae:81:b0:2c:fd:01:e8:4c:d3:f6:e0:93:95:75:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Feb 22 21:17:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=efa70d2a347061b5bfcb389d50a38a44c11519af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d9:61:a1:27:d8:39:0b:6e:79:1d:2c:99:16:
eb:99:54:89:07:be:5f:98:79:d9:d0:60:f9:15:fc:
d3:3d:47:b2:b4:65:1e:28:c5:f5:66:36:c4:83:8e:
0e:7c:58:ef:fd:fb:b7:28:56:5c:8e:5f:7e:b0:c3:
2d:0b:9c:f6:1b:89:3f:27:ed:39:1e:33:8f:c1:14:
4f:76:02:e8:2e:9d:b8:b8:8f:c1:d1:13:0a:42:7f:
16:11:a8:0d:cb:e3:ec:c8:ad:be:85:a5:09:12:ed:
64:b9:4a:ac:e1:80:8d:23:fc:f6:83:99:53:3e:bd:
be:5c:04:9b:f1:31:d2:00:fd:1b:79:a9:7c:0d:76:
23:b0:53:76:d3:a8:ca:56:4c:bc:19:59:73:6d:34:
05:bc:3d:06:a0:52:6f:16:87:ea:5d:3e:79:e1:7c:
c1:53:aa:97:0a:1d:63:7c:3c:59:38:db:e9:72:0a:
ea:6f:9f:8c:5c:e9:ac:65:e9:b2:5b:6a:78:8a:68:
01:46:86:20:94:30:69:6c:92:67:5c:cd:c2:6d:fd:
09:53:b4:ea:0f:a1:a3:45:f6:b5:78:8a:b4:2a:41:
b3:0c:b9:32:33:cc:4c:85:2e:61:3b:66:cd:a8:9d:
0b:94:a6:59:5c:5c:8f:3c:27:4e:c7:c8:dd:1a:11:
66:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:A7:0D:2A:34:70:61:B5:BF:CB:38:9D:50:A3:8A:44:C1:15:19:AF
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/76cNKjRwYbW_yzidUKOKRMEVGa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.182.0/24
89.34.106.0/24
89.35.129.0/24
89.40.215.0/24
91.132.49.0/24
91.132.51.0/24
93.114.183.0/24
128.0.41.0/24
185.212.119.0/24
188.215.31.0/24
Signature Algorithm: sha256WithRSAEncryption
68:7e:5c:d9:51:6d:35:a7:00:56:a7:03:fd:f2:98:7a:d9:dc:
54:e6:8e:a9:b0:88:5b:34:d5:c4:8f:e1:03:26:eb:c2:ee:47:
06:90:f9:95:f6:7c:f4:6d:8a:60:6d:f1:37:a3:70:7e:8d:7d:
2e:dc:0c:6d:c5:ab:4d:19:c7:61:77:f6:4e:21:eb:d9:44:ac:
aa:ba:7d:c6:cd:79:4b:71:29:9b:e7:07:49:96:93:4f:6f:5d:
e5:5c:81:dc:a6:c2:c0:68:b7:4c:96:bb:93:51:9d:87:80:a1:
36:65:3f:ec:5e:07:56:0d:03:d1:14:04:b2:72:1d:a2:f0:1e:
d7:fc:2f:23:e8:a2:bb:0e:30:73:66:1b:bf:0c:b3:c5:75:3d:
4b:ac:d4:00:ee:2e:c6:91:78:48:b9:15:f0:8e:39:c9:33:c2:
ea:d5:e4:5f:38:b0:19:a6:3b:bd:78:e5:65:e4:3d:1f:99:7a:
db:ce:e3:e6:0b:19:bd:ba:92:7f:bf:23:a1:6a:30:c5:56:b0:
f0:62:f2:bd:f7:a1:6a:4f:f1:ba:24:72:c6:18:1e:35:52:c7:
77:e0:6b:60:f9:32:2d:a1:eb:10:7b:5d:cb:92:0b:b7:94:2f:
44:f0:f0:86:19:c6:92:88:eb:83:1d:0b:31:e1:8b:22:7b:6c:
b7:03:68:3f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY3SroGwLP0B6EzT9uCTlXUqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMjIyMjExNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmE3MGQyYTM0NzA2MWI1YmZjYjM4OWQ1MGEzOGE0NGMxMTUxOWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdlhoSfYOQtueR0smRbrmVSJB75f
mHnZ0GD5FfzTPUeytGUeKMX1ZjbEg44OfFjv/fu3KFZcjl9+sMMtC5z2G4k/J+05
HjOPwRRPdgLoLp24uI/B0RMKQn8WEagNy+PsyK2+haUJEu1kuUqs4YCNI/z2g5lT
Pr2+XASb8THSAP0beal8DXYjsFN206jKVky8GVlzbTQFvD0GoFJvFofqXT554XzB
U6qXCh1jfDxZONvpcgrqb5+MXOmsZemyW2p4imgBRoYglDBpbJJnXM3Cbf0JU7Tq
D6GjRfa1eIq0KkGzDLkyM8xMhS5hO2bNqJ0LlKZZXFyPPCdOx8jdGhFmhQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFO+nDSo0cGG1v8s4nVCjikTBFRmvMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvNzZjTktqUndZYldfeXppZFVLT0tSTUVWR2E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQATVG2AwQA
WSJqAwQAWSOBAwQAWSjXAwQAW4QxAwQAW4QzAwQAXXK3AwQAgAApAwQAudR3AwQA
vNcfMA0GCSqGSIb3DQEBCwUAA4IBAQBoflzZUW01pwBWpwP98ph62dxU5o6psIhb
NNXEj+EDJuvC7kcGkPmV9nz0bYpgbfE3o3B+jX0u3AxtxatNGcdhd/ZOIevZRKyq
un3GzXlLcSmb5wdJlpNPb13lXIHcpsLAaLdMlruTUZ2HgKE2ZT/sXgdWDQPRFASy
ch2i8B7X/C8j6KK7DjBzZhu/DLPFdT1LrNQA7i7GkXhIuRXwjjnJM8Lq1eRfOLAZ
pju9eOVl5D0fmXrbzuPmCxm9upJ/vyOhajDFVrDwYvK996FqT/G6JHLGGB41Usd3
4Gtg+TItoesQe13Lkgu3lC9E8PCGGcaSiOuDHQsx4Ysie2y3A2g/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:06 2024 by rpki-client on console-fra.rpki-client.org