Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/fb7a7d-0655-4587-8af9-7700e25ff769/1/Ty2hN-SXtpCXRZbyiZOqmt2P_FI.roa
File: Ty2hN-SXtpCXRZbyiZOqmt2P_FI.roa (raw, json)
Hash identifier: Bo2IRdWokXxR2DrIuPuysQMBRbWvEIFZULl/y33DAxQ=
Subject key identifier: 4F:2D:A1:37:E4:97:B6:90:97:45:96:F2:89:93:AA:9A:DD:8F:FC:52
Certificate issuer: /CN=aa44eb091b3a33a87beb8e004ab15ef178fbaa00
Certificate serial: 018CC5DBE52FBFCADDDBB57B3C1D7D467E6D
Authority key identifier: AA:44:EB:09:1B:3A:33:A8:7B:EB:8E:00:4A:B1:5E:F1:78:FB:AA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qkTrCRs6M6h7644ASrFe8Xj7qgA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/fb7a7d-0655-4587-8af9-7700e25ff769/1/Ty2hN-SXtpCXRZbyiZOqmt2P_FI.roa
Signing time: Mon 01 Jan 2024 16:29:31 +0000
ROA not before: Mon 01 Jan 2024 16:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209974
IP address blocks: 77.105.148.0/22 maxlen: 22
77.105.154.0/23 maxlen: 23
46.243.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 27 Apr 2024 14:10:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:e5:2f:bf:ca:dd:db:b5:7b:3c:1d:7d:46:7e:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa44eb091b3a33a87beb8e004ab15ef178fbaa00
Validity
Not Before: Jan 1 16:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f2da137e497b690974596f28993aa9add8ffc52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:3b:61:85:a3:b9:f3:13:cb:42:7e:c8:dd:e9:
00:42:a3:7f:bf:75:a5:42:f6:00:12:82:f2:be:d0:
65:36:07:8a:dc:21:ee:c8:08:55:33:f9:2e:ef:f9:
01:50:65:33:9d:6a:7f:18:33:48:c9:c0:1b:c2:0e:
d8:3f:66:66:10:e0:ac:35:b8:f8:5e:44:49:8b:aa:
e3:1e:05:e8:91:61:d1:3a:54:fc:27:ef:4d:6d:05:
ba:77:3e:58:b5:8b:3f:22:b1:62:ac:8a:8e:ce:9d:
7d:a3:62:86:02:b9:0c:0c:4b:9b:68:c8:c9:75:a8:
6a:fe:f8:8f:e4:15:2d:8d:79:4b:9a:cf:83:84:e5:
56:66:02:74:e2:0a:b9:b5:bf:80:13:cb:0f:f0:32:
d9:02:24:96:bd:78:c7:a4:07:ea:05:35:2f:e8:cc:
02:25:84:37:0a:1d:99:8f:fb:0b:97:69:d9:3b:d2:
eb:1a:19:83:0e:05:e5:d0:36:70:3a:81:38:61:fb:
22:36:55:df:5d:1f:5c:de:92:51:86:2f:48:4d:47:
35:ba:06:8d:7d:b3:64:d6:4d:6f:58:d7:b9:ad:33:
bd:60:86:6b:1a:5d:55:dc:c3:e1:a5:89:3c:b3:95:
57:23:c1:26:75:05:e8:7e:0d:06:4a:72:a1:db:3e:
1c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:2D:A1:37:E4:97:B6:90:97:45:96:F2:89:93:AA:9A:DD:8F:FC:52
X509v3 Authority Key Identifier:
keyid:AA:44:EB:09:1B:3A:33:A8:7B:EB:8E:00:4A:B1:5E:F1:78:FB:AA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qkTrCRs6M6h7644ASrFe8Xj7qgA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/fb7a7d-0655-4587-8af9-7700e25ff769/1/Ty2hN-SXtpCXRZbyiZOqmt2P_FI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/fb7a7d-0655-4587-8af9-7700e25ff769/1/qkTrCRs6M6h7644ASrFe8Xj7qgA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.185.0/24
77.105.148.0/22
77.105.154.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:2a:75:f8:58:86:99:64:08:ce:b4:33:23:12:e7:9c:8f:54:
6a:dd:65:95:db:0f:25:0e:ce:69:d4:d8:6c:b6:5b:2f:5c:4c:
7a:6c:92:30:dc:26:90:1d:24:7c:50:b4:a8:d0:77:d5:d3:83:
a7:20:f2:05:11:80:ab:5c:2f:89:c2:e5:45:38:09:bf:b1:ff:
a1:10:82:cc:de:20:77:0a:8a:26:92:fc:e0:59:2c:06:1b:19:
6d:34:73:27:06:c4:fd:63:d9:a7:1f:2b:1e:4f:7d:90:aa:47:
23:79:3e:02:3d:69:b2:fd:ed:f1:90:64:d6:ae:52:c7:4f:47:
43:d5:27:c6:0d:db:32:a0:62:40:21:63:5c:17:20:cd:af:2a:
e4:75:f0:88:8d:d3:1f:74:fb:93:68:7c:45:77:8e:70:28:20:
fd:ea:c1:c9:36:2f:9b:42:1a:79:dc:f2:68:2d:86:8b:71:5e:
fb:59:2e:3b:50:6e:c3:ed:be:bc:02:d2:c1:1b:eb:68:a8:84:
ec:88:a3:28:c3:ca:e8:03:5e:7d:18:8b:51:db:8b:33:dc:89:
94:dd:86:ba:cb:a9:63:45:c5:95:a3:97:8b:34:95:f1:99:39:
d8:bf:a3:35:8a:64:79:70:83:8f:0f:6f:9d:56:b3:fa:9d:0a:
25:8b:60:cc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzF2+Uvv8rd27V7PB19Rn5tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNDRlYjA5MWIzYTMzYTg3YmViOGUwMDRhYjE1ZWYxNzhm
YmFhMDAwHhcNMjQwMTAxMTYyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjJkYTEzN2U0OTdiNjkwOTc0NTk2ZjI4OTkzYWE5YWRkOGZmYzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjthhaO58xPLQn7I3ekAQqN/v3Wl
QvYAEoLyvtBlNgeK3CHuyAhVM/ku7/kBUGUznWp/GDNIycAbwg7YP2ZmEOCsNbj4
XkRJi6rjHgXokWHROlT8J+9NbQW6dz5YtYs/IrFirIqOzp19o2KGArkMDEubaMjJ
dahq/viP5BUtjXlLms+DhOVWZgJ04gq5tb+AE8sP8DLZAiSWvXjHpAfqBTUv6MwC
JYQ3Ch2Zj/sLl2nZO9LrGhmDDgXl0DZwOoE4YfsiNlXfXR9c3pJRhi9ITUc1ugaN
fbNk1k1vWNe5rTO9YIZrGl1V3MPhpYk8s5VXI8EmdQXofg0GSnKh2z4clwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE8toTfkl7aQl0WW8omTqprdj/xSMB8GA1UdIwQY
MBaAFKpE6wkbOjOoe+uOAEqxXvF4+6oAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWtUckNSczZNNmg3NjQ0QVNyRmU4WGo3cWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mYjdhN2QtMDY1NS00NTg3LThhZjkt
NzcwMGUyNWZmNzY5LzEvVHkyaE4tU1h0cENYUlpieWlaT3FtdDJQX0ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mYjdhN2QtMDY1NS00NTg3LThhZjktNzcwMGUyNWZmNzY5
LzEvcWtUckNSczZNNmg3NjQ0QVNyRmU4WGo3cWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALvO5AwQC
TWmUAwQBTWmaMA0GCSqGSIb3DQEBCwUAA4IBAQCsKnX4WIaZZAjOtDMjEuecj1Rq
3WWV2w8lDs5p1NhstlsvXEx6bJIw3CaQHSR8ULSo0HfV04OnIPIFEYCrXC+JwuVF
OAm/sf+hEILM3iB3CoomkvzgWSwGGxltNHMnBsT9Y9mnHyseT32QqkcjeT4CPWmy
/e3xkGTWrlLHT0dD1SfGDdsyoGJAIWNcFyDNryrkdfCIjdMfdPuTaHxFd45wKCD9
6sHJNi+bQhp53PJoLYaLcV77WS47UG7D7b68AtLBG+toqITsiKMow8roA159GItR
24sz3ImU3Ya6y6ljRcWVo5eLNJXxmTnYv6M1imR5cIOPD2+dVrP6nQoli2DM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:00 2024 by rpki-client on console-ams.rpki-client.org