Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/4Mu4lhp9kaA3eayO-k3ufyFLAFw.roa
File: 4Mu4lhp9kaA3eayO-k3ufyFLAFw.roa (raw, json)
Hash identifier: 9Ernqs5/tWucFNoPlCLAUvqYiNG0YXtt1HORyjSBfkg=
Subject key identifier: E0:CB:B8:96:1A:7D:91:A0:37:79:AC:8E:FA:4D:EE:7F:21:4B:00:5C
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 0191B76E92F080B485FA79FF8C6A14F5E40F
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/4Mu4lhp9kaA3eayO-k3ufyFLAFw.roa
Signing time: Tue 03 Sep 2024 10:29:22 +0000
ROA not before: Tue 03 Sep 2024 10:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 77.246.220.0/24 maxlen: 24
185.58.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Sep 2024 10:12:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b7:6e:92:f0:80:b4:85:fa:79:ff:8c:6a:14:f5:e4:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Sep 3 10:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0cbb8961a7d91a03779ac8efa4dee7f214b005c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ba:f2:1a:07:49:f1:cf:21:d7:e6:2c:78:dc:
97:63:0c:a8:8b:e7:f2:0c:b5:93:8e:55:08:55:4d:
67:8c:a1:9d:3e:81:8e:30:d1:b0:cb:54:63:45:c2:
32:3c:b4:74:fd:d7:da:8e:86:7c:ee:71:75:7c:57:
81:23:67:7a:51:15:f2:54:af:bf:98:d3:5d:98:8c:
fe:06:ff:83:0b:4a:e0:36:1b:10:35:5d:f9:af:47:
c1:36:72:a9:d7:07:a7:44:18:30:f5:df:b1:ac:76:
84:63:42:47:3e:4f:7e:9f:40:3a:d2:ad:9b:dd:e2:
a9:e3:4c:19:52:a9:b4:65:07:4c:74:8e:37:da:01:
97:0e:98:96:2a:f7:f6:60:25:16:d5:65:74:ac:ea:
5d:f1:67:47:a9:ce:9b:d5:f8:0b:70:c3:5e:08:1e:
a0:10:84:21:16:21:92:29:2b:c7:67:0c:74:3d:a4:
9c:52:bc:bd:00:46:5a:9e:b2:1b:8a:e4:ba:e3:22:
4f:9f:66:17:09:eb:84:66:73:27:75:b5:8d:28:bc:
6a:5f:45:e0:23:cf:74:73:fa:9d:ae:36:60:bf:88:
db:4a:8a:c2:46:9f:31:50:82:14:99:25:56:08:6b:
bf:8b:4f:81:e0:08:7a:d9:39:fa:fe:41:0d:95:ee:
4b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:CB:B8:96:1A:7D:91:A0:37:79:AC:8E:FA:4D:EE:7F:21:4B:00:5C
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/4Mu4lhp9kaA3eayO-k3ufyFLAFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.220.0/24
185.58.23.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:e2:6c:97:ad:84:80:50:10:7e:5a:70:8b:7f:c4:05:4e:fd:
8c:c0:37:52:44:5a:be:27:71:6d:3a:1e:b0:bf:68:a9:ef:a7:
8b:ee:0e:c7:e2:91:24:02:80:ea:9f:ce:1e:ad:d8:6c:c5:0a:
7d:af:1b:14:a3:9e:7d:fd:f7:d0:7d:f6:f5:db:e2:18:c4:8a:
27:92:7b:d8:5e:54:55:2b:b8:2d:9a:e1:e6:db:69:97:f3:0a:
2f:79:be:50:b0:31:d6:6b:a1:28:ed:dd:b7:a2:1a:fa:86:e8:
60:9a:1b:26:d9:da:dc:b3:ea:42:c3:22:fd:52:d7:3c:9a:91:
0e:96:92:06:e7:be:9a:78:67:cc:a3:c9:2c:f8:0f:f2:d2:f5:
03:5a:35:a3:1f:26:6a:1f:d3:d0:5f:73:60:0a:34:7c:db:a8:
9d:08:70:74:65:5e:0e:2c:12:1a:f3:44:10:d9:e5:8f:ba:fc:
ed:6b:26:12:f4:ac:9a:53:71:a9:85:a4:a8:ed:64:87:36:f9:
32:5e:28:11:f2:f5:d2:57:82:33:eb:e0:63:03:f9:ae:15:d2:
a5:6c:b1:39:00:80:57:98:0a:39:2e:31:6d:d2:ed:3b:88:fc:
58:39:29:4f:84:1b:db:d8:66:d3:89:c6:91:7f:dd:fb:77:5a:
7e:a6:cb:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZG3bpLwgLSF+nn/jGoU9eQPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjQwOTAzMTAyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGNiYjg5NjFhN2Q5MWEwMzc3OWFjOGVmYTRkZWU3ZjIxNGIwMDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrryGgdJ8c8h1+YseNyXYwyoi+fy
DLWTjlUIVU1njKGdPoGOMNGwy1RjRcIyPLR0/dfajoZ87nF1fFeBI2d6URXyVK+/
mNNdmIz+Bv+DC0rgNhsQNV35r0fBNnKp1wenRBgw9d+xrHaEY0JHPk9+n0A60q2b
3eKp40wZUqm0ZQdMdI432gGXDpiWKvf2YCUW1WV0rOpd8WdHqc6b1fgLcMNeCB6g
EIQhFiGSKSvHZwx0PaScUry9AEZanrIbiuS64yJPn2YXCeuEZnMndbWNKLxqX0Xg
I890c/qdrjZgv4jbSorCRp8xUIIUmSVWCGu/i0+B4Ah62Tn6/kENle5LgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFODLuJYafZGgN3msjvpN7n8hSwBcMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvNE11NGxocDlrYUEzZWF5Ty1rM3VmeUZMQUZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATfbcAwQA
uToXMA0GCSqGSIb3DQEBCwUAA4IBAQAf4myXrYSAUBB+WnCLf8QFTv2MwDdSRFq+
J3FtOh6wv2ip76eL7g7H4pEkAoDqn84erdhsxQp9rxsUo559/ffQffb12+IYxIon
knvYXlRVK7gtmuHm22mX8woveb5QsDHWa6Eo7d23ohr6huhgmhsm2drcs+pCwyL9
Utc8mpEOlpIG576aeGfMo8ks+A/y0vUDWjWjHyZqH9PQX3NgCjR826idCHB0ZV4O
LBIa80QQ2eWPuvztayYS9KyaU3GphaSo7WSHNvkyXigR8vXSV4Iz6+BjA/muFdKl
bLE5AIBXmAo5LjFt0u07iPxYOSlPhBvb2GbTicaRf937d1p+psuk
-----END CERTIFICATE-----
Generated at Mon Sep 9 12:50:09 2024 by rpki-client on console-fra.rpki-client.org