Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/8K9lfJ5HXzRhO9FGvnawblB685c.roa
File: 8K9lfJ5HXzRhO9FGvnawblB685c.roa (raw, json)
Hash identifier: lMPB4ycVFoBvKtBCoOLpHZXM8LSuK+QdVsXdkC31cmo=
Subject key identifier: F0:AF:65:7C:9E:47:5F:34:61:3B:D1:46:BE:76:B0:6E:50:7A:F3:97
Certificate issuer: /CN=7415fec4ae76b24e4f02991649917b99b740044a
Certificate serial: 018DD63F49C554559FA99A81DE6FF5379561
Authority key identifier: 74:15:FE:C4:AE:76:B2:4E:4F:02:99:16:49:91:7B:99:B7:40:04:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/8K9lfJ5HXzRhO9FGvnawblB685c.roa
Signing time: Fri 23 Feb 2024 13:54:48 +0000
ROA not before: Fri 23 Feb 2024 13:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215428
IP address blocks: 77.105.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d6:3f:49:c5:54:55:9f:a9:9a:81:de:6f:f5:37:95:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7415fec4ae76b24e4f02991649917b99b740044a
Validity
Not Before: Feb 23 13:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0af657c9e475f34613bd146be76b06e507af397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:9c:fe:f9:0d:6b:30:c6:19:3f:51:7c:32:99:
70:51:4a:36:19:cf:dd:95:ec:2b:2b:47:19:2a:0e:
03:ff:5a:a5:a9:5d:4e:35:b4:d4:92:4a:de:47:3a:
ef:7c:05:8d:50:c5:79:ff:83:91:91:f9:e9:38:32:
f2:8b:84:39:18:39:26:9c:47:78:ee:20:2d:8c:a4:
e3:98:8d:ef:1b:eb:28:26:43:6d:14:b3:89:12:c7:
dd:07:bb:d8:14:d7:38:de:09:e9:f5:f1:6f:5c:b4:
7e:85:84:97:b2:22:6b:a7:fc:28:3c:9a:88:1e:c9:
b8:51:d5:0d:71:f6:4f:23:22:da:55:cd:09:ed:0a:
83:28:e4:e0:f3:5e:aa:44:66:8e:02:1d:85:18:70:
ca:73:ae:6d:5f:29:d5:04:36:23:7d:a0:42:e9:c3:
74:6e:92:23:c7:5a:31:63:00:21:15:8c:b6:6c:ab:
5a:00:21:ce:59:94:46:61:9d:fc:6d:8d:6d:52:bf:
09:3f:af:05:16:73:c1:f0:74:df:56:0c:c3:b6:e3:
04:75:4d:f6:e1:d8:3a:33:93:53:52:5d:cd:30:a7:
54:6b:1c:4c:81:e0:78:09:5a:b5:22:8d:13:3e:18:
ee:94:dc:29:88:2b:43:1d:28:5b:4a:b8:cd:cd:ea:
44:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:AF:65:7C:9E:47:5F:34:61:3B:D1:46:BE:76:B0:6E:50:7A:F3:97
X509v3 Authority Key Identifier:
keyid:74:15:FE:C4:AE:76:B2:4E:4F:02:99:16:49:91:7B:99:B7:40:04:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/8K9lfJ5HXzRhO9FGvnawblB685c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/dBX-xK52sk5PApkWSZF7mbdABEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.161.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:74:03:8c:0b:ac:f3:c1:f6:52:e4:5d:54:2b:26:c0:fa:f9:
92:7b:a5:e6:12:db:e1:9a:ac:32:6e:67:94:de:d0:6a:41:10:
10:5a:d9:0d:e2:5b:c9:6d:74:75:b6:23:ed:11:3f:86:c0:da:
09:4b:3f:49:ca:a1:dd:fb:3c:8f:e0:5a:94:14:eb:49:bb:45:
01:b0:d2:6d:72:28:47:e8:6d:d1:b0:5f:0d:2d:95:8f:6e:4c:
4d:ef:18:e5:73:77:fe:0f:76:ab:59:d8:ac:f6:81:a7:e9:48:
d5:32:3e:3a:24:d4:30:cd:fd:ed:43:7c:82:de:a6:f6:fa:aa:
3e:4e:f9:26:02:a8:57:ee:93:6d:07:f7:55:3d:ee:39:17:f4:
fe:8f:10:3b:6e:9d:25:bc:58:76:57:c2:92:3c:15:28:db:c5:
1c:52:6f:0d:70:42:6d:e5:24:26:bc:62:55:9e:8d:ab:e6:a0:
2a:dd:4f:20:05:6e:4c:7d:97:e1:9c:44:9c:5e:f3:6c:c4:9c:
f7:7c:89:d5:22:22:d4:da:d2:6a:96:11:95:4b:f8:43:da:c9:
ef:fa:74:b9:ac:57:0f:8a:61:1b:5b:24:86:91:3c:0b:9c:d9:
4c:3f:c4:fc:24:fd:1f:07:72:98:2c:83:89:47:6d:08:a2:73:
b7:34:34:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3WP0nFVFWfqZqB3m/1N5VhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MTVmZWM0YWU3NmIyNGU0ZjAyOTkxNjQ5OTE3Yjk5Yjc0
MDA0NGEwHhcNMjQwMjIzMTM1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGFmNjU3YzllNDc1ZjM0NjEzYmQxNDZiZTc2YjA2ZTUwN2FmMzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5z++Q1rMMYZP1F8MplwUUo2Gc/d
lewrK0cZKg4D/1qlqV1ONbTUkkreRzrvfAWNUMV5/4ORkfnpODLyi4Q5GDkmnEd4
7iAtjKTjmI3vG+soJkNtFLOJEsfdB7vYFNc43gnp9fFvXLR+hYSXsiJrp/woPJqI
Hsm4UdUNcfZPIyLaVc0J7QqDKOTg816qRGaOAh2FGHDKc65tXynVBDYjfaBC6cN0
bpIjx1oxYwAhFYy2bKtaACHOWZRGYZ38bY1tUr8JP68FFnPB8HTfVgzDtuMEdU32
4dg6M5NTUl3NMKdUaxxMgeB4CVq1Io0TPhjulNwpiCtDHShbSrjNzepE6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPCvZXyeR180YTvRRr52sG5QevOXMB8GA1UdIwQY
MBaAFHQV/sSudrJOTwKZFkmRe5m3QARKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEJYLXhLNTJzazVQQXBrV1NaRjdtYmRBQkVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy85ODc5NzktOTY5My00NWUzLTg1YmEt
ZWQ1MzU4YjZkYTMxLzEvOEs5bGZKNUhYelJoTzlGR3ZuYXdibEI2ODVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy85ODc5NzktOTY5My00NWUzLTg1YmEtZWQ1MzU4YjZkYTMx
LzEvZEJYLXhLNTJzazVQQXBrV1NaRjdtYmRBQkVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATWmhMA0G
CSqGSIb3DQEBCwUAA4IBAQBsdAOMC6zzwfZS5F1UKybA+vmSe6XmEtvhmqwybmeU
3tBqQRAQWtkN4lvJbXR1tiPtET+GwNoJSz9JyqHd+zyP4FqUFOtJu0UBsNJtcihH
6G3RsF8NLZWPbkxN7xjlc3f+D3arWdis9oGn6UjVMj46JNQwzf3tQ3yC3qb2+qo+
TvkmAqhX7pNtB/dVPe45F/T+jxA7bp0lvFh2V8KSPBUo28UcUm8NcEJt5SQmvGJV
no2r5qAq3U8gBW5MfZfhnEScXvNsxJz3fInVIiLU2tJqlhGVS/hD2snv+nS5rFcP
imEbWySGkTwLnNlMP8T8JP0fB3KYLIOJR20IonO3NDRN
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:12:54 2025 by rpki-client