Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/C-cQa0uD_qF5Pkhi7KY9d9AI970.roa
File: C-cQa0uD_qF5Pkhi7KY9d9AI970.roa (raw, json)
Hash identifier: nLNwSTzxabGlGfWuBvJxO6QIei5fUhvs4CZU39kBxWc=
Subject key identifier: 0B:E7:10:6B:4B:83:FE:A1:79:3E:48:62:EC:A6:3D:77:D0:08:F7:BD
Certificate issuer: /CN=7415fec4ae76b24e4f02991649917b99b740044a
Certificate serial: 0186259A879E886C1CB56A10C6C1761E8A0E
Authority key identifier: 74:15:FE:C4:AE:76:B2:4E:4F:02:99:16:49:91:7B:99:B7:40:04:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/C-cQa0uD_qF5Pkhi7KY9d9AI970.roa
Signing time: Mon 06 Feb 2023 07:22:09 +0000
ROA not before: Mon 06 Feb 2023 07:22:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42031
IP address blocks: 77.105.132.0/24 maxlen: 24
77.105.131.0/24 maxlen: 24
77.105.130.0/24 maxlen: 24
77.105.129.0/24 maxlen: 24
77.105.128.0/24 maxlen: 24
77.105.135.0/24 maxlen: 24
77.105.134.0/24 maxlen: 24
77.105.133.0/24 maxlen: 24
77.105.144.0/24 maxlen: 24
185.225.202.0/24 maxlen: 24
185.225.202.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:25:9a:87:9e:88:6c:1c:b5:6a:10:c6:c1:76:1e:8a:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7415fec4ae76b24e4f02991649917b99b740044a
Validity
Not Before: Feb 6 07:22:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0be7106b4b83fea1793e4862eca63d77d008f7bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:50:f4:67:7a:2a:d4:b8:e9:06:ba:79:a2:04:
68:2c:70:87:73:57:26:0a:3f:5b:22:90:0f:b9:f2:
6c:6f:b7:b9:dc:8d:7a:8d:29:82:a1:df:7a:35:6d:
47:46:a8:eb:00:27:02:3b:26:5f:9b:80:98:f6:69:
4b:93:58:ac:ee:fb:30:ad:56:7b:64:c4:f1:a1:08:
ca:18:46:04:79:fc:af:49:72:97:26:14:19:bc:b8:
94:51:5f:3e:55:91:22:05:46:90:79:74:88:c8:33:
3b:b6:dd:bc:e8:8c:32:0e:d8:57:2d:a8:51:61:09:
90:03:30:46:4b:76:26:d0:44:1c:c3:b0:c0:c7:4f:
3e:71:d5:0e:46:b0:fb:d2:50:d1:80:2d:b6:90:7a:
da:be:15:67:3d:f4:c0:26:fe:e4:9a:8d:59:fb:2d:
63:c6:ba:64:e9:e1:32:14:c2:07:e4:8c:56:ce:f0:
c1:1d:25:db:f9:55:d7:8c:32:62:f1:6c:c4:45:d8:
38:12:7b:e3:ea:95:9e:e8:ce:35:f4:4a:e9:ed:a8:
fc:19:c7:59:14:cb:35:52:dd:4c:82:11:8f:29:99:
d0:fd:42:95:57:73:24:cf:3c:ea:1e:cc:9e:ad:a3:
b9:f4:01:f8:d6:a7:74:34:4f:6d:0c:b2:0e:3e:fd:
af:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:E7:10:6B:4B:83:FE:A1:79:3E:48:62:EC:A6:3D:77:D0:08:F7:BD
X509v3 Authority Key Identifier:
keyid:74:15:FE:C4:AE:76:B2:4E:4F:02:99:16:49:91:7B:99:B7:40:04:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/C-cQa0uD_qF5Pkhi7KY9d9AI970.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/dBX-xK52sk5PApkWSZF7mbdABEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.128.0/21
77.105.144.0/24
185.225.202.0/23
Signature Algorithm: sha256WithRSAEncryption
bd:0e:94:f9:f9:23:53:6c:a8:e2:e5:af:f9:12:b6:72:ac:00:
36:94:9d:4a:ba:c1:6a:77:14:d4:2d:82:2b:cb:72:e6:0f:8f:
24:e5:0b:80:80:a1:8a:c1:6d:eb:d5:73:dd:b9:3e:8b:0f:13:
80:87:60:c0:df:6d:b8:5b:e8:f7:61:b9:78:1a:1e:b3:cd:b6:
87:b3:c8:80:b4:ab:cf:9d:f6:d1:65:f8:e8:ee:6b:96:64:3a:
13:75:27:ca:1a:85:5b:a5:d5:f7:2b:86:9c:ba:3d:b9:e5:f1:
c5:fa:bb:fe:c8:00:52:54:c8:7d:0d:9c:9a:3a:30:b8:73:b3:
af:e0:aa:02:af:f6:a7:b7:10:e6:44:32:1d:8d:f3:c8:2d:9c:
df:b4:5f:59:f7:47:2e:fc:2c:8e:d1:e5:55:86:bb:63:f4:4e:
cf:af:52:6b:7d:01:52:4d:f7:95:28:8e:f5:35:35:fc:28:f0:
10:3a:25:8f:b7:fa:88:ad:18:58:4a:fe:78:6b:79:53:20:07:
8c:18:73:bb:fe:c4:d8:31:8c:36:3e:37:ee:e6:9d:88:73:3b:
4c:36:ec:3b:08:09:53:5b:f9:50:b9:70:3f:13:40:77:5f:ff:
60:11:d2:bb:e6:33:01:71:3c:0b:85:5b:14:46:73:3b:36:5e:
06:2c:ed:fc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYlmoeeiGwctWoQxsF2HooOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MTVmZWM0YWU3NmIyNGU0ZjAyOTkxNjQ5OTE3Yjk5Yjc0
MDA0NGEwHhcNMjMwMjA2MDcyMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmU3MTA2YjRiODNmZWExNzkzZTQ4NjJlY2E2M2Q3N2QwMDhmN2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFD0Z3oq1LjpBrp5ogRoLHCHc1cm
Cj9bIpAPufJsb7e53I16jSmCod96NW1HRqjrACcCOyZfm4CY9mlLk1is7vswrVZ7
ZMTxoQjKGEYEefyvSXKXJhQZvLiUUV8+VZEiBUaQeXSIyDM7tt286IwyDthXLahR
YQmQAzBGS3Ym0EQcw7DAx08+cdUORrD70lDRgC22kHravhVnPfTAJv7kmo1Z+y1j
xrpk6eEyFMIH5IxWzvDBHSXb+VXXjDJi8WzERdg4Envj6pWe6M419Erp7aj8GcdZ
FMs1Ut1MghGPKZnQ/UKVV3MkzzzqHsyeraO59AH41qd0NE9tDLIOPv2vCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAvnEGtLg/6heT5IYuymPXfQCPe9MB8GA1UdIwQY
MBaAFHQV/sSudrJOTwKZFkmRe5m3QARKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEJYLXhLNTJzazVQQXBrV1NaRjdtYmRBQkVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy85ODc5NzktOTY5My00NWUzLTg1YmEt
ZWQ1MzU4YjZkYTMxLzEvQy1jUWEwdURfcUY1UGtoaTdLWTlkOUFJOTcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy85ODc5NzktOTY5My00NWUzLTg1YmEtZWQ1MzU4YjZkYTMx
LzEvZEJYLXhLNTJzazVQQXBrV1NaRjdtYmRBQkVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDTWmAAwQA
TWmQAwQBueHKMA0GCSqGSIb3DQEBCwUAA4IBAQC9DpT5+SNTbKji5a/5ErZyrAA2
lJ1KusFqdxTULYIry3LmD48k5QuAgKGKwW3r1XPduT6LDxOAh2DA3224W+j3Ybl4
Gh6zzbaHs8iAtKvPnfbRZfjo7muWZDoTdSfKGoVbpdX3K4acuj255fHF+rv+yABS
VMh9DZyaOjC4c7Ov4KoCr/antxDmRDIdjfPILZzftF9Z90cu/CyO0eVVhrtj9E7P
r1JrfQFSTfeVKI71NTX8KPAQOiWPt/qIrRhYSv54a3lTIAeMGHO7/sTYMYw2Pjfu
5p2IcztMNuw7CAlTW/lQuXA/E0B3X/9gEdK75jMBcTwLhVsURnM7Nl4GLO38
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:32 2023 by rpki-client on console-fra.rpki-client.org