Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/Kpb254iPR2Hdv0UC7BFkFdX0yyo.roa
File: Kpb254iPR2Hdv0UC7BFkFdX0yyo.roa (raw, json)
Hash identifier: y5eFxeaUFGttiix/VLzrtYJJTIVvyzu8XKmTSwktyAY=
Subject key identifier: 2A:96:F6:E7:88:8F:47:61:DD:BF:45:02:EC:11:64:15:D5:F4:CB:2A
Certificate issuer: /CN=7415fec4ae76b24e4f02991649917b99b740044a
Certificate serial: 018CC3B6E98A53A567483E21E48FAC01C25F
Authority key identifier: 74:15:FE:C4:AE:76:B2:4E:4F:02:99:16:49:91:7B:99:B7:40:04:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/Kpb254iPR2Hdv0UC7BFkFdX0yyo.roa
Signing time: Mon 01 Jan 2024 06:29:53 +0000
ROA not before: Mon 01 Jan 2024 06:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42031
IP address blocks: 77.105.131.0/24 maxlen: 24
77.105.130.0/24 maxlen: 24
77.105.129.0/24 maxlen: 24
77.105.128.0/24 maxlen: 24
77.105.135.0/24 maxlen: 24
77.105.134.0/24 maxlen: 24
77.105.133.0/24 maxlen: 24
77.105.144.0/24 maxlen: 24
185.225.203.0/24 maxlen: 24
185.225.202.0/24 maxlen: 24
185.225.202.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sun 24 Mar 2024 08:20:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:e9:8a:53:a5:67:48:3e:21:e4:8f:ac:01:c2:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7415fec4ae76b24e4f02991649917b99b740044a
Validity
Not Before: Jan 1 06:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a96f6e7888f4761ddbf4502ec116415d5f4cb2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7f:7f:84:c8:4a:aa:6d:c0:42:bc:80:71:59:
87:b1:1d:8d:ba:59:ec:8f:fa:2f:7a:27:f0:c7:26:
f4:b2:29:fc:07:3e:d2:2d:06:2e:80:56:35:c0:a6:
7c:6b:65:20:e5:38:12:c8:ef:44:02:63:fd:0c:2e:
28:c0:77:1a:1d:73:77:f6:d5:61:d4:fb:8d:ba:9d:
70:23:36:62:d9:19:4d:f0:f9:db:83:03:ae:22:bd:
ec:81:7b:8f:db:75:e9:c5:90:82:fb:0c:5d:04:a0:
b5:7c:6f:be:21:8c:b8:5e:f7:6e:f2:04:d0:04:00:
ed:53:ff:95:64:72:31:b4:01:e8:50:80:41:29:2c:
ff:b1:7e:5b:71:18:1e:86:ac:77:05:30:1f:3c:7e:
9c:09:e6:d2:c4:21:60:64:c7:d6:69:9f:d5:cc:3e:
3f:88:d8:06:b2:13:16:7f:d9:5b:82:f8:9b:1d:43:
38:2a:15:6b:a2:46:a6:28:ed:e3:62:ad:02:a6:4d:
05:14:fa:c5:ef:31:ec:53:38:ad:d4:10:11:3d:7b:
13:62:5c:73:db:63:f6:a7:af:c7:27:87:de:c6:fd:
ea:1b:0d:7c:f1:39:06:0b:ae:73:ef:2a:f4:ad:f8:
d4:e5:d1:b4:e8:25:bc:66:16:45:b7:c4:95:51:cd:
ed:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:96:F6:E7:88:8F:47:61:DD:BF:45:02:EC:11:64:15:D5:F4:CB:2A
X509v3 Authority Key Identifier:
keyid:74:15:FE:C4:AE:76:B2:4E:4F:02:99:16:49:91:7B:99:B7:40:04:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/Kpb254iPR2Hdv0UC7BFkFdX0yyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/dBX-xK52sk5PApkWSZF7mbdABEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.128.0/22
77.105.133.0-77.105.135.255
77.105.144.0/24
185.225.202.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:70:ad:39:21:05:5c:c8:9f:75:6d:6c:e5:a0:58:8a:20:f6:
06:fb:11:c1:08:fc:9a:a2:80:5e:ab:a3:62:1d:54:37:e2:c8:
3e:17:a5:1b:fc:ec:62:43:25:e5:b3:69:6b:84:0d:0d:f9:52:
78:f7:44:cd:de:8f:21:d3:d1:8b:04:0b:f3:f9:57:50:10:2f:
b1:a8:a9:33:f2:65:e7:df:1b:c8:c6:bf:34:21:8b:41:d7:f0:
41:84:4c:f6:d6:01:42:e9:13:c6:ed:98:c9:20:7b:e9:a9:69:
d6:2f:28:15:a2:d2:c8:8c:f8:ed:99:df:42:95:a7:c0:9a:e3:
d7:18:99:99:d0:0b:b0:53:e3:0c:dd:18:db:26:e6:6a:fd:e3:
62:30:be:c7:a5:9c:c2:17:2c:55:f4:27:7a:48:55:c8:5d:47:
9e:0e:21:14:9d:94:96:a1:a1:84:f8:ce:37:a6:24:4d:86:68:
59:3b:f4:f8:7b:4e:91:59:42:ef:fe:0f:2f:18:e5:fc:fc:0e:
00:3b:22:b4:49:41:4b:13:74:cb:02:50:24:18:da:d3:64:7d:
1e:bc:3f:c6:3d:cf:b8:7d:46:91:3b:4b:25:f3:a6:fb:25:24:
1a:07:e6:e9:9f:27:4d:59:39:20:f7:1e:b0:be:ea:8e:8b:5b:
6a:fa:7d:cf
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzDtumKU6VnSD4h5I+sAcJfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MTVmZWM0YWU3NmIyNGU0ZjAyOTkxNjQ5OTE3Yjk5Yjc0
MDA0NGEwHhcNMjQwMTAxMDYyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTk2ZjZlNzg4OGY0NzYxZGRiZjQ1MDJlYzExNjQxNWQ1ZjRjYjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAon9/hMhKqm3AQryAcVmHsR2Nulns
j/oveifwxyb0sin8Bz7SLQYugFY1wKZ8a2Ug5TgSyO9EAmP9DC4owHcaHXN39tVh
1PuNup1wIzZi2RlN8PnbgwOuIr3sgXuP23XpxZCC+wxdBKC1fG++IYy4Xvdu8gTQ
BADtU/+VZHIxtAHoUIBBKSz/sX5bcRgehqx3BTAfPH6cCebSxCFgZMfWaZ/VzD4/
iNgGshMWf9lbgvibHUM4KhVrokamKO3jYq0Cpk0FFPrF7zHsUzit1BARPXsTYlxz
22P2p6/HJ4fexv3qGw188TkGC65z7yr0rfjU5dG06CW8ZhZFt8SVUc3tIQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCqW9ueIj0dh3b9FAuwRZBXV9MsqMB8GA1UdIwQY
MBaAFHQV/sSudrJOTwKZFkmRe5m3QARKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEJYLXhLNTJzazVQQXBrV1NaRjdtYmRBQkVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy85ODc5NzktOTY5My00NWUzLTg1YmEt
ZWQ1MzU4YjZkYTMxLzEvS3BiMjU0aVBSMkhkdjBVQzdCRmtGZFgweXlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy85ODc5NzktOTY5My00NWUzLTg1YmEtZWQ1MzU4YjZkYTMx
LzEvZEJYLXhLNTJzazVQQXBrV1NaRjdtYmRBQkVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCTWmAMAwD
BABNaYUDBANNaYADBABNaZADBAG54cowDQYJKoZIhvcNAQELBQADggEBAKpwrTkh
BVzIn3VtbOWgWIog9gb7EcEI/JqigF6ro2IdVDfiyD4XpRv87GJDJeWzaWuEDQ35
Unj3RM3ejyHT0YsEC/P5V1AQL7GoqTPyZeffG8jGvzQhi0HX8EGETPbWAULpE8bt
mMkge+mpadYvKBWi0siM+O2Z30KVp8Ca49cYmZnQC7BT4wzdGNsm5mr942Iwvsel
nMIXLFX0J3pIVchdR54OIRSdlJahoYT4zjemJE2GaFk79Ph7TpFZQu/+Dy8Y5fz8
DgA7IrRJQUsTdMsCUCQY2tNkfR68P8Y9z7h9RpE7SyXzpvslJBoH5umfJ01ZOSD3
HrC+6o6LW2r6fc8=
-----END CERTIFICATE-----
Generated at Sun Mar 24 11:04:45 2024 by rpki-client on console-ams.rpki-client.org