Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/ZYkhcwX8Xci1haUScmbPBDhqKK4.roa
File: ZYkhcwX8Xci1haUScmbPBDhqKK4.roa (raw, json)
Hash identifier: SUCB6AD+RI8BPhxWWkpUsvVgIBj0viwdCTq6jPeOHzU=
Subject key identifier: 65:89:21:73:05:FC:5D:C8:B5:85:A5:12:72:66:CF:04:38:6A:28:AE
Certificate issuer: /CN=7415fec4ae76b24e4f02991649917b99b740044a
Certificate serial: 0190BB547B4F2677B967E32E0DBA7AB57A9F
Authority key identifier: 74:15:FE:C4:AE:76:B2:4E:4F:02:99:16:49:91:7B:99:B7:40:04:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/ZYkhcwX8Xci1haUScmbPBDhqKK4.roa
Signing time: Tue 16 Jul 2024 11:36:34 +0000
ROA not before: Tue 16 Jul 2024 11:36:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42031
IP address blocks: 77.105.128.0/24 maxlen: 24
77.105.129.0/24 maxlen: 24
77.105.130.0/24 maxlen: 24
77.105.131.0/24 maxlen: 24
77.105.134.0/24 maxlen: 24
77.105.144.0/24 maxlen: 24
185.225.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bb:54:7b:4f:26:77:b9:67:e3:2e:0d:ba:7a:b5:7a:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7415fec4ae76b24e4f02991649917b99b740044a
Validity
Not Before: Jul 16 11:36:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6589217305fc5dc8b585a5127266cf04386a28ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a9:46:3e:b2:6b:64:82:ac:49:36:c4:c1:49:
f3:80:aa:06:5f:25:a6:87:64:e6:c9:6b:75:00:9c:
50:0a:a2:05:3e:96:a6:02:cd:6e:5c:fb:f3:15:d7:
b7:b5:1f:28:3f:26:62:43:fa:db:ad:25:58:a8:e2:
0a:ed:c2:2e:2d:a7:db:9c:c7:be:b2:12:22:49:9a:
69:45:a7:66:c5:66:48:43:c0:c9:cc:9f:c0:3b:6f:
bc:bf:70:d9:b4:3f:d2:f8:a2:aa:0d:06:ff:e1:9d:
fd:10:54:78:0f:d5:cd:28:a7:99:c3:45:b4:d8:59:
0f:04:d7:59:96:d8:b7:2e:17:77:dd:8a:5d:91:9c:
63:f3:f9:dc:af:b7:88:be:f2:e2:71:0b:11:6f:06:
4f:a9:97:a3:b3:b8:75:57:c2:03:55:aa:8f:d0:fd:
16:ad:39:2d:78:08:83:24:7c:de:d4:b8:9f:f6:49:
78:87:31:0c:04:94:e7:16:bc:de:f0:04:ba:c8:05:
50:8e:20:5b:a1:28:a5:16:08:7c:0e:d6:d0:c1:f4:
74:29:19:42:1e:1a:4c:3e:d9:56:15:94:c6:7d:0b:
58:57:b8:78:6a:44:fe:dd:96:c4:c2:3b:0c:10:fe:
e4:6e:34:d5:a6:45:05:f5:35:00:3b:4e:c1:b0:0c:
be:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:89:21:73:05:FC:5D:C8:B5:85:A5:12:72:66:CF:04:38:6A:28:AE
X509v3 Authority Key Identifier:
keyid:74:15:FE:C4:AE:76:B2:4E:4F:02:99:16:49:91:7B:99:B7:40:04:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/ZYkhcwX8Xci1haUScmbPBDhqKK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/dBX-xK52sk5PApkWSZF7mbdABEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.128.0/22
77.105.134.0/24
77.105.144.0/24
185.225.203.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:e6:24:12:16:ff:e1:aa:51:f5:07:2d:d8:a5:59:de:ed:31:
95:dd:dd:4d:e0:2a:7a:30:80:a3:ca:bc:85:4f:fa:93:b1:26:
e0:90:52:b4:38:3d:ac:6d:2c:72:ec:58:e5:82:c0:1b:df:33:
25:de:1d:13:1a:75:fb:49:5a:6c:cc:fb:83:70:75:4d:98:7a:
8f:e6:a5:2a:f1:09:10:8a:0c:82:ef:13:14:e0:0e:47:a0:75:
6a:3f:c2:70:f1:b6:80:ba:62:ae:fc:be:cd:bb:57:55:54:fe:
32:a1:cd:e4:76:2d:4b:e0:d1:d0:80:2e:ff:33:de:93:1d:5d:
ae:5c:61:21:96:96:9a:d0:00:8e:17:46:c2:c6:57:9e:73:50:
d2:06:45:16:16:95:72:75:46:12:f6:61:ec:2e:b5:5d:7f:c8:
c8:95:05:d3:38:23:8c:c0:24:f0:fe:49:c3:ab:ba:42:7c:0b:
fa:9b:b5:e2:86:4a:d8:81:06:df:dd:df:64:d9:b7:7f:53:21:
0d:30:b9:29:57:0e:e7:2e:58:eb:7f:08:84:04:02:e0:2e:e0:
3f:08:50:d4:2d:da:cf:40:53:dd:00:24:5a:96:64:0f:bd:53:
a0:03:6f:a8:60:d0:62:7b:70:57:de:e5:ab:87:40:21:52:a6:
b4:e9:41:59
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZC7VHtPJne5Z+MuDbp6tXqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MTVmZWM0YWU3NmIyNGU0ZjAyOTkxNjQ5OTE3Yjk5Yjc0
MDA0NGEwHhcNMjQwNzE2MTEzNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTg5MjE3MzA1ZmM1ZGM4YjU4NWE1MTI3MjY2Y2YwNDM4NmEyOGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qlGPrJrZIKsSTbEwUnzgKoGXyWm
h2TmyWt1AJxQCqIFPpamAs1uXPvzFde3tR8oPyZiQ/rbrSVYqOIK7cIuLafbnMe+
shIiSZppRadmxWZIQ8DJzJ/AO2+8v3DZtD/S+KKqDQb/4Z39EFR4D9XNKKeZw0W0
2FkPBNdZlti3Lhd33YpdkZxj8/ncr7eIvvLicQsRbwZPqZejs7h1V8IDVaqP0P0W
rTkteAiDJHze1Lif9kl4hzEMBJTnFrze8AS6yAVQjiBboSilFgh8DtbQwfR0KRlC
HhpMPtlWFZTGfQtYV7h4akT+3ZbEwjsMEP7kbjTVpkUF9TUAO07BsAy+EwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGWJIXMF/F3ItYWlEnJmzwQ4aiiuMB8GA1UdIwQY
MBaAFHQV/sSudrJOTwKZFkmRe5m3QARKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEJYLXhLNTJzazVQQXBrV1NaRjdtYmRBQkVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy85ODc5NzktOTY5My00NWUzLTg1YmEt
ZWQ1MzU4YjZkYTMxLzEvWllraGN3WDhYY2kxaGFVU2NtYlBCRGhxS0s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy85ODc5NzktOTY5My00NWUzLTg1YmEtZWQ1MzU4YjZkYTMx
LzEvZEJYLXhLNTJzazVQQXBrV1NaRjdtYmRBQkVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCTWmAAwQA
TWmGAwQATWmQAwQAueHLMA0GCSqGSIb3DQEBCwUAA4IBAQAv5iQSFv/hqlH1By3Y
pVne7TGV3d1N4Cp6MICjyryFT/qTsSbgkFK0OD2sbSxy7FjlgsAb3zMl3h0TGnX7
SVpszPuDcHVNmHqP5qUq8QkQigyC7xMU4A5HoHVqP8Jw8baAumKu/L7Nu1dVVP4y
oc3kdi1L4NHQgC7/M96THV2uXGEhlpaa0ACOF0bCxleec1DSBkUWFpVydUYS9mHs
LrVdf8jIlQXTOCOMwCTw/knDq7pCfAv6m7XihkrYgQbf3d9k2bd/UyENMLkpVw7n
LljrfwiEBALgLuA/CFDULdrPQFPdACRalmQPvVOgA2+oYNBie3BX3uWrh0AhUqa0
6UFZ
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:26:05 2025 by rpki-client