Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/iZcK5TJ-H7HIxsbcVpv0Repcx8c.roa
File: iZcK5TJ-H7HIxsbcVpv0Repcx8c.roa (raw, json)
Hash identifier: isnH3zb/9sPKLQ8F/KYHp5W7XHpcd1F2KoHgpNoXl5w=
Subject key identifier: 89:97:0A:E5:32:7E:1F:B1:C8:C6:C6:DC:56:9B:F4:45:EA:5C:C7:C7
Certificate issuer: /CN=7415fec4ae76b24e4f02991649917b99b740044a
Certificate serial: 018D40787214C8D4047431A972FE06D73A64
Authority key identifier: 74:15:FE:C4:AE:76:B2:4E:4F:02:99:16:49:91:7B:99:B7:40:04:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/iZcK5TJ-H7HIxsbcVpv0Repcx8c.roa
Signing time: Thu 25 Jan 2024 11:54:11 +0000
ROA not before: Thu 25 Jan 2024 11:54:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215939
IP address blocks: 77.105.132.0/24 maxlen: 24
77.105.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 Mar 2024 08:07:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:40:78:72:14:c8:d4:04:74:31:a9:72:fe:06:d7:3a:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7415fec4ae76b24e4f02991649917b99b740044a
Validity
Not Before: Jan 25 11:54:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89970ae5327e1fb1c8c6c6dc569bf445ea5cc7c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b6:b5:37:13:3c:d5:48:5b:74:04:fa:66:b5:
24:19:b4:e5:fe:2b:66:2d:e3:e5:f5:d2:5a:dc:eb:
df:9b:f6:e4:e9:dc:2d:8c:fe:ac:91:91:a7:06:5a:
da:bd:39:b3:95:ee:4d:a9:25:e3:92:8d:51:8e:5a:
87:5d:33:3a:2e:5c:cd:9f:d2:2e:57:65:8f:a8:c2:
fd:42:ee:ee:70:cf:e9:0a:0f:58:8d:31:a1:c2:c9:
52:cf:24:c7:49:60:a1:fa:80:53:57:32:68:45:a2:
2a:72:20:f5:06:cb:c6:a0:9a:97:4a:bc:3b:9e:80:
17:d4:15:59:4f:65:21:e7:7d:3c:55:50:39:35:a0:
12:9d:27:e1:d7:91:f9:c0:eb:af:8a:a4:27:a7:9e:
2a:e4:8e:c8:34:29:56:ca:20:6a:98:18:29:9d:19:
13:52:aa:55:fd:4e:55:31:7f:4f:bb:bf:b4:a8:17:
f8:02:8c:15:b3:62:0b:ce:dc:7d:7e:89:12:ba:51:
78:7a:ba:e0:62:54:71:17:e1:fe:ee:a8:1b:d5:ec:
12:b8:e7:4e:fc:bf:a3:2c:3b:46:d0:7a:30:cc:2d:
22:86:19:d3:08:d2:81:8e:7b:bd:20:ba:12:5a:2b:
a2:ec:24:f9:e7:7f:1f:2f:8b:3c:39:81:44:c0:5e:
b2:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:97:0A:E5:32:7E:1F:B1:C8:C6:C6:DC:56:9B:F4:45:EA:5C:C7:C7
X509v3 Authority Key Identifier:
keyid:74:15:FE:C4:AE:76:B2:4E:4F:02:99:16:49:91:7B:99:B7:40:04:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/iZcK5TJ-H7HIxsbcVpv0Repcx8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/dBX-xK52sk5PApkWSZF7mbdABEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.132.0/24
77.105.163.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:6d:48:f1:b9:f5:17:19:57:c9:ba:68:0f:36:e0:6e:c6:d3:
92:32:9e:93:69:93:a3:38:b1:d8:98:d7:6f:cb:89:ae:0a:c4:
77:7b:0b:d3:68:e8:ea:b4:f9:28:fe:0e:1d:2d:62:a8:46:20:
21:00:55:b8:2b:f0:33:16:1a:62:77:a7:4b:1c:e0:c7:d6:01:
5e:76:7f:86:11:b7:f1:e8:49:0e:b5:ec:1b:89:73:84:66:96:
85:17:57:b1:a2:82:02:bc:18:40:51:d3:a4:06:99:60:d1:39:
64:e9:41:23:10:11:2a:af:fc:13:f4:91:56:5e:33:53:9b:d8:
71:65:85:f9:4f:c7:f7:6c:70:3a:93:34:45:5b:19:77:14:b0:
66:3c:7b:36:ee:be:f2:b6:b6:16:1b:1e:9a:b7:75:2b:90:0f:
d5:c2:20:ef:5b:dc:2e:56:c0:01:6d:52:9e:1c:52:22:00:80:
3f:30:b7:a9:fe:91:a4:2d:7f:3c:3b:b6:d3:70:6f:69:ff:cb:
14:b3:79:0f:74:7a:f7:76:77:31:10:d3:78:11:95:b4:1f:ca:
d8:0a:74:88:b4:83:5e:b6:32:7d:37:2d:94:f0:0d:b2:9b:55:
56:66:69:f8:f0:26:01:3e:b4:b1:62:b6:49:86:3e:a0:27:41:
1e:6f:27:88
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1AeHIUyNQEdDGpcv4G1zpkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MTVmZWM0YWU3NmIyNGU0ZjAyOTkxNjQ5OTE3Yjk5Yjc0
MDA0NGEwHhcNMjQwMTI1MTE1NDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTk3MGFlNTMyN2UxZmIxYzhjNmM2ZGM1NjliZjQ0NWVhNWNjN2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtba1NxM81UhbdAT6ZrUkGbTl/itm
LePl9dJa3Ovfm/bk6dwtjP6skZGnBlravTmzle5NqSXjko1RjlqHXTM6LlzNn9Iu
V2WPqML9Qu7ucM/pCg9YjTGhwslSzyTHSWCh+oBTVzJoRaIqciD1BsvGoJqXSrw7
noAX1BVZT2Uh5308VVA5NaASnSfh15H5wOuviqQnp54q5I7INClWyiBqmBgpnRkT
UqpV/U5VMX9Pu7+0qBf4AowVs2ILztx9fokSulF4errgYlRxF+H+7qgb1ewSuOdO
/L+jLDtG0HowzC0ihhnTCNKBjnu9ILoSWiui7CT5538fL4s8OYFEwF6yzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFImXCuUyfh+xyMbG3Fab9EXqXMfHMB8GA1UdIwQY
MBaAFHQV/sSudrJOTwKZFkmRe5m3QARKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEJYLXhLNTJzazVQQXBrV1NaRjdtYmRBQkVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy85ODc5NzktOTY5My00NWUzLTg1YmEt
ZWQ1MzU4YjZkYTMxLzEvaVpjSzVUSi1IN0hJeHNiY1ZwdjBSZXBjeDhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy85ODc5NzktOTY5My00NWUzLTg1YmEtZWQ1MzU4YjZkYTMx
LzEvZEJYLXhLNTJzazVQQXBrV1NaRjdtYmRBQkVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATWmEAwQA
TWmjMA0GCSqGSIb3DQEBCwUAA4IBAQCybUjxufUXGVfJumgPNuBuxtOSMp6TaZOj
OLHYmNdvy4muCsR3ewvTaOjqtPko/g4dLWKoRiAhAFW4K/AzFhpid6dLHODH1gFe
dn+GEbfx6EkOtewbiXOEZpaFF1exooICvBhAUdOkBplg0Tlk6UEjEBEqr/wT9JFW
XjNTm9hxZYX5T8f3bHA6kzRFWxl3FLBmPHs27r7ytrYWGx6at3UrkA/VwiDvW9wu
VsABbVKeHFIiAIA/MLep/pGkLX88O7bTcG9p/8sUs3kPdHr3dncxENN4EZW0H8rY
CnSItINetjJ9Ny2U8A2ym1VWZmn48CYBPrSxYrZJhj6gJ0EebyeI
-----END CERTIFICATE-----
Generated at Sun Mar 24 10:20:14 2024 by rpki-client on console-fra.rpki-client.org