Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/xKmG9L12TNPYl5NeFRrKiJATBuI.roa
File: xKmG9L12TNPYl5NeFRrKiJATBuI.roa (raw, json)
Hash identifier: a+FjTqy6zLKxm05Sce7FKvj1Drk+T3kDmgERDua4njc=
Subject key identifier: C4:A9:86:F4:BD:76:4C:D3:D8:97:93:5E:15:1A:CA:88:90:13:06:E2
Certificate issuer: /CN=7415fec4ae76b24e4f02991649917b99b740044a
Certificate serial: 018677EC43571646C7BFCA4D8EFB2794C554
Authority key identifier: 74:15:FE:C4:AE:76:B2:4E:4F:02:99:16:49:91:7B:99:B7:40:04:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/xKmG9L12TNPYl5NeFRrKiJATBuI.roa
Signing time: Wed 22 Feb 2023 07:00:17 +0000
ROA not before: Wed 22 Feb 2023 07:00:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42031
IP address blocks: 77.105.132.0/24 maxlen: 24
77.105.131.0/24 maxlen: 24
77.105.130.0/24 maxlen: 24
77.105.129.0/24 maxlen: 24
77.105.128.0/24 maxlen: 24
77.105.135.0/24 maxlen: 24
77.105.134.0/24 maxlen: 24
77.105.133.0/24 maxlen: 24
77.105.144.0/24 maxlen: 24
185.225.203.0/24 maxlen: 24
185.225.202.0/24 maxlen: 24
185.225.202.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 23 Nov 2023 11:06:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:77:ec:43:57:16:46:c7:bf:ca:4d:8e:fb:27:94:c5:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7415fec4ae76b24e4f02991649917b99b740044a
Validity
Not Before: Feb 22 07:00:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4a986f4bd764cd3d897935e151aca88901306e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:07:ad:15:bf:72:17:fa:43:3c:b2:e6:30:37:
82:92:4c:b7:b3:c1:96:84:8f:38:dc:d3:31:0c:1d:
8d:3a:c4:94:3a:4b:18:a5:2f:5a:86:44:1e:79:9d:
75:f3:f6:9f:74:f1:9a:d8:ca:44:b3:a3:25:73:65:
a1:8e:78:a6:c2:f7:b2:d9:81:eb:15:36:46:8e:72:
36:5f:13:45:eb:90:ac:1b:ce:ca:ea:4a:cb:9a:22:
08:1e:21:9a:47:b0:bd:24:86:7d:cb:7f:a8:82:56:
dd:29:05:59:3a:d0:d4:f8:c9:25:7f:2c:1d:3b:72:
eb:16:48:97:10:7d:09:21:d6:57:f8:cd:f7:58:c5:
56:b8:9b:a0:f6:26:36:16:8f:52:5d:60:55:b5:45:
ab:20:0c:ee:95:10:43:5e:45:cf:a6:89:05:28:7a:
82:60:7a:76:c1:fe:e8:0a:14:2c:b4:c5:f6:7a:90:
e3:a5:bf:08:df:b0:5c:3a:36:18:50:91:da:f6:9a:
cf:4a:1d:35:33:a6:11:03:47:ac:19:61:e5:f4:4a:
5b:9c:3e:29:3f:3b:54:e2:10:9d:2e:d1:c8:b9:42:
83:16:14:4a:92:47:78:eb:ad:ac:05:b9:f1:ab:0a:
77:00:19:a9:7d:02:ea:b8:b4:97:3c:47:50:67:f2:
68:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:A9:86:F4:BD:76:4C:D3:D8:97:93:5E:15:1A:CA:88:90:13:06:E2
X509v3 Authority Key Identifier:
keyid:74:15:FE:C4:AE:76:B2:4E:4F:02:99:16:49:91:7B:99:B7:40:04:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/xKmG9L12TNPYl5NeFRrKiJATBuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/dBX-xK52sk5PApkWSZF7mbdABEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.128.0/21
77.105.144.0/24
185.225.202.0/23
Signature Algorithm: sha256WithRSAEncryption
b3:61:c9:c8:fd:13:6d:56:76:bb:bc:8c:b3:85:94:5d:7c:4b:
3c:67:4a:f9:53:43:67:73:bb:59:16:ff:94:37:14:58:7f:31:
bb:41:b9:98:56:d3:63:52:41:e3:d2:a1:4f:bf:f0:a9:f5:9c:
5a:66:25:a0:5b:cd:7d:be:04:d7:e3:47:46:86:7f:45:7a:f7:
d7:b9:7c:af:bf:5a:5f:ad:4f:8e:1d:ca:38:ca:b8:95:7a:93:
14:db:b4:da:bf:dc:e1:4a:b6:7e:72:ef:3d:a4:28:e9:2a:6c:
1e:87:8c:8c:60:2b:a0:82:12:e8:93:7a:e7:c3:af:87:42:d4:
0b:c4:dd:34:6a:31:96:16:db:dc:25:6b:a8:6b:a8:bf:74:18:
04:4d:8a:66:46:f9:05:55:11:48:e2:a9:78:af:60:db:52:71:
b5:e9:39:30:db:14:a2:b1:00:41:df:35:79:99:cc:de:c6:cc:
83:36:ae:db:c5:c2:ab:83:a5:c4:ed:b4:4b:f2:c4:d6:71:d5:
96:2f:5f:76:20:14:25:a5:02:b2:2b:b9:fd:67:0c:af:23:b3:
b5:c5:93:29:d8:0c:3a:90:23:21:eb:2a:27:4f:3e:7c:77:8a:
17:ee:72:c5:71:73:be:73:b9:72:bf:a5:09:1a:92:9f:7c:d5:
85:07:e4:c6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZ37ENXFkbHv8pNjvsnlMVUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MTVmZWM0YWU3NmIyNGU0ZjAyOTkxNjQ5OTE3Yjk5Yjc0
MDA0NGEwHhcNMjMwMjIyMDcwMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGE5ODZmNGJkNzY0Y2QzZDg5NzkzNWUxNTFhY2E4ODkwMTMwNmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQetFb9yF/pDPLLmMDeCkky3s8GW
hI843NMxDB2NOsSUOksYpS9ahkQeeZ118/afdPGa2MpEs6Mlc2Whjnimwvey2YHr
FTZGjnI2XxNF65CsG87K6krLmiIIHiGaR7C9JIZ9y3+oglbdKQVZOtDU+Mklfywd
O3LrFkiXEH0JIdZX+M33WMVWuJug9iY2Fo9SXWBVtUWrIAzulRBDXkXPpokFKHqC
YHp2wf7oChQstMX2epDjpb8I37BcOjYYUJHa9prPSh01M6YRA0esGWHl9EpbnD4p
PztU4hCdLtHIuUKDFhRKkkd4662sBbnxqwp3ABmpfQLquLSXPEdQZ/JoZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMSphvS9dkzT2JeTXhUayoiQEwbiMB8GA1UdIwQY
MBaAFHQV/sSudrJOTwKZFkmRe5m3QARKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEJYLXhLNTJzazVQQXBrV1NaRjdtYmRBQkVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy85ODc5NzktOTY5My00NWUzLTg1YmEt
ZWQ1MzU4YjZkYTMxLzEveEttRzlMMTJUTlBZbDVOZUZScktpSkFUQnVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy85ODc5NzktOTY5My00NWUzLTg1YmEtZWQ1MzU4YjZkYTMx
LzEvZEJYLXhLNTJzazVQQXBrV1NaRjdtYmRBQkVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDTWmAAwQA
TWmQAwQBueHKMA0GCSqGSIb3DQEBCwUAA4IBAQCzYcnI/RNtVna7vIyzhZRdfEs8
Z0r5U0Nnc7tZFv+UNxRYfzG7QbmYVtNjUkHj0qFPv/Cp9ZxaZiWgW819vgTX40dG
hn9FevfXuXyvv1pfrU+OHco4yriVepMU27Tav9zhSrZ+cu89pCjpKmweh4yMYCug
ghLok3rnw6+HQtQLxN00ajGWFtvcJWuoa6i/dBgETYpmRvkFVRFI4ql4r2DbUnG1
6Tkw2xSisQBB3zV5mczexsyDNq7bxcKrg6XE7bRL8sTWcdWWL192IBQlpQKyK7n9
ZwyvI7O1xZMp2Aw6kCMh6yonTz58d4oX7nLFcXO+c7lyv6UJGpKffNWFB+TG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:34 2024 by rpki-client on console-fra.rpki-client.org