Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/df0d37-4f65-439d-a531-057d7af0aef4/1/OrSsoZDuvMD0HG4BPW4MsNHtTp4.roa
File: OrSsoZDuvMD0HG4BPW4MsNHtTp4.roa (raw, json)
Hash identifier: oqcvX6ZqDsDEIA59L5OAX91Ccsh7UTQTuU/xLoQDLPQ=
Subject key identifier: 3A:B4:AC:A1:90:EE:BC:C0:F4:1C:6E:01:3D:6E:0C:B0:D1:ED:4E:9E
Certificate issuer: /CN=2edec9a2096dec103bae2d7c3796e0d47085c202
Certificate serial: 018E61724F2791ED71C805D3758D0F1F0C6F
Authority key identifier: 2E:DE:C9:A2:09:6D:EC:10:3B:AE:2D:7C:37:96:E0:D4:70:85:C2:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lt7Joglt7BA7ri18N5bg1HCFwgI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/df0d37-4f65-439d-a531-057d7af0aef4/1/OrSsoZDuvMD0HG4BPW4MsNHtTp4.roa
Signing time: Thu 21 Mar 2024 14:37:44 +0000
ROA not before: Thu 21 Mar 2024 14:37:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2111
IP address blocks: 77.71.96.0/20 maxlen: 20
77.71.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 09:57:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:61:72:4f:27:91:ed:71:c8:05:d3:75:8d:0f:1f:0c:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2edec9a2096dec103bae2d7c3796e0d47085c202
Validity
Not Before: Mar 21 14:37:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ab4aca190eebcc0f41c6e013d6e0cb0d1ed4e9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7b:6d:c5:96:fa:07:8b:96:0b:7b:aa:c9:48:
e0:d4:8c:d4:21:fa:6a:28:88:2b:d4:c1:16:98:f6:
fb:48:da:7a:e7:b5:18:a8:fa:eb:93:14:86:4b:c9:
52:68:0d:a9:11:d7:e4:28:af:0d:05:0f:d2:0e:3d:
46:d7:dc:4a:58:6b:42:4d:9b:51:da:1b:b3:b4:a7:
e9:f4:03:5f:d5:cf:10:6d:6c:44:66:8a:38:a1:57:
24:47:4e:ed:8c:a5:42:91:db:b9:8f:ae:51:e4:1d:
d2:f3:ba:1f:ba:0e:ef:e8:17:93:40:67:e7:f1:59:
54:ec:4e:bb:b9:77:24:49:13:dd:dc:45:32:c4:f1:
f7:ad:3a:ba:89:23:e1:ed:40:f6:00:64:ae:0d:17:
26:5f:27:55:b5:e2:58:f5:24:5d:16:25:7c:3f:8d:
d0:54:0a:53:16:ad:68:59:a4:0c:ce:82:d0:25:00:
b2:96:8f:ad:f7:33:59:e2:e7:6c:46:a1:e1:49:03:
4a:71:22:b8:fb:98:f7:4a:b7:56:78:5e:e3:06:a1:
06:d0:fe:10:9b:70:e0:8a:21:fa:62:b3:b3:ed:25:
ba:95:d2:28:cb:ef:cf:3b:c0:27:3e:ee:10:af:2c:
f6:90:f3:17:90:65:87:9a:3d:a7:4f:51:a8:50:56:
ac:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:B4:AC:A1:90:EE:BC:C0:F4:1C:6E:01:3D:6E:0C:B0:D1:ED:4E:9E
X509v3 Authority Key Identifier:
keyid:2E:DE:C9:A2:09:6D:EC:10:3B:AE:2D:7C:37:96:E0:D4:70:85:C2:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lt7Joglt7BA7ri18N5bg1HCFwgI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/df0d37-4f65-439d-a531-057d7af0aef4/1/OrSsoZDuvMD0HG4BPW4MsNHtTp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/df0d37-4f65-439d-a531-057d7af0aef4/1/Lt7Joglt7BA7ri18N5bg1HCFwgI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.71.96.0/20
Signature Algorithm: sha256WithRSAEncryption
21:be:e1:4a:59:7c:9d:f0:ef:49:bc:28:ea:20:c4:b2:a1:f4:
f3:eb:83:6f:da:a4:4c:c6:26:81:5c:3b:00:73:83:67:c6:c8:
cb:62:cf:0b:a6:46:78:56:a5:33:4e:5c:33:a5:2f:22:53:7f:
b1:4e:8a:da:e6:42:ae:d3:85:d0:b0:ee:98:33:23:7a:f2:9f:
e3:ef:74:74:8b:52:fc:c4:20:70:80:b6:b9:c5:f2:16:96:cd:
f5:ce:6f:65:7c:37:38:ff:62:cd:7f:ec:59:d4:f1:cd:8b:a3:
33:6a:6b:02:58:5d:ea:2c:75:b4:49:65:8e:5e:52:a9:dc:7f:
31:98:c0:2c:92:68:52:d4:9f:12:6e:9f:a1:44:65:89:28:ec:
72:99:16:06:aa:56:a9:60:da:3f:6b:b6:cc:15:78:a6:97:84:
ff:d7:05:bc:46:b2:ef:5c:2e:ef:83:69:be:16:c1:7f:a8:51:
65:3a:de:8d:a5:2d:8c:92:3a:aa:e2:7c:28:85:07:a9:bf:a1:
1f:52:27:6e:69:70:2a:2b:b3:c3:6c:3e:a4:04:57:05:73:5b:
36:1d:a0:3c:34:b6:9f:71:99:81:ed:80:67:9d:43:fb:6d:e0:
73:d7:32:ee:b9:e3:5a:54:20:47:18:29:7b:92:66:a0:2a:31:
be:7e:57:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5hck8nke1xyAXTdY0PHwxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZGVjOWEyMDk2ZGVjMTAzYmFlMmQ3YzM3OTZlMGQ0NzA4
NWMyMDIwHhcNMjQwMzIxMTQzNzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWI0YWNhMTkwZWViY2MwZjQxYzZlMDEzZDZlMGNiMGQxZWQ0ZTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHttxZb6B4uWC3uqyUjg1IzUIfpq
KIgr1MEWmPb7SNp657UYqPrrkxSGS8lSaA2pEdfkKK8NBQ/SDj1G19xKWGtCTZtR
2huztKfp9ANf1c8QbWxEZoo4oVckR07tjKVCkdu5j65R5B3S87ofug7v6BeTQGfn
8VlU7E67uXckSRPd3EUyxPH3rTq6iSPh7UD2AGSuDRcmXydVteJY9SRdFiV8P43Q
VApTFq1oWaQMzoLQJQCylo+t9zNZ4udsRqHhSQNKcSK4+5j3SrdWeF7jBqEG0P4Q
m3DgiiH6YrOz7SW6ldIoy+/PO8AnPu4Qryz2kPMXkGWHmj2nT1GoUFasowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDq0rKGQ7rzA9BxuAT1uDLDR7U6eMB8GA1UdIwQY
MBaAFC7eyaIJbewQO64tfDeW4NRwhcICMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHQ3Sm9nbHQ3QkE3cmkxOE41YmcxSENGd2dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9kZjBkMzctNGY2NS00MzlkLWE1MzEt
MDU3ZDdhZjBhZWY0LzEvT3JTc29aRHV2TUQwSEc0QlBXNE1zTkh0VHA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9kZjBkMzctNGY2NS00MzlkLWE1MzEtMDU3ZDdhZjBhZWY0
LzEvTHQ3Sm9nbHQ3QkE3cmkxOE41YmcxSENGd2dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQETUdgMA0G
CSqGSIb3DQEBCwUAA4IBAQAhvuFKWXyd8O9JvCjqIMSyofTz64Nv2qRMxiaBXDsA
c4NnxsjLYs8LpkZ4VqUzTlwzpS8iU3+xTora5kKu04XQsO6YMyN68p/j73R0i1L8
xCBwgLa5xfIWls31zm9lfDc4/2LNf+xZ1PHNi6MzamsCWF3qLHW0SWWOXlKp3H8x
mMAskmhS1J8Sbp+hRGWJKOxymRYGqlapYNo/a7bMFXiml4T/1wW8RrLvXC7vg2m+
FsF/qFFlOt6NpS2Mkjqq4nwohQepv6EfUiduaXAqK7PDbD6kBFcFc1s2HaA8NLaf
cZmB7YBnnUP7beBz1zLuueNaVCBHGCl7kmagKjG+fld5
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:26 2025 by rpki-client