Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/6fohQ8Su5nmn8z7HDL7QnfmN0kI.roa
File: 6fohQ8Su5nmn8z7HDL7QnfmN0kI.roa (raw, json)
Hash identifier: wOvqX5UgYoGNkay9X+HVZioIQctYO75TqEyVvRuLrvI=
Subject key identifier: E9:FA:21:43:C4:AE:E6:79:A7:F3:3E:C7:0C:BE:D0:9D:F9:8D:D2:42
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 019008900471EBD813EE0D1DD0060DF583E7
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/6fohQ8Su5nmn8z7HDL7QnfmN0kI.roa
Signing time: Tue 11 Jun 2024 18:29:34 +0000
ROA not before: Tue 11 Jun 2024 18:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42689
IP address blocks: 77.111.120.0/24 maxlen: 24
91.190.188.0/24 maxlen: 24
91.190.190.0/24 maxlen: 24
92.61.96.0/24 maxlen: 24
92.61.98.0/24 maxlen: 24
92.61.99.0/24 maxlen: 24
92.61.100.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 29 Jul 2024 09:54:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:08:90:04:71:eb:d8:13:ee:0d:1d:d0:06:0d:f5:83:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Jun 11 18:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9fa2143c4aee679a7f33ec70cbed09df98dd242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:d2:dc:cd:4a:aa:e7:06:93:fa:cb:6a:4c:ed:
38:5e:4f:a2:80:40:ed:91:13:46:5f:67:c3:c1:30:
c5:6a:48:82:c4:20:40:e0:9e:b5:1a:5b:f8:eb:38:
df:80:ec:85:ea:61:2d:00:d2:c1:ab:65:85:21:98:
ee:59:9f:20:5a:21:97:a7:34:13:ff:54:b5:47:e3:
cf:dc:81:46:f1:35:4c:67:c2:36:9b:c4:8d:22:7e:
c3:d3:7b:f7:ef:32:34:28:5d:d5:9c:f1:b3:cf:b8:
20:ca:ba:42:70:e7:fd:3c:39:de:41:dc:b7:ca:31:
c1:7a:cb:04:0f:e8:8c:cd:06:57:dd:7c:57:3a:54:
d6:cd:d9:c6:9d:a2:22:a0:c6:f7:6d:3a:61:05:b1:
14:dc:02:e7:91:61:9f:94:b5:c9:d9:0f:c0:03:66:
6b:65:70:52:00:c0:74:18:fd:38:aa:31:10:86:49:
d6:cb:bd:b2:60:47:4a:08:06:0e:36:db:5d:d4:fa:
f4:54:f7:53:4e:76:44:18:41:9d:c8:d0:9e:fc:96:
b0:d0:dc:a8:8d:21:bd:22:e4:30:79:ee:1a:58:98:
27:c0:4d:da:fc:d5:58:34:4d:c8:51:59:db:92:c6:
90:de:60:6a:74:f9:92:16:62:97:be:c7:25:4e:bf:
bd:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:FA:21:43:C4:AE:E6:79:A7:F3:3E:C7:0C:BE:D0:9D:F9:8D:D2:42
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/6fohQ8Su5nmn8z7HDL7QnfmN0kI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.120.0/24
91.190.188.0/24
91.190.190.0/24
92.61.96.0/24
92.61.98.0-92.61.101.255
Signature Algorithm: sha256WithRSAEncryption
49:95:fc:dd:9d:0f:f5:02:82:43:f3:7a:86:5e:63:91:1b:7c:
1a:54:76:5d:40:af:0b:79:9c:a4:79:98:9f:34:ee:e6:31:09:
44:85:50:83:33:f5:94:15:7c:0e:67:e3:d4:1e:87:77:8c:eb:
a6:15:39:78:c4:05:19:72:59:36:98:05:6f:04:79:85:d8:b3:
48:75:df:6e:b5:6d:fa:03:d9:fe:14:a7:a8:14:3b:01:80:ad:
b1:1a:bf:b4:db:8e:a4:c1:69:60:86:56:9e:0a:2b:7f:fe:69:
4f:0b:a9:1d:c9:70:af:1d:13:af:47:0e:1f:13:22:a7:2e:54:
e2:d7:6b:be:85:d3:29:5b:b8:4d:33:72:83:f1:cf:d9:ea:37:
66:75:d6:93:33:84:e7:55:b3:e7:fa:ff:4e:57:88:68:b2:f7:
2a:03:8b:07:6a:b7:30:b3:7b:93:b4:75:1a:9e:55:23:5a:8b:
5e:4d:80:8a:55:bf:cf:ed:c4:40:5e:86:50:a9:46:6b:7b:20:
4f:09:94:c3:83:d2:d4:e2:33:7a:bd:66:58:c4:da:73:bb:20:
09:d0:fb:53:c8:1c:a1:97:fc:c3:93:17:5e:81:94:5b:c2:e3:
d3:59:d4:a4:4a:7f:20:a1:6a:f6:8f:24:02:fd:e7:b7:80:1b:
07:22:c0:dd
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZAIkARx69gT7g0d0AYN9YPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjQwNjExMTgyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWZhMjE0M2M0YWVlNjc5YTdmMzNlYzcwY2JlZDA5ZGY5OGRkMjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA79LczUqq5waT+stqTO04Xk+igEDt
kRNGX2fDwTDFakiCxCBA4J61Glv46zjfgOyF6mEtANLBq2WFIZjuWZ8gWiGXpzQT
/1S1R+PP3IFG8TVMZ8I2m8SNIn7D03v37zI0KF3VnPGzz7ggyrpCcOf9PDneQdy3
yjHBessED+iMzQZX3XxXOlTWzdnGnaIioMb3bTphBbEU3ALnkWGflLXJ2Q/AA2Zr
ZXBSAMB0GP04qjEQhknWy72yYEdKCAYONttd1Pr0VPdTTnZEGEGdyNCe/Jaw0Nyo
jSG9IuQwee4aWJgnwE3a/NVYNE3IUVnbksaQ3mBqdPmSFmKXvsclTr+9EwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOn6IUPEruZ5p/M+xwy+0J35jdJCMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvNmZvaFE4U3U1bm1uOHo3SERMN1FuZm1OMGtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQATW94AwQA
W768AwQAW76+AwQAXD1gMAwDBAFcPWIDBAFcPWQwDQYJKoZIhvcNAQELBQADggEB
AEmV/N2dD/UCgkPzeoZeY5EbfBpUdl1Arwt5nKR5mJ807uYxCUSFUIMz9ZQVfA5n
49Qeh3eM66YVOXjEBRlyWTaYBW8EeYXYs0h13261bfoD2f4Up6gUOwGArbEav7Tb
jqTBaWCGVp4KK3/+aU8LqR3JcK8dE69HDh8TIqcuVOLXa76F0ylbuE0zcoPxz9nq
N2Z11pMzhOdVs+f6/05XiGiy9yoDiwdqtzCze5O0dRqeVSNai15NgIpVv8/txEBe
hlCpRmt7IE8JlMOD0tTiM3q9ZljE2nO7IAnQ+1PIHKGX/MOTF16BlFvC49NZ1KRK
fyChavaPJAL957eAGwciwN0=
-----END CERTIFICATE-----
Generated at Mon Jul 29 12:11:53 2024 by rpki-client on console-fra.rpki-client.org