Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/CJMRrGaNYGg0QPXHphyUCz9FKOU.roa
File: CJMRrGaNYGg0QPXHphyUCz9FKOU.roa (raw, json)
Hash identifier: vtrn6+Zc/qh4ZJAti9Ep4PuqyNXYv4SqepX/neQa/1U=
Subject key identifier: 08:93:11:AC:66:8D:60:68:34:40:F5:C7:A6:1C:94:0B:3F:45:28:E5
Certificate issuer: /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial: 018FD4C5410148BFFC7142D891AEB9E275B1
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/CJMRrGaNYGg0QPXHphyUCz9FKOU.roa
Signing time: Sat 01 Jun 2024 17:07:28 +0000
ROA not before: Sat 01 Jun 2024 17:07:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 77.81.79.0/24 maxlen: 24
77.81.80.0/23 maxlen: 24
188.214.234.0/23 maxlen: 24
194.26.2.0/24 maxlen: 24
194.26.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Jun 2024 16:38:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d4:c5:41:01:48:bf:fc:71:42:d8:91:ae:b9:e2:75:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Validity
Not Before: Jun 1 17:07:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=089311ac668d60683440f5c7a61c940b3f4528e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e4:0d:4f:ac:7f:06:7c:6a:19:7f:32:75:a5:
f7:1d:48:c8:73:e4:d0:ce:c0:b5:cc:aa:e1:0c:fd:
5d:16:df:c4:04:b3:df:ef:d5:3b:e0:24:00:6b:05:
e3:00:47:e4:a0:15:36:d4:5d:80:e7:87:6b:23:74:
37:55:04:96:1f:22:c2:ac:ba:bf:46:37:91:bb:8b:
8a:55:40:c1:4e:56:7c:0d:3a:8a:c1:7f:84:d6:1b:
49:50:22:21:9e:41:60:f3:c1:62:71:38:3e:35:47:
92:ed:c0:38:7f:c6:7b:13:3b:e5:22:ae:03:f6:7c:
43:d5:af:80:0b:6e:c5:f7:b2:be:cb:18:59:22:9f:
0f:58:36:0c:a0:66:d3:c6:71:f2:c8:d7:89:14:b7:
0b:f6:8c:6a:7a:1c:ed:11:06:19:18:32:23:1d:69:
0a:b7:bd:14:25:69:03:2e:85:49:11:3e:44:31:d3:
7d:39:01:d9:22:f8:fa:e5:9b:90:63:53:18:a9:bf:
4c:d9:35:0f:ea:e1:ab:58:91:5f:d7:96:d6:40:6c:
be:87:fe:56:e0:37:20:9d:6f:d5:4f:5d:28:5f:d0:
df:dd:d7:d3:0a:3f:46:e1:5d:e0:13:20:50:ca:c9:
a5:3e:05:26:7d:a6:5a:77:cc:f2:4a:3e:6f:1b:2f:
8c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:93:11:AC:66:8D:60:68:34:40:F5:C7:A6:1C:94:0B:3F:45:28:E5
X509v3 Authority Key Identifier:
keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/CJMRrGaNYGg0QPXHphyUCz9FKOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.79.0-77.81.81.255
188.214.234.0/23
194.26.2.0/24
194.26.21.0/24
Signature Algorithm: sha256WithRSAEncryption
96:52:c1:ee:87:3d:01:06:87:fe:a8:eb:d9:02:e2:8f:b2:1a:
1f:e9:50:59:5e:31:cd:6f:7b:49:2e:36:e0:fa:9f:02:c1:24:
a8:ed:b2:bf:6a:4e:ca:59:75:04:7d:c3:a5:49:11:71:25:7b:
2f:03:02:a3:3f:1b:d8:25:3d:20:c1:01:48:c1:bb:68:4e:39:
c1:bb:9b:29:b1:76:83:09:a1:ed:df:5a:a6:db:ad:1b:0b:0d:
9d:e7:f5:16:43:16:0a:44:80:89:c8:e3:1c:f1:b7:b8:1b:b1:
59:6e:9d:76:ab:53:df:a2:2c:86:97:7e:04:9d:f5:bf:44:b2:
09:6c:07:14:77:05:1d:e0:b3:fd:c8:6d:57:7f:fa:fa:c2:04:
54:98:6e:ba:67:91:b1:ac:05:48:c5:73:31:a0:ec:c0:0f:d0:
48:00:b6:a1:d0:e7:8b:61:66:55:0e:54:7f:b5:ed:78:f4:d6:
0f:ea:f5:d4:0d:8f:b6:b6:6a:fa:80:9c:0c:c6:a4:fa:25:8a:
3d:da:91:7c:50:d2:58:f4:c9:95:43:14:89:25:68:b2:36:55:
c0:84:9a:0a:ab:f0:16:20:62:b2:0d:ac:5b:88:ff:b6:aa:f1:
cb:10:2d:eb:e0:d4:e8:b5:63:77:17:cf:6a:f8:d4:3f:fa:19:
ce:12:f7:5c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY/UxUEBSL/8cULYka654nWxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjQwNjAxMTcwNzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODkzMTFhYzY2OGQ2MDY4MzQ0MGY1YzdhNjFjOTQwYjNmNDUyOGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OQNT6x/BnxqGX8ydaX3HUjIc+TQ
zsC1zKrhDP1dFt/EBLPf79U74CQAawXjAEfkoBU21F2A54drI3Q3VQSWHyLCrLq/
RjeRu4uKVUDBTlZ8DTqKwX+E1htJUCIhnkFg88FicTg+NUeS7cA4f8Z7EzvlIq4D
9nxD1a+AC27F97K+yxhZIp8PWDYMoGbTxnHyyNeJFLcL9oxqehztEQYZGDIjHWkK
t70UJWkDLoVJET5EMdN9OQHZIvj65ZuQY1MYqb9M2TUP6uGrWJFf15bWQGy+h/5W
4DcgnW/VT10oX9Df3dfTCj9G4V3gEyBQysmlPgUmfaZad8zySj5vGy+MOQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAiTEaxmjWBoNED1x6YclAs/RSjlMB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvQ0pNUnJHYU5ZR2cwUVBYSHBoeVVDejlGS09VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABNUU8D
BAFNUVADBAG81uoDBADCGgIDBADCGhUwDQYJKoZIhvcNAQELBQADggEBAJZSwe6H
PQEGh/6o69kC4o+yGh/pUFleMc1ve0kuNuD6nwLBJKjtsr9qTspZdQR9w6VJEXEl
ey8DAqM/G9glPSDBAUjBu2hOOcG7mymxdoMJoe3fWqbbrRsLDZ3n9RZDFgpEgInI
4xzxt7gbsVlunXarU9+iLIaXfgSd9b9EsglsBxR3BR3gs/3IbVd/+vrCBFSYbrpn
kbGsBUjFczGg7MAP0EgAtqHQ54thZlUOVH+17Xj01g/q9dQNj7a2avqAnAzGpPol
ij3akXxQ0lj0yZVDFIklaLI2VcCEmgqr8BYgYrINrFuI/7aq8csQLevg1Oi1Y3cX
z2r41D/6Gc4S91w=
-----END CERTIFICATE-----
Generated at Sat Jun 22 18:54:43 2024 by rpki-client on console-fra.rpki-client.org