Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/540da5-27fb-46e6-a132-b54d82d8be7b/1/ydBttp01dTdoWpo2TYx3kIv2fdU.roa
File: ydBttp01dTdoWpo2TYx3kIv2fdU.roa (raw, json)
Hash identifier: G91XQ4K+pfuxY7XmpSl96mTR8ZKAKpH3SYz2mjNqaOg=
Subject key identifier: C9:D0:6D:B6:9D:35:75:37:68:5A:9A:36:4D:8C:77:90:8B:F6:7D:D5
Certificate issuer: /CN=f76fd568674856415eb1e21342aaf323b37b7a2e
Certificate serial: 018AA89C9B04DB466CA9B478C13B67C2F718
Authority key identifier: F7:6F:D5:68:67:48:56:41:5E:B1:E2:13:42:AA:F3:23:B3:7B:7A:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92_VaGdIVkFeseITQqrzI7N7ei4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/540da5-27fb-46e6-a132-b54d82d8be7b/1/ydBttp01dTdoWpo2TYx3kIv2fdU.roa
Signing time: Mon 18 Sep 2023 14:05:50 +0000
ROA not before: Mon 18 Sep 2023 14:05:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216376
IP address blocks: 185.77.98.0/24 maxlen: 24
185.77.98.0/23 maxlen: 23
185.77.99.0/24 maxlen: 24
2a13:ab40::/32 maxlen: 32
2a13:ab40::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a8:9c:9b:04:db:46:6c:a9:b4:78:c1:3b:67:c2:f7:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f76fd568674856415eb1e21342aaf323b37b7a2e
Validity
Not Before: Sep 18 14:05:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9d06db69d357537685a9a364d8c77908bf67dd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e2:76:95:88:3b:d5:5d:a5:d3:fe:90:11:df:
36:62:a0:5d:c1:91:c5:48:d7:de:c9:4f:e6:8b:2b:
49:1d:8d:f4:12:d8:b1:80:48:b9:e0:bd:cc:61:c7:
37:21:b5:31:e0:85:bd:2a:41:b7:70:5f:10:33:95:
8e:a6:08:ec:ac:64:8c:a1:81:29:5c:bc:87:f3:2d:
49:60:49:95:70:23:9b:99:f0:29:4e:80:0e:54:63:
f7:c4:dd:2d:4d:24:8f:2c:cd:67:bb:44:85:5f:f6:
75:f5:e3:b6:c5:20:bd:9e:a3:c0:eb:8e:97:1b:2b:
36:fd:37:33:ad:55:c9:96:43:d4:ee:5d:ed:23:1a:
89:d8:c7:31:b8:25:46:4f:77:65:b1:b3:e2:53:b3:
5c:21:b8:77:04:9e:98:7b:87:a8:fc:50:15:b8:c9:
7e:b3:54:69:28:f9:ea:63:5d:6e:a6:79:6a:ae:b2:
d7:0d:55:ab:c9:53:39:a2:26:3d:f5:1b:d0:79:b9:
b7:fb:01:15:58:4b:2b:02:3f:68:72:ba:ed:e8:ff:
48:c0:15:bb:68:62:73:0e:60:a6:ae:1a:e4:73:ec:
5a:9f:87:6d:95:74:46:a7:e7:23:0e:1c:4f:63:4c:
55:63:cc:2a:5c:82:5c:3a:b8:7e:0b:5d:a0:77:35:
bc:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:D0:6D:B6:9D:35:75:37:68:5A:9A:36:4D:8C:77:90:8B:F6:7D:D5
X509v3 Authority Key Identifier:
keyid:F7:6F:D5:68:67:48:56:41:5E:B1:E2:13:42:AA:F3:23:B3:7B:7A:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92_VaGdIVkFeseITQqrzI7N7ei4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/540da5-27fb-46e6-a132-b54d82d8be7b/1/ydBttp01dTdoWpo2TYx3kIv2fdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/540da5-27fb-46e6-a132-b54d82d8be7b/1/92_VaGdIVkFeseITQqrzI7N7ei4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.98.0/23
IPv6:
2a13:ab40::/32
Signature Algorithm: sha256WithRSAEncryption
2e:a0:19:0f:c3:21:81:b6:bc:53:82:64:0a:e9:39:d3:3c:9d:
1d:34:a3:c0:3c:cc:e4:cd:14:03:18:79:2c:84:eb:d4:3f:31:
91:23:4d:8e:15:4b:50:a3:78:94:28:87:01:69:b5:55:03:99:
e4:8c:78:45:0e:f5:64:a3:f6:2a:34:8f:a7:6e:1d:a1:38:a4:
96:61:ac:bc:57:04:8c:8d:46:96:76:0f:68:a9:5b:df:dc:03:
45:ab:40:03:1d:36:ff:ce:4e:42:88:b4:f5:34:ed:d8:fc:94:
be:2b:9f:8a:a6:b3:f6:da:dc:e6:e9:61:b8:9e:f4:e5:42:32:
42:0b:66:d6:c7:68:d9:9b:57:c0:96:9d:3c:de:ed:49:ac:40:
aa:50:0e:47:68:f5:fe:47:cd:45:0e:13:a8:54:36:26:83:09:
00:ca:2e:74:10:04:45:39:88:f0:1f:aa:9c:6c:f2:78:1a:df:
53:d4:4c:38:03:aa:10:59:90:d4:9e:af:4e:8a:bd:24:f7:b6:
2d:83:16:3a:82:e5:ff:06:e9:24:87:ab:eb:d1:f7:1c:41:26:
6d:8b:30:1d:9d:b3:5e:0f:b2:3f:55:fe:87:cc:05:c9:85:d6:
37:e9:e8:90:6f:65:74:b9:dc:d9:d9:d3:77:aa:77:4a:c5:9a:
f4:db:cc:6c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYqonJsE20ZsqbR4wTtnwvcYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NmZkNTY4Njc0ODU2NDE1ZWIxZTIxMzQyYWFmMzIzYjM3
YjdhMmUwHhcNMjMwOTE4MTQwNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWQwNmRiNjlkMzU3NTM3Njg1YTlhMzY0ZDhjNzc5MDhiZjY3ZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOJ2lYg71V2l0/6QEd82YqBdwZHF
SNfeyU/miytJHY30EtixgEi54L3MYcc3IbUx4IW9KkG3cF8QM5WOpgjsrGSMoYEp
XLyH8y1JYEmVcCObmfApToAOVGP3xN0tTSSPLM1nu0SFX/Z19eO2xSC9nqPA646X
Gys2/TczrVXJlkPU7l3tIxqJ2McxuCVGT3dlsbPiU7NcIbh3BJ6Ye4eo/FAVuMl+
s1RpKPnqY11upnlqrrLXDVWryVM5oiY99RvQebm3+wEVWEsrAj9ocrrt6P9IwBW7
aGJzDmCmrhrkc+xan4dtlXRGp+cjDhxPY0xVY8wqXIJcOrh+C12gdzW80QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMnQbbadNXU3aFqaNk2Md5CL9n3VMB8GA1UdIwQY
MBaAFPdv1WhnSFZBXrHiE0Kq8yOze3ouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTJfVmFHZElWa0Zlc2VJVFFxcnpJN043ZWk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi81NDBkYTUtMjdmYi00NmU2LWExMzIt
YjU0ZDgyZDhiZTdiLzEveWRCdHRwMDFkVGRvV3BvMlRZeDNrSXYyZmRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi81NDBkYTUtMjdmYi00NmU2LWExMzItYjU0ZDgyZDhiZTdi
LzEvOTJfVmFHZElWa0Zlc2VJVFFxcnpJN043ZWk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuU1iMA0E
AgACMAcDBQAqE6tAMA0GCSqGSIb3DQEBCwUAA4IBAQAuoBkPwyGBtrxTgmQK6TnT
PJ0dNKPAPMzkzRQDGHkshOvUPzGRI02OFUtQo3iUKIcBabVVA5nkjHhFDvVko/Yq
NI+nbh2hOKSWYay8VwSMjUaWdg9oqVvf3ANFq0ADHTb/zk5CiLT1NO3Y/JS+K5+K
prP22tzm6WG4nvTlQjJCC2bWx2jZm1fAlp083u1JrECqUA5HaPX+R81FDhOoVDYm
gwkAyi50EARFOYjwH6qcbPJ4Gt9T1Ew4A6oQWZDUnq9Oir0k97YtgxY6guX/Bukk
h6vr0fccQSZtizAdnbNeD7I/Vf6HzAXJhdY36eiQb2V0udzZ2dN3qndKxZr028xs
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:36:03 2024 by rpki-client on console-fra.rpki-client.org