Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ATs2D21ykW6BvteOnaCcmGXL1v0.roa
File: ATs2D21ykW6BvteOnaCcmGXL1v0.roa (raw, json)
Hash identifier: FYVVReWKR1jIlGfINRj97HJ3TGr3eChtfZ/TY+Bkl4U=
Subject key identifier: 01:3B:36:0F:6D:72:91:6E:81:BE:D7:8E:9D:A0:9C:98:65:CB:D6:FD
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018DCC0E09040A2D25154A15AEE8438068A3
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ATs2D21ykW6BvteOnaCcmGXL1v0.roa
Signing time: Wed 21 Feb 2024 14:24:48 +0000
ROA not before: Wed 21 Feb 2024 14:24:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215998
IP address blocks: 77.242.153.0/24 maxlen: 24
77.242.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Mar 2024 14:57:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cc:0e:09:04:0a:2d:25:15:4a:15:ae:e8:43:80:68:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 21 14:24:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=013b360f6d72916e81bed78e9da09c9865cbd6fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:91:da:4d:14:12:d3:38:74:39:54:60:e8:ea:
93:0d:e3:2f:1e:df:4f:e6:a2:f5:72:4b:0c:72:83:
18:7b:4c:49:85:d3:3b:3f:50:9b:df:4b:81:c8:88:
f7:95:d4:2a:53:85:ee:d9:be:3e:c2:5a:04:0c:ff:
7d:37:b5:b3:5b:91:69:68:93:b9:f8:10:94:d9:0e:
18:01:23:5d:68:a4:d7:de:c5:8e:68:0d:a7:a0:f5:
82:dd:21:e5:f7:62:58:c7:a1:c2:9b:27:95:15:6d:
4c:32:05:0a:e0:8e:fd:d0:64:25:1c:5f:f0:9a:14:
4d:4b:63:b6:40:13:fc:06:d4:72:36:63:ca:58:ca:
b2:e3:06:32:88:fa:58:60:9e:02:0d:2a:bc:d1:14:
3a:a8:3f:f9:9f:cd:30:60:f5:90:3a:6f:5b:22:b9:
90:ea:6b:ed:8a:ab:bf:d1:ac:44:14:a4:f0:e7:ec:
62:de:43:08:27:1d:b6:52:1c:28:8d:0b:d6:69:7d:
fd:f5:9b:71:f7:2c:65:55:d0:49:7d:4f:ad:59:ac:
d8:6b:e2:e8:de:48:c6:85:b0:7c:39:ae:04:7d:21:
62:57:79:cf:cf:0d:11:6d:e0:1e:88:19:9d:6b:0a:
34:1c:42:f5:9c:7a:38:a3:30:f7:58:3c:a9:7d:22:
89:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:3B:36:0F:6D:72:91:6E:81:BE:D7:8E:9D:A0:9C:98:65:CB:D6:FD
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ATs2D21ykW6BvteOnaCcmGXL1v0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.153.0/24
77.242.155.0/24
Signature Algorithm: sha256WithRSAEncryption
17:d9:fe:81:17:51:fd:ce:25:b4:d6:a9:7c:2c:06:dc:6f:4b:
49:d9:7a:ff:0d:97:96:8c:c2:5b:3b:92:e0:33:d8:6e:8b:ad:
ed:ad:0e:98:35:c3:f1:6b:2e:c2:cc:c1:8d:8b:df:d2:52:e5:
e9:60:33:53:bd:a1:30:da:6e:17:86:17:a7:ea:68:f7:2c:9e:
7f:58:f4:bd:7e:bf:80:dd:b5:35:02:ac:36:31:83:7c:e0:e3:
40:42:25:7d:fd:b2:e1:8d:fa:8c:ad:d1:8c:d0:35:3f:d7:8f:
89:f0:1c:78:9f:6d:8d:b8:eb:ba:85:3c:72:14:66:2d:1b:11:
8a:58:26:96:6a:4f:b9:7f:87:6b:ac:12:97:a6:e6:41:e7:4d:
49:15:6a:13:8a:6b:e3:dd:68:b4:a1:85:d3:a9:c8:6c:7c:d0:
25:f7:61:41:ba:15:d6:78:a7:ed:64:3f:64:72:78:9d:ba:52:
9d:0e:6e:8c:be:66:3a:ca:80:4b:b5:2b:c7:85:49:e9:24:a3:
62:0e:9f:7e:0c:23:e4:e0:7d:ef:fd:fe:c3:dd:a5:16:2d:5c:
cc:78:a0:88:36:ca:ee:1e:36:50:6c:ff:d9:f5:bf:f1:4c:cf:
52:ae:b8:53:d9:74:cf:29:00:4d:d0:5f:e0:8f:3d:94:16:50:
d0:9c:a7:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3MDgkECi0lFUoVruhDgGijMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMjIxMTQyNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTNiMzYwZjZkNzI5MTZlODFiZWQ3OGU5ZGEwOWM5ODY1Y2JkNmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpHaTRQS0zh0OVRg6OqTDeMvHt9P
5qL1cksMcoMYe0xJhdM7P1Cb30uByIj3ldQqU4Xu2b4+wloEDP99N7WzW5FpaJO5
+BCU2Q4YASNdaKTX3sWOaA2noPWC3SHl92JYx6HCmyeVFW1MMgUK4I790GQlHF/w
mhRNS2O2QBP8BtRyNmPKWMqy4wYyiPpYYJ4CDSq80RQ6qD/5n80wYPWQOm9bIrmQ
6mvtiqu/0axEFKTw5+xi3kMIJx22UhwojQvWaX399Ztx9yxlVdBJfU+tWazYa+Lo
3kjGhbB8Oa4EfSFiV3nPzw0RbeAeiBmdawo0HEL1nHo4ozD3WDypfSKJOQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAE7Ng9tcpFugb7Xjp2gnJhly9b9MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvQVRzMkQyMXlrVzZCdnRlT25hQ2NtR1hMMXYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATfKZAwQA
TfKbMA0GCSqGSIb3DQEBCwUAA4IBAQAX2f6BF1H9ziW01ql8LAbcb0tJ2Xr/DZeW
jMJbO5LgM9hui63trQ6YNcPxay7CzMGNi9/SUuXpYDNTvaEw2m4Xhhen6mj3LJ5/
WPS9fr+A3bU1Aqw2MYN84ONAQiV9/bLhjfqMrdGM0DU/14+J8Bx4n22NuOu6hTxy
FGYtGxGKWCaWak+5f4drrBKXpuZB501JFWoTimvj3Wi0oYXTqchsfNAl92FBuhXW
eKftZD9kcnidulKdDm6MvmY6yoBLtSvHhUnpJKNiDp9+DCPk4H3v/f7D3aUWLVzM
eKCINsruHjZQbP/Z9b/xTM9SrrhT2XTPKQBN0F/gjz2UFlDQnKen
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org