Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/CyZDxHjY2huuC9Bbeh9EPWQzb5s.roa
File: CyZDxHjY2huuC9Bbeh9EPWQzb5s.roa (raw, json)
Hash identifier: FEqyDvoOZNONKmo4mx9oD3RcFC2nZVcw6qE0xBrpuYE=
Subject key identifier: 0B:26:43:C4:78:D8:DA:1B:AE:0B:D0:5B:7A:1F:44:3D:64:33:6F:9B
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0192C25360E6CF845764FBFEB099FDE4A9D0
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/CyZDxHjY2huuC9Bbeh9EPWQzb5s.roa
Signing time: Fri 25 Oct 2024 06:18:17 +0000
ROA not before: Fri 25 Oct 2024 06:18:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 77.242.146.0/23 maxlen: 23
88.151.56.0/23 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 12:39:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c2:53:60:e6:cf:84:57:64:fb:fe:b0:99:fd:e4:a9:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Oct 25 06:18:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b2643c478d8da1bae0bd05b7a1f443d64336f9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f9:95:56:49:95:48:a2:32:09:6f:83:4b:f8:
eb:3f:6a:20:6e:f8:e9:69:72:45:9e:11:29:b8:58:
6b:ab:35:22:02:73:0d:a0:d8:f4:24:32:40:10:6f:
98:a9:7a:65:68:29:32:8e:5b:e1:90:6e:f2:30:42:
73:25:b3:c7:fa:71:91:d1:ea:43:dc:ee:46:a0:3c:
9b:77:50:7b:19:94:1b:0e:c9:af:6a:32:4b:a2:65:
18:0d:fd:b0:ea:5a:d8:ab:97:bb:16:95:45:28:5c:
88:73:cc:e1:86:eb:dd:e9:70:02:71:c2:83:5d:0c:
8c:48:fe:da:26:1d:f2:db:70:cf:17:6d:98:87:35:
0d:28:91:5e:75:fe:95:28:4b:44:a7:f7:c3:62:69:
e1:77:07:69:e8:26:ac:71:16:09:e7:ae:47:f2:ab:
f9:26:1d:da:97:4b:9e:af:9d:f9:25:cc:70:75:0b:
ce:4f:3b:21:93:4e:4e:36:7e:24:03:1c:c0:5b:4b:
24:57:b4:0c:e5:4c:0e:db:66:3d:bc:4e:56:d0:fc:
81:cb:82:39:1e:fb:49:78:b1:a0:95:0f:bd:e4:f7:
19:5c:0d:f1:77:ec:ca:42:47:e8:f7:16:9a:2a:09:
49:43:50:17:84:bf:79:30:7d:71:0d:86:fb:3e:f6:
10:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:26:43:C4:78:D8:DA:1B:AE:0B:D0:5B:7A:1F:44:3D:64:33:6F:9B
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/CyZDxHjY2huuC9Bbeh9EPWQzb5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.146.0/23
88.151.56.0/23
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
38:78:ce:d2:31:04:73:c7:e1:b5:79:00:26:57:a4:9b:32:53:
9c:4a:f9:3a:73:dd:6d:31:ca:bc:19:aa:81:05:36:44:00:83:
f6:51:52:06:ef:8b:ad:cc:b2:3c:c2:2d:3b:27:02:d2:b0:1d:
2b:47:3c:eb:db:e2:66:3f:c0:61:d2:5a:48:8d:3a:cd:01:f8:
a8:c8:4c:ae:73:6c:09:de:ab:6e:c9:63:16:a2:99:6a:c5:f9:
dc:24:20:e8:d1:39:16:37:7b:2c:f2:1e:a2:e8:d7:2a:f1:44:
af:2d:74:4c:73:4c:06:ed:10:5c:0f:2c:5f:41:cc:7d:7d:71:
46:96:1b:b5:d6:e9:b1:cc:8d:1e:ed:90:bf:4f:7a:c8:0b:2a:
d7:20:8e:93:bd:7d:96:30:a7:1e:79:7a:c0:1b:27:80:f4:19:
7d:49:d3:4f:25:d6:6a:30:af:5f:b1:5c:e9:21:01:4e:45:35:
61:5a:18:1a:e8:e0:5c:5e:24:df:1a:d5:11:23:7e:d2:44:6e:
24:b2:e1:be:f6:19:02:00:4d:35:ed:45:22:ae:ce:76:05:4f:
c0:6e:bd:fc:91:e7:b3:db:5c:1b:c3:54:5a:b3:04:53:25:ea:
0e:a1:bf:ac:ea:47:86:3b:f9:50:6f:c3:8a:f4:18:4a:ff:4d:
be:9b:c5:fc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZLCU2Dmz4RXZPv+sJn95KnQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQxMDI1MDYxODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjI2NDNjNDc4ZDhkYTFiYWUwYmQwNWI3YTFmNDQzZDY0MzM2ZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPmVVkmVSKIyCW+DS/jrP2ogbvjp
aXJFnhEpuFhrqzUiAnMNoNj0JDJAEG+YqXplaCkyjlvhkG7yMEJzJbPH+nGR0epD
3O5GoDybd1B7GZQbDsmvajJLomUYDf2w6lrYq5e7FpVFKFyIc8zhhuvd6XACccKD
XQyMSP7aJh3y23DPF22YhzUNKJFedf6VKEtEp/fDYmnhdwdp6CascRYJ565H8qv5
Jh3al0uer535JcxwdQvOTzshk05ONn4kAxzAW0skV7QM5UwO22Y9vE5W0PyBy4I5
HvtJeLGglQ+95PcZXA3xd+zKQkfo9xaaKglJQ1AXhL95MH1xDYb7PvYQxQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAsmQ8R42NobrgvQW3ofRD1kM2+bMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvQ3laRHhIalkyaHV1QzlCYmVoOUVQV1F6YjVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBTfKSAwQB
WJc4AwQCWNHoMA0GCSqGSIb3DQEBCwUAA4IBAQA4eM7SMQRzx+G1eQAmV6SbMlOc
Svk6c91tMcq8GaqBBTZEAIP2UVIG74utzLI8wi07JwLSsB0rRzzr2+JmP8Bh0lpI
jTrNAfioyEyuc2wJ3qtuyWMWoplqxfncJCDo0TkWN3ss8h6i6Ncq8USvLXRMc0wG
7RBcDyxfQcx9fXFGlhu11umxzI0e7ZC/T3rICyrXII6TvX2WMKceeXrAGyeA9Bl9
SdNPJdZqMK9fsVzpIQFORTVhWhga6OBcXiTfGtURI37SRG4ksuG+9hkCAE017UUi
rs52BU/Abr38keez21wbw1RaswRTJeoOob+s6keGO/lQb8OK9BhK/02+m8X8
-----END CERTIFICATE-----
Generated at Tue Oct 29 14:50:24 2024 by rpki-client on console-fra.rpki-client.org