Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/T47kls-lA_6gvgvk7kptIyHtGYA.roa
File: T47kls-lA_6gvgvk7kptIyHtGYA.roa (raw, json)
Hash identifier: 8z/6HCOmWGKRc2IYKn7KqNjb9CAHJ07GQBf+5WnbIDo=
Subject key identifier: 4F:8E:E4:96:CF:A5:03:FE:A0:BE:0B:E4:EE:4A:6D:23:21:ED:19:80
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0192EBBDDC91DACDAB7935DBC77A0D2C595D
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/T47kls-lA_6gvgvk7kptIyHtGYA.roa
Signing time: Sat 02 Nov 2024 07:19:01 +0000
ROA not before: Sat 02 Nov 2024 07:19:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 77.242.146.0/23 maxlen: 23
88.151.56.0/23 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Nov 2024 08:09:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:eb:bd:dc:91:da:cd:ab:79:35:db:c7:7a:0d:2c:59:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Nov 2 07:19:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f8ee496cfa503fea0be0be4ee4a6d2321ed1980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e8:87:e3:2d:a7:27:2f:47:83:ae:43:4b:ec:
a4:8d:79:b9:a1:e4:ee:8e:98:8b:f6:d8:cc:63:bc:
2d:a3:2d:c2:12:ff:f1:84:b9:72:de:08:a4:63:a9:
be:88:81:0c:c8:7d:e7:79:01:cf:77:fc:5c:3b:cf:
a3:85:d6:47:e1:91:27:70:75:83:b6:4e:5c:38:c0:
81:af:7f:12:ac:25:c9:94:6b:33:fc:2f:77:95:84:
f8:e3:ac:ea:e7:53:f4:39:be:73:d1:d0:55:a9:ae:
e3:cd:b9:09:5c:b1:43:e9:bf:73:b7:c6:08:2f:2d:
31:d6:2f:4d:7f:03:87:a4:84:e2:08:e5:f4:da:fe:
65:69:05:e1:f6:59:cc:e9:39:cc:89:e0:3b:fd:bd:
56:d7:b8:38:15:15:cb:5e:5b:47:17:2d:54:7a:c2:
d5:c1:dc:f1:40:27:08:7b:ce:11:ba:d5:f7:98:88:
01:18:19:4e:f6:ec:1a:d3:3f:e7:d1:2b:e4:e2:ef:
99:ee:9f:f0:24:09:43:da:91:d8:3a:74:0d:11:a3:
cf:5e:f7:bb:3f:e2:ee:53:6e:f9:b9:0e:87:cd:cc:
a4:e0:c2:da:0f:59:44:d1:92:70:11:40:5a:0c:07:
53:82:87:21:17:56:66:29:51:7c:81:91:bb:fd:7c:
b4:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:8E:E4:96:CF:A5:03:FE:A0:BE:0B:E4:EE:4A:6D:23:21:ED:19:80
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/T47kls-lA_6gvgvk7kptIyHtGYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.146.0/23
88.151.56.0/23
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:de:f6:71:41:f5:f2:c5:9a:4c:d8:1e:65:7b:29:83:13:de:
86:30:5a:29:f9:0a:1e:d2:5d:06:aa:36:7a:16:6c:ed:0b:98:
47:b1:56:a5:fe:1b:37:2c:fa:f9:fe:58:d1:b9:ff:38:a6:94:
2c:20:97:52:1c:df:7d:1d:35:db:b2:90:58:59:56:ad:b7:13:
51:33:98:50:11:4a:71:90:d5:5e:b4:34:ff:be:9f:59:44:6b:
8e:1d:5c:07:e0:44:35:0b:66:dd:d5:49:17:1e:ce:a9:62:c1:
20:51:4e:db:90:b5:58:a3:a9:85:b5:a5:e7:d2:fb:27:04:3c:
be:04:08:ec:4e:96:5b:37:13:ba:46:0f:c7:2e:5a:f7:89:43:
83:ed:e3:ee:0a:5b:af:da:32:0d:69:df:40:ff:19:f8:7a:77:
49:39:9d:2f:f1:ad:e5:a6:a2:45:1b:dd:2b:8d:f5:2d:ba:76:
58:d1:cf:ec:4a:8b:1a:60:3e:2f:01:9a:ef:50:c7:22:b1:37:
7e:e8:24:95:87:3b:7e:2b:be:b4:eb:bf:c7:e5:7a:d0:84:39:
a8:3c:6c:74:98:ba:21:b2:8f:df:52:ee:d6:0d:84:89:49:2b:
02:5d:4b:97:c3:e4:d1:1f:77:82:15:27:9d:1d:90:30:32:9b:
f0:c7:29:fe
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZLrvdyR2s2reTXbx3oNLFldMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQxMTAyMDcxOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjhlZTQ5NmNmYTUwM2ZlYTBiZTBiZTRlZTRhNmQyMzIxZWQxOTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4OiH4y2nJy9Hg65DS+ykjXm5oeTu
jpiL9tjMY7wtoy3CEv/xhLly3gikY6m+iIEMyH3neQHPd/xcO8+jhdZH4ZEncHWD
tk5cOMCBr38SrCXJlGsz/C93lYT446zq51P0Ob5z0dBVqa7jzbkJXLFD6b9zt8YI
Ly0x1i9NfwOHpITiCOX02v5laQXh9lnM6TnMieA7/b1W17g4FRXLXltHFy1UesLV
wdzxQCcIe84RutX3mIgBGBlO9uwa0z/n0Svk4u+Z7p/wJAlD2pHYOnQNEaPPXve7
P+LuU275uQ6Hzcyk4MLaD1lE0ZJwEUBaDAdTgochF1ZmKVF8gZG7/Xy0zQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE+O5JbPpQP+oL4L5O5KbSMh7RmAMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVDQ3a2xzLWxBXzZndmd2azdrcHRJeUh0R1lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBTfKSAwQB
WJc4AwQCWNHoMA0GCSqGSIb3DQEBCwUAA4IBAQCP3vZxQfXyxZpM2B5leymDE96G
MFop+Qoe0l0GqjZ6FmztC5hHsVal/hs3LPr5/ljRuf84ppQsIJdSHN99HTXbspBY
WVattxNRM5hQEUpxkNVetDT/vp9ZRGuOHVwH4EQ1C2bd1UkXHs6pYsEgUU7bkLVY
o6mFtaXn0vsnBDy+BAjsTpZbNxO6Rg/HLlr3iUOD7ePuCluv2jINad9A/xn4endJ
OZ0v8a3lpqJFG90rjfUtunZY0c/sSosaYD4vAZrvUMcisTd+6CSVhzt+K76067/H
5XrQhDmoPGx0mLohso/fUu7WDYSJSSsCXUuXw+TRH3eCFSedHZAwMpvwxyn+
-----END CERTIFICATE-----
Generated at Mon Nov 4 11:00:41 2024 by rpki-client on console-ams.rpki-client.org