Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ToDDijk4I5QskjlnmDEHfaSxUHg.roa
File: ToDDijk4I5QskjlnmDEHfaSxUHg.roa (raw, json)
Hash identifier: gtR1rOWvOurubhdHQHaGP2WPtV2cI+vnMJg6g9zKjVM=
Subject key identifier: 4E:80:C3:8A:39:38:23:94:2C:92:39:67:98:31:07:7D:A4:B1:50:78
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0191551BA0FF352E9C3BEBEE1341679403BB
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ToDDijk4I5QskjlnmDEHfaSxUHg.roa
Signing time: Thu 15 Aug 2024 08:15:59 +0000
ROA not before: Thu 15 Aug 2024 08:15:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 77.242.149.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.209.195.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 17 Aug 2024 11:43:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:55:1b:a0:ff:35:2e:9c:3b:eb:ee:13:41:67:94:03:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Aug 15 08:15:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e80c38a393823942c9239679831077da4b15078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c6:0d:0f:5a:4e:28:7d:ba:b5:14:80:46:bc:
38:6e:c7:e8:7d:37:97:4a:fb:11:cd:94:9e:e0:c0:
a3:33:68:94:7a:e3:da:d2:11:56:7b:53:8e:d2:a8:
97:3c:eb:f4:3c:91:a6:46:17:58:aa:d9:d4:da:6d:
77:e0:d2:d3:04:64:a4:e4:80:90:f0:1f:68:ad:09:
7f:67:be:c1:16:43:eb:b5:f7:c5:bf:e8:b2:81:e0:
74:42:bf:03:18:3e:7f:c8:cf:99:21:db:77:f4:48:
69:8e:8b:ba:a0:7d:ee:6b:d9:ff:9e:65:46:2e:75:
72:31:c2:c0:bd:5e:37:02:e4:23:39:f4:98:db:76:
eb:9e:8d:c4:16:6d:69:ac:87:76:05:e5:45:e1:e0:
6b:a2:c6:b9:1a:40:c8:25:e3:e4:19:13:62:c8:4e:
b1:cf:81:8e:2d:eb:15:a2:f2:7e:f6:c3:4a:86:be:
39:08:48:3c:a2:81:b9:26:f0:37:db:a2:7c:69:38:
04:b2:9b:4d:57:f0:f0:1a:9e:35:fd:5a:65:a4:65:
c0:66:ee:21:b9:04:27:09:a5:56:c7:e9:a2:e0:1d:
ec:59:32:01:f4:ae:03:f7:17:a4:a9:75:bd:fd:0f:
5d:79:cc:bb:45:27:e1:cb:b3:61:cd:e1:dd:87:cb:
6d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:80:C3:8A:39:38:23:94:2C:92:39:67:98:31:07:7D:A4:B1:50:78
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ToDDijk4I5QskjlnmDEHfaSxUHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.149.0/24
88.151.56.0/23
88.209.195.0/24
88.209.211.0/24
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:ac:5a:09:08:36:5a:dd:e1:66:2b:52:05:54:10:f6:97:f9:
17:c8:2c:80:4b:2a:7c:7b:93:c8:bd:de:d5:5f:19:f9:83:a4:
48:b7:63:2c:89:91:3f:6e:9a:0e:16:c3:36:8d:35:d4:21:f2:
e9:cb:00:d4:07:59:be:df:51:0f:d8:9d:21:9a:25:b2:bc:d3:
85:cf:db:3f:92:69:7a:1a:aa:8b:a1:5d:73:53:28:bf:c0:0a:
63:cd:d0:f3:2b:43:ec:b8:0b:42:61:dd:0a:1d:10:33:da:18:
44:13:a2:16:d0:f6:1e:5f:1e:25:f6:15:d8:46:02:2b:2d:5e:
63:bf:58:e9:2f:b0:47:43:57:a1:7d:ba:40:e6:bb:40:7f:66:
d3:30:fe:97:f7:c4:4c:99:ed:62:5e:2e:03:08:65:98:90:e3:
58:d0:c4:70:24:09:56:b0:b3:ee:9e:6b:86:45:60:a7:5c:ac:
7e:8f:20:03:38:bc:58:1c:67:cb:ce:d8:cd:54:b4:c4:d8:9b:
ac:63:03:ff:34:2b:c4:3a:57:f6:6f:a1:74:3c:b7:ff:0e:d3:
3a:9f:7b:8e:37:dc:fb:40:56:61:81:60:9c:da:a4:65:4a:02:
7c:2a:75:5b:f6:ed:e9:0c:e3:e1:d4:2b:20:e4:9e:f0:c1:fe:
fa:09:e2:f3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZFVG6D/NS6cO+vuE0FnlAO7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwODE1MDgxNTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTgwYzM4YTM5MzgyMzk0MmM5MjM5Njc5ODMxMDc3ZGE0YjE1MDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsYND1pOKH26tRSARrw4bsfofTeX
SvsRzZSe4MCjM2iUeuPa0hFWe1OO0qiXPOv0PJGmRhdYqtnU2m134NLTBGSk5ICQ
8B9orQl/Z77BFkPrtffFv+iygeB0Qr8DGD5/yM+ZIdt39Ehpjou6oH3ua9n/nmVG
LnVyMcLAvV43AuQjOfSY23brno3EFm1prId2BeVF4eBrosa5GkDIJePkGRNiyE6x
z4GOLesVovJ+9sNKhr45CEg8ooG5JvA326J8aTgEsptNV/DwGp41/VplpGXAZu4h
uQQnCaVWx+mi4B3sWTIB9K4D9xekqXW9/Q9decy7RSfhy7NhzeHdh8ttbwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFE6Aw4o5OCOULJI5Z5gxB32ksVB4MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVG9ERGlqazRJNVFza2psbm1ERUhmYVN4VUhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATfKVAwQB
WJc4AwQAWNHDAwQAWNHTAwQCWNHoMA0GCSqGSIb3DQEBCwUAA4IBAQCwrFoJCDZa
3eFmK1IFVBD2l/kXyCyASyp8e5PIvd7VXxn5g6RIt2MsiZE/bpoOFsM2jTXUIfLp
ywDUB1m+31EP2J0hmiWyvNOFz9s/kml6GqqLoV1zUyi/wApjzdDzK0PsuAtCYd0K
HRAz2hhEE6IW0PYeXx4l9hXYRgIrLV5jv1jpL7BHQ1ehfbpA5rtAf2bTMP6X98RM
me1iXi4DCGWYkONY0MRwJAlWsLPunmuGRWCnXKx+jyADOLxYHGfLztjNVLTE2Jus
YwP/NCvEOlf2b6F0PLf/DtM6n3uON9z7QFZhgWCc2qRlSgJ8KnVb9u3pDOPh1Csg
5J7wwf76CeLz
-----END CERTIFICATE-----
Generated at Sat Aug 17 16:28:13 2024 by rpki-client on console-fra.rpki-client.org