Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/bEy46jd7RFPddhyF7r_wS71z-08.roa
File: bEy46jd7RFPddhyF7r_wS71z-08.roa (raw, json)
Hash identifier: ZfmZJtOMlWy7vIly+QsUUxTFI3A9slIYW4ZQVEa4FVQ=
Subject key identifier: 6C:4C:B8:EA:37:7B:44:53:DD:76:1C:85:EE:BF:F0:4B:BD:73:FB:4F
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0190DA45B24CD3A12871F705F08C74427533
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/bEy46jd7RFPddhyF7r_wS71z-08.roa
Signing time: Mon 22 Jul 2024 11:48:39 +0000
ROA not before: Mon 22 Jul 2024 11:48:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 77.242.146.0/24 maxlen: 24
77.242.147.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
92.52.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jul 2024 14:25:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:da:45:b2:4c:d3:a1:28:71:f7:05:f0:8c:74:42:75:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 22 11:48:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c4cb8ea377b4453dd761c85eebff04bbd73fb4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:03:e8:1c:a0:ae:14:f4:94:91:db:63:47:91:
54:40:7d:ba:c9:59:f2:47:87:8d:b0:d7:a4:76:98:
df:46:a0:fb:7d:ee:3a:d4:f6:d6:d2:0f:e5:c5:4c:
d0:f1:19:17:87:b5:ea:ea:b3:e7:a6:20:f9:51:5c:
dd:86:2c:5a:43:a6:76:49:f9:79:fb:eb:6c:92:24:
c4:eb:e4:d6:b0:c1:9d:f7:95:ac:fd:5c:cc:f2:f8:
ce:ee:43:de:07:cf:32:6c:ab:ee:aa:2a:d5:23:f2:
0f:38:8c:f8:5d:9a:4c:03:7a:c3:58:3f:c9:87:18:
bb:07:5c:46:40:0f:ee:b2:9f:51:f3:c2:a2:bb:61:
4c:1b:4b:42:71:72:24:ec:9c:eb:fe:4d:a8:a0:5b:
de:79:de:ef:09:ae:9d:62:d9:d5:e8:6d:d4:c7:ae:
7e:b0:05:39:d6:4e:c8:5d:43:af:49:d0:e5:c1:5e:
77:90:c8:41:82:19:b7:5d:7b:6e:e0:b4:a0:b0:8f:
09:b9:9e:bc:93:52:c5:b0:28:66:87:1a:0a:a4:e4:
b2:61:81:57:8c:69:95:46:93:fd:e7:ad:0a:09:00:
f3:fb:98:30:c2:6d:bc:5b:17:5c:f1:b8:0a:b4:ab:
fb:32:7e:69:65:6c:74:b0:8b:7a:58:c5:92:d1:39:
2d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:4C:B8:EA:37:7B:44:53:DD:76:1C:85:EE:BF:F0:4B:BD:73:FB:4F
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/bEy46jd7RFPddhyF7r_wS71z-08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.146.0/23
88.151.56.0/23
88.209.211.0/24
88.209.232.0/22
92.52.219.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:87:11:94:b9:ba:a0:71:18:35:dd:95:33:d6:52:90:26:d6:
60:a8:ac:1f:7b:fe:d9:45:30:f1:43:c9:f7:e3:0f:85:be:f4:
77:ee:0d:d9:37:ca:7b:d6:1f:cf:54:a3:f0:18:b3:77:da:d0:
6b:2a:56:a3:d9:c1:1a:ea:a2:a9:a1:b3:ff:53:5d:2e:34:b7:
6c:8e:c8:b3:28:ca:e5:c8:2f:9b:68:59:cc:df:43:50:aa:d7:
76:fa:f9:e5:84:a5:9c:cf:cb:d5:78:58:bd:be:81:8a:81:dd:
94:a9:73:1c:b7:12:f8:d0:fd:39:4a:45:86:a0:c3:c8:66:56:
a6:4e:cd:4b:5f:72:80:20:ea:fa:96:ff:2c:3e:51:42:b3:3d:
45:29:c8:c8:2a:01:d6:5c:ea:2b:f7:fa:f7:f0:1b:a5:3b:c9:
4a:82:57:66:19:31:4f:ee:e2:2c:34:10:20:23:58:eb:c0:81:
38:6e:ab:de:5a:e2:c7:98:fe:ff:fe:66:93:78:72:bf:c7:a4:
81:8f:4c:45:eb:46:16:cb:47:db:c8:3e:d7:68:4c:72:81:8a:
4e:76:df:7b:bd:af:2e:73:ce:ea:3e:eb:4e:bf:c0:94:53:a3:
ed:dc:b5:6a:74:9d:b8:53:da:35:16:f0:3b:1f:a0:10:14:32:
7a:e2:ba:af
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZDaRbJM06EocfcF8Ix0QnUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwNzIyMTE0ODM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzRjYjhlYTM3N2I0NDUzZGQ3NjFjODVlZWJmZjA0YmJkNzNmYjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngPoHKCuFPSUkdtjR5FUQH26yVny
R4eNsNekdpjfRqD7fe461PbW0g/lxUzQ8RkXh7Xq6rPnpiD5UVzdhixaQ6Z2Sfl5
++tskiTE6+TWsMGd95Ws/VzM8vjO7kPeB88ybKvuqirVI/IPOIz4XZpMA3rDWD/J
hxi7B1xGQA/usp9R88Kiu2FMG0tCcXIk7Jzr/k2ooFveed7vCa6dYtnV6G3Ux65+
sAU51k7IXUOvSdDlwV53kMhBghm3XXtu4LSgsI8JuZ68k1LFsChmhxoKpOSyYYFX
jGmVRpP9560KCQDz+5gwwm28Wxdc8bgKtKv7Mn5pZWx0sIt6WMWS0TktTQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGxMuOo3e0RT3XYche6/8Eu9c/tPMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvYkV5NDZqZDdSRlBkZGh5RjdyX3dTNzF6LTA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBTfKSAwQB
WJc4AwQAWNHTAwQCWNHoAwQAXDTbMA0GCSqGSIb3DQEBCwUAA4IBAQBehxGUubqg
cRg13ZUz1lKQJtZgqKwfe/7ZRTDxQ8n34w+FvvR37g3ZN8p71h/PVKPwGLN32tBr
Klaj2cEa6qKpobP/U10uNLdsjsizKMrlyC+baFnM30NQqtd2+vnlhKWcz8vVeFi9
voGKgd2UqXMctxL40P05SkWGoMPIZlamTs1LX3KAIOr6lv8sPlFCsz1FKcjIKgHW
XOor9/r38BulO8lKgldmGTFP7uIsNBAgI1jrwIE4bqveWuLHmP7//maTeHK/x6SB
j0xF60YWy0fbyD7XaExygYpOdt97va8uc87qPutOv8CUU6Pt3LVqdJ24U9o1FvA7
H6AQFDJ64rqv
-----END CERTIFICATE-----
Generated at Mon Jul 29 17:58:36 2024 by rpki-client on console-fra.rpki-client.org