Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/chz4i-LnXFzSiBH2pkULoIv0lik.roa
File: chz4i-LnXFzSiBH2pkULoIv0lik.roa (raw, json)
Hash identifier: Mpbol7tXfPhG5UeNRlV+lnmKUlPd2FZtVu1jBO+c3Pg=
Subject key identifier: 72:1C:F8:8B:E2:E7:5C:5C:D2:88:11:F6:A6:45:0B:A0:8B:F4:96:29
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01910D056B851708D9377762A21929E3640F
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/chz4i-LnXFzSiBH2pkULoIv0lik.roa
Signing time: Thu 01 Aug 2024 08:19:04 +0000
ROA not before: Thu 01 Aug 2024 08:19:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 77.242.146.0/24 maxlen: 24
77.242.147.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Aug 2024 11:58:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0d:05:6b:85:17:08:d9:37:77:62:a2:19:29:e3:64:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Aug 1 08:19:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=721cf88be2e75c5cd28811f6a6450ba08bf49629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f1:56:b9:f5:7f:e9:ce:28:1b:6c:45:d2:76:
93:3a:f1:bd:92:28:41:6d:a2:bc:98:10:97:fd:86:
4b:e0:2e:97:23:76:d8:df:03:29:c0:6d:aa:37:e7:
b5:bc:51:39:2b:5f:68:7a:65:0d:76:b9:ed:63:a5:
29:af:2b:25:4e:ea:f6:cc:b0:da:4f:59:0d:95:7f:
97:6c:bb:b7:ae:fb:36:2d:79:35:f9:47:56:bf:4e:
72:ee:ed:49:fa:b9:c7:8e:be:03:00:39:8e:d7:cd:
0c:e3:fb:d7:95:96:2f:73:5a:c5:20:3d:e2:bd:e8:
96:3e:67:3f:ee:c8:72:a8:6a:ea:dc:d9:a1:eb:e4:
05:14:32:9e:3b:5e:7e:a6:27:71:4f:fd:95:58:bc:
dd:3b:54:a7:eb:8e:ab:36:dc:d5:f8:28:37:27:f7:
ea:a6:2a:19:3d:e0:38:a2:fa:59:d4:d1:b4:b0:86:
33:64:6b:64:0f:4d:18:ce:b7:30:81:28:3a:15:c0:
97:92:76:4e:66:69:07:bb:f7:c1:7f:fc:6b:cd:6f:
69:10:e0:2d:99:cd:61:b5:d5:04:47:2a:58:5a:de:
82:7d:a5:e4:7b:f3:b3:ff:84:30:d2:63:c4:43:76:
3e:5b:b1:09:e3:ea:41:c8:ac:70:d5:c2:7e:28:50:
dd:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:1C:F8:8B:E2:E7:5C:5C:D2:88:11:F6:A6:45:0B:A0:8B:F4:96:29
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/chz4i-LnXFzSiBH2pkULoIv0lik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.146.0/23
88.151.56.0/23
88.209.211.0/24
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:dc:6c:5a:9e:3f:d5:b0:0f:3e:47:46:b7:c2:4a:4c:ab:80:
ae:ae:99:fd:b1:c5:f5:fd:ec:c3:7e:10:a2:97:fd:4b:1e:47:
db:2b:82:d6:14:7e:46:1b:6c:e9:6a:f1:0c:ea:27:05:c8:62:
0c:3c:b8:40:6c:92:55:07:ea:33:1b:f8:ec:5e:22:09:76:c6:
38:93:03:59:ed:9e:7e:81:bf:5a:38:f9:a1:4f:6e:aa:d9:fb:
fa:fc:6d:3e:76:c8:a1:f8:e7:3c:7d:a2:4d:ca:cd:34:1e:e9:
0c:96:45:15:dc:a4:39:ae:c0:a7:fc:0a:d3:91:f9:fc:c7:a9:
41:75:39:4a:a2:02:e7:be:18:52:24:de:3e:ed:47:b1:76:c3:
f8:18:5b:55:d5:d1:29:19:6b:4f:bb:5e:06:1a:6a:89:5c:b8:
03:3b:b4:37:ab:63:e6:5e:e9:3e:69:1a:e7:92:9d:c0:47:42:
e2:18:f1:bd:cf:3b:cb:4b:dc:03:db:a4:fa:c3:8d:c7:09:a5:
cf:d7:dc:d9:03:06:00:44:88:e8:00:52:42:e5:73:6f:8d:da:
7e:4d:ac:ae:cd:89:3a:8e:37:22:0a:54:ae:fe:d0:a3:48:50:
ce:03:f6:90:8b:66:c5:b8:df:0b:5f:69:96:ab:d5:8c:12:9f:
04:8f:fe:94
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZENBWuFFwjZN3diohkp42QPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwODAxMDgxOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjFjZjg4YmUyZTc1YzVjZDI4ODExZjZhNjQ1MGJhMDhiZjQ5NjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfFWufV/6c4oG2xF0naTOvG9kihB
baK8mBCX/YZL4C6XI3bY3wMpwG2qN+e1vFE5K19oemUNdrntY6UpryslTur2zLDa
T1kNlX+XbLu3rvs2LXk1+UdWv05y7u1J+rnHjr4DADmO180M4/vXlZYvc1rFID3i
veiWPmc/7shyqGrq3Nmh6+QFFDKeO15+pidxT/2VWLzdO1Sn646rNtzV+Cg3J/fq
pioZPeA4ovpZ1NG0sIYzZGtkD00YzrcwgSg6FcCXknZOZmkHu/fBf/xrzW9pEOAt
mc1htdUERypYWt6CfaXke/Oz/4Qw0mPEQ3Y+W7EJ4+pByKxw1cJ+KFDdawIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHIc+Ivi51xc0ogR9qZFC6CL9JYpMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvY2h6NGktTG5YRnpTaUJIMnBrVUxvSXYwbGlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBTfKSAwQB
WJc4AwQAWNHTAwQCWNHoMA0GCSqGSIb3DQEBCwUAA4IBAQBq3Gxanj/VsA8+R0a3
wkpMq4Curpn9scX1/ezDfhCil/1LHkfbK4LWFH5GG2zpavEM6icFyGIMPLhAbJJV
B+ozG/jsXiIJdsY4kwNZ7Z5+gb9aOPmhT26q2fv6/G0+dsih+Oc8faJNys00HukM
lkUV3KQ5rsCn/ArTkfn8x6lBdTlKogLnvhhSJN4+7UexdsP4GFtV1dEpGWtPu14G
GmqJXLgDO7Q3q2PmXuk+aRrnkp3AR0LiGPG9zzvLS9wD26T6w43HCaXP19zZAwYA
RIjoAFJC5XNvjdp+TayuzYk6jjciClSu/tCjSFDOA/aQi2bFuN8LX2mWq9WMEp8E
j/6U
-----END CERTIFICATE-----
Generated at Thu Aug 1 14:00:10 2024 by rpki-client on console-fra.rpki-client.org