Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/kTOZzoejhZTR3E7lcmuvLQYtlwc.roa
File: kTOZzoejhZTR3E7lcmuvLQYtlwc.roa (raw, json)
Hash identifier: gbxbOrNYrwBdTCW5sBkUroG0zxGUMtlmkmi559xA/ZQ=
Subject key identifier: 91:33:99:CE:87:A3:85:94:D1:DC:4E:E5:72:6B:AF:2D:06:2D:97:07
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018659703BD6D961E22AA37D92C774053B6D
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/kTOZzoejhZTR3E7lcmuvLQYtlwc.roa
Signing time: Thu 16 Feb 2023 08:56:12 +0000
ROA not before: Thu 16 Feb 2023 08:56:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 77.242.150.0/24 maxlen: 24
77.242.149.0/24 maxlen: 24
88.151.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Apr 2023 07:28:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:59:70:3b:d6:d9:61:e2:2a:a3:7d:92:c7:74:05:3b:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 16 08:56:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=913399ce87a38594d1dc4ee5726baf2d062d9707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:69:b4:5d:db:9e:b3:3d:ba:02:5c:43:bf:0e:
b5:68:e9:a3:46:4c:bd:27:fc:1d:eb:22:d4:69:e4:
39:e2:79:38:03:f3:09:24:55:45:5c:6c:b8:f7:1a:
8b:aa:e3:8f:2b:72:a4:c0:e5:4b:5c:f2:79:02:bc:
97:ec:50:e6:a0:47:d2:cc:12:bf:cc:55:56:e0:61:
1a:85:7e:f1:ad:dc:ae:c7:ef:56:0e:d5:b3:3d:8c:
a7:c8:16:6e:cf:af:36:17:3f:12:26:89:c7:59:41:
bc:81:3a:a4:89:f0:a2:10:30:3b:24:f5:69:f5:da:
68:e9:0e:31:58:19:07:2f:89:a4:22:dc:0d:c6:17:
f0:2f:46:d5:31:cb:e4:7b:af:17:42:7b:6b:45:38:
4b:3c:19:bc:5e:1b:ff:35:ff:39:61:59:79:8b:f1:
c6:98:5d:9a:14:10:ce:37:81:95:02:16:27:4e:7b:
8a:79:ae:41:5d:af:55:81:e6:75:b5:73:61:60:87:
4d:02:57:e2:06:da:18:e4:88:82:ab:0a:e3:3c:bc:
a5:de:e3:62:fa:27:b9:58:0e:dc:ad:12:3f:76:a5:
6b:0f:e7:d2:93:6e:98:e0:f8:d2:97:14:a0:cb:f8:
a4:1a:27:b9:7e:6c:a8:8a:f3:c6:3c:2d:56:fa:10:
33:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:33:99:CE:87:A3:85:94:D1:DC:4E:E5:72:6B:AF:2D:06:2D:97:07
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/kTOZzoejhZTR3E7lcmuvLQYtlwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.149.0-77.242.150.255
88.151.61.0/24
Signature Algorithm: sha256WithRSAEncryption
37:2d:1f:70:e0:2a:de:88:03:54:02:91:fc:37:f7:f6:c3:02:
33:f4:cd:73:dc:10:74:aa:ff:d5:43:7a:50:ee:26:06:1c:44:
b3:ad:28:17:54:24:14:4f:b7:ac:38:98:c8:08:4a:78:3a:ce:
aa:1f:93:e4:a7:91:08:c5:7a:a4:84:c2:3e:5b:84:0c:ae:41:
38:2c:28:9a:5c:26:3a:aa:e1:d1:b9:68:ea:41:cb:fd:ed:11:
c3:ac:46:a0:d5:52:5d:00:bb:5f:f6:e0:fb:d5:61:93:f0:ea:
2d:c1:c5:ba:4e:f5:46:c8:46:5c:09:9f:2f:b7:68:ee:17:4c:
9f:5e:84:ff:02:e8:fa:a0:ac:ab:70:d6:9c:d4:07:b2:a6:00:
b2:e0:63:db:92:73:1d:99:df:d7:5f:45:cd:75:3d:ce:60:44:
e2:bd:17:0b:83:65:e2:e0:2f:e6:69:fd:fa:e9:c2:86:34:76:
08:b2:50:b0:b3:12:e7:8c:6e:b7:27:dd:e7:58:7c:90:92:39:
fc:40:8c:07:aa:ec:5e:3b:8c:25:93:40:b2:88:b1:22:32:6b:
7c:37:ed:ce:e5:80:a4:d4:00:95:c1:b5:f2:c5:1d:2f:20:f0:
f8:7e:89:c7:f3:ee:aa:d3:61:ff:80:30:07:b3:19:6a:d3:3a:
b6:fc:ce:ff
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYZZcDvW2WHiKqN9ksd0BTttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMjE2MDg1NjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTMzOTljZTg3YTM4NTk0ZDFkYzRlZTU3MjZiYWYyZDA2MmQ5NzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmm0Xduesz26AlxDvw61aOmjRky9
J/wd6yLUaeQ54nk4A/MJJFVFXGy49xqLquOPK3KkwOVLXPJ5AryX7FDmoEfSzBK/
zFVW4GEahX7xrdyux+9WDtWzPYynyBZuz682Fz8SJonHWUG8gTqkifCiEDA7JPVp
9dpo6Q4xWBkHL4mkItwNxhfwL0bVMcvke68XQntrRThLPBm8Xhv/Nf85YVl5i/HG
mF2aFBDON4GVAhYnTnuKea5BXa9VgeZ1tXNhYIdNAlfiBtoY5IiCqwrjPLyl3uNi
+ie5WA7crRI/dqVrD+fSk26Y4PjSlxSgy/ikGie5fmyoivPGPC1W+hAzNwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJEzmc6Ho4WU0dxO5XJrry0GLZcHMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEva1RPWnpvZWpoWlRSM0U3bGNtdXZMUVl0bHdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABN8pUD
BABN8pYDBABYlz0wDQYJKoZIhvcNAQELBQADggEBADctH3DgKt6IA1QCkfw39/bD
AjP0zXPcEHSq/9VDelDuJgYcRLOtKBdUJBRPt6w4mMgISng6zqofk+SnkQjFeqSE
wj5bhAyuQTgsKJpcJjqq4dG5aOpBy/3tEcOsRqDVUl0Au1/24PvVYZPw6i3BxbpO
9UbIRlwJny+3aO4XTJ9ehP8C6PqgrKtw1pzUB7KmALLgY9uScx2Z39dfRc11Pc5g
ROK9FwuDZeLgL+Zp/frpwoY0dgiyULCzEueMbrcn3edYfJCSOfxAjAeq7F47jCWT
QLKIsSIya3w37c7lgKTUAJXBtfLFHS8g8Ph+icfz7qrTYf+AMAezGWrTOrb8zv8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org