Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zd4E2QnJmdnGsQN68IAAp3zH9Qs.roa
File: zd4E2QnJmdnGsQN68IAAp3zH9Qs.roa (raw, json)
Hash identifier: sk6G0M8mW20248kEKZQHByu3lTm9zGOuGiCuMtcvEc0=
Subject key identifier: CD:DE:04:D9:09:C9:99:D9:C6:B1:03:7A:F0:80:00:A7:7C:C7:F5:0B
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018E52118B8EC5E44E71251F103A4A6A5772
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zd4E2QnJmdnGsQN68IAAp3zH9Qs.roa
Signing time: Mon 18 Mar 2024 14:57:45 +0000
ROA not before: Mon 18 Mar 2024 14:57:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215998
IP address blocks: 77.242.153.0/24 maxlen: 24
77.242.155.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Mar 2024 07:45:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:52:11:8b:8e:c5:e4:4e:71:25:1f:10:3a:4a:6a:57:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 18 14:57:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cdde04d909c999d9c6b1037af08000a77cc7f50b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ca:21:e2:45:a2:02:65:b4:eb:7c:10:dd:c9:
cc:63:d5:73:f1:6b:f2:04:e0:5a:17:71:fd:c1:49:
c0:ab:95:a8:b3:4f:2f:85:a5:a3:e3:06:0d:25:a5:
bf:16:d7:27:e2:d4:79:41:8d:2f:0e:9d:31:f7:01:
1c:2f:43:80:f7:fd:96:27:f4:82:03:06:b5:e8:71:
26:57:d4:ff:2d:1b:b6:23:27:46:2c:7e:70:b3:de:
5c:08:1c:de:a6:e0:b6:17:73:29:85:62:1b:ef:cd:
31:5e:eb:6b:51:68:73:5c:23:a0:b0:45:36:a7:15:
df:f4:bf:6e:d8:82:3f:b5:fc:54:b2:4f:4b:d6:06:
30:1f:a8:e6:ab:82:7c:50:bb:10:62:0d:86:d6:fb:
71:54:9a:2f:5c:34:f0:42:2d:b3:e7:20:48:cf:34:
0b:e1:3f:7d:57:08:b6:e8:1c:b1:9d:df:b0:d8:cc:
6e:00:86:e9:8c:42:6c:e7:25:ad:bb:70:4b:ec:8c:
79:cc:81:63:be:40:c9:dc:48:ed:1f:ec:8d:24:c4:
8d:24:da:4d:99:77:92:54:63:65:30:4f:8e:32:86:
10:7c:5b:3e:23:a3:ec:9c:19:82:70:16:94:8a:fc:
ea:4b:1c:de:b9:f2:9d:7c:23:2f:c0:a9:6a:e6:eb:
ad:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:DE:04:D9:09:C9:99:D9:C6:B1:03:7A:F0:80:00:A7:7C:C7:F5:0B
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zd4E2QnJmdnGsQN68IAAp3zH9Qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.153.0/24
77.242.155.0/24
83.137.156.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:ab:db:29:ea:08:a4:39:e3:a7:30:2a:e5:31:2a:4c:ab:d3:
14:0a:95:90:30:cc:bb:7c:79:cb:c1:af:ac:38:13:28:7e:6c:
87:87:98:18:6a:de:87:2c:a8:41:f0:9d:6e:e0:de:de:b9:5d:
ca:08:81:e9:a0:fe:89:86:64:17:b5:0b:0d:85:7c:38:49:0f:
79:e1:99:16:91:98:b2:a8:ff:34:5a:7a:d3:0b:d8:ba:87:35:
3e:c0:cd:c0:f4:3d:84:90:14:4b:ce:1e:d0:50:3b:97:2c:8a:
e0:73:e6:d0:f4:b5:a8:63:65:b5:df:cb:c5:76:d2:fb:77:c2:
c7:9c:af:61:82:48:33:fa:5a:83:82:66:2d:47:a4:76:53:13:
09:73:d1:53:84:39:a3:cd:9b:2f:68:58:b0:c4:91:a0:99:16:
3e:5a:5a:5f:22:03:5b:12:75:df:53:6a:77:81:13:29:e9:c4:
61:1f:60:7e:df:18:ce:df:77:87:40:7e:cd:f3:0e:17:7f:b2:
ed:6e:34:56:97:bf:4a:97:9b:1a:64:59:86:17:09:75:4a:2e:
0f:a2:64:35:f5:20:71:30:54:f2:d2:bc:0d:68:27:f1:93:43:
7c:31:1f:43:50:f0:f0:88:13:c8:37:1f:56:5e:96:38:01:5a:
54:0b:52:3e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY5SEYuOxeROcSUfEDpKaldyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMzE4MTQ1NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGRlMDRkOTA5Yzk5OWQ5YzZiMTAzN2FmMDgwMDBhNzdjYzdmNTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMoh4kWiAmW063wQ3cnMY9Vz8Wvy
BOBaF3H9wUnAq5Wos08vhaWj4wYNJaW/Ftcn4tR5QY0vDp0x9wEcL0OA9/2WJ/SC
Awa16HEmV9T/LRu2IydGLH5ws95cCBzepuC2F3MphWIb780xXutrUWhzXCOgsEU2
pxXf9L9u2II/tfxUsk9L1gYwH6jmq4J8ULsQYg2G1vtxVJovXDTwQi2z5yBIzzQL
4T99Vwi26Byxnd+w2MxuAIbpjEJs5yWtu3BL7Ix5zIFjvkDJ3EjtH+yNJMSNJNpN
mXeSVGNlME+OMoYQfFs+I6PsnBmCcBaUivzqSxzeufKdfCMvwKlq5uut8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM3eBNkJyZnZxrEDevCAAKd8x/ULMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvemQ0RTJRbkptZG5Hc1FONjhJQUFwM3pIOVFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATfKZAwQA
TfKbAwQAU4mcMA0GCSqGSIb3DQEBCwUAA4IBAQB6q9sp6gikOeOnMCrlMSpMq9MU
CpWQMMy7fHnLwa+sOBMofmyHh5gYat6HLKhB8J1u4N7euV3KCIHpoP6JhmQXtQsN
hXw4SQ954ZkWkZiyqP80WnrTC9i6hzU+wM3A9D2EkBRLzh7QUDuXLIrgc+bQ9LWo
Y2W138vFdtL7d8LHnK9hgkgz+lqDgmYtR6R2UxMJc9FThDmjzZsvaFiwxJGgmRY+
WlpfIgNbEnXfU2p3gRMp6cRhH2B+3xjO33eHQH7N8w4Xf7LtbjRWl79Kl5saZFmG
Fwl1Si4PomQ19SBxMFTy0rwNaCfxk0N8MR9DUPDwiBPINx9WXpY4AVpUC1I+
-----END CERTIFICATE-----
Generated at Wed Mar 20 11:55:10 2024 by rpki-client on console-ams.rpki-client.org