Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/dhN5lNSbkja2pQee4RN5U5wEFQ0.roa
File: dhN5lNSbkja2pQee4RN5U5wEFQ0.roa (raw, json)
Hash identifier: wuZEl0vOwgjX4/0PsXy8lW5/K87lFSLUJP6sNloCdkU=
Subject key identifier: 76:13:79:94:D4:9B:92:36:B6:A5:07:9E:E1:13:79:53:9C:04:15:0D
Certificate issuer: /CN=dcb65a90ed3cf4ae0452554ee34b92a8476dcf10
Certificate serial: 0193606852B226A2443626A181E4DE52C9F2
Authority key identifier: DC:B6:5A:90:ED:3C:F4:AE:04:52:55:4E:E3:4B:92:A8:47:6D:CF:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/dhN5lNSbkja2pQee4RN5U5wEFQ0.roa
Signing time: Sun 24 Nov 2024 23:01:09 +0000
ROA not before: Sun 24 Nov 2024 23:01:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201031
IP address blocks: 37.77.64.0/24 maxlen: 24
37.77.65.0/24 maxlen: 24
37.77.68.0/24 maxlen: 24
37.77.69.0/24 maxlen: 24
37.77.70.0/24 maxlen: 24
37.77.71.0/24 maxlen: 24
185.217.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Nov 2024 10:40:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:60:68:52:b2:26:a2:44:36:26:a1:81:e4:de:52:c9:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcb65a90ed3cf4ae0452554ee34b92a8476dcf10
Validity
Not Before: Nov 24 23:01:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76137994d49b9236b6a5079ee11379539c04150d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:22:81:e7:54:c4:32:7d:ed:5f:eb:ff:81:7a:
3e:b0:7a:6e:3e:f1:f2:6b:96:1b:49:86:67:43:bc:
4b:d6:44:fd:88:d1:cf:68:28:87:3f:66:aa:e8:71:
72:39:ee:57:6f:b6:6a:d6:20:af:51:39:85:54:4a:
49:5f:8f:d0:30:7e:51:23:9a:8c:43:0c:72:0c:43:
a3:f4:8b:58:89:21:87:85:98:13:c6:9a:99:34:2f:
12:8d:8d:9c:5e:ec:66:84:e6:18:48:db:26:d9:82:
a9:6a:7a:53:68:6b:8c:1f:1c:ae:73:91:6a:b7:ec:
5b:20:74:2b:e5:f6:29:f9:9e:dc:03:df:02:ca:e1:
7c:da:7b:93:db:b9:a3:9f:65:b4:63:f6:c9:cc:2d:
bb:1e:4a:30:63:34:92:14:5f:73:d3:18:96:d7:3f:
b5:97:7d:a9:00:15:7b:d3:03:a1:01:d5:2c:22:79:
cd:40:8d:d3:1f:b0:dc:d5:5d:51:d3:53:0c:a7:de:
e0:27:7c:55:3c:3a:f2:46:c0:64:62:15:fb:cd:ab:
50:87:24:23:da:44:77:bb:0d:48:00:bd:db:c3:90:
a6:0c:71:61:07:78:4a:06:22:b3:98:7c:38:c6:99:
9a:ed:40:3f:d2:66:40:aa:a2:67:48:3b:db:2c:42:
3e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:13:79:94:D4:9B:92:36:B6:A5:07:9E:E1:13:79:53:9C:04:15:0D
X509v3 Authority Key Identifier:
keyid:DC:B6:5A:90:ED:3C:F4:AE:04:52:55:4E:E3:4B:92:A8:47:6D:CF:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/dhN5lNSbkja2pQee4RN5U5wEFQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/3LZakO089K4EUlVO40uSqEdtzxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.64.0/23
37.77.68.0/22
185.217.90.0/24
Signature Algorithm: sha256WithRSAEncryption
29:c6:ce:fa:6c:2a:3b:89:d0:fe:fe:f3:88:74:55:e4:17:55:
f9:e1:7e:be:3e:51:ff:bd:96:ab:8f:f8:1a:c6:e6:0e:85:fd:
e3:9f:ce:7d:12:db:30:88:f0:ee:af:20:82:33:ff:d5:ae:cb:
a1:8b:5e:37:44:39:1e:0b:7a:5b:38:7b:d4:d4:5c:0b:a3:f5:
0a:3c:64:ab:0d:65:82:53:6e:ae:04:55:58:f2:79:8f:b4:18:
bc:58:09:43:5c:e5:54:cd:d9:df:73:20:4e:cd:d4:b0:bc:81:
dd:cb:f4:e2:e1:07:4e:14:a2:14:41:ec:4f:4e:2d:e6:87:e2:
34:42:db:c7:03:bd:69:f8:0a:ec:8c:7b:38:20:f8:ca:c8:35:
8e:e6:ab:c3:04:e6:17:2f:e5:bf:28:69:49:20:d4:e6:24:96:
a7:59:81:5a:f3:1a:e7:20:a2:02:c3:43:74:d6:c6:a3:76:21:
0f:cb:6b:d4:c9:b3:e2:8d:79:1c:12:ac:a7:87:f9:16:e9:03:
99:77:e2:11:a7:d6:32:4c:14:93:3d:62:39:ea:40:15:29:43:
25:a1:f9:29:98:a6:35:eb:d8:6d:14:71:a1:6f:81:c8:8d:8f:
df:d6:6b:ea:2c:29:26:70:58:ea:06:39:0e:b3:e0:2b:fc:ba:
9e:57:f9:fd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZNgaFKyJqJENiahgeTeUsnyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYjY1YTkwZWQzY2Y0YWUwNDUyNTU0ZWUzNGI5MmE4NDc2
ZGNmMTAwHhcNMjQxMTI0MjMwMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjEzNzk5NGQ0OWI5MjM2YjZhNTA3OWVlMTEzNzk1MzljMDQxNTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCKB51TEMn3tX+v/gXo+sHpuPvHy
a5YbSYZnQ7xL1kT9iNHPaCiHP2aq6HFyOe5Xb7Zq1iCvUTmFVEpJX4/QMH5RI5qM
QwxyDEOj9ItYiSGHhZgTxpqZNC8SjY2cXuxmhOYYSNsm2YKpanpTaGuMHxyuc5Fq
t+xbIHQr5fYp+Z7cA98CyuF82nuT27mjn2W0Y/bJzC27HkowYzSSFF9z0xiW1z+1
l32pABV70wOhAdUsInnNQI3TH7Dc1V1R01MMp97gJ3xVPDryRsBkYhX7zatQhyQj
2kR3uw1IAL3bw5CmDHFhB3hKBiKzmHw4xpma7UA/0mZAqqJnSDvbLEI+dQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHYTeZTUm5I2tqUHnuETeVOcBBUNMB8GA1UdIwQY
MBaAFNy2WpDtPPSuBFJVTuNLkqhHbc8QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0xaYWtPMDg5SzRFVWxWTzQwdVNxRWR0enhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wOTIwMGUtOTk5ZC00YjQ1LWE3NDEt
ODVhOTU1ZjIxNjNiLzEvZGhONWxOU2JramEycFFlZTRSTjVVNXdFRlEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wOTIwMGUtOTk5ZC00YjQ1LWE3NDEtODVhOTU1ZjIxNjNi
LzEvM0xaYWtPMDg5SzRFVWxWTzQwdVNxRWR0enhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBJU1AAwQC
JU1EAwQAudlaMA0GCSqGSIb3DQEBCwUAA4IBAQApxs76bCo7idD+/vOIdFXkF1X5
4X6+PlH/vZarj/gaxuYOhf3jn859EtswiPDuryCCM//Vrsuhi143RDkeC3pbOHvU
1FwLo/UKPGSrDWWCU26uBFVY8nmPtBi8WAlDXOVUzdnfcyBOzdSwvIHdy/Ti4QdO
FKIUQexPTi3mh+I0QtvHA71p+ArsjHs4IPjKyDWO5qvDBOYXL+W/KGlJINTmJJan
WYFa8xrnIKICw0N01sajdiEPy2vUybPijXkcEqynh/kW6QOZd+IRp9YyTBSTPWI5
6kAVKUMlofkpmKY169htFHGhb4HIjY/f1mvqLCkmcFjqBjkOs+Ar/LqeV/n9
-----END CERTIFICATE-----
Generated at Tue Nov 26 12:57:07 2024 by rpki-client on console-ams.rpki-client.org