Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/nNphl7b3HmJZ5oqPgR5TrzyN-cE.roa
File: nNphl7b3HmJZ5oqPgR5TrzyN-cE.roa (raw, json)
Hash identifier: OgsMqAeqEA31e5LkdmeF+eVd3qfCwibf0YOnP6E3Mvo=
Subject key identifier: 9C:DA:61:97:B6:F7:1E:62:59:E6:8A:8F:81:1E:53:AF:3C:8D:F9:C1
Certificate issuer: /CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Certificate serial: 018E0EDE1C743C78E34EF84DB6F6376ACBBA
Authority key identifier: C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/nNphl7b3HmJZ5oqPgR5TrzyN-cE.roa
Signing time: Tue 05 Mar 2024 13:47:01 +0000
ROA not before: Tue 05 Mar 2024 13:47:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47583
IP address blocks: 77.37.40.0/21 maxlen: 24
77.37.48.0/21 maxlen: 24
77.37.56.0/21 maxlen: 24
77.37.88.0/21 maxlen: 24
91.108.96.0/21 maxlen: 24
91.108.104.0/21 maxlen: 24
91.108.112.0/21 maxlen: 24
91.108.120.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Mar 2024 12:49:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:de:1c:74:3c:78:e3:4e:f8:4d:b6:f6:37:6a:cb:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Validity
Not Before: Mar 5 13:47:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9cda6197b6f71e6259e68a8f811e53af3c8df9c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ca:f9:a1:cf:f9:f5:a6:99:9d:5b:5b:f7:2c:
d6:2a:05:4e:c4:a5:f5:22:05:91:22:85:fe:c7:0c:
15:91:47:12:78:80:48:53:ee:10:4f:ab:36:7e:ff:
e0:e2:be:42:c6:82:e8:8c:7e:86:f4:c1:ec:46:b8:
1c:44:d5:23:11:c2:75:b8:c8:f3:92:0d:f2:6d:89:
57:a0:24:62:ba:a7:0d:3d:21:f0:b9:9a:40:55:ce:
ce:c7:87:44:ff:32:3f:5d:bb:fc:2e:5d:d5:5a:3e:
66:1d:b9:50:2d:42:48:8c:dc:43:f6:e7:fc:4b:97:
a4:1e:f4:6d:96:1a:71:4a:52:f8:15:70:5b:8d:c2:
9e:48:1c:f0:9b:74:8c:d9:6b:83:53:92:ba:9b:26:
7f:9d:cc:0c:49:4a:3e:5c:ef:a9:25:16:08:15:12:
11:c9:01:4c:a3:fd:16:48:d7:08:71:d0:f0:b6:52:
63:12:50:9a:69:b6:a5:f2:74:76:32:1f:c4:71:7d:
55:3c:35:dc:17:09:ba:97:4b:09:a3:32:ff:47:f2:
fb:f2:5b:a1:69:df:38:87:61:ea:53:7c:0b:8e:32:
dc:ef:d1:d4:6b:c9:dc:a4:72:da:f8:dd:70:14:90:
b7:58:39:0e:d3:b2:8e:61:2f:21:b5:66:03:30:e3:
4d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:DA:61:97:B6:F7:1E:62:59:E6:8A:8F:81:1E:53:AF:3C:8D:F9:C1
X509v3 Authority Key Identifier:
keyid:C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/nNphl7b3HmJZ5oqPgR5TrzyN-cE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.37.40.0-77.37.63.255
77.37.88.0/21
91.108.96.0/19
Signature Algorithm: sha256WithRSAEncryption
d2:97:2f:5f:05:ca:cf:67:d3:76:45:c5:4e:ff:94:0b:7b:6f:
3e:6b:7d:e3:b3:b4:8c:fd:4f:6b:10:3d:a6:38:5b:1c:64:7d:
d7:0a:18:eb:d4:02:83:48:af:07:9a:2a:55:41:c5:a4:df:f3:
d3:42:7e:fd:9f:e3:36:a4:e3:d4:d1:e3:63:64:9b:f2:9a:0d:
c1:a4:bc:e4:9d:e0:4e:5c:b4:7a:cf:a4:70:14:b4:9e:9f:5d:
cf:fc:a4:08:72:d1:9d:5d:ae:a8:d1:fb:88:02:a7:20:76:3f:
69:be:d9:53:82:d1:79:50:39:f5:ff:76:25:4f:7e:3e:57:27:
6a:94:22:37:1f:f6:f9:e9:e9:6b:cf:a5:de:17:e5:a1:19:b1:
19:ac:92:9b:aa:57:17:92:2b:3c:4f:45:32:e3:19:01:7b:7c:
f6:aa:29:7f:cb:b6:5c:40:51:d9:e4:a9:13:5a:2b:28:9a:a0:
f5:b7:53:ce:89:98:e0:a1:e1:7c:a5:ea:78:44:13:ed:c9:60:
84:d2:3d:3e:ed:80:2a:89:b2:c4:9e:14:7e:4b:fb:fb:f0:e0:
68:6a:48:ee:b0:27:e7:6a:59:50:96:a2:a5:a0:83:93:d0:b8:
81:1f:dd:3a:6f:c9:92:fd:bc:1e:8e:da:f8:41:f9:23:74:b3:
0a:9c:3e:78
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY4O3hx0PHjjTvhNtvY3asu6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzhiYzNiZDM1MGVlZGM0ZjM3N2MyMjQ1NTZiMjUwZGE2
ZGRlNmYwHhcNMjQwMzA1MTM0NzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2RhNjE5N2I2ZjcxZTYyNTllNjhhOGY4MTFlNTNhZjNjOGRmOWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsr5oc/59aaZnVtb9yzWKgVOxKX1
IgWRIoX+xwwVkUcSeIBIU+4QT6s2fv/g4r5CxoLojH6G9MHsRrgcRNUjEcJ1uMjz
kg3ybYlXoCRiuqcNPSHwuZpAVc7Ox4dE/zI/Xbv8Ll3VWj5mHblQLUJIjNxD9uf8
S5ekHvRtlhpxSlL4FXBbjcKeSBzwm3SM2WuDU5K6myZ/ncwMSUo+XO+pJRYIFRIR
yQFMo/0WSNcIcdDwtlJjElCaabal8nR2Mh/EcX1VPDXcFwm6l0sJozL/R/L78luh
ad84h2HqU3wLjjLc79HUa8ncpHLa+N1wFJC3WDkO07KOYS8htWYDMONNXQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJzaYZe29x5iWeaKj4EeU688jfnBMB8GA1UdIwQY
MBaAFMN4vDvTUO7cTzd8IkVWslDabd5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYt
NDQxNDU1OGZkY2JiLzEvbk5waGw3YjNIbUpaNW9xUGdSNVRyenlOLWNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYtNDQxNDU1OGZkY2Ji
LzEvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBANNJSgD
BAZNJQADBANNJVgDBAVbbGAwDQYJKoZIhvcNAQELBQADggEBANKXL18Fys9n03ZF
xU7/lAt7bz5rfeOztIz9T2sQPaY4WxxkfdcKGOvUAoNIrweaKlVBxaTf89NCfv2f
4zak49TR42Nkm/KaDcGkvOSd4E5ctHrPpHAUtJ6fXc/8pAhy0Z1drqjR+4gCpyB2
P2m+2VOC0XlQOfX/diVPfj5XJ2qUIjcf9vnp6WvPpd4X5aEZsRmskpuqVxeSKzxP
RTLjGQF7fPaqKX/LtlxAUdnkqRNaKyiaoPW3U86JmOCh4Xyl6nhEE+3JYITSPT7t
gCqJssSeFH5L+/vw4GhqSO6wJ+dqWVCWoqWgg5PQuIEf3TpvyZL9vB6O2vhB+SN0
swqcPng=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:04 2024 by rpki-client on console-ams.rpki-client.org