Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/8la_1TMtnyggYinS83KpFjNSKUw.roa
File: 8la_1TMtnyggYinS83KpFjNSKUw.roa (raw, json)
Hash identifier: yV570/9j6UK9dRKbZKN16TsmZdptxhYLqMbQajBZmrw=
Subject key identifier: F2:56:BF:D5:33:2D:9F:28:20:62:29:D2:F3:72:A9:16:33:52:29:4C
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 0193931643CE0C805334170DF0B2FC26A8C4
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/8la_1TMtnyggYinS83KpFjNSKUw.roa
Signing time: Wed 04 Dec 2024 19:12:10 +0000
ROA not before: Wed 04 Dec 2024 19:12:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 77.223.192.0/21 maxlen: 21
77.223.200.0/23 maxlen: 24
79.139.64.0/23 maxlen: 24
83.142.200.0/21 maxlen: 24
94.26.110.0/23 maxlen: 24
94.101.103.0/24 maxlen: 24
176.222.48.0/22 maxlen: 24
178.216.184.0/21 maxlen: 24
198.14.16.0/20 maxlen: 24
198.145.112.0/22 maxlen: 24
205.134.244.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:93:16:43:ce:0c:80:53:34:17:0d:f0:b2:fc:26:a8:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Dec 4 19:12:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f256bfd5332d9f28206229d2f372a9163352294c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:82:67:ee:6b:b1:49:d7:56:a7:80:87:21:9d:
8d:b9:89:c5:a1:0d:17:b9:01:77:6f:9e:0c:4e:03:
6b:2b:13:44:f2:91:12:32:e8:aa:9d:96:52:52:33:
25:e2:a8:1a:ce:d2:b6:e0:c7:f7:bc:58:69:de:a0:
49:93:c9:a7:ca:49:48:e8:40:a0:6c:8e:b5:2e:59:
b8:8d:da:39:7b:49:87:98:ca:a3:5f:5d:45:2d:0d:
a7:3f:a7:45:44:70:d4:75:77:cf:eb:f9:19:a4:b6:
47:79:2f:d1:c6:67:8d:e4:50:dc:da:18:e0:37:fd:
d9:95:3b:8a:72:53:ad:cb:94:ed:13:25:23:3c:13:
0f:dc:f5:09:37:86:e5:96:16:7e:61:dc:e4:49:ee:
7a:c3:42:de:8d:9d:d6:90:25:7f:40:d0:26:99:ed:
06:5b:e4:2e:75:3d:0c:c2:4a:b3:a9:37:9b:30:ff:
70:af:d5:06:26:72:06:8c:d0:d2:7b:8e:89:28:90:
81:7c:f7:03:f6:63:85:14:66:a0:6c:fd:ef:ce:3b:
4f:30:1f:1d:3d:f5:10:ec:9f:73:fe:69:c2:92:db:
89:96:14:e8:36:56:d5:da:67:34:97:01:f7:e9:e2:
f7:b0:17:7c:d5:5b:c1:04:45:18:f5:f5:19:53:de:
cc:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:56:BF:D5:33:2D:9F:28:20:62:29:D2:F3:72:A9:16:33:52:29:4C
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/8la_1TMtnyggYinS83KpFjNSKUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.223.192.0-77.223.201.255
79.139.64.0/23
83.142.200.0/21
94.26.110.0/23
94.101.103.0/24
176.222.48.0/22
178.216.184.0/21
198.14.16.0/20
198.145.112.0/22
205.134.244.0/22
Signature Algorithm: sha256WithRSAEncryption
14:07:60:a9:5c:2f:b5:95:db:5a:14:80:69:6f:da:a1:47:19:
24:27:13:ab:ed:e1:3b:75:43:38:43:be:ba:42:fc:03:65:13:
18:39:04:14:fe:23:10:dc:c0:9e:87:01:95:46:df:65:52:51:
86:73:df:64:fd:b3:dd:af:d7:31:22:0e:16:10:26:eb:27:2c:
df:96:b4:c4:6a:c7:1f:0c:8e:b7:6b:c2:65:50:3a:3d:67:72:
7e:a1:f6:40:01:20:39:32:ad:dc:1b:c6:f9:d1:a6:4d:10:bc:
46:c8:5f:56:71:2a:a2:54:3e:46:03:b9:d0:b3:e1:e1:0c:b0:
ba:a6:24:61:39:cc:1e:25:1b:09:a9:4c:b7:99:72:9b:40:7f:
25:0c:38:43:75:a6:80:14:1d:c9:3f:5d:c0:40:83:0f:81:d4:
37:29:1c:c1:01:55:b1:eb:dd:c6:b8:8d:e6:27:3f:52:31:07:
c8:af:88:ca:17:97:e7:39:90:0c:f1:30:d6:68:0e:83:1d:8c:
b9:c9:31:0f:28:d3:96:fb:4a:62:4e:59:6d:a9:ee:04:b0:63:
1e:fc:af:0a:43:d6:8f:de:3a:77:76:ed:91:9d:96:63:9e:14:
73:93:d0:0e:d4:dc:bf:70:f0:f0:c1:c6:d1:1e:eb:a0:28:4f:
13:80:24:3f
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZOTFkPODIBTNBcN8LL8JqjEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQxMjA0MTkxMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjU2YmZkNTMzMmQ5ZjI4MjA2MjI5ZDJmMzcyYTkxNjMzNTIyOTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIJn7muxSddWp4CHIZ2NuYnFoQ0X
uQF3b54MTgNrKxNE8pESMuiqnZZSUjMl4qgaztK24Mf3vFhp3qBJk8mnyklI6ECg
bI61Llm4jdo5e0mHmMqjX11FLQ2nP6dFRHDUdXfP6/kZpLZHeS/RxmeN5FDc2hjg
N/3ZlTuKclOty5TtEyUjPBMP3PUJN4bllhZ+YdzkSe56w0LejZ3WkCV/QNAmme0G
W+QudT0MwkqzqTebMP9wr9UGJnIGjNDSe46JKJCBfPcD9mOFFGagbP3vzjtPMB8d
PfUQ7J9z/mnCktuJlhToNlbV2mc0lwH36eL3sBd81VvBBEUY9fUZU97M4QIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFPJWv9UzLZ8oIGIp0vNyqRYzUilMMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvOGxhXzFUTXRueWdnWWluUzgzS3BGak5TS1V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEMAwDBAZN38AD
BAFN38gDBAFPi0ADBANTjsgDBAFeGm4DBABeZWcDBAKw3jADBAOy2LgDBATGDhAD
BALGkXADBALNhvQwDQYJKoZIhvcNAQELBQADggEBABQHYKlcL7WV21oUgGlv2qFH
GSQnE6vt4Tt1QzhDvrpC/ANlExg5BBT+IxDcwJ6HAZVG32VSUYZz32T9s92v1zEi
DhYQJusnLN+WtMRqxx8MjrdrwmVQOj1ncn6h9kABIDkyrdwbxvnRpk0QvEbIX1Zx
KqJUPkYDudCz4eEMsLqmJGE5zB4lGwmpTLeZcptAfyUMOEN1poAUHck/XcBAgw+B
1DcpHMEBVbHr3ca4jeYnP1IxB8iviMoXl+c5kAzxMNZoDoMdjLnJMQ8o05b7SmJO
WW2p7gSwYx78rwpD1o/eOnd27ZGdlmOeFHOT0A7U3L9w8PDBxtEe66AoTxOAJD8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:02 2025 by rpki-client