Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Ku-tVdToZONymFO44Ptc5BcoHnQ.roa
File: Ku-tVdToZONymFO44Ptc5BcoHnQ.roa (raw, json)
Hash identifier: QVCUnnbpk5y6y5DqEQOO6BK1QZEwe0tfvvZX5/SW2bk=
Subject key identifier: 2A:EF:AD:55:D4:E8:64:E3:72:98:53:B8:E0:FB:5C:E4:17:28:1E:74
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 01982DD191D6E4336E706BB11F20C49991B6
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Ku-tVdToZONymFO44Ptc5BcoHnQ.roa
Signing time: Mon 21 Jul 2025 16:29:25 +0000
ROA not before: Mon 21 Jul 2025 16:29:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211522
IP address blocks: 77.239.96.0/21 maxlen: 24
77.239.112.0/22 maxlen: 24
77.239.116.0/22 maxlen: 24
77.239.120.0/23 maxlen: 24
150.241.64.0/19 maxlen: 24
150.241.96.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Jul 2025 19:58:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2d:d1:91:d6:e4:33:6e:70:6b:b1:1f:20:c4:99:91:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jul 21 16:29:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2aefad55d4e864e3729853b8e0fb5ce417281e74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:77:51:68:82:9d:9d:5c:7e:f8:67:f2:f8:b0:
c2:18:d7:25:c1:ac:25:a4:2a:e8:f7:30:a6:7d:60:
fb:02:da:70:1a:4a:b5:76:66:83:ee:34:f9:44:59:
2d:ed:8c:ed:be:4a:85:e2:2f:bd:c0:94:f5:9c:54:
8a:da:bf:ec:75:1a:39:29:5c:01:c7:01:0e:e5:1e:
0e:3f:f3:79:d7:7b:fb:78:61:de:7a:f5:92:ed:e8:
ce:25:e6:37:5f:44:0b:f7:6a:9e:0b:08:aa:b8:5c:
1e:6a:a3:99:cf:2f:b0:a8:c5:42:ce:6a:67:0d:4d:
92:e3:1e:18:37:8e:58:85:f6:76:07:ab:6a:9d:f7:
36:35:25:4d:19:7b:cb:27:55:d3:9b:4f:66:3e:3f:
79:78:1e:37:20:99:4d:38:0e:29:4e:c3:00:17:90:
c3:e6:1c:41:31:f3:db:51:af:bb:a7:4c:51:d0:3e:
49:29:73:0b:3f:83:48:37:b0:a2:48:cf:c2:b4:67:
e6:3d:df:46:63:49:53:70:9a:db:88:f9:e4:47:dc:
62:9f:46:91:09:c0:43:25:da:ad:9a:c0:c3:b3:cd:
68:e4:db:e0:56:a5:f8:2e:73:82:04:f6:f3:c3:f0:
a3:35:ce:f8:f3:45:bc:39:bd:21:66:bb:de:38:84:
b8:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:EF:AD:55:D4:E8:64:E3:72:98:53:B8:E0:FB:5C:E4:17:28:1E:74
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Ku-tVdToZONymFO44Ptc5BcoHnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.239.96.0/21
77.239.112.0-77.239.121.255
150.241.64.0-150.241.99.255
Signature Algorithm: sha256WithRSAEncryption
57:bc:78:e5:b8:27:f8:ce:85:70:35:43:9f:0a:30:12:7b:bc:
68:d2:b5:6a:bf:7d:8a:4f:bf:e7:bc:cf:6f:1e:5b:1a:53:be:
aa:82:a4:d7:d7:19:50:da:ae:d4:05:d6:2c:b5:77:99:b7:1a:
7c:e8:4d:a7:67:f1:65:0f:a3:f3:c4:28:2c:b7:b3:75:d7:60:
b0:f2:78:69:7a:60:dd:67:0f:70:4e:b0:0b:26:24:33:60:b5:
6c:b2:71:10:18:8f:db:8d:19:96:4a:91:b2:03:87:24:d3:94:
8f:c8:f7:5d:e9:41:31:35:93:ae:04:06:57:5a:17:64:42:af:
20:f0:6d:4c:42:0f:8c:ee:81:0c:3a:61:37:e7:96:39:8e:7f:
42:23:8b:61:f6:25:43:77:66:21:80:5b:bb:df:f2:2e:61:91:
85:8a:c6:f2:af:53:37:3d:bf:89:a9:40:a7:77:9c:78:8a:b3:
ce:43:e7:8a:f0:fc:bf:cb:4e:81:55:bd:ab:e3:89:2c:68:39:
bf:36:7b:73:e1:4b:e8:e5:ed:6c:0a:70:d4:34:eb:25:e4:d9:
3f:e0:bf:39:39:31:d7:bd:49:89:1a:e9:f7:3b:e0:72:bc:e8:
df:f4:f5:14:86:c7:db:51:39:cd:a2:5e:47:4c:e5:1b:bb:3a:
10:d0:24:7f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZgt0ZHW5DNucGuxHyDEmZG2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNzIxMTYyOTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWVmYWQ1NWQ0ZTg2NGUzNzI5ODUzYjhlMGZiNWNlNDE3MjgxZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ndRaIKdnVx++Gfy+LDCGNclwawl
pCro9zCmfWD7AtpwGkq1dmaD7jT5RFkt7YztvkqF4i+9wJT1nFSK2r/sdRo5KVwB
xwEO5R4OP/N513v7eGHeevWS7ejOJeY3X0QL92qeCwiquFweaqOZzy+wqMVCzmpn
DU2S4x4YN45YhfZ2B6tqnfc2NSVNGXvLJ1XTm09mPj95eB43IJlNOA4pTsMAF5DD
5hxBMfPbUa+7p0xR0D5JKXMLP4NIN7CiSM/CtGfmPd9GY0lTcJrbiPnkR9xin0aR
CcBDJdqtmsDDs81o5NvgVqX4LnOCBPbzw/CjNc7480W8Ob0hZrveOIS4TwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCrvrVXU6GTjcphTuOD7XOQXKB50MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvS3UtdFZkVG9aT055bUZPNDRQdGM1QmNvSG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQDTe9gMAwD
BARN73ADBAFN73gwDAMEBpbxQAMEApbxYDANBgkqhkiG9w0BAQsFAAOCAQEAV7x4
5bgn+M6FcDVDnwowEnu8aNK1ar99ik+/57zPbx5bGlO+qoKk19cZUNqu1AXWLLV3
mbcafOhNp2fxZQ+j88QoLLezdddgsPJ4aXpg3WcPcE6wCyYkM2C1bLJxEBiP240Z
lkqRsgOHJNOUj8j3XelBMTWTrgQGV1oXZEKvIPBtTEIPjO6BDDphN+eWOY5/QiOL
YfYlQ3dmIYBbu9/yLmGRhYrG8q9TNz2/ialAp3eceIqzzkPnivD8v8tOgVW9q+OJ
LGg5vzZ7c+FL6OXtbApw1DTrJeTZP+C/OTkx171JiRrp9zvgcrzo3/T1FIbH21E5
zaJeR0zlG7s6ENAkfw==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:26:49 2025 by rpki-client