Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/be7894-0ccc-4fbd-880b-9758cb2b844e/1/ttMkux79dN5l4YhRttzU0DWQ-wE.roa
File: ttMkux79dN5l4YhRttzU0DWQ-wE.roa (raw, json)
Hash identifier: CdiY445fvgh1USD/wak8J4U7VuzJHrJJdsUrz/dQLBw=
Subject key identifier: B6:D3:24:BB:1E:FD:74:DE:65:E1:88:51:B6:DC:D4:D0:35:90:FB:01
Certificate issuer: /CN=8ad2930d1fe1dd430491fd7b831de9c61692ade4
Certificate serial: 01931A5BC25331046629C27B417D625039C8
Authority key identifier: 8A:D2:93:0D:1F:E1:DD:43:04:91:FD:7B:83:1D:E9:C6:16:92:AD:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itKTDR_h3UMEkf17gx3pxhaSreQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/be7894-0ccc-4fbd-880b-9758cb2b844e/1/ttMkux79dN5l4YhRttzU0DWQ-wE.roa
Signing time: Mon 11 Nov 2024 08:34:01 +0000
ROA not before: Mon 11 Nov 2024 08:34:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199276
IP address blocks: 77.247.88.0/24 maxlen: 24
77.247.89.0/24 maxlen: 24
77.247.90.0/24 maxlen: 24
77.247.91.0/24 maxlen: 24
77.247.92.0/24 maxlen: 24
77.247.93.0/24 maxlen: 24
77.247.94.0/24 maxlen: 24
77.247.95.0/24 maxlen: 24
2a13:bc00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1a:5b:c2:53:31:04:66:29:c2:7b:41:7d:62:50:39:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad2930d1fe1dd430491fd7b831de9c61692ade4
Validity
Not Before: Nov 11 08:34:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6d324bb1efd74de65e18851b6dcd4d03590fb01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7b:7d:a8:ce:29:6b:f8:dd:01:5c:fa:77:d0:
4f:21:90:e7:8b:bb:b3:27:83:09:89:36:f3:b7:c1:
b9:c0:59:85:2d:b8:5a:8e:ec:dd:3e:48:f6:94:11:
b3:d7:f5:ea:69:39:70:55:22:6c:99:38:f7:2d:20:
b6:5a:1c:b8:e3:8e:8c:2f:35:4f:2d:d7:06:76:d8:
ec:04:b5:eb:35:bc:e6:41:a7:48:3c:77:ae:47:29:
95:2f:ee:84:2b:f5:80:81:74:21:1b:a6:26:0f:95:
f8:8f:d7:88:b9:d1:27:41:2a:dc:11:21:1b:59:0a:
ec:02:50:27:e1:c0:0c:a8:e9:93:b7:7c:36:7a:5d:
cd:75:c5:32:7c:7d:a1:80:ae:67:97:fa:f8:aa:77:
38:0f:18:90:a6:82:8c:1a:19:d8:16:97:84:35:99:
aa:51:a7:b9:96:c5:e4:56:93:88:3a:96:f1:8f:0e:
dc:f7:df:95:c6:42:2c:9d:55:f1:79:ae:c7:11:59:
23:23:6c:78:6a:4f:68:09:7f:02:27:ea:79:63:79:
eb:f3:75:b9:cf:55:ac:4f:6c:df:09:ea:9f:34:33:
f1:2e:33:7e:d6:8c:56:34:1d:31:fd:d4:64:ee:09:
a9:f2:c5:de:61:13:ce:f6:a9:e1:84:b1:52:da:50:
47:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:D3:24:BB:1E:FD:74:DE:65:E1:88:51:B6:DC:D4:D0:35:90:FB:01
X509v3 Authority Key Identifier:
keyid:8A:D2:93:0D:1F:E1:DD:43:04:91:FD:7B:83:1D:E9:C6:16:92:AD:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itKTDR_h3UMEkf17gx3pxhaSreQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/be7894-0ccc-4fbd-880b-9758cb2b844e/1/ttMkux79dN5l4YhRttzU0DWQ-wE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/be7894-0ccc-4fbd-880b-9758cb2b844e/1/itKTDR_h3UMEkf17gx3pxhaSreQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.247.88.0/21
IPv6:
2a13:bc00::/29
Signature Algorithm: sha256WithRSAEncryption
8b:b3:d8:36:65:3c:8f:0e:a2:58:47:20:a9:0f:29:a4:6f:58:
d4:39:81:e5:da:2d:ca:57:ef:fa:3e:1e:9f:03:00:17:62:78:
85:66:1b:b9:07:13:6d:b5:44:1b:2c:a7:a2:1b:60:67:b6:51:
52:e4:81:c5:c1:52:94:9f:00:e9:4b:bb:b3:58:32:b7:af:6c:
22:e8:de:30:f8:da:be:c2:f9:f7:8a:d5:a4:d2:6b:80:b8:eb:
5d:57:0e:6f:d7:7a:99:35:d6:c2:d3:0e:1e:d9:e3:23:a9:cf:
c1:f1:d4:88:9c:ff:45:56:91:cf:ae:74:88:19:94:30:87:01:
c2:23:7d:96:5f:12:57:80:ba:5a:f0:22:5b:e5:6d:c0:c9:a6:
2e:8e:05:12:95:8f:61:2b:29:9c:b5:0b:7b:f5:47:0a:80:ee:
f0:db:fb:8e:02:ec:ed:ab:ab:70:d4:15:2d:df:be:e6:da:1b:
ad:b8:22:63:ee:a5:6e:81:8d:74:a5:d4:cf:65:16:d0:f3:3b:
30:53:59:e9:1b:2d:a3:b2:a1:b6:3c:d4:22:22:b0:00:35:57:
ed:ad:0a:ed:ef:b2:a3:a3:c6:75:7f:06:f9:0f:cf:c9:58:5b:
f6:c9:ec:b3:95:a7:2c:a4:75:38:02:05:ae:9b:b0:fe:f5:6e:
5d:5c:21:24
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZMaW8JTMQRmKcJ7QX1iUDnIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDI5MzBkMWZlMWRkNDMwNDkxZmQ3YjgzMWRlOWM2MTY5
MmFkZTQwHhcNMjQxMTExMDgzNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmQzMjRiYjFlZmQ3NGRlNjVlMTg4NTFiNmRjZDRkMDM1OTBmYjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHt9qM4pa/jdAVz6d9BPIZDni7uz
J4MJiTbzt8G5wFmFLbhajuzdPkj2lBGz1/XqaTlwVSJsmTj3LSC2Why4446MLzVP
LdcGdtjsBLXrNbzmQadIPHeuRymVL+6EK/WAgXQhG6YmD5X4j9eIudEnQSrcESEb
WQrsAlAn4cAMqOmTt3w2el3NdcUyfH2hgK5nl/r4qnc4DxiQpoKMGhnYFpeENZmq
Uae5lsXkVpOIOpbxjw7c99+VxkIsnVXxea7HEVkjI2x4ak9oCX8CJ+p5Y3nr83W5
z1WsT2zfCeqfNDPxLjN+1oxWNB0x/dRk7gmp8sXeYRPO9qnhhLFS2lBH5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLbTJLse/XTeZeGIUbbc1NA1kPsBMB8GA1UdIwQY
MBaAFIrSkw0f4d1DBJH9e4Md6cYWkq3kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRLVERSX2gzVU1Fa2YxN2d4M3B4aGFTcmVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9iZTc4OTQtMGNjYy00ZmJkLTg4MGIt
OTc1OGNiMmI4NDRlLzEvdHRNa3V4NzlkTjVsNFloUnR0elUwRFdRLXdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9iZTc4OTQtMGNjYy00ZmJkLTg4MGItOTc1OGNiMmI4NDRl
LzEvaXRLVERSX2gzVU1Fa2YxN2d4M3B4aGFTcmVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDTfdYMA0E
AgACMAcDBQMqE7wAMA0GCSqGSIb3DQEBCwUAA4IBAQCLs9g2ZTyPDqJYRyCpDymk
b1jUOYHl2i3KV+/6Ph6fAwAXYniFZhu5BxNttUQbLKeiG2BntlFS5IHFwVKUnwDp
S7uzWDK3r2wi6N4w+Nq+wvn3itWk0muAuOtdVw5v13qZNdbC0w4e2eMjqc/B8dSI
nP9FVpHPrnSIGZQwhwHCI32WXxJXgLpa8CJb5W3AyaYujgUSlY9hKymctQt79UcK
gO7w2/uOAuztq6tw1BUt377m2hutuCJj7qVugY10pdTPZRbQ8zswU1npGy2jsqG2
PNQiIrAANVftrQrt77Kjo8Z1fwb5D8/JWFv2yeyzlacspHU4AgWum7D+9W5dXCEk
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:32:50 2025 by rpki-client