Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/bDwnkF0bPaLyyl1lXufMlc7HDZk.roa
File: bDwnkF0bPaLyyl1lXufMlc7HDZk.roa (raw, json)
Hash identifier: NmO6UbemuNyFeSsYTEV2LxoqpZmgcO4o4clGaD0QhX0=
Subject key identifier: 6C:3C:27:90:5D:1B:3D:A2:F2:CA:5D:65:5E:E7:CC:95:CE:C7:0D:99
Certificate issuer: /CN=29993007c7c92df6178e7cb43183fd7f52a526d8
Certificate serial: 0194503AB25B587E9D6BB63BDACF5C2C69FF
Authority key identifier: 29:99:30:07:C7:C9:2D:F6:17:8E:7C:B4:31:83:FD:7F:52:A5:26:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/bDwnkF0bPaLyyl1lXufMlc7HDZk.roa
Signing time: Fri 10 Jan 2025 12:40:11 +0000
ROA not before: Fri 10 Jan 2025 12:40:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12735
IP address blocks: 37.77.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 19:27:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:50:3a:b2:5b:58:7e:9d:6b:b6:3b:da:cf:5c:2c:69:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29993007c7c92df6178e7cb43183fd7f52a526d8
Validity
Not Before: Jan 10 12:40:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c3c27905d1b3da2f2ca5d655ee7cc95cec70d99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f3:64:cb:0a:b5:98:25:6d:56:d1:58:fa:17:
e5:92:20:27:c2:44:a8:16:c2:d3:47:ba:d7:fb:94:
d7:5a:11:b0:0a:93:01:18:a1:5f:73:72:ca:ea:4c:
9b:4e:f0:0c:bb:2f:fc:b1:b6:91:64:dd:b2:fc:34:
a5:36:d9:0d:eb:aa:18:54:f1:05:6a:07:f9:ae:c0:
bd:08:79:89:01:fa:b4:46:5f:0f:b9:d5:d4:7c:c4:
74:90:7b:28:28:70:41:61:72:48:86:44:d2:9f:a8:
84:a2:df:79:7e:61:e5:29:ba:87:ce:8e:c9:32:d0:
81:fa:30:b1:86:47:6d:53:9f:b0:d3:77:78:1f:f0:
c3:57:92:1a:d0:e6:ee:ff:a7:ec:bf:66:6f:26:18:
77:e2:55:1b:7e:fe:83:0b:88:6c:ac:ab:b0:79:06:
c6:44:09:6b:b7:0f:6b:13:cf:86:15:8d:1b:db:30:
90:42:14:5b:54:13:f0:f1:76:3f:59:f4:88:10:7c:
49:f9:f3:b2:f5:85:6c:f8:c6:78:55:c8:d1:0e:f8:
67:96:ff:e2:93:e5:ef:fe:ff:b0:97:97:e2:26:51:
e0:37:ef:7a:9e:60:5c:46:d7:70:4c:f6:34:63:d6:
23:dc:09:60:2c:49:de:b2:2f:da:67:02:65:ef:68:
9f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:3C:27:90:5D:1B:3D:A2:F2:CA:5D:65:5E:E7:CC:95:CE:C7:0D:99
X509v3 Authority Key Identifier:
keyid:29:99:30:07:C7:C9:2D:F6:17:8E:7C:B4:31:83:FD:7F:52:A5:26:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/bDwnkF0bPaLyyl1lXufMlc7HDZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.28.0/24
Signature Algorithm: sha256WithRSAEncryption
31:39:bf:5c:a8:7d:0b:9a:11:d2:de:5e:15:13:95:36:b4:04:
89:0d:97:a4:16:55:1e:4e:6e:45:90:31:01:58:75:ab:45:b5:
64:56:67:e6:73:e9:a8:5b:f2:87:0e:1b:13:2a:d6:eb:89:41:
59:2d:d8:aa:41:9f:ce:43:e2:50:08:21:62:cf:f7:4e:c4:5c:
eb:e1:7f:01:35:0c:0f:6d:e8:80:0a:f8:37:df:a7:d6:25:af:
47:ba:d2:8c:87:e2:9b:90:dd:d6:92:ec:40:85:cd:f3:93:2c:
86:04:5e:56:2d:32:65:47:6b:54:49:cd:f3:c6:31:a8:35:a1:
53:4e:97:1a:85:b0:47:56:0c:a3:bc:c4:35:d8:4c:4f:48:c3:
1e:9e:12:a8:f3:8f:32:d3:03:23:11:38:50:61:c0:50:05:66:
24:b6:e8:d8:a7:1e:01:9d:76:4d:cd:7f:dc:df:2f:f1:05:ae:
ad:bd:6b:58:e4:52:57:a4:44:7b:71:47:44:23:a7:1f:3e:88:
f9:a6:6e:7d:7c:25:07:b2:c9:95:27:2c:06:5a:a9:e6:90:9e:
ae:d9:74:c7:13:77:07:a2:f8:3a:b6:3d:a9:36:25:ee:c5:04:
fe:c5:9d:2e:29:91:a3:b1:85:93:a6:da:96:97:cf:49:fb:8a:
d7:70:17:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRQOrJbWH6da7Y72s9cLGn/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OTkzMDA3YzdjOTJkZjYxNzhlN2NiNDMxODNmZDdmNTJh
NTI2ZDgwHhcNMjUwMTEwMTI0MDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzNjMjc5MDVkMWIzZGEyZjJjYTVkNjU1ZWU3Y2M5NWNlYzcwZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPNkywq1mCVtVtFY+hflkiAnwkSo
FsLTR7rX+5TXWhGwCpMBGKFfc3LK6kybTvAMuy/8sbaRZN2y/DSlNtkN66oYVPEF
agf5rsC9CHmJAfq0Rl8PudXUfMR0kHsoKHBBYXJIhkTSn6iEot95fmHlKbqHzo7J
MtCB+jCxhkdtU5+w03d4H/DDV5Ia0Obu/6fsv2ZvJhh34lUbfv6DC4hsrKuweQbG
RAlrtw9rE8+GFY0b2zCQQhRbVBPw8XY/WfSIEHxJ+fOy9YVs+MZ4VcjRDvhnlv/i
k+Xv/v+wl5fiJlHgN+96nmBcRtdwTPY0Y9Yj3AlgLEnesi/aZwJl72ifSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGw8J5BdGz2i8spdZV7nzJXOxw2ZMB8GA1UdIwQY
MBaAFCmZMAfHyS32F458tDGD/X9SpSbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kYzliNmYtM2E2ZC00NDlmLThiODkt
MWU4MjlmZmExYzNhLzEvYkR3bmtGMGJQYUx5eWwxbFh1Zk1sYzdIRFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kYzliNmYtM2E2ZC00NDlmLThiODktMWU4MjlmZmExYzNh
LzEvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJU0cMA0G
CSqGSIb3DQEBCwUAA4IBAQAxOb9cqH0LmhHS3l4VE5U2tASJDZekFlUeTm5FkDEB
WHWrRbVkVmfmc+moW/KHDhsTKtbriUFZLdiqQZ/OQ+JQCCFiz/dOxFzr4X8BNQwP
beiACvg336fWJa9HutKMh+KbkN3WkuxAhc3zkyyGBF5WLTJlR2tUSc3zxjGoNaFT
TpcahbBHVgyjvMQ12ExPSMMenhKo848y0wMjEThQYcBQBWYktujYpx4BnXZNzX/c
3y/xBa6tvWtY5FJXpER7cUdEI6cfPoj5pm59fCUHssmVJywGWqnmkJ6u2XTHE3cH
ovg6tj2pNiXuxQT+xZ0uKZGjsYWTptqWl89J+4rXcBe6
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:52:10 2025 by rpki-client