Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/b07e58-f93a-4d5f-b92d-6016d5c05f30/1/SFseMGJeyLzeU46_EsIrHD1Xq7M.roa
File: SFseMGJeyLzeU46_EsIrHD1Xq7M.roa (raw, json)
Hash identifier: 78hLVdERCfjw9B0gX2xcWm8YDkX6eXN4Gd0jp5WOy+Q=
Subject key identifier: 48:5B:1E:30:62:5E:C8:BC:DE:53:8E:BF:12:C2:2B:1C:3D:57:AB:B3
Certificate issuer: /CN=6107e2e2e8171d319da1bc64b36c3c985e646c2a
Certificate serial: 0194258F73AF73AF2808C292C68C4F0F00BF
Authority key identifier: 61:07:E2:E2:E8:17:1D:31:9D:A1:BC:64:B3:6C:3C:98:5E:64:6C:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YQfi4ugXHTGdobxks2w8mF5kbCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/b07e58-f93a-4d5f-b92d-6016d5c05f30/1/SFseMGJeyLzeU46_EsIrHD1Xq7M.roa
Signing time: Thu 02 Jan 2025 05:49:05 +0000
ROA not before: Thu 02 Jan 2025 05:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42868
IP address blocks: 77.245.144.0/24 maxlen: 24
77.245.145.0/24 maxlen: 24
77.245.146.0/24 maxlen: 24
77.245.147.0/24 maxlen: 24
77.245.148.0/24 maxlen: 24
77.245.149.0/24 maxlen: 24
77.245.150.0/24 maxlen: 24
77.245.151.0/24 maxlen: 24
77.245.152.0/24 maxlen: 24
77.245.153.0/24 maxlen: 24
77.245.154.0/24 maxlen: 24
77.245.155.0/24 maxlen: 24
77.245.156.0/24 maxlen: 24
77.245.157.0/24 maxlen: 24
77.245.158.0/24 maxlen: 24
77.245.159.0/24 maxlen: 24
185.87.252.0/24 maxlen: 24
185.87.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Feb 2025 19:05:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:73:af:73:af:28:08:c2:92:c6:8c:4f:0f:00:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6107e2e2e8171d319da1bc64b36c3c985e646c2a
Validity
Not Before: Jan 2 05:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=485b1e30625ec8bcde538ebf12c22b1c3d57abb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:7e:17:91:de:1d:dc:20:a4:95:2b:09:6c:2a:
65:3b:be:6a:c9:4b:f3:ee:8c:f4:e9:05:26:e3:67:
24:49:b9:19:52:87:5d:24:f2:ac:a2:e1:cf:84:6c:
d8:a4:1c:b2:7b:fc:db:e3:0b:bb:1d:b5:49:c4:0d:
b9:7b:a7:25:c1:69:7f:1b:3f:63:98:c0:ae:01:e9:
db:2b:0d:6d:1d:fc:e4:71:e9:4e:a1:74:6c:d8:11:
96:4e:81:ed:29:ca:41:cb:2e:17:1e:50:20:75:88:
76:02:a4:53:a0:1b:60:40:ec:43:45:9c:0f:ef:67:
37:a1:08:49:a2:86:d5:8c:cd:8f:62:8f:ea:0a:96:
d3:b9:a2:ac:5f:06:56:0e:db:75:ec:0b:19:29:21:
3e:c0:83:63:3d:bb:bc:e3:97:a7:04:c0:56:bb:22:
04:e9:5b:3f:42:b2:b8:05:28:36:f2:c4:e1:be:5a:
53:ee:cb:6b:69:0c:24:a2:82:93:1c:ec:54:4a:10:
01:2a:77:e0:c3:5d:8c:f5:f5:06:67:d4:4b:77:17:
55:a1:dc:11:93:1d:28:68:22:d8:c9:c5:ba:dd:ec:
da:74:1b:2d:56:ee:3c:6a:a9:ce:d8:16:5a:1d:4c:
35:b9:2b:8d:aa:e8:66:70:72:cb:13:cc:8b:5b:a6:
23:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:5B:1E:30:62:5E:C8:BC:DE:53:8E:BF:12:C2:2B:1C:3D:57:AB:B3
X509v3 Authority Key Identifier:
keyid:61:07:E2:E2:E8:17:1D:31:9D:A1:BC:64:B3:6C:3C:98:5E:64:6C:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YQfi4ugXHTGdobxks2w8mF5kbCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/b07e58-f93a-4d5f-b92d-6016d5c05f30/1/SFseMGJeyLzeU46_EsIrHD1Xq7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/b07e58-f93a-4d5f-b92d-6016d5c05f30/1/YQfi4ugXHTGdobxks2w8mF5kbCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.245.144.0/20
185.87.252.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:f4:22:05:36:c8:87:db:ec:80:cb:2a:57:8f:f9:ce:1c:d2:
b3:bf:6e:a9:ef:68:a0:80:73:75:41:62:e1:f2:a1:7a:73:cf:
13:7b:22:8c:ec:06:95:5d:2f:12:1e:a0:ee:bd:0f:10:2d:e6:
e0:96:df:9d:69:a8:38:4d:9b:5f:df:00:a5:bf:80:83:e8:9d:
bb:46:82:6f:f5:f5:43:b0:75:51:3b:6e:2c:ba:5d:d1:62:21:
e3:b3:05:a6:6d:7b:27:8b:a9:f5:d1:53:ff:d6:7f:87:13:f2:
95:b4:63:57:10:23:89:52:c3:e7:35:82:84:79:bd:db:31:f9:
96:30:54:ae:78:59:12:90:4d:be:fb:cf:45:80:07:58:37:26:
6d:95:c1:94:73:30:96:45:ef:1a:45:59:65:ea:cb:55:80:01:
d5:e3:e1:13:aa:d9:68:cf:f5:f0:5c:ae:34:e3:a8:49:f8:06:
5a:3c:a3:58:ad:0d:1b:02:c7:a6:ec:3c:4e:2a:0f:c6:87:74:
67:5d:1a:51:73:68:c0:e2:02:82:77:7d:72:fc:a1:21:3a:53:
21:22:20:e0:74:35:84:0c:dc:65:f0:cf:a1:02:f1:91:d5:77:
de:69:03:86:3e:95:2a:0d:62:5a:14:50:49:ac:7e:90:f0:4d:
b5:d9:7f:86
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlj3Ovc68oCMKSxoxPDwC/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMDdlMmUyZTgxNzFkMzE5ZGExYmM2NGIzNmMzYzk4NWU2
NDZjMmEwHhcNMjUwMTAyMDU0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODViMWUzMDYyNWVjOGJjZGU1MzhlYmYxMmMyMmIxYzNkNTdhYmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA334Xkd4d3CCklSsJbCplO75qyUvz
7oz06QUm42ckSbkZUoddJPKsouHPhGzYpByye/zb4wu7HbVJxA25e6clwWl/Gz9j
mMCuAenbKw1tHfzkcelOoXRs2BGWToHtKcpByy4XHlAgdYh2AqRToBtgQOxDRZwP
72c3oQhJoobVjM2PYo/qCpbTuaKsXwZWDtt17AsZKSE+wINjPbu845enBMBWuyIE
6Vs/QrK4BSg28sThvlpT7straQwkooKTHOxUShABKnfgw12M9fUGZ9RLdxdVodwR
kx0oaCLYycW63ezadBstVu48aqnO2BZaHUw1uSuNquhmcHLLE8yLW6Yj8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEhbHjBiXsi83lOOvxLCKxw9V6uzMB8GA1UdIwQY
MBaAFGEH4uLoFx0xnaG8ZLNsPJheZGwqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVFmaTR1Z1hIVEdkb2J4a3MydzhtRjVrYkNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9iMDdlNTgtZjkzYS00ZDVmLWI5MmQt
NjAxNmQ1YzA1ZjMwLzEvU0ZzZU1HSmV5THplVTQ2X0VzSXJIRDFYcTdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9iMDdlNTgtZjkzYS00ZDVmLWI5MmQtNjAxNmQ1YzA1ZjMw
LzEvWVFmaTR1Z1hIVEdkb2J4a3MydzhtRjVrYkNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQETfWQAwQB
uVf8MA0GCSqGSIb3DQEBCwUAA4IBAQA/9CIFNsiH2+yAyypXj/nOHNKzv26p72ig
gHN1QWLh8qF6c88TeyKM7AaVXS8SHqDuvQ8QLebglt+daag4TZtf3wClv4CD6J27
RoJv9fVDsHVRO24sul3RYiHjswWmbXsni6n10VP/1n+HE/KVtGNXECOJUsPnNYKE
eb3bMfmWMFSueFkSkE2++89FgAdYNyZtlcGUczCWRe8aRVll6stVgAHV4+ETqtlo
z/XwXK4046hJ+AZaPKNYrQ0bAsem7DxOKg/Gh3RnXRpRc2jA4gKCd31y/KEhOlMh
IiDgdDWEDNxl8M+hAvGR1XfeaQOGPpUqDWJaFFBJrH6Q8E212X+G
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:41:23 2025 by rpki-client