Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/6f4940-5abc-49b4-9747-e08be0edaf76/1/77j9ZX3aBA3339AAyB4y2eJyDnk.roa
File: 77j9ZX3aBA3339AAyB4y2eJyDnk.roa (raw, json)
Hash identifier: UAcyWdmtUTJJlMdZGOscnO+Jm5MGaFmfLLVr2/2vMHc=
Subject key identifier: EF:B8:FD:65:7D:DA:04:0D:F7:DF:D0:00:C8:1E:32:D9:E2:72:0E:79
Certificate issuer: /CN=9b340699c8ed970a8c9ed8c162088f2067c33250
Certificate serial: 01956635D9B7DFAC26F06D878563FC0FA03D
Authority key identifier: 9B:34:06:99:C8:ED:97:0A:8C:9E:D8:C1:62:08:8F:20:67:C3:32:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mzQGmcjtlwqMntjBYgiPIGfDMlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/6f4940-5abc-49b4-9747-e08be0edaf76/1/77j9ZX3aBA3339AAyB4y2eJyDnk.roa
Signing time: Wed 05 Mar 2025 12:09:19 +0000
ROA not before: Wed 05 Mar 2025 12:09:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43905
IP address blocks: 93.91.96.0/21 maxlen: 21
93.91.104.0/21 maxlen: 21
185.85.130.0/23 maxlen: 23
213.234.64.0/18 maxlen: 18
Validation: Failed, certificate revoked on Fri 07 Mar 2025 09:13:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:66:35:d9:b7:df:ac:26:f0:6d:87:85:63:fc:0f:a0:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b340699c8ed970a8c9ed8c162088f2067c33250
Validity
Not Before: Mar 5 12:09:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=efb8fd657dda040df7dfd000c81e32d9e2720e79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f9:2c:3a:2c:c3:82:2d:f0:39:73:75:64:68:
4d:9d:f3:b3:d1:1f:eb:ad:7c:99:89:7a:76:12:40:
55:1d:6a:6c:0f:2e:29:71:b0:78:ea:46:4b:37:55:
38:a6:12:66:e0:d6:05:ff:f1:42:24:80:6d:1f:78:
4e:34:bb:07:56:56:c3:b4:13:ef:f1:e8:5c:ea:8b:
3b:bd:47:1c:4c:5a:31:65:d0:7f:0a:18:17:bd:ad:
e6:c5:89:a9:63:34:91:d5:54:66:91:24:d6:f6:27:
42:89:7c:06:47:af:fb:10:12:f6:ad:c2:f8:d6:a5:
06:eb:85:da:68:6f:0f:85:17:b9:53:7a:cc:9a:dc:
e5:10:36:30:53:ca:49:cc:db:f9:fe:fc:2a:11:f4:
47:07:2e:4f:3d:9e:cb:29:ab:4c:8d:05:10:01:67:
14:6d:09:dd:ba:40:88:6d:8a:e1:1e:df:15:6c:ac:
8f:60:d2:69:0e:79:d4:2f:71:24:c2:82:82:8c:13:
10:26:4c:b4:83:ca:7c:0e:3c:6a:76:d2:43:58:81:
1d:03:b8:28:dd:4f:6f:91:03:55:c1:91:20:86:1c:
43:f7:a8:24:d4:0b:3c:f3:70:e8:68:6e:ec:b5:ac:
64:f7:9b:b2:de:97:b7:d5:ae:84:11:99:fe:12:a8:
3f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:B8:FD:65:7D:DA:04:0D:F7:DF:D0:00:C8:1E:32:D9:E2:72:0E:79
X509v3 Authority Key Identifier:
keyid:9B:34:06:99:C8:ED:97:0A:8C:9E:D8:C1:62:08:8F:20:67:C3:32:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mzQGmcjtlwqMntjBYgiPIGfDMlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/6f4940-5abc-49b4-9747-e08be0edaf76/1/77j9ZX3aBA3339AAyB4y2eJyDnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/6f4940-5abc-49b4-9747-e08be0edaf76/1/mzQGmcjtlwqMntjBYgiPIGfDMlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.91.96.0/20
185.85.130.0/23
213.234.64.0/18
Signature Algorithm: sha256WithRSAEncryption
74:75:9f:72:7c:43:9f:d7:e7:ea:1f:08:8b:d7:f9:63:3b:2d:
b9:1d:ea:e1:60:9a:8e:ee:55:0b:60:fd:bd:73:d6:40:93:93:
1e:81:01:3d:c6:39:ce:5a:b3:58:aa:0b:1d:04:99:7c:79:72:
ed:a4:9f:81:a1:a3:e0:0c:b1:6a:4f:3e:1a:d4:4b:fe:87:a7:
46:0c:0f:e4:71:99:c6:f5:ea:a2:57:ed:8d:5a:82:a8:ed:cb:
72:1c:da:60:03:c5:70:e3:3d:96:50:f3:fc:7c:02:cf:f6:10:
ab:17:7f:25:13:2a:a1:7c:b8:2a:03:d6:69:e2:31:3c:60:77:
1d:80:8c:a1:81:a4:fb:0e:e8:05:8e:f8:f7:df:8b:72:a7:2e:
c2:cf:87:a1:32:38:3b:b2:2b:75:94:56:88:fc:7b:af:b8:7b:
72:8a:8a:54:c2:23:78:57:b1:a4:5e:3f:0e:c1:90:55:6c:e3:
d0:09:7d:ca:cc:00:f0:92:5e:f4:23:7f:94:a0:ba:56:9e:3d:
66:4b:91:b6:60:14:98:16:a7:e7:1a:c4:d7:17:c4:42:89:55:
63:b4:9c:66:3c:19:69:75:cb:d7:67:f4:66:e7:42:95:0f:3d:
56:3c:e8:d7:0b:35:41:41:9c:86:a6:47:47:d9:d6:4b:d7:37:
c6:ff:bd:ac
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVmNdm336wm8G2HhWP8D6A9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMzQwNjk5YzhlZDk3MGE4YzllZDhjMTYyMDg4ZjIwNjdj
MzMyNTAwHhcNMjUwMzA1MTIwOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmI4ZmQ2NTdkZGEwNDBkZjdkZmQwMDBjODFlMzJkOWUyNzIwZTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfksOizDgi3wOXN1ZGhNnfOz0R/r
rXyZiXp2EkBVHWpsDy4pcbB46kZLN1U4phJm4NYF//FCJIBtH3hONLsHVlbDtBPv
8ehc6os7vUccTFoxZdB/ChgXva3mxYmpYzSR1VRmkSTW9idCiXwGR6/7EBL2rcL4
1qUG64XaaG8PhRe5U3rMmtzlEDYwU8pJzNv5/vwqEfRHBy5PPZ7LKatMjQUQAWcU
bQndukCIbYrhHt8VbKyPYNJpDnnUL3EkwoKCjBMQJky0g8p8DjxqdtJDWIEdA7go
3U9vkQNVwZEghhxD96gk1As883DoaG7staxk95uy3pe31a6EEZn+Eqg/RQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO+4/WV92gQN99/QAMgeMtnicg55MB8GA1UdIwQY
MBaAFJs0BpnI7ZcKjJ7YwWIIjyBnwzJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXpRR21janRsd3FNbnRqQllnaVBJR2ZETWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82ZjQ5NDAtNWFiYy00OWI0LTk3NDct
ZTA4YmUwZWRhZjc2LzEvNzdqOVpYM2FCQTMzMzlBQXlCNHkyZUp5RG5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82ZjQ5NDAtNWFiYy00OWI0LTk3NDctZTA4YmUwZWRhZjc2
LzEvbXpRR21janRsd3FNbnRqQllnaVBJR2ZETWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEXVtgAwQB
uVWCAwQG1epAMA0GCSqGSIb3DQEBCwUAA4IBAQB0dZ9yfEOf1+fqHwiL1/ljOy25
HerhYJqO7lULYP29c9ZAk5MegQE9xjnOWrNYqgsdBJl8eXLtpJ+BoaPgDLFqTz4a
1Ev+h6dGDA/kcZnG9eqiV+2NWoKo7ctyHNpgA8Vw4z2WUPP8fALP9hCrF38lEyqh
fLgqA9Zp4jE8YHcdgIyhgaT7DugFjvj334typy7Cz4ehMjg7sit1lFaI/HuvuHty
iopUwiN4V7GkXj8OwZBVbOPQCX3KzADwkl70I3+UoLpWnj1mS5G2YBSYFqfnGsTX
F8RCiVVjtJxmPBlpdcvXZ/Rm50KVDz1WPOjXCzVBQZyGpkdH2dZL1zfG/72s
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:49:17 2025 by rpki-client