Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/O2R8GxbQ6evN1w1iZSKGRDoVtbw.roa
File: O2R8GxbQ6evN1w1iZSKGRDoVtbw.roa (raw, json)
Hash identifier: 9cXIYH0OSpY62HtITW0BH8bsUYxpxsOwT4uXIPV8pIA=
Subject key identifier: 3B:64:7C:1B:16:D0:E9:EB:CD:D7:0D:62:65:22:86:44:3A:15:B5:BC
Certificate issuer: /CN=4eca105ce4af6c21cd429e992d06ea7d06d8a56d
Certificate serial: 0193651402366D814BFB681D80C0C5AB7443
Authority key identifier: 4E:CA:10:5C:E4:AF:6C:21:CD:42:9E:99:2D:06:EA:7D:06:D8:A5:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/O2R8GxbQ6evN1w1iZSKGRDoVtbw.roa
Signing time: Mon 25 Nov 2024 20:47:10 +0000
ROA not before: Mon 25 Nov 2024 20:47:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50181
IP address blocks: 77.74.204.0/22 maxlen: 22
88.132.224.0/20 maxlen: 20
88.132.240.0/22 maxlen: 22
109.110.128.0/19 maxlen: 19
185.45.196.0/22 maxlen: 22
2a01:7d60::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:65:14:02:36:6d:81:4b:fb:68:1d:80:c0:c5:ab:74:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4eca105ce4af6c21cd429e992d06ea7d06d8a56d
Validity
Not Before: Nov 25 20:47:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b647c1b16d0e9ebcdd70d62652286443a15b5bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7c:b5:bb:c8:b1:a2:1e:c1:e4:16:a9:8a:1b:
4f:76:d4:d8:d3:0e:d2:34:e0:3a:ed:ae:f4:ba:be:
75:47:8a:62:7e:c5:65:e6:3e:56:b3:59:33:e8:9b:
d7:85:5d:dd:cc:81:34:b0:8d:62:a8:10:d1:67:be:
0b:ea:7a:cb:64:f7:3f:96:8b:4a:1a:0e:d9:ae:09:
33:6d:de:b4:03:35:1a:de:46:d2:0c:3b:fa:10:3f:
7d:41:a0:0b:99:db:7f:5e:2f:78:5e:bb:33:7e:55:
c1:4d:d2:2d:01:13:73:bf:7e:9e:49:9b:9f:e9:0d:
f2:05:0f:3a:ac:9b:55:22:8a:05:74:89:55:8c:e6:
e6:51:45:18:f3:80:75:df:5d:05:35:ef:42:ad:db:
b8:52:e2:04:16:51:66:5a:73:e5:ae:77:a2:c8:b1:
ae:27:4f:cf:69:95:32:c4:55:3b:32:df:53:f1:2e:
34:ad:8c:64:bc:dd:8a:fa:a5:3d:63:93:4f:d5:88:
ae:34:14:3b:56:fe:01:f0:10:ae:6e:2c:c3:34:54:
54:9e:89:38:b4:ce:25:06:ef:1d:06:42:e0:7d:ad:
5f:81:5c:2f:59:9a:3f:61:7f:b9:18:be:96:b1:a3:
41:41:d0:73:60:0b:57:b9:9b:39:e5:d7:9b:46:c3:
4e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:64:7C:1B:16:D0:E9:EB:CD:D7:0D:62:65:22:86:44:3A:15:B5:BC
X509v3 Authority Key Identifier:
keyid:4E:CA:10:5C:E4:AF:6C:21:CD:42:9E:99:2D:06:EA:7D:06:D8:A5:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/O2R8GxbQ6evN1w1iZSKGRDoVtbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.204.0/22
88.132.224.0-88.132.243.255
109.110.128.0/19
185.45.196.0/22
IPv6:
2a01:7d60::/32
Signature Algorithm: sha256WithRSAEncryption
2e:29:04:5c:0a:bb:16:b4:21:de:d0:4f:ea:e0:84:9b:da:09:
77:2a:65:8a:ed:1f:54:70:33:c6:4e:8d:44:e5:1e:ae:2f:32:
5b:bd:0d:21:78:2d:8e:ff:c2:bf:12:6c:81:6e:7c:ae:ab:f2:
11:79:44:3b:08:60:8d:e6:26:fb:c2:2a:6a:cf:66:19:23:f7:
78:8b:f4:79:55:1b:1b:2a:f7:dc:6e:43:44:8d:a8:11:e0:e3:
22:92:64:d7:6f:a3:de:f5:a8:d8:f4:ac:24:cf:44:6f:70:7e:
0f:ce:ea:9a:8f:83:04:ee:a8:b6:68:d5:a6:8b:ee:80:34:70:
29:1c:36:87:a8:cb:8b:8f:af:c0:2e:bf:ac:67:4a:59:0e:f5:
c0:8e:b7:f2:8f:93:c3:6b:ab:57:6c:6e:38:01:62:dd:65:9d:
ed:18:9b:b5:a8:6f:8f:78:28:17:85:dd:60:07:96:e2:88:d5:
a6:b4:db:d7:2c:fc:b4:14:47:c1:ca:70:8d:04:1a:9a:34:4e:
14:25:f7:a8:af:ff:6c:b3:29:fa:83:e4:77:57:a5:8c:65:0d:
42:5e:fa:8b:82:08:f4:5c:43:fc:cc:33:90:cb:1a:55:53:4e:
3f:4e:a3:17:de:79:c3:41:a1:90:7a:7f:52:57:03:7a:95:18:
09:a9:aa:d2
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZNlFAI2bYFL+2gdgMDFq3RDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlY2ExMDVjZTRhZjZjMjFjZDQyOWU5OTJkMDZlYTdkMDZk
OGE1NmQwHhcNMjQxMTI1MjA0NzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjY0N2MxYjE2ZDBlOWViY2RkNzBkNjI2NTIyODY0NDNhMTViNWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlny1u8ixoh7B5BapihtPdtTY0w7S
NOA67a70ur51R4pifsVl5j5Ws1kz6JvXhV3dzIE0sI1iqBDRZ74L6nrLZPc/lotK
Gg7Zrgkzbd60AzUa3kbSDDv6ED99QaALmdt/Xi94XrszflXBTdItARNzv36eSZuf
6Q3yBQ86rJtVIooFdIlVjObmUUUY84B1310FNe9Crdu4UuIEFlFmWnPlrneiyLGu
J0/PaZUyxFU7Mt9T8S40rYxkvN2K+qU9Y5NP1YiuNBQ7Vv4B8BCubizDNFRUnok4
tM4lBu8dBkLgfa1fgVwvWZo/YX+5GL6WsaNBQdBzYAtXuZs55debRsNOVQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFDtkfBsW0OnrzdcNYmUihkQ6FbW8MB8GA1UdIwQY
MBaAFE7KEFzkr2whzUKemS0G6n0G2KVtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHNvUVhPU3ZiQ0hOUXA2WkxRYnFmUWJZcFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9jM2E4NWQtOWQwYi00NTYyLTkyMzgt
NDZlZTBjZDdmY2JhLzEvTzJSOEd4YlE2ZXZOMXcxaVpTS0dSRG9WdGJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9jM2E4NWQtOWQwYi00NTYyLTkyMzgtNDZlZTBjZDdmY2Jh
LzEvVHNvUVhPU3ZiQ0hOUXA2WkxRYnFmUWJZcFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQCTUrMMAwD
BAVYhOADBAJYhPADBAVtboADBAK5LcQwDQQCAAIwBwMFACoBfWAwDQYJKoZIhvcN
AQELBQADggEBAC4pBFwKuxa0Id7QT+rghJvaCXcqZYrtH1RwM8ZOjUTlHq4vMlu9
DSF4LY7/wr8SbIFufK6r8hF5RDsIYI3mJvvCKmrPZhkj93iL9HlVGxsq99xuQ0SN
qBHg4yKSZNdvo971qNj0rCTPRG9wfg/O6pqPgwTuqLZo1aaL7oA0cCkcNoeoy4uP
r8Auv6xnSlkO9cCOt/KPk8Nrq1dsbjgBYt1lne0Ym7Wob494KBeF3WAHluKI1aa0
29cs/LQUR8HKcI0EGpo0ThQl96iv/2yzKfqD5HdXpYxlDUJe+ouCCPRcQ/zMM5DL
GlVTTj9OoxfeecNBoZB6f1JXA3qVGAmpqtI=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:15:47 2025 by rpki-client