Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/3FN8PR65lHDqaO8YmQwY7bAVT6s.roa
File: 3FN8PR65lHDqaO8YmQwY7bAVT6s.roa (raw, json)
Hash identifier: Q1DFYkx3aUlsY88DUvCzL6t0g0bZfLnx3fuBPitMmtE=
Subject key identifier: DC:53:7C:3D:1E:B9:94:70:EA:68:EF:18:99:0C:18:ED:B0:15:4F:AB
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0195040B46ABB1D3DC77922355AF45B0E1AC
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/3FN8PR65lHDqaO8YmQwY7bAVT6s.roa
Signing time: Fri 14 Feb 2025 10:40:02 +0000
ROA not before: Fri 14 Feb 2025 10:40:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 77.105.4.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
212.69.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Feb 2025 07:54:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:04:0b:46:ab:b1:d3:dc:77:92:23:55:af:45:b0:e1:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Feb 14 10:40:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc537c3d1eb99470ea68ef18990c18edb0154fab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:02:85:6d:60:2c:ae:ff:53:22:bc:6e:ef:fe:
6c:88:71:84:c6:22:bc:26:a8:30:72:e4:52:e8:02:
6a:92:51:3a:a6:66:ea:5d:ba:31:b7:e9:33:f6:5b:
8a:d2:8a:97:34:9e:50:23:16:a8:9c:33:5d:76:cb:
68:c0:58:9c:cf:02:e2:ce:b3:6b:12:7b:74:59:15:
be:ca:a8:55:ce:cd:d6:73:77:dc:bf:1e:61:9f:e5:
d2:15:ed:cd:a3:6c:1d:0d:3a:2b:8c:bd:2f:0b:64:
98:f5:14:22:14:16:cb:7a:74:81:57:d6:81:c6:f4:
b7:04:fc:0c:3e:40:6b:d0:e7:4c:06:f5:8d:d7:0d:
34:06:29:de:28:8d:01:54:db:12:61:0b:18:98:0f:
ce:bb:d7:1f:7f:d9:1e:97:a9:d9:21:ec:f7:00:ec:
d8:0b:18:c4:85:ea:fc:09:08:29:98:39:5f:f3:37:
02:e5:b9:5c:80:96:61:2b:23:45:5b:14:9b:c5:28:
19:5c:d0:29:d9:7d:1e:fa:86:e1:e9:40:1b:93:2c:
a2:45:15:fa:43:76:55:5f:5a:5c:2a:d4:1d:d6:ca:
eb:e8:3e:29:d3:9b:2b:62:7b:98:f8:00:84:84:1c:
5d:87:2a:04:37:20:e8:5e:36:99:f6:e3:aa:bd:d4:
84:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:53:7C:3D:1E:B9:94:70:EA:68:EF:18:99:0C:18:ED:B0:15:4F:AB
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/3FN8PR65lHDqaO8YmQwY7bAVT6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.4.0/24
109.121.43.0/24
185.47.91.0/24
212.69.0.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:ed:10:f5:e6:78:ea:bb:77:4c:3d:bf:63:2a:82:db:36:3f:
09:68:f4:96:c3:92:79:9c:5b:99:e5:3e:2a:c2:56:2c:c8:e8:
1b:06:3b:f6:28:a7:13:97:73:e7:c9:a1:12:23:ed:7f:c5:c8:
28:3a:65:9f:8a:2f:7d:fb:bc:0a:9d:d1:28:86:94:c3:92:3a:
de:c6:7f:39:37:2e:b8:02:5f:e9:ef:31:75:74:5a:63:58:b8:
32:ac:3b:22:f4:98:3b:e6:9f:29:ed:9d:69:08:a3:49:14:39:
3b:78:af:1a:24:b9:cf:e2:ca:1d:3d:7e:f5:5c:43:82:09:06:
5d:55:cb:dd:4f:8a:0c:4d:8d:bf:01:a2:a7:cd:24:2d:17:91:
88:10:f9:57:d5:59:ee:0a:a7:7c:51:25:84:d1:61:66:f1:ed:
2a:10:da:44:2a:1d:cb:d0:6f:19:ea:0f:d7:cc:37:cb:13:c0:
5b:0b:1e:9e:56:19:79:3b:61:b1:40:6f:79:fb:b6:f2:4a:8e:
02:cd:04:36:bc:c1:40:0c:99:aa:c9:f4:3d:e3:03:e2:7f:32:
d5:4c:84:37:5a:e3:54:b2:97:ec:5a:ea:8b:40:2b:ab:b2:40:
72:78:87:d2:4a:a9:c9:39:20:8e:40:b4:62:82:9b:54:5a:5c:
44:6a:5d:ac
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZUEC0arsdPcd5IjVa9FsOGsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjUwMjE0MTA0MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzUzN2MzZDFlYjk5NDcwZWE2OGVmMTg5OTBjMThlZGIwMTU0ZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6wKFbWAsrv9TIrxu7/5siHGExiK8
JqgwcuRS6AJqklE6pmbqXboxt+kz9luK0oqXNJ5QIxaonDNddstowFiczwLizrNr
Ent0WRW+yqhVzs3Wc3fcvx5hn+XSFe3No2wdDTorjL0vC2SY9RQiFBbLenSBV9aB
xvS3BPwMPkBr0OdMBvWN1w00BineKI0BVNsSYQsYmA/Ou9cff9kel6nZIez3AOzY
CxjEher8CQgpmDlf8zcC5blcgJZhKyNFWxSbxSgZXNAp2X0e+obh6UAbkyyiRRX6
Q3ZVX1pcKtQd1srr6D4p05srYnuY+ACEhBxdhyoENyDoXjaZ9uOqvdSEnwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNxTfD0euZRw6mjvGJkMGO2wFU+rMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvM0ZOOFBSNjVsSERxYU84WW1Rd1k3YkFWVDZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATWkEAwQA
bXkrAwQAuS9bAwQA1EUAMA0GCSqGSIb3DQEBCwUAA4IBAQAK7RD15njqu3dMPb9j
KoLbNj8JaPSWw5J5nFuZ5T4qwlYsyOgbBjv2KKcTl3PnyaESI+1/xcgoOmWfii99
+7wKndEohpTDkjrexn85Ny64Al/p7zF1dFpjWLgyrDsi9Jg75p8p7Z1pCKNJFDk7
eK8aJLnP4sodPX71XEOCCQZdVcvdT4oMTY2/AaKnzSQtF5GIEPlX1VnuCqd8USWE
0WFm8e0qENpEKh3L0G8Z6g/XzDfLE8BbCx6eVhl5O2GxQG95+7bySo4CzQQ2vMFA
DJmqyfQ94wPifzLVTIQ3WuNUspfsWuqLQCurskByeIfSSqnJOSCOQLRigptUWlxE
al2s
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:52:17 2025 by rpki-client