Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Bheap8mcaM32hW5-FLGRVQK2Peg.roa
File: Bheap8mcaM32hW5-FLGRVQK2Peg.roa (raw, json)
Hash identifier: TxP8hIZGdfo8K4LENbsKKedcrnDQeWhamA0SvteoFgM=
Subject key identifier: 06:17:9A:A7:C9:9C:68:CD:F6:85:6E:7E:14:B1:91:55:02:B6:3D:E8
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019427B54F72CD5BEBE52F4B3D0DAFB8082D
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Bheap8mcaM32hW5-FLGRVQK2Peg.roa
Signing time: Thu 02 Jan 2025 15:49:41 +0000
ROA not before: Thu 02 Jan 2025 15:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 77.105.22.0/24 maxlen: 24
109.121.0.0/19 maxlen: 24
178.219.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Feb 2025 07:54:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:4f:72:cd:5b:eb:e5:2f:4b:3d:0d:af:b8:08:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jan 2 15:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06179aa7c99c68cdf6856e7e14b1915502b63de8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:31:a8:13:60:a5:87:ec:a7:93:24:05:6c:b7:
bd:27:94:ba:d8:88:c5:9c:35:b0:e1:14:b1:de:f4:
6d:03:42:a7:81:70:22:2a:7d:b9:4e:4f:1e:c3:4b:
19:36:ac:74:a0:79:89:86:17:4d:c0:f1:8e:3c:b7:
f7:6c:a7:bc:53:89:70:e3:52:1d:1c:a4:30:f1:27:
f9:10:2a:6c:ad:9f:ff:84:30:eb:5f:0f:a4:c0:5f:
0b:52:64:9d:8e:67:10:2f:53:50:96:65:a5:8e:98:
ce:b4:3d:55:56:e1:39:51:bd:7e:55:28:16:02:0a:
b0:19:6e:71:df:c5:ed:08:d4:41:06:86:44:a5:4c:
ed:85:67:67:da:83:99:a3:5b:2b:46:d1:cf:9a:86:
56:a1:69:ca:cc:9e:30:d7:88:2a:90:5e:23:7a:f2:
4e:62:97:5f:fc:f6:43:e6:be:6d:b1:ff:9e:70:12:
0c:cb:15:7f:44:9a:a3:88:50:c9:a0:91:29:a6:43:
5b:32:da:e7:85:b3:04:d5:39:4a:71:f3:ec:17:4f:
19:e6:c7:df:87:d5:8f:21:54:54:08:e2:ae:75:33:
a5:ce:54:0d:66:ad:ee:51:9f:c1:39:c6:d5:61:e7:
73:6e:12:08:01:dd:2a:f9:a5:31:09:aa:6f:c2:eb:
98:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:17:9A:A7:C9:9C:68:CD:F6:85:6E:7E:14:B1:91:55:02:B6:3D:E8
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Bheap8mcaM32hW5-FLGRVQK2Peg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.22.0/24
109.121.0.0/19
178.219.14.0/24
Signature Algorithm: sha256WithRSAEncryption
67:99:f0:15:95:d5:ab:87:88:ff:14:2f:54:20:3c:d7:ba:64:
54:50:4a:f6:c7:dc:91:9e:ee:16:69:81:fb:dc:30:4f:f3:a5:
bc:c8:89:2c:a7:42:7c:cc:3d:7a:9e:58:ec:62:24:6d:d8:de:
24:1f:27:d1:de:54:52:22:56:f8:a4:e2:89:b0:34:cf:b8:22:
a3:a3:1d:7e:88:c0:82:62:4a:ea:0e:0e:dc:ba:5a:6c:b9:59:
35:58:d3:6c:1a:cf:c6:1d:f0:6b:f1:77:b1:8f:b8:8d:e8:26:
5e:f2:e3:67:0a:72:51:07:3e:ea:4f:07:2f:f0:f0:5d:fa:7a:
b5:27:1a:fe:a0:42:f6:eb:6f:f5:be:f7:ff:36:55:6d:3b:5c:
39:b1:fc:f5:76:a2:c0:1f:9a:56:8e:38:90:db:dc:dc:e8:95:
e9:17:3b:72:75:dd:f3:c5:ff:f8:22:f5:79:e7:04:a3:07:c2:
fc:a7:e5:9f:07:ca:87:d9:ce:2e:3e:c0:85:dc:54:81:91:f6:
3f:d9:ce:4b:11:dd:b1:bf:75:67:1f:b7:ea:90:f3:ec:30:e7:
0f:28:43:1f:a6:af:29:fa:89:07:0a:84:7d:67:a4:f4:12:79:
d3:03:8f:0d:e8:f7:b4:e4:a4:1c:34:7c:dd:a9:8c:6a:a4:7b:
1a:61:83:a9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQntU9yzVvr5S9LPQ2vuAgtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjUwMTAyMTU0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjE3OWFhN2M5OWM2OGNkZjY4NTZlN2UxNGIxOTE1NTAyYjYzZGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDGoE2Clh+ynkyQFbLe9J5S62IjF
nDWw4RSx3vRtA0KngXAiKn25Tk8ew0sZNqx0oHmJhhdNwPGOPLf3bKe8U4lw41Id
HKQw8Sf5ECpsrZ//hDDrXw+kwF8LUmSdjmcQL1NQlmWljpjOtD1VVuE5Ub1+VSgW
AgqwGW5x38XtCNRBBoZEpUzthWdn2oOZo1srRtHPmoZWoWnKzJ4w14gqkF4jevJO
Ypdf/PZD5r5tsf+ecBIMyxV/RJqjiFDJoJEppkNbMtrnhbME1TlKcfPsF08Z5sff
h9WPIVRUCOKudTOlzlQNZq3uUZ/BOcbVYedzbhIIAd0q+aUxCapvwuuYnQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAYXmqfJnGjN9oVufhSxkVUCtj3oMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvQmhlYXA4bWNhTTMyaFc1LUZMR1JWUUsyUGVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATWkWAwQF
bXkAAwQAstsOMA0GCSqGSIb3DQEBCwUAA4IBAQBnmfAVldWrh4j/FC9UIDzXumRU
UEr2x9yRnu4WaYH73DBP86W8yIksp0J8zD16nljsYiRt2N4kHyfR3lRSIlb4pOKJ
sDTPuCKjox1+iMCCYkrqDg7culpsuVk1WNNsGs/GHfBr8Xexj7iN6CZe8uNnCnJR
Bz7qTwcv8PBd+nq1Jxr+oEL262/1vvf/NlVtO1w5sfz1dqLAH5pWjjiQ29zc6JXp
Fztydd3zxf/4IvV55wSjB8L8p+WfB8qH2c4uPsCF3FSBkfY/2c5LEd2xv3VnH7fq
kPPsMOcPKEMfpq8p+okHCoR9Z6T0EnnTA48N6Pe05KQcNHzdqYxqpHsaYYOp
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:27 2025 by rpki-client