Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/MwJ8jwZFDqFf4sgirCwylKscX9k.roa
File: MwJ8jwZFDqFf4sgirCwylKscX9k.roa (raw, json)
Hash identifier: tnydfo9xieNgAlauiFTHGMT/afJJGhtjqJfH3kwEAhY=
Subject key identifier: 33:02:7C:8F:06:45:0E:A1:5F:E2:C8:22:AC:2C:32:94:AB:1C:5F:D9
Certificate issuer: /CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
Certificate serial: 01950413840DA1D1FEBD0A9D65605D56DDFC
Authority key identifier: AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/MwJ8jwZFDqFf4sgirCwylKscX9k.roa
Signing time: Fri 14 Feb 2025 10:49:02 +0000
ROA not before: Fri 14 Feb 2025 10:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3326
IP address blocks: 77.120.6.0/24 maxlen: 24
77.120.8.0/24 maxlen: 24
77.120.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Feb 2025 08:22:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:04:13:84:0d:a1:d1:fe:bd:0a:9d:65:60:5d:56:dd:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
Validity
Not Before: Feb 14 10:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33027c8f06450ea15fe2c822ac2c3294ab1c5fd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:21:d9:57:8a:92:b6:e3:95:3e:75:f3:41:18:
6e:db:c2:ce:e9:ce:dc:f9:36:ce:2e:b1:a7:8c:5b:
2a:b2:a9:a3:60:22:00:ce:73:61:8b:9f:a3:07:58:
60:28:33:32:0c:1e:7e:ab:7b:27:d6:fb:16:9f:1e:
02:01:c7:e4:c5:a9:41:31:60:c0:95:bf:2b:d1:bc:
e5:05:0f:48:b5:25:77:bb:68:1a:68:03:d1:09:16:
97:51:f8:98:9e:4e:f5:15:30:c1:5c:03:02:53:82:
2c:68:e5:fa:7c:fd:6f:6f:49:ac:85:e2:30:51:c2:
04:c5:27:6c:a1:ef:e4:12:87:fe:2b:4f:88:df:8d:
33:9f:5f:b4:a8:f7:67:6d:58:ce:96:42:14:e5:28:
5d:60:90:c8:6d:c8:47:48:e5:4c:ff:b4:28:c8:b6:
b9:49:f1:ce:d5:59:e3:19:f1:7d:57:32:aa:56:2d:
74:20:38:fe:90:6d:9d:98:64:6a:72:29:11:1d:08:
95:a7:80:1a:dd:47:03:59:ec:41:a7:df:7a:ce:d2:
04:b5:d4:3d:e5:1b:34:d9:98:59:70:eb:dd:d0:e8:
dd:b3:75:31:85:32:a1:1c:86:50:16:7d:87:97:ea:
a0:ce:3d:4b:6a:c1:82:a4:cc:5a:19:a5:ff:8c:9b:
ab:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:02:7C:8F:06:45:0E:A1:5F:E2:C8:22:AC:2C:32:94:AB:1C:5F:D9
X509v3 Authority Key Identifier:
keyid:AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/MwJ8jwZFDqFf4sgirCwylKscX9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/rV7aCh50ecTKeP5BxY0X6dE7Z6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.120.6.0/24
77.120.8.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:36:71:e1:93:4e:e3:b1:64:ae:dd:69:61:07:9f:d6:d8:bb:
b4:55:9e:03:09:cd:02:27:e8:e0:39:ff:2a:4d:49:80:99:3f:
34:28:30:60:a6:59:7c:4a:ca:60:f4:c5:74:68:6e:24:14:ca:
cf:bc:16:0f:ee:de:7a:a9:fe:4a:d6:7c:76:57:3c:c4:ab:83:
38:a5:3c:3b:b6:fb:45:32:ff:82:57:a9:bc:22:39:7d:67:ca:
40:8b:18:81:a8:aa:85:29:50:12:1d:bb:e1:7a:11:ad:88:89:
12:13:00:fb:6a:ab:f3:c9:fb:59:88:a5:fb:cb:c3:c6:6c:b1:
80:6e:58:91:8e:99:f1:aa:29:03:7e:ec:da:cb:c7:48:48:fd:
37:96:84:98:dd:68:02:09:7e:11:ba:bc:af:e0:6b:e2:50:dc:
b5:dc:c5:96:7e:f2:50:57:fe:ac:54:3f:81:d1:f1:e5:0c:48:
91:a1:7e:44:48:8c:f9:1b:a6:76:86:d1:82:26:13:bd:17:a0:
b2:30:21:01:ae:b5:7a:dd:2f:20:41:d8:11:18:9e:93:3f:e9:
4b:f2:cb:a4:92:22:9a:d6:d5:a3:6e:4b:6d:62:3f:cd:f2:a0:
61:10:05:64:0a:da:91:44:87:a2:6a:4d:35:8a:db:50:fb:4c:
3a:f7:b9:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUEE4QNodH+vQqdZWBdVt38MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNWVkYTBhMWU3NDc5YzRjYTc4ZmU0MWM1OGQxN2U5ZDEz
YjY3YWEwHhcNMjUwMjE0MTA0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzAyN2M4ZjA2NDUwZWExNWZlMmM4MjJhYzJjMzI5NGFiMWM1ZmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4CHZV4qStuOVPnXzQRhu28LO6c7c
+TbOLrGnjFsqsqmjYCIAznNhi5+jB1hgKDMyDB5+q3sn1vsWnx4CAcfkxalBMWDA
lb8r0bzlBQ9ItSV3u2gaaAPRCRaXUfiYnk71FTDBXAMCU4IsaOX6fP1vb0msheIw
UcIExSdsoe/kEof+K0+I340zn1+0qPdnbVjOlkIU5ShdYJDIbchHSOVM/7QoyLa5
SfHO1VnjGfF9VzKqVi10IDj+kG2dmGRqcikRHQiVp4Aa3UcDWexBp996ztIEtdQ9
5Rs02ZhZcOvd0Ojds3UxhTKhHIZQFn2Hl+qgzj1LasGCpMxaGaX/jJurPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDMCfI8GRQ6hX+LIIqwsMpSrHF/ZMB8GA1UdIwQY
MBaAFK1e2goedHnEynj+QcWNF+nRO2eqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclY3YUNoNTBlY1RLZVA1QnhZMFg2ZEU3WjZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9mZWJiMTgtZTc4YS00ZDEyLTgwYTIt
OTQ0Y2U3ZWViMTU0LzEvTXdKOGp3WkZEcUZmNHNnaXJDd3lsS3NjWDlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9mZWJiMTgtZTc4YS00ZDEyLTgwYTItOTQ0Y2U3ZWViMTU0
LzEvclY3YUNoNTBlY1RLZVA1QnhZMFg2ZEU3WjZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATXgGAwQB
TXgIMA0GCSqGSIb3DQEBCwUAA4IBAQBKNnHhk07jsWSu3WlhB5/W2Lu0VZ4DCc0C
J+jgOf8qTUmAmT80KDBgpll8Sspg9MV0aG4kFMrPvBYP7t56qf5K1nx2VzzEq4M4
pTw7tvtFMv+CV6m8Ijl9Z8pAixiBqKqFKVASHbvhehGtiIkSEwD7aqvzyftZiKX7
y8PGbLGAbliRjpnxqikDfuzay8dISP03loSY3WgCCX4Ruryv4GviUNy13MWWfvJQ
V/6sVD+B0fHlDEiRoX5ESIz5G6Z2htGCJhO9F6CyMCEBrrV63S8gQdgRGJ6TP+lL
8sukkiKa1tWjbkttYj/N8qBhEAVkCtqRRIeiak01ittQ+0w697nX
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:48:48 2025 by rpki-client