Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/9e4764-7234-4ba4-8e8a-e2754f6fb4c5/1/p0iMYZ99XG-cfvo-gVfT7L_xtyw.roa
File: p0iMYZ99XG-cfvo-gVfT7L_xtyw.roa (raw, json)
Hash identifier: toDdPDgiybXrsnjMmNZj+9eTW3kqyTpe7xgYTs0MH+A=
Subject key identifier: A7:48:8C:61:9F:7D:5C:6F:9C:7E:FA:3E:81:57:D3:EC:BF:F1:B7:2C
Certificate issuer: /CN=8efcc976ef90383ace7f0b4e09e4d819ed0d9b5e
Certificate serial: 018CC7274AD0AAF3AC3124406EE58E140A7D
Authority key identifier: 8E:FC:C9:76:EF:90:38:3A:CE:7F:0B:4E:09:E4:D8:19:ED:0D:9B:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jvzJdu-QODrOfwtOCeTYGe0Nm14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/9e4764-7234-4ba4-8e8a-e2754f6fb4c5/1/p0iMYZ99XG-cfvo-gVfT7L_xtyw.roa
Signing time: Mon 01 Jan 2024 22:31:30 +0000
ROA not before: Mon 01 Jan 2024 22:31:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43420
IP address blocks: 109.196.224.0/20 maxlen: 20
77.87.216.0/21 maxlen: 21
193.46.68.0/24 maxlen: 24
85.202.32.0/20 maxlen: 20
185.129.76.0/22 maxlen: 22
109.95.168.0/21 maxlen: 21
2a03:9c60::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:4a:d0:aa:f3:ac:31:24:40:6e:e5:8e:14:0a:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8efcc976ef90383ace7f0b4e09e4d819ed0d9b5e
Validity
Not Before: Jan 1 22:31:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7488c619f7d5c6f9c7efa3e8157d3ecbff1b72c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:78:88:42:e5:29:cb:a4:98:a0:83:c9:b7:a1:
41:28:ad:e9:4d:0e:80:03:1d:a7:36:27:25:29:b3:
61:c9:44:b1:95:6c:eb:43:07:6e:c5:55:ed:4b:49:
e8:46:e3:bd:71:53:bb:db:1b:17:64:7d:31:69:36:
b7:9b:8e:38:76:41:22:e9:b2:bf:e4:fb:a2:42:03:
4c:6f:21:c9:61:30:fb:53:4c:11:8c:18:ac:45:e1:
ca:02:21:e9:37:98:a7:8b:63:93:d2:e8:af:94:50:
68:ea:4b:26:aa:d9:ac:0e:73:4a:bd:b5:ce:7f:71:
71:59:1b:57:1c:91:3a:b5:b7:45:65:dd:44:07:6d:
f5:a3:4a:ea:ab:df:85:b0:7b:fd:f3:46:98:3e:0a:
57:33:32:3b:c9:4a:01:a5:8b:c5:15:16:b0:b1:28:
42:b8:32:64:86:d8:f3:b8:3c:81:d6:04:9d:a1:f5:
0a:ad:23:c1:29:10:8a:1c:54:db:5b:da:2c:0d:be:
55:f1:5a:1c:84:61:f4:c8:51:bb:4b:1f:35:5b:9a:
0b:3f:65:dd:aa:1e:0f:03:80:22:eb:87:b2:0c:88:
55:9a:a5:f4:11:e2:cf:21:55:52:7d:a0:59:df:bf:
30:7c:a4:fa:a2:37:39:38:89:fe:a1:78:8f:7a:46:
aa:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:48:8C:61:9F:7D:5C:6F:9C:7E:FA:3E:81:57:D3:EC:BF:F1:B7:2C
X509v3 Authority Key Identifier:
keyid:8E:FC:C9:76:EF:90:38:3A:CE:7F:0B:4E:09:E4:D8:19:ED:0D:9B:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jvzJdu-QODrOfwtOCeTYGe0Nm14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/9e4764-7234-4ba4-8e8a-e2754f6fb4c5/1/p0iMYZ99XG-cfvo-gVfT7L_xtyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/9e4764-7234-4ba4-8e8a-e2754f6fb4c5/1/jvzJdu-QODrOfwtOCeTYGe0Nm14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.216.0/21
85.202.32.0/20
109.95.168.0/21
109.196.224.0/20
185.129.76.0/22
193.46.68.0/24
IPv6:
2a03:9c60::/32
Signature Algorithm: sha256WithRSAEncryption
58:a9:17:db:a7:1b:21:ed:5d:be:7c:16:fe:95:fe:d9:4a:5c:
96:f0:8b:be:eb:2d:46:c8:8c:21:9a:e3:49:a3:c5:3d:5d:18:
72:ec:19:b6:5e:cc:a8:c7:eb:e1:eb:38:89:0f:98:be:29:4e:
82:5c:fe:1c:bb:fb:df:12:07:d0:4a:81:b5:7d:05:1e:86:4f:
8c:36:63:64:1d:9a:88:d2:cb:b0:9a:10:73:0b:b2:29:b5:ec:
69:43:f7:99:68:d6:07:e2:8e:f9:08:c4:fa:17:ea:0b:50:14:
27:07:29:fd:92:bf:c9:6a:cd:ba:c4:e8:61:c1:c3:d1:69:2e:
5d:a4:67:1e:d6:ba:f8:03:15:23:b2:e0:d6:58:ed:f8:f3:99:
5e:dc:39:45:20:17:4f:86:02:bf:3e:7f:6d:35:89:66:74:77:
92:3d:ab:88:40:bd:be:91:e8:6f:e2:b0:ec:59:5a:9b:65:26:
9d:63:48:08:17:d9:75:cc:88:6b:22:49:f0:25:7e:21:b0:24:
04:bd:cc:7e:41:32:c6:fb:0d:f5:ba:e6:c2:77:2b:1b:1a:45:
35:58:41:7c:2f:9b:a7:b7:d8:43:ae:6e:a9:2f:22:55:12:ab:
3b:41:fc:e4:a0:1e:b4:80:ad:de:70:9e:cf:30:fa:56:1e:c9:
a7:ad:22:50
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzHJ0rQqvOsMSRAbuWOFAp9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZmNjOTc2ZWY5MDM4M2FjZTdmMGI0ZTA5ZTRkODE5ZWQw
ZDliNWUwHhcNMjQwMTAxMjIzMTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzQ4OGM2MTlmN2Q1YzZmOWM3ZWZhM2U4MTU3ZDNlY2JmZjFiNzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmniIQuUpy6SYoIPJt6FBKK3pTQ6A
Ax2nNiclKbNhyUSxlWzrQwduxVXtS0noRuO9cVO72xsXZH0xaTa3m444dkEi6bK/
5PuiQgNMbyHJYTD7U0wRjBisReHKAiHpN5ini2OT0uivlFBo6ksmqtmsDnNKvbXO
f3FxWRtXHJE6tbdFZd1EB231o0rqq9+FsHv980aYPgpXMzI7yUoBpYvFFRawsShC
uDJkhtjzuDyB1gSdofUKrSPBKRCKHFTbW9osDb5V8VochGH0yFG7Sx81W5oLP2Xd
qh4PA4Ai64eyDIhVmqX0EeLPIVVSfaBZ378wfKT6ojc5OIn+oXiPekaqlwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFKdIjGGffVxvnH76PoFX0+y/8bcsMB8GA1UdIwQY
MBaAFI78yXbvkDg6zn8LTgnk2BntDZteMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanZ6SmR1LVFPRHJPZnd0T0NlVFlHZTBObTE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni85ZTQ3NjQtNzIzNC00YmE0LThlOGEt
ZTI3NTRmNmZiNGM1LzEvcDBpTVlaOTlYRy1jZnZvLWdWZlQ3TF94dHl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni85ZTQ3NjQtNzIzNC00YmE0LThlOGEtZTI3NTRmNmZiNGM1
LzEvanZ6SmR1LVFPRHJPZnd0T0NlVFlHZTBObTE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDTVfYAwQE
VcogAwQDbV+oAwQEbcTgAwQCuYFMAwQAwS5EMA0EAgACMAcDBQAqA5xgMA0GCSqG
SIb3DQEBCwUAA4IBAQBYqRfbpxsh7V2+fBb+lf7ZSlyW8Iu+6y1GyIwhmuNJo8U9
XRhy7Bm2Xsyox+vh6ziJD5i+KU6CXP4cu/vfEgfQSoG1fQUehk+MNmNkHZqI0suw
mhBzC7IptexpQ/eZaNYH4o75CMT6F+oLUBQnByn9kr/Jas26xOhhwcPRaS5dpGce
1rr4AxUjsuDWWO3485le3DlFIBdPhgK/Pn9tNYlmdHeSPauIQL2+kehv4rDsWVqb
ZSadY0gIF9l1zIhrIknwJX4hsCQEvcx+QTLG+w31uubCdysbGkU1WEF8L5unt9hD
rm6pLyJVEqs7QfzkoB60gK3ecJ7PMPpWHsmnrSJQ
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:36:49 2025 by rpki-client