Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/FX9zQBWW3jGVc9At91Z0UAW2Jj0.roa
File: FX9zQBWW3jGVc9At91Z0UAW2Jj0.roa (raw, json)
Hash identifier: cBTckJpK2S+9oegBfPkowYR7t0aXuHAvUG8B5cAnR+g=
Subject key identifier: 15:7F:73:40:15:96:DE:31:95:73:D0:2D:F7:56:74:50:05:B6:26:3D
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0194018FF52E96C6D8F81DB0560E315FD855
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/FX9zQBWW3jGVc9At91Z0UAW2Jj0.roa
Signing time: Thu 26 Dec 2024 06:03:19 +0000
ROA not before: Thu 26 Dec 2024 06:03:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42216
IP address blocks: 77.92.142.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.152.0/24 maxlen: 24
78.135.78.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
188.132.206.0/24 maxlen: 24
188.132.207.0/24 maxlen: 24
2a10:9440:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 28 Dec 2024 01:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:01:8f:f5:2e:96:c6:d8:f8:1d:b0:56:0e:31:5f:d8:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Dec 26 06:03:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=157f73401596de319573d02df756745005b6263d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:92:14:2b:d4:24:99:af:a0:73:3d:10:2b:76:
22:bc:97:1f:71:47:5f:22:9e:c4:95:c1:99:5e:e1:
7d:99:bd:f7:d2:28:b2:d1:d3:25:cd:82:01:d2:99:
c5:08:37:f2:1d:cf:d8:1a:8d:89:28:36:1b:9c:9a:
11:bc:3e:94:a4:10:ba:05:66:c5:b4:47:c6:7a:66:
b6:5e:90:c4:a7:e5:10:14:fa:c1:14:3e:8a:41:d4:
be:16:66:5d:2f:5e:72:fa:96:78:da:4e:fa:59:e5:
f7:46:3b:3c:bc:0a:b4:bc:8c:24:09:76:17:e8:35:
46:dd:20:d0:25:44:77:96:f1:0a:64:a2:be:a0:31:
38:8b:8e:ca:ef:6e:44:2b:6d:92:d7:3e:4d:2f:e7:
f3:43:fd:ff:82:a5:76:7c:d4:8d:dd:ba:5a:b3:12:
67:c4:50:49:f0:55:8c:84:19:7a:ba:5f:47:a5:e5:
05:95:b1:31:a0:a1:20:69:8e:58:76:34:0e:4a:d5:
8b:3b:25:f9:f9:53:29:45:0d:b3:37:4a:95:77:2b:
3c:3b:f8:39:85:f8:77:cf:28:45:0b:59:d5:a9:b9:
0f:4b:d1:98:6f:f8:bc:d5:83:07:cd:b2:41:89:46:
c0:da:c8:df:35:94:8f:9b:8b:c8:41:bf:fc:39:a8:
bf:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:7F:73:40:15:96:DE:31:95:73:D0:2D:F7:56:74:50:05:B6:26:3D
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/FX9zQBWW3jGVc9At91Z0UAW2Jj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.142.0/23
77.92.152.0/24
78.135.78.0/24
78.135.86.0/24
188.132.206.0/23
IPv6:
2a10:9440:1::/48
Signature Algorithm: sha256WithRSAEncryption
ab:19:cc:62:ed:ea:81:0f:60:5b:e3:7d:cb:6b:42:c0:9b:6c:
dc:dc:17:fe:45:26:99:ea:a9:bf:37:3a:6d:6e:75:05:68:45:
16:d1:89:b1:3a:23:54:e7:2a:a6:aa:bf:32:6f:4b:15:15:12:
de:63:ef:7e:5f:6d:23:d4:8c:37:42:74:07:07:6c:e5:b8:d3:
00:e2:95:34:fb:7b:a4:7a:88:a2:1b:13:e1:30:ff:86:ed:c1:
71:81:e8:d2:9e:25:42:e5:38:93:44:5a:39:11:23:e1:b0:4d:
6f:c3:c8:a9:85:b2:3f:98:9e:c0:81:cf:8a:46:37:8c:8e:ac:
8f:5a:fa:22:6e:d4:71:ec:fb:88:61:f5:6b:01:91:9d:21:e9:
fe:e8:97:cd:bc:22:23:b4:88:bb:4c:aa:7f:0e:97:5a:5f:22:
a0:81:f9:0a:b6:b9:cd:61:3c:ef:98:6a:d8:5d:da:de:14:7a:
f7:94:f0:86:d8:cd:26:5f:88:42:fb:d7:f2:69:d4:93:c7:c5:
b0:5d:35:7d:c2:ad:f2:b1:6d:ea:20:61:ba:0b:01:39:10:5b:
e1:63:d1:98:03:ca:7b:fd:95:5b:09:07:11:c2:9e:85:1b:df:
be:ad:42:43:aa:06:d6:25:5e:6f:b5:f9:92:5b:27:38:b3:b8:
65:b1:56:2e
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQBj/UulsbY+B2wVg4xX9hVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQxMjI2MDYwMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTdmNzM0MDE1OTZkZTMxOTU3M2QwMmRmNzU2NzQ1MDA1YjYyNjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspIUK9Qkma+gcz0QK3YivJcfcUdf
Ip7ElcGZXuF9mb330iiy0dMlzYIB0pnFCDfyHc/YGo2JKDYbnJoRvD6UpBC6BWbF
tEfGema2XpDEp+UQFPrBFD6KQdS+FmZdL15y+pZ42k76WeX3Rjs8vAq0vIwkCXYX
6DVG3SDQJUR3lvEKZKK+oDE4i47K725EK22S1z5NL+fzQ/3/gqV2fNSN3bpasxJn
xFBJ8FWMhBl6ul9HpeUFlbExoKEgaY5YdjQOStWLOyX5+VMpRQ2zN0qVdys8O/g5
hfh3zyhFC1nVqbkPS9GYb/i81YMHzbJBiUbA2sjfNZSPm4vIQb/8Oai/IwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFBV/c0AVlt4xlXPQLfdWdFAFtiY9MB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvRlg5elFCV1czakdWYzlBdDkxWjBVQVcySmowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQBTVyOAwQA
TVyYAwQATodOAwQATodWAwQBvITOMA8EAgACMAkDBwAqEJRAAAEwDQYJKoZIhvcN
AQELBQADggEBAKsZzGLt6oEPYFvjfctrQsCbbNzcF/5FJpnqqb83Om1udQVoRRbR
ibE6I1TnKqaqvzJvSxUVEt5j735fbSPUjDdCdAcHbOW40wDilTT7e6R6iKIbE+Ew
/4btwXGB6NKeJULlOJNEWjkRI+GwTW/DyKmFsj+YnsCBz4pGN4yOrI9a+iJu1HHs
+4hh9WsBkZ0h6f7ol828IiO0iLtMqn8Ol1pfIqCB+Qq2uc1hPO+Yathd2t4UeveU
8IbYzSZfiEL71/Jp1JPHxbBdNX3CrfKxbeogYboLATkQW+Fj0ZgDynv9lVsJBxHC
noUb376tQkOqBtYlXm+1+ZJbJzizuGWxVi4=
-----END CERTIFICATE-----
Generated at Thu Apr 17 06:55:12 2025 by rpki-client