Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/KBD0jFzcUQ0phQ7ytkKgR2XJjmM.roa
File: KBD0jFzcUQ0phQ7ytkKgR2XJjmM.roa (raw, json)
Hash identifier: qQl2smKxtB71tSxKbUGxbewiF2qixS14vW4hfcsQ2sM=
Subject key identifier: 28:10:F4:8C:5C:DC:51:0D:29:85:0E:F2:B6:42:A0:47:65:C9:8E:63
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0193F09F1E1ACA54FA044331FE3167FFE94B
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/KBD0jFzcUQ0phQ7ytkKgR2XJjmM.roa
Signing time: Sun 22 Dec 2024 23:06:20 +0000
ROA not before: Sun 22 Dec 2024 23:06:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42216
IP address blocks: 77.92.142.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.152.0/24 maxlen: 24
78.135.78.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
188.132.206.0/24 maxlen: 24
188.132.207.0/24 maxlen: 24
2a10:9440:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Dec 2024 01:03:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f0:9f:1e:1a:ca:54:fa:04:43:31:fe:31:67:ff:e9:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Dec 22 23:06:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2810f48c5cdc510d29850ef2b642a04765c98e63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:c3:f9:50:e3:62:b5:b8:2b:1a:ac:2f:99:ba:
3d:5d:bb:f3:67:e2:ff:29:51:2c:bc:f2:82:10:29:
05:60:e3:e2:96:6d:66:b0:05:86:92:50:b5:f8:f9:
37:41:06:18:81:ec:6d:d7:7e:5c:89:65:26:48:89:
1d:87:45:10:8e:98:5f:de:28:33:35:b5:c2:38:1f:
b0:01:95:6c:4d:43:7a:b1:a8:2a:cb:17:c3:1c:3a:
be:3c:55:7a:bc:60:73:4c:12:52:98:32:a9:0f:1f:
67:98:90:29:45:0d:f1:57:56:a1:f1:37:ad:92:91:
09:34:3b:53:21:54:a0:bc:28:7e:7b:b6:2d:d3:10:
9c:f0:67:0a:93:d1:6a:b4:f0:8d:c0:2a:da:9e:ad:
b6:dc:a7:2c:00:b5:55:38:60:d5:8a:8b:39:a3:8f:
31:91:37:26:6b:88:97:cf:8b:9f:eb:ce:a4:8e:42:
08:31:74:cf:a9:7c:9c:25:c7:7a:bf:8a:cc:49:06:
76:b3:18:9f:6e:70:6a:29:f2:98:89:19:85:72:f7:
60:9a:35:31:5c:c2:6c:ec:75:83:2d:7b:d6:82:f2:
df:b5:41:94:a7:49:67:88:93:f8:e6:e9:15:eb:74:
67:ad:64:62:d1:a3:21:47:ff:1e:4a:b8:84:eb:d5:
4f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:10:F4:8C:5C:DC:51:0D:29:85:0E:F2:B6:42:A0:47:65:C9:8E:63
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/KBD0jFzcUQ0phQ7ytkKgR2XJjmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.142.0/23
77.92.152.0/24
78.135.78.0/24
78.135.86.0/24
188.132.206.0/23
IPv6:
2a10:9440:1::/48
Signature Algorithm: sha256WithRSAEncryption
29:90:96:a7:81:39:67:98:f0:af:79:cf:f3:8a:6d:68:6e:96:
a4:e8:d9:02:98:72:b0:b0:60:d4:3c:cb:12:f6:8b:37:8a:26:
0f:0f:3a:66:85:af:8e:f9:4d:a2:37:51:8d:4b:b8:ac:0e:55:
b7:bb:0e:f0:b1:59:4f:70:8a:5d:e8:f3:fc:4f:da:a9:25:b1:
f0:ab:f7:a5:b2:7b:7d:3d:88:30:58:43:cc:9a:78:94:f7:5b:
23:07:57:ae:d0:78:50:ab:7b:1f:ed:fc:4c:0a:52:b5:7b:d0:
ae:9b:31:83:71:81:48:19:9f:59:fe:0e:f4:b3:a4:d9:63:0d:
ec:96:83:98:73:9a:ea:69:f5:58:48:2f:3a:dd:a7:c8:7d:38:
b0:6d:63:65:6d:2b:a8:ad:f3:9f:c1:7f:a5:38:ba:26:92:d1:
24:89:1d:8e:da:36:f9:c8:c4:45:30:95:08:25:97:21:fd:3e:
fc:f4:1c:eb:78:17:cb:aa:74:0b:95:a7:5a:d8:07:64:70:33:
b9:a7:6b:6a:8d:37:e8:ec:74:f8:85:c5:c8:1e:9d:23:28:c3:
a9:73:e1:2a:0e:2c:c8:9b:86:d7:ef:93:56:75:5c:d0:a6:42:
a1:6f:37:31:75:1d:53:9f:28:3e:c3:b8:4c:a7:3a:94:bc:24:
72:bd:5f:15
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZPwnx4aylT6BEMx/jFn/+lLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQxMjIyMjMwNjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODEwZjQ4YzVjZGM1MTBkMjk4NTBlZjJiNjQyYTA0NzY1Yzk4ZTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA88P5UONitbgrGqwvmbo9XbvzZ+L/
KVEsvPKCECkFYOPilm1msAWGklC1+Pk3QQYYgext135ciWUmSIkdh0UQjphf3igz
NbXCOB+wAZVsTUN6sagqyxfDHDq+PFV6vGBzTBJSmDKpDx9nmJApRQ3xV1ah8Tet
kpEJNDtTIVSgvCh+e7Yt0xCc8GcKk9FqtPCNwCranq223KcsALVVOGDVios5o48x
kTcma4iXz4uf686kjkIIMXTPqXycJcd6v4rMSQZ2sxifbnBqKfKYiRmFcvdgmjUx
XMJs7HWDLXvWgvLftUGUp0lniJP45ukV63RnrWRi0aMhR/8eSriE69VPewIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFCgQ9Ixc3FENKYUO8rZCoEdlyY5jMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvS0JEMGpGemNVUTBwaFE3eXRrS2dSMlhKam1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQBTVyOAwQA
TVyYAwQATodOAwQATodWAwQBvITOMA8EAgACMAkDBwAqEJRAAAEwDQYJKoZIhvcN
AQELBQADggEBACmQlqeBOWeY8K95z/OKbWhulqTo2QKYcrCwYNQ8yxL2izeKJg8P
OmaFr475TaI3UY1LuKwOVbe7DvCxWU9wil3o8/xP2qklsfCr96Wye309iDBYQ8ya
eJT3WyMHV67QeFCrex/t/EwKUrV70K6bMYNxgUgZn1n+DvSzpNljDeyWg5hzmupp
9VhILzrdp8h9OLBtY2VtK6it85/Bf6U4uiaS0SSJHY7aNvnIxEUwlQgllyH9Pvz0
HOt4F8uqdAuVp1rYB2RwM7mna2qNN+jsdPiFxcgenSMow6lz4SoOLMibhtfvk1Z1
XNCmQqFvNzF1HVOfKD7DuEynOpS8JHK9XxU=
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:09:44 2025 by rpki-client