Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/bkKq8q4VUj6VdCjBKStgg43Jg80.roa
File: bkKq8q4VUj6VdCjBKStgg43Jg80.roa (raw, json)
Hash identifier: NrcKE4BAzjJH1VoQVLcDKszrjkq1BRrAC0hG3i9+um8=
Subject key identifier: 6E:42:AA:F2:AE:15:52:3E:95:74:28:C1:29:2B:60:83:8D:C9:83:CD
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01936C5A30170F24FEA38A07E19258CF05BA
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/bkKq8q4VUj6VdCjBKStgg43Jg80.roa
Signing time: Wed 27 Nov 2024 06:41:10 +0000
ROA not before: Wed 27 Nov 2024 06:41:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42216
IP address blocks: 77.92.142.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.152.0/24 maxlen: 24
78.135.78.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
188.132.206.0/24 maxlen: 24
188.132.207.0/24 maxlen: 24
2a10:9440:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Nov 2024 10:24:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6c:5a:30:17:0f:24:fe:a3:8a:07:e1:92:58:cf:05:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Nov 27 06:41:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e42aaf2ae15523e957428c1292b60838dc983cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d1:cc:4a:6d:ef:fb:41:3d:e9:2a:1d:96:dd:
ae:ab:d1:09:7a:8a:64:f8:10:bd:f7:41:1d:f6:14:
2d:ff:cd:6b:c9:f2:52:05:26:58:21:42:af:b5:bb:
ff:6c:19:21:e0:d6:2a:27:03:c7:b7:22:7b:aa:1f:
32:3e:36:d8:d4:2b:4e:28:07:ed:d1:aa:cc:7e:68:
0a:c7:f8:60:94:d4:ae:58:3c:12:bd:3d:53:53:40:
12:b7:70:b6:e2:af:8e:b0:81:38:ad:91:20:e7:96:
aa:c8:8a:83:91:db:02:e7:0a:ec:f5:1a:85:c0:6f:
f1:ce:7e:c8:4c:bb:60:78:33:fc:a1:7b:0f:c5:b0:
c3:07:83:6f:a6:e9:03:43:39:64:6a:3f:38:43:d6:
e2:a4:92:ad:17:46:11:47:d2:5e:4d:56:29:12:3f:
ca:6a:67:56:61:d0:d6:57:30:87:d7:7c:e3:af:55:
3d:fa:0d:91:7e:72:1a:93:64:a6:06:75:d0:ff:f9:
9d:7f:64:2d:2d:93:b7:9b:fa:5a:1b:83:d0:5c:dd:
5b:de:d2:ca:87:c5:51:24:c7:71:e6:8d:e6:04:a8:
38:49:21:29:6f:2e:21:c2:1a:60:42:14:ba:82:03:
49:8a:57:3d:f5:b2:c2:21:c8:23:44:a1:87:8c:2e:
7d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:42:AA:F2:AE:15:52:3E:95:74:28:C1:29:2B:60:83:8D:C9:83:CD
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/bkKq8q4VUj6VdCjBKStgg43Jg80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.142.0/23
77.92.152.0/24
78.135.78.0/24
78.135.86.0/24
188.132.206.0/23
IPv6:
2a10:9440:1::/48
Signature Algorithm: sha256WithRSAEncryption
75:ba:46:a4:9d:a8:48:44:77:15:5e:79:7c:f3:7e:34:99:8a:
2f:78:13:7c:63:cf:d0:20:0f:1e:78:35:72:8d:85:ad:b6:33:
3c:8d:9f:00:90:38:27:6b:5b:04:8c:f7:7c:ce:4a:c2:ef:f1:
9e:76:25:88:d1:33:07:35:d0:79:6b:fa:7b:83:e3:05:fb:af:
60:1e:de:5e:81:c4:01:26:3d:59:f1:18:e9:67:fe:0b:81:7e:
ce:f4:a7:89:10:6e:f5:fc:31:11:f5:3b:d5:ae:ee:7c:da:fb:
33:54:d1:71:29:b7:b5:7e:ea:8d:2d:9e:f6:d7:44:92:91:ad:
e7:e6:9b:4f:c9:50:b8:bb:6f:af:15:96:ca:4b:c0:aa:0c:b2:
1d:23:99:00:ed:0d:62:61:f4:e6:48:7f:a7:24:51:52:d3:f9:
5c:23:a6:bc:b3:33:1c:fb:70:a1:eb:60:45:2f:db:82:23:18:
98:6d:a3:8d:d4:cc:52:36:9c:14:bd:48:cf:75:55:1a:9c:31:
59:dd:ea:33:71:e6:50:45:21:97:e7:3c:7c:6f:8e:41:6b:d5:
3f:2b:c6:e1:ea:7b:33:3b:17:bb:f7:b0:d9:ce:79:6d:7f:f7:
ba:c9:71:e1:37:fe:bf:47:f1:05:53:ef:d2:f9:8e:9e:54:07:
af:38:91:cb
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZNsWjAXDyT+o4oH4ZJYzwW6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQxMTI3MDY0MTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTQyYWFmMmFlMTU1MjNlOTU3NDI4YzEyOTJiNjA4MzhkYzk4M2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdHMSm3v+0E96Sodlt2uq9EJeopk
+BC990Ed9hQt/81ryfJSBSZYIUKvtbv/bBkh4NYqJwPHtyJ7qh8yPjbY1CtOKAft
0arMfmgKx/hglNSuWDwSvT1TU0ASt3C24q+OsIE4rZEg55aqyIqDkdsC5wrs9RqF
wG/xzn7ITLtgeDP8oXsPxbDDB4NvpukDQzlkaj84Q9bipJKtF0YRR9JeTVYpEj/K
amdWYdDWVzCH13zjr1U9+g2RfnIak2SmBnXQ//mdf2QtLZO3m/paG4PQXN1b3tLK
h8VRJMdx5o3mBKg4SSEpby4hwhpgQhS6ggNJilc99bLCIcgjRKGHjC59AQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFG5CqvKuFVI+lXQowSkrYIONyYPNMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvYmtLcThxNFZVajZWZENqQktTdGdnNDNKZzgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQBTVyOAwQA
TVyYAwQATodOAwQATodWAwQBvITOMA8EAgACMAkDBwAqEJRAAAEwDQYJKoZIhvcN
AQELBQADggEBAHW6RqSdqEhEdxVeeXzzfjSZii94E3xjz9AgDx54NXKNha22MzyN
nwCQOCdrWwSM93zOSsLv8Z52JYjRMwc10Hlr+nuD4wX7r2Ae3l6BxAEmPVnxGOln
/guBfs70p4kQbvX8MRH1O9Wu7nza+zNU0XEpt7V+6o0tnvbXRJKRrefmm0/JULi7
b68VlspLwKoMsh0jmQDtDWJh9OZIf6ckUVLT+VwjpryzMxz7cKHrYEUv24IjGJht
o43UzFI2nBS9SM91VRqcMVnd6jNx5lBFIZfnPHxvjkFr1T8rxuHqezM7F7v3sNnO
eW1/97rJceE3/r9H8QVT79L5jp5UB684kcs=
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:31:30 2025 by rpki-client