Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/fiFSgEj7eeVvg6K5T23D9cE8U34.roa
File: fiFSgEj7eeVvg6K5T23D9cE8U34.roa (raw, json)
Hash identifier: WXvHmgxHYW+k2oK8CM8MTXvmqaQDvqu4u5j+RwpCIXA=
Subject key identifier: 7E:21:52:80:48:FB:79:E5:6F:83:A2:B9:4F:6D:C3:F5:C1:3C:53:7E
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 019466CC97C288ACA2394386F69966F63E5A
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/fiFSgEj7eeVvg6K5T23D9cE8U34.roa
Signing time: Tue 14 Jan 2025 21:51:11 +0000
ROA not before: Tue 14 Jan 2025 21:51:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42216
IP address blocks: 77.92.142.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.152.0/24 maxlen: 24
78.135.78.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
188.132.206.0/24 maxlen: 24
188.132.207.0/24 maxlen: 24
2a10:9440:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 Jan 2025 23:46:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:66:cc:97:c2:88:ac:a2:39:43:86:f6:99:66:f6:3e:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 14 21:51:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e21528048fb79e56f83a2b94f6dc3f5c13c537e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:18:ce:3d:86:45:98:1e:fe:9f:db:69:6f:68:
e1:ee:ef:13:41:8a:19:c8:d1:e8:b9:4b:49:82:7d:
b8:52:3f:22:36:18:3c:98:de:b4:ce:db:44:64:c0:
ea:f9:a0:6f:ff:fb:f2:fb:9f:e9:c7:34:5f:35:13:
62:7a:f6:33:e5:8e:3b:2a:79:33:bf:f7:83:39:56:
a0:d0:58:5c:32:46:ae:21:c0:95:92:a8:1c:55:9e:
9e:9d:f7:e2:06:a5:5d:6e:dc:ed:00:65:9a:84:49:
35:ba:77:9b:90:99:c8:37:a5:a6:46:82:f2:c9:8b:
52:cf:ba:91:0f:f6:25:f5:d8:51:2b:b6:ff:a0:47:
98:45:8b:dd:5b:86:e6:f8:9e:23:1b:a8:ee:cf:37:
1e:c4:ca:95:63:af:f0:9b:0a:33:c5:09:bd:0e:52:
1c:08:e1:af:61:ff:8a:64:fc:10:df:54:29:39:5a:
99:5d:82:5e:54:28:c5:15:35:91:a9:cb:02:56:cc:
a5:10:46:0e:8f:02:85:50:db:e3:30:51:2c:19:8a:
8a:ad:3f:a0:f5:ec:54:af:48:b2:82:14:0a:12:dd:
01:0e:f0:ed:11:a2:67:33:42:a0:55:b7:76:1c:77:
01:12:82:d8:09:76:92:51:87:e2:eb:67:f2:2d:95:
4f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:21:52:80:48:FB:79:E5:6F:83:A2:B9:4F:6D:C3:F5:C1:3C:53:7E
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/fiFSgEj7eeVvg6K5T23D9cE8U34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.142.0/23
77.92.152.0/24
78.135.78.0/24
78.135.86.0/24
188.132.206.0/23
IPv6:
2a10:9440:1::/48
Signature Algorithm: sha256WithRSAEncryption
95:78:99:40:b0:0c:dc:0c:60:9f:78:b9:37:b6:0e:fa:9e:be:
50:2e:04:3b:b0:da:9a:41:0f:2a:7a:67:89:75:7c:e5:ce:6f:
3d:e4:86:18:6d:1f:11:a0:8d:25:4a:23:ac:9c:08:de:9c:f5:
c1:68:e8:0d:1c:c9:9b:3e:a2:89:09:4b:e1:01:78:58:f8:14:
6d:1e:85:e7:bc:d5:9b:dd:38:c3:e4:44:02:cf:33:20:42:33:
86:c5:9c:b2:61:3c:c5:f0:e4:6a:bd:e7:2c:62:a4:d3:48:06:
25:f9:92:66:47:84:64:9f:0a:28:af:d7:36:0d:9f:a0:95:30:
ff:b4:15:26:8f:43:8e:40:ae:73:af:6e:ea:77:86:ed:b0:89:
65:3e:b4:a1:5a:08:fb:3f:cd:1b:52:1c:c9:72:41:bf:9f:86:
a1:5e:36:0d:fb:1b:f6:de:97:53:90:7f:a4:09:18:f4:d7:41:
9a:e8:1f:6e:84:49:ac:01:6e:92:ce:90:58:a0:cf:d0:8d:15:
84:37:2a:3c:a7:25:ae:53:49:73:3a:f9:01:0b:ab:d8:3f:5d:
e0:75:ec:2a:0a:39:a9:bf:31:9f:03:24:43:74:0a:3a:18:8f:
c2:fe:29:2d:d0:65:89:3d:08:f0:15:42:84:13:50:1d:bd:f8:
12:5f:67:52
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZRmzJfCiKyiOUOG9plm9j5aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMTE0MjE1MTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTIxNTI4MDQ4ZmI3OWU1NmY4M2EyYjk0ZjZkYzNmNWMxM2M1MzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxjOPYZFmB7+n9tpb2jh7u8TQYoZ
yNHouUtJgn24Uj8iNhg8mN60zttEZMDq+aBv//vy+5/pxzRfNRNievYz5Y47Knkz
v/eDOVag0FhcMkauIcCVkqgcVZ6enffiBqVdbtztAGWahEk1unebkJnIN6WmRoLy
yYtSz7qRD/Yl9dhRK7b/oEeYRYvdW4bm+J4jG6juzzcexMqVY6/wmwozxQm9DlIc
COGvYf+KZPwQ31QpOVqZXYJeVCjFFTWRqcsCVsylEEYOjwKFUNvjMFEsGYqKrT+g
9exUr0iyghQKEt0BDvDtEaJnM0KgVbd2HHcBEoLYCXaSUYfi62fyLZVPTwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFH4hUoBI+3nlb4OiuU9tw/XBPFN+MB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvZmlGU2dFajdlZVZ2ZzZLNVQyM0Q5Y0U4VTM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQBTVyOAwQA
TVyYAwQATodOAwQATodWAwQBvITOMA8EAgACMAkDBwAqEJRAAAEwDQYJKoZIhvcN
AQELBQADggEBAJV4mUCwDNwMYJ94uTe2DvqevlAuBDuw2ppBDyp6Z4l1fOXObz3k
hhhtHxGgjSVKI6ycCN6c9cFo6A0cyZs+ookJS+EBeFj4FG0ehee81ZvdOMPkRALP
MyBCM4bFnLJhPMXw5Gq95yxipNNIBiX5kmZHhGSfCiiv1zYNn6CVMP+0FSaPQ45A
rnOvbup3hu2wiWU+tKFaCPs/zRtSHMlyQb+fhqFeNg37G/bel1OQf6QJGPTXQZro
H26ESawBbpLOkFigz9CNFYQ3KjynJa5TSXM6+QELq9g/XeB17CoKOam/MZ8DJEN0
CjoYj8L+KS3QZYk9CPAVQoQTUB29+BJfZ1I=
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:09:24 2025 by rpki-client