Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/w5efDhRUz0O1-6YlrcXPn_EOjQ0.roa
File: w5efDhRUz0O1-6YlrcXPn_EOjQ0.roa (raw, json)
Hash identifier: Og0qCbOYAldXzItXk2zg3QTckCqgs2q0Cknyq6g+ARM=
Subject key identifier: C3:97:9F:0E:14:54:CF:43:B5:FB:A6:25:AD:C5:CF:9F:F1:0E:8D:0D
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0193845B352340E3BFEA7CBE8014B7568115
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/w5efDhRUz0O1-6YlrcXPn_EOjQ0.roa
Signing time: Sun 01 Dec 2024 22:33:10 +0000
ROA not before: Sun 01 Dec 2024 22:33:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42216
IP address blocks: 77.92.142.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.152.0/24 maxlen: 24
78.135.78.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
188.132.206.0/24 maxlen: 24
188.132.207.0/24 maxlen: 24
2a10:9440:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 22 Dec 2024 21:48:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:84:5b:35:23:40:e3:bf:ea:7c:be:80:14:b7:56:81:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Dec 1 22:33:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3979f0e1454cf43b5fba625adc5cf9ff10e8d0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f7:08:8b:94:6a:1c:ca:ef:fc:df:3e:e6:8e:
da:0d:1b:e4:13:4a:4e:e7:68:2a:4c:1f:8e:d1:73:
49:a4:ac:02:6f:4b:57:9a:7b:d1:e3:a1:59:04:9d:
e8:98:3e:e8:4e:d4:4b:a7:c3:81:89:d9:32:87:02:
a8:ad:2b:f5:40:0d:29:27:e7:b7:50:f0:cf:2d:7a:
ae:21:b8:74:91:80:9d:49:68:b4:f2:04:0c:96:29:
e0:d3:8a:0f:74:37:e6:d0:99:a7:06:2c:bf:90:5d:
7f:8d:e6:37:14:b9:bd:ed:a2:3d:79:40:0d:e0:52:
1d:86:97:3f:f4:2e:e3:2d:4b:52:50:20:71:10:03:
b4:18:b3:fa:66:f3:76:a8:35:7e:8c:4f:cb:e9:52:
7f:fa:0f:68:d8:6c:bc:8b:fb:60:0f:6d:1f:0e:9b:
2b:83:e6:eb:3f:d9:a3:c4:f8:12:90:10:2a:63:92:
88:cb:8f:78:12:e1:e0:cc:4d:90:19:b8:c5:f5:a0:
81:6f:3e:aa:e8:41:92:6f:ec:f3:f2:47:b1:a8:71:
2d:09:9d:e4:9e:3a:0d:22:ce:cd:27:dd:ae:52:df:
f3:a7:78:fe:18:53:e1:74:bc:32:aa:7d:05:bf:22:
28:33:e2:07:d0:f8:93:59:7c:84:20:a7:3f:0e:7d:
ab:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:97:9F:0E:14:54:CF:43:B5:FB:A6:25:AD:C5:CF:9F:F1:0E:8D:0D
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/w5efDhRUz0O1-6YlrcXPn_EOjQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.142.0/23
77.92.152.0/24
78.135.78.0/24
78.135.86.0/24
188.132.206.0/23
IPv6:
2a10:9440:1::/48
Signature Algorithm: sha256WithRSAEncryption
87:5f:a6:ed:57:76:2e:82:b2:1e:88:8d:4a:3f:23:a3:b4:34:
1a:4a:2b:1b:54:e8:10:75:fc:2e:26:37:86:64:21:ae:e3:4c:
90:05:68:04:f6:f5:f9:0a:93:04:6f:3c:91:57:8e:1c:19:c7:
db:44:32:ec:55:a4:27:a6:2f:ec:dc:6d:8a:b1:0e:d0:ed:2b:
84:7d:73:97:95:03:da:5c:2a:eb:e2:e5:a6:75:b6:66:9a:b6:
c6:98:79:f7:a2:09:ef:4e:23:1d:43:ba:65:47:32:4b:59:25:
ac:3f:35:8f:cf:64:90:23:be:1c:dc:35:16:a0:ba:3d:8a:99:
b1:42:ed:2c:0b:07:04:69:7a:33:6c:98:66:8a:82:ce:ca:41:
d4:9c:a8:55:fc:a7:79:78:0c:78:cc:95:08:ea:60:29:e8:28:
e7:26:fe:ec:21:2c:ff:77:97:59:73:b0:08:00:f8:16:c9:1c:
bf:48:f6:88:0a:f6:65:31:c2:21:af:62:99:fc:4d:b1:d8:93:
47:05:46:c0:82:85:80:d6:05:9b:80:4e:b6:c1:45:ad:a8:bd:
93:62:d8:a4:e8:93:da:4b:ee:ce:ad:f0:ef:15:2a:e7:07:77:
e8:25:ab:46:58:fa:f7:a5:5d:ab:54:c1:1c:49:55:06:f1:71:
ea:e6:ee:9a
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZOEWzUjQOO/6ny+gBS3VoEVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQxMjAxMjIzMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzk3OWYwZTE0NTRjZjQzYjVmYmE2MjVhZGM1Y2Y5ZmYxMGU4ZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufcIi5RqHMrv/N8+5o7aDRvkE0pO
52gqTB+O0XNJpKwCb0tXmnvR46FZBJ3omD7oTtRLp8OBidkyhwKorSv1QA0pJ+e3
UPDPLXquIbh0kYCdSWi08gQMling04oPdDfm0JmnBiy/kF1/jeY3FLm97aI9eUAN
4FIdhpc/9C7jLUtSUCBxEAO0GLP6ZvN2qDV+jE/L6VJ/+g9o2Gy8i/tgD20fDpsr
g+brP9mjxPgSkBAqY5KIy494EuHgzE2QGbjF9aCBbz6q6EGSb+zz8kexqHEtCZ3k
njoNIs7NJ92uUt/zp3j+GFPhdLwyqn0FvyIoM+IH0PiTWXyEIKc/Dn2rPQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFMOXnw4UVM9DtfumJa3Fz5/xDo0NMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvdzVlZkRoUlV6ME8xLTZZbHJjWFBuX0VPalEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQBTVyOAwQA
TVyYAwQATodOAwQATodWAwQBvITOMA8EAgACMAkDBwAqEJRAAAEwDQYJKoZIhvcN
AQELBQADggEBAIdfpu1Xdi6Csh6IjUo/I6O0NBpKKxtU6BB1/C4mN4ZkIa7jTJAF
aAT29fkKkwRvPJFXjhwZx9tEMuxVpCemL+zcbYqxDtDtK4R9c5eVA9pcKuvi5aZ1
tmaatsaYefeiCe9OIx1DumVHMktZJaw/NY/PZJAjvhzcNRaguj2KmbFC7SwLBwRp
ejNsmGaKgs7KQdScqFX8p3l4DHjMlQjqYCnoKOcm/uwhLP93l1lzsAgA+BbJHL9I
9ogK9mUxwiGvYpn8TbHYk0cFRsCChYDWBZuATrbBRa2ovZNi2KTok9pL7s6t8O8V
KucHd+glq0ZY+velXatUwRxJVQbxcerm7po=
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:09:30 2025 by rpki-client