Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ImJ8IjOwK3s56bW6X8nNGbkX9OI.roa
File: ImJ8IjOwK3s56bW6X8nNGbkX9OI.roa (raw, json)
Hash identifier: j+w3Z3wNPoeEuKsl4Kbl1QGkGc+vQCAgrFf1xI5wZuI=
Subject key identifier: 22:62:7C:22:33:B0:2B:7B:39:E9:B5:BA:5F:C9:CD:19:B9:17:F4:E2
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521D138A65339EB390522BF47BFD63C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ImJ8IjOwK3s56bW6X8nNGbkX9OI.roa
Signing time: Thu 02 Jan 2025 03:49:20 +0000
ROA not before: Thu 02 Jan 2025 03:49:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44948
IP address blocks: 77.81.50.0/23 maxlen: 23
109.61.104.0/21 maxlen: 24
139.28.96.0/22 maxlen: 22
139.28.98.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Jan 2025 15:23:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:d1:38:a6:53:39:eb:39:05:22:bf:47:bf:d6:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22627c2233b02b7b39e9b5ba5fc9cd19b917f4e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:23:8b:aa:dd:2d:d2:0f:65:fe:09:a8:c1:8e:
f3:a6:5e:cb:6f:7b:7b:48:b3:f3:fc:02:5c:9d:23:
d9:d2:4c:30:16:1c:06:c6:ee:4d:6e:4a:46:8d:e3:
8f:74:93:44:1d:c7:71:d1:9e:c9:78:e6:f3:a6:c3:
d3:f3:f3:f6:20:a8:7e:dc:b8:0d:bb:e2:ac:18:27:
22:37:32:84:46:73:52:9f:e8:28:f1:99:52:06:6f:
2f:b2:83:2a:3d:86:b6:67:43:19:fe:b2:4d:b8:3e:
29:c4:b8:26:ee:bd:a6:0c:e6:a4:90:d1:0a:78:85:
5b:db:e8:86:14:7c:8f:99:da:b8:ec:c4:b3:fd:ba:
0b:97:a4:27:74:30:f3:73:ef:49:f8:ac:03:28:64:
ab:b2:4b:1c:3d:36:18:93:eb:6a:6b:fd:09:46:cc:
e3:0e:ef:63:f6:78:90:64:2f:10:9b:44:8f:41:b5:
c7:ad:5d:ea:e0:fd:0a:57:3b:72:45:f5:d7:d7:6f:
d1:c8:a9:0b:9f:c8:42:35:ae:01:ba:9f:a2:ad:66:
a5:03:b4:0a:7d:d1:e1:7e:5b:99:be:59:db:3a:ca:
b5:3a:34:3e:46:88:f4:8b:14:3b:58:0d:6d:68:79:
4c:47:1b:79:84:97:7d:46:c8:a5:46:59:0d:81:b4:
2d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:62:7C:22:33:B0:2B:7B:39:E9:B5:BA:5F:C9:CD:19:B9:17:F4:E2
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ImJ8IjOwK3s56bW6X8nNGbkX9OI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.50.0/23
109.61.104.0/21
139.28.96.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:ca:b9:bd:5b:35:33:52:e3:a8:12:c2:46:d3:62:e2:d6:ea:
94:ac:9a:59:bb:a0:f4:88:46:76:a1:27:a2:d1:b4:d4:04:f3:
ed:00:76:d3:a6:97:0b:33:9a:c9:c5:8c:9f:ad:4d:27:90:49:
c3:ae:65:98:3c:e9:9a:1a:0b:3a:73:65:ca:f0:c3:ac:a5:21:
4f:72:7d:4d:11:05:91:dd:2e:eb:16:6d:75:d2:aa:57:e2:71:
fd:47:52:19:ca:68:f6:42:65:5a:bd:f1:b1:30:1c:98:4a:f9:
e5:51:ca:39:62:65:64:4b:53:13:93:48:b9:bc:b2:da:21:96:
a7:93:f7:2d:5b:6c:51:c3:02:2b:26:36:89:24:39:cf:45:be:
65:2b:f0:df:d5:5e:f2:c3:e0:18:20:5b:03:c8:ef:2a:fd:3d:
01:1d:04:c5:19:5f:90:f6:e3:ff:f5:0a:9f:b5:79:c9:63:f3:
c3:ba:ef:64:d7:68:26:2a:cb:18:c1:f1:69:32:1a:59:40:f3:
f2:3f:4e:76:d6:05:56:86:e1:32:fb:3b:2c:2d:5c:72:a5:74:
74:16:57:80:43:d8:13:c2:4f:70:d7:58:0d:dd:6d:04:f5:e7:
29:e6:f7:75:31:4a:72:22:50:13:ef:23:30:c7:0b:43:75:8d:
08:ea:2a:ee
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlIdE4plM56zkFIr9Hv9Y8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjYyN2MyMjMzYjAyYjdiMzllOWI1YmE1ZmM5Y2QxOWI5MTdmNGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yOLqt0t0g9l/gmowY7zpl7Lb3t7
SLPz/AJcnSPZ0kwwFhwGxu5NbkpGjeOPdJNEHcdx0Z7JeObzpsPT8/P2IKh+3LgN
u+KsGCciNzKERnNSn+go8ZlSBm8vsoMqPYa2Z0MZ/rJNuD4pxLgm7r2mDOakkNEK
eIVb2+iGFHyPmdq47MSz/boLl6QndDDzc+9J+KwDKGSrskscPTYYk+tqa/0JRszj
Du9j9niQZC8Qm0SPQbXHrV3q4P0KVztyRfXX12/RyKkLn8hCNa4Bup+irWalA7QK
fdHhfluZvlnbOsq1OjQ+Roj0ixQ7WA1taHlMRxt5hJd9RsilRlkNgbQt/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCJifCIzsCt7Oem1ul/JzRm5F/TiMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSW1KOElqT3dLM3M1NmJXNlg4bk5HYmtYOU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBTVEyAwQD
bT1oAwQCixxgMA0GCSqGSIb3DQEBCwUAA4IBAQAKyrm9WzUzUuOoEsJG02Li1uqU
rJpZu6D0iEZ2oSei0bTUBPPtAHbTppcLM5rJxYyfrU0nkEnDrmWYPOmaGgs6c2XK
8MOspSFPcn1NEQWR3S7rFm110qpX4nH9R1IZymj2QmVavfGxMByYSvnlUco5YmVk
S1MTk0i5vLLaIZank/ctW2xRwwIrJjaJJDnPRb5lK/Df1V7yw+AYIFsDyO8q/T0B
HQTFGV+Q9uP/9QqftXnJY/PDuu9k12gmKssYwfFpMhpZQPPyP0521gVWhuEy+zss
LVxypXR0FleAQ9gTwk9w11gN3W0E9ecp5vd1MUpyIlAT7yMwxwtDdY0I6iru
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:41:43 2025 by rpki-client