Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Rj5n5bl3R-iwn7Qf8nuDOxE5Bbg.roa
File: Rj5n5bl3R-iwn7Qf8nuDOxE5Bbg.roa (raw, json)
Hash identifier: k7xhIhY8hd6su0AZKVco6t2rAV3SQBxWCUIkHrMK7gk=
Subject key identifier: 46:3E:67:E5:B9:77:47:E8:B0:9F:B4:1F:F2:7B:83:3B:11:39:05:B8
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019408675E2A1B4FA05ECBA4C6F5CAA98DA2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Rj5n5bl3R-iwn7Qf8nuDOxE5Bbg.roa
Signing time: Fri 27 Dec 2024 13:56:19 +0000
ROA not before: Fri 27 Dec 2024 13:56:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44948
IP address blocks: 77.81.50.0/23 maxlen: 23
109.61.104.0/21 maxlen: 24
139.28.96.0/22 maxlen: 22
139.28.98.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:08:67:5e:2a:1b:4f:a0:5e:cb:a4:c6:f5:ca:a9:8d:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 27 13:56:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=463e67e5b97747e8b09fb41ff27b833b113905b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:73:91:f9:89:53:5b:df:e9:10:06:ac:42:f3:
32:4e:00:22:09:d7:2f:9d:5e:24:78:43:ad:ed:b3:
13:08:c2:13:92:d2:eb:28:14:58:fc:85:52:43:c1:
1d:09:7e:77:9b:67:5f:cb:81:2c:94:0b:6b:21:a7:
d8:73:b9:3a:b1:22:fa:6a:63:a1:00:45:01:19:b9:
5b:10:72:15:42:6d:5d:ff:0c:c3:54:73:97:95:e1:
de:0f:74:3c:99:15:c6:db:22:94:d3:d2:2b:4a:eb:
67:33:81:6f:bc:78:0f:60:77:48:e2:63:5c:80:25:
55:6a:4f:6c:6b:b3:d0:70:60:1a:35:91:1a:d5:ee:
2b:ff:71:4a:3f:db:d7:81:1b:8c:2a:1e:0d:8a:ea:
76:59:d3:e0:5c:d2:b8:72:d2:f4:ad:cc:b1:b6:17:
b5:f9:9f:3b:d2:c9:a8:4c:f3:c6:a4:ca:43:dd:8d:
34:fb:ce:aa:c3:e0:53:12:86:e1:2c:e3:e8:61:ee:
dc:b4:eb:5e:46:9e:fb:69:d8:19:c9:49:74:ea:28:
f5:52:92:cf:b0:7e:e6:ba:bb:2d:ab:10:30:ed:8f:
cc:9a:cd:48:b1:41:01:2a:9b:67:f8:d6:fc:e9:c0:
c5:10:4e:fb:15:54:56:b1:b8:40:78:ad:6f:29:19:
3a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:3E:67:E5:B9:77:47:E8:B0:9F:B4:1F:F2:7B:83:3B:11:39:05:B8
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Rj5n5bl3R-iwn7Qf8nuDOxE5Bbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.50.0/23
109.61.104.0/21
139.28.96.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:e8:ff:57:fd:c5:8e:c2:b9:80:87:24:67:ff:34:56:c3:4a:
86:37:2c:0b:83:08:b9:13:d5:6d:8e:c1:61:52:cb:23:69:df:
c2:22:d4:11:07:02:7e:41:e7:d2:f6:23:a1:d5:85:21:4d:44:
c3:24:cd:c4:32:05:51:a7:a7:b5:ce:f5:5d:03:97:23:f7:eb:
23:f3:88:d2:3a:22:43:05:30:b9:85:6f:5a:45:64:37:d7:59:
5f:20:ab:6f:0c:1f:c2:48:d6:60:58:4f:c4:19:3f:25:20:b9:
5e:93:90:a4:8a:6d:08:ce:d5:d1:36:a5:aa:c3:37:f8:5a:42:
82:c5:ad:c9:00:f5:c3:c4:c7:79:80:73:c7:44:b8:f5:ce:f2:
94:fa:dd:cf:e4:e0:9a:93:f2:27:24:f0:f4:35:b8:57:b6:e4:
a4:88:72:5b:e7:31:87:9c:d1:6a:83:f1:82:e7:dc:63:12:38:
a1:2e:4b:8b:df:a5:24:5b:e1:95:58:a8:0f:cf:33:69:74:58:
1f:be:8c:61:e6:a1:4c:f5:d8:0d:6a:8f:f8:dd:7d:81:63:81:
35:fe:1d:ae:a7:86:e7:ab:ec:3f:bd:2c:d6:3b:8d:ca:ba:f6:
c2:50:59:38:09:69:ac:69:4a:5f:c0:4a:a3:94:c4:fd:51:a8:
21:1b:24:1e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQIZ14qG0+gXsukxvXKqY2iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQxMjI3MTM1NjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjNlNjdlNWI5Nzc0N2U4YjA5ZmI0MWZmMjdiODMzYjExMzkwNWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3OR+YlTW9/pEAasQvMyTgAiCdcv
nV4keEOt7bMTCMITktLrKBRY/IVSQ8EdCX53m2dfy4EslAtrIafYc7k6sSL6amOh
AEUBGblbEHIVQm1d/wzDVHOXleHeD3Q8mRXG2yKU09IrSutnM4FvvHgPYHdI4mNc
gCVVak9sa7PQcGAaNZEa1e4r/3FKP9vXgRuMKh4Niup2WdPgXNK4ctL0rcyxthe1
+Z870smoTPPGpMpD3Y00+86qw+BTEobhLOPoYe7ctOteRp77adgZyUl06ij1UpLP
sH7murstqxAw7Y/Mms1IsUEBKptn+Nb86cDFEE77FVRWsbhAeK1vKRk69QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEY+Z+W5d0fosJ+0H/J7gzsROQW4MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUmo1bjVibDNSLWl3bjdRZjhudURPeEU1QmJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBTVEyAwQD
bT1oAwQCixxgMA0GCSqGSIb3DQEBCwUAA4IBAQC96P9X/cWOwrmAhyRn/zRWw0qG
NywLgwi5E9VtjsFhUssjad/CItQRBwJ+QefS9iOh1YUhTUTDJM3EMgVRp6e1zvVd
A5cj9+sj84jSOiJDBTC5hW9aRWQ311lfIKtvDB/CSNZgWE/EGT8lILlek5Ckim0I
ztXRNqWqwzf4WkKCxa3JAPXDxMd5gHPHRLj1zvKU+t3P5OCak/InJPD0NbhXtuSk
iHJb5zGHnNFqg/GC59xjEjihLkuL36UkW+GVWKgPzzNpdFgfvoxh5qFM9dgNao/4
3X2BY4E1/h2up4bnq+w/vSzWO43KuvbCUFk4CWmsaUpfwEqjlMT9UaghGyQe
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:49:19 2025 by rpki-client