Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/e6f5d7-1be1-4851-b994-1a143e971cee/1/Ndu8ER6kYPJU5KpyeeZrw9JaQdo.roa
File: Ndu8ER6kYPJU5KpyeeZrw9JaQdo.roa (raw, json)
Hash identifier: xcgBL36CoZfay7uGkptCFVgP6/NpUU31qgNP5IYSAWM=
Subject key identifier: 35:DB:BC:11:1E:A4:60:F2:54:E4:AA:72:79:E6:6B:C3:D2:5A:41:DA
Certificate issuer: /CN=1a5073145b926e9a6905eba918e21eb4cf1cae10
Certificate serial: 018CC79560B79DFC1DA4767BEA41B0F7AFFD
Authority key identifier: 1A:50:73:14:5B:92:6E:9A:69:05:EB:A9:18:E2:1E:B4:CF:1C:AE:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GlBzFFuSbpppBeupGOIetM8crhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/e6f5d7-1be1-4851-b994-1a143e971cee/1/Ndu8ER6kYPJU5KpyeeZrw9JaQdo.roa
Signing time: Tue 02 Jan 2024 00:31:44 +0000
ROA not before: Tue 02 Jan 2024 00:31:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43061
IP address blocks: 77.94.128.0/19 maxlen: 19
2a02:d90::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:60:b7:9d:fc:1d:a4:76:7b:ea:41:b0:f7:af:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a5073145b926e9a6905eba918e21eb4cf1cae10
Validity
Not Before: Jan 2 00:31:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35dbbc111ea460f254e4aa7279e66bc3d25a41da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:50:ca:3a:e2:ac:13:67:77:3f:13:c1:84:3c:
d5:20:cf:69:6f:8c:83:fb:9b:cc:3f:6b:f6:21:f3:
89:93:3a:e3:ad:1c:f1:75:ff:ed:c4:1f:6a:4f:10:
c8:bc:c1:49:2b:60:b4:78:58:9e:cc:85:a0:79:a2:
0a:52:c7:4a:a3:c4:74:2c:60:22:64:6f:37:5b:0e:
ba:b6:01:90:26:f4:a9:f3:01:1e:0a:f5:2f:97:92:
00:26:71:4d:10:f4:f1:c2:bd:7f:fa:0d:f2:3e:b5:
9e:9b:d1:04:0f:75:3c:12:9a:41:33:7d:d6:92:eb:
9f:84:f7:43:b6:a3:b0:4e:8d:7c:8a:55:f3:ec:d5:
dc:44:ab:b1:eb:e6:55:f5:86:aa:44:2b:49:76:00:
7d:60:65:33:38:3d:0e:03:77:f2:56:d9:15:03:11:
4e:8a:0f:b1:91:2e:b4:72:8b:dc:c1:00:6d:f7:0c:
5e:73:a1:57:cf:b8:58:6c:38:a7:94:9e:eb:af:ec:
81:c3:a2:06:d4:47:d3:25:0f:3d:54:dd:47:fa:72:
ef:16:88:66:46:75:9a:27:a5:a3:c1:59:a8:a7:1e:
1c:fb:3d:b8:ec:f4:9d:3c:10:ec:9b:9d:17:25:a7:
6f:3f:b8:4f:3e:c1:7f:e6:d1:0a:3e:30:c4:6b:e3:
22:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:DB:BC:11:1E:A4:60:F2:54:E4:AA:72:79:E6:6B:C3:D2:5A:41:DA
X509v3 Authority Key Identifier:
keyid:1A:50:73:14:5B:92:6E:9A:69:05:EB:A9:18:E2:1E:B4:CF:1C:AE:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GlBzFFuSbpppBeupGOIetM8crhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/e6f5d7-1be1-4851-b994-1a143e971cee/1/Ndu8ER6kYPJU5KpyeeZrw9JaQdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/e6f5d7-1be1-4851-b994-1a143e971cee/1/GlBzFFuSbpppBeupGOIetM8crhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.94.128.0/19
IPv6:
2a02:d90::/32
Signature Algorithm: sha256WithRSAEncryption
08:30:4b:4d:46:71:a9:3e:77:b5:52:f0:72:fa:d0:0e:53:a7:
ff:f1:8c:cb:13:ad:3e:81:b6:38:b4:fe:de:0e:24:c7:cc:eb:
97:92:91:34:0a:0a:47:7e:c2:3c:20:4f:ac:b5:c7:e7:ad:da:
8c:d3:54:6a:5b:3f:b2:06:83:f1:03:9d:9f:74:73:53:71:70:
89:a1:6e:b0:1a:b7:e7:56:bc:be:5a:42:bc:13:79:29:7a:af:
5c:98:b8:24:d3:f5:56:8b:d4:dc:0f:e1:7e:b9:c6:5d:b8:7d:
c9:f5:16:6a:03:ff:c3:75:67:7f:34:c1:36:e4:86:1b:78:3f:
e6:d2:a9:55:70:43:3e:7a:ee:c3:d9:17:12:3f:eb:fa:0a:9f:
83:0f:ac:37:87:e4:91:91:cf:29:22:e9:0a:89:d0:e4:a3:bc:
25:bf:5a:36:f9:18:7e:ea:16:34:7a:77:4f:f3:7d:80:38:2f:
7e:e8:c3:91:35:31:2b:80:1d:f2:bf:f1:8f:a4:89:66:91:84:
f5:44:d2:13:9b:ed:08:90:20:78:48:ae:69:24:60:37:d0:6b:
19:4e:1e:16:4d:75:9a:5e:7a:fb:39:a4:5b:da:e9:bd:11:a9:
27:f6:bf:b4:df:a7:7b:95:e1:aa:75:0b:ac:77:46:20:8e:32:
bd:f9:c3:3f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlWC3nfwdpHZ76kGw96/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNTA3MzE0NWI5MjZlOWE2OTA1ZWJhOTE4ZTIxZWI0Y2Yx
Y2FlMTAwHhcNMjQwMTAyMDAzMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWRiYmMxMTFlYTQ2MGYyNTRlNGFhNzI3OWU2NmJjM2QyNWE0MWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFDKOuKsE2d3PxPBhDzVIM9pb4yD
+5vMP2v2IfOJkzrjrRzxdf/txB9qTxDIvMFJK2C0eFiezIWgeaIKUsdKo8R0LGAi
ZG83Ww66tgGQJvSp8wEeCvUvl5IAJnFNEPTxwr1/+g3yPrWem9EED3U8EppBM33W
kuufhPdDtqOwTo18ilXz7NXcRKux6+ZV9YaqRCtJdgB9YGUzOD0OA3fyVtkVAxFO
ig+xkS60covcwQBt9wxec6FXz7hYbDinlJ7rr+yBw6IG1EfTJQ89VN1H+nLvFohm
RnWaJ6WjwVmopx4c+z247PSdPBDsm50XJadvP7hPPsF/5tEKPjDEa+Mi8QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDXbvBEepGDyVOSqcnnma8PSWkHaMB8GA1UdIwQY
MBaAFBpQcxRbkm6aaQXrqRjiHrTPHK4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2xCekZGdVNicHBwQmV1cEdPSWV0TThjcmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lNmY1ZDctMWJlMS00ODUxLWI5OTQt
MWExNDNlOTcxY2VlLzEvTmR1OEVSNmtZUEpVNUtweWVlWnJ3OUphUWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9lNmY1ZDctMWJlMS00ODUxLWI5OTQtMWExNDNlOTcxY2Vl
LzEvR2xCekZGdVNicHBwQmV1cEdPSWV0TThjcmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFTV6AMA0E
AgACMAcDBQAqAg2QMA0GCSqGSIb3DQEBCwUAA4IBAQAIMEtNRnGpPne1UvBy+tAO
U6f/8YzLE60+gbY4tP7eDiTHzOuXkpE0CgpHfsI8IE+stcfnrdqM01RqWz+yBoPx
A52fdHNTcXCJoW6wGrfnVry+WkK8E3kpeq9cmLgk0/VWi9TcD+F+ucZduH3J9RZq
A//DdWd/NME25IYbeD/m0qlVcEM+eu7D2RcSP+v6Cp+DD6w3h+SRkc8pIukKidDk
o7wlv1o2+Rh+6hY0endP832AOC9+6MORNTErgB3yv/GPpIlmkYT1RNITm+0IkCB4
SK5pJGA30GsZTh4WTXWaXnr7OaRb2um9Eakn9r+036d7leGqdQusd0YgjjK9+cM/
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:44:19 2025 by rpki-client