Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/cYDpVP5fc6skiRlEBuQixA7qujo.roa
File: cYDpVP5fc6skiRlEBuQixA7qujo.roa (raw, json)
Hash identifier: Tftx8oj5q6qCCZ58p0kSYc3ZgdqlUj8DWFD4sfX/WY0=
Subject key identifier: 71:80:E9:54:FE:5F:73:AB:24:89:19:44:06:E4:22:C4:0E:EA:BA:3A
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019428276386E43ABB8F53B472780C1FC75C
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/cYDpVP5fc6skiRlEBuQixA7qujo.roa
Signing time: Thu 02 Jan 2025 17:54:17 +0000
ROA not before: Thu 02 Jan 2025 17:54:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201021
IP address blocks: 77.81.88.0/24 maxlen: 24
77.81.100.0/24 maxlen: 24
86.107.51.0/24 maxlen: 24
89.37.194.0/24 maxlen: 24
89.39.125.0/24 maxlen: 24
89.43.62.0/24 maxlen: 24
89.45.162.0/24 maxlen: 24
93.90.75.0/24 maxlen: 24
93.115.105.0/24 maxlen: 24
188.241.137.0/24 maxlen: 24
212.192.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Jan 2025 12:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:63:86:e4:3a:bb:8f:53:b4:72:78:0c:1f:c7:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 2 17:54:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7180e954fe5f73ab2489194406e422c40eeaba3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e6:db:94:11:f9:ec:ad:6e:be:e8:74:d8:94:
78:b9:08:10:bc:e7:37:7e:83:ab:cc:74:fd:cb:1e:
71:d6:f0:da:55:1f:8f:d3:e4:89:53:1d:4a:3f:cb:
38:c1:f9:05:10:fe:7c:bb:eb:22:4e:f7:32:55:39:
c9:f4:a3:8b:89:0c:cd:86:5e:09:3a:25:6b:ba:11:
78:ae:0d:6e:8e:d4:f8:8b:f7:27:2f:a4:86:4a:c8:
76:8e:1c:e0:9f:54:35:9f:96:57:51:e6:eb:89:44:
82:06:9e:4e:ae:10:2b:db:ad:a7:d7:d0:4b:36:a2:
3c:ae:02:aa:ca:81:96:ad:84:ad:db:14:60:bc:78:
e4:39:b4:8b:ae:ef:06:a1:75:3d:81:91:f0:19:92:
01:06:54:d5:ab:dd:b0:05:eb:a2:11:9b:58:85:f4:
e3:e0:7d:49:81:b5:75:49:73:b0:f7:5c:24:6b:6b:
38:34:83:6a:93:25:8e:9a:ab:aa:23:17:89:af:30:
5e:c6:b2:90:dc:23:df:73:aa:73:cc:c2:1d:5a:a9:
c3:30:63:29:d6:ee:05:74:ca:05:7f:4a:7b:a8:55:
ec:e9:ae:23:b7:fd:5b:25:95:e5:c1:fa:e1:ee:c9:
02:2d:1f:16:8e:8a:20:a1:03:3c:59:52:80:9d:70:
01:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:80:E9:54:FE:5F:73:AB:24:89:19:44:06:E4:22:C4:0E:EA:BA:3A
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/cYDpVP5fc6skiRlEBuQixA7qujo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.88.0/24
77.81.100.0/24
86.107.51.0/24
89.37.194.0/24
89.39.125.0/24
89.43.62.0/24
89.45.162.0/24
93.90.75.0/24
93.115.105.0/24
188.241.137.0/24
212.192.5.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:59:e5:99:bb:fd:3f:5d:1b:72:e7:81:c6:e9:2b:c8:dc:8e:
a0:80:df:b9:b8:7f:a8:80:69:e7:90:de:2a:34:6a:94:f2:b7:
06:d9:4a:e6:07:2b:18:e1:0d:4a:87:88:c6:c9:14:26:b3:fa:
47:83:11:b8:19:da:3b:af:10:a5:71:06:0e:5a:b1:bc:71:da:
62:99:bc:d0:6d:da:d3:9c:3b:22:5c:07:0a:cc:5d:c0:a7:82:
2d:91:d1:a7:65:b2:8c:08:89:b2:c7:9f:37:c8:31:19:0e:db:
a1:8a:bb:97:83:3b:51:cf:e2:54:e7:21:3a:d6:3d:f5:c4:8c:
f5:2d:8d:10:80:74:85:26:ab:11:51:22:37:fc:3e:5a:33:e2:
a5:45:3f:d5:b3:45:41:36:52:72:61:10:66:a0:bc:f3:99:6a:
15:76:6b:52:1d:b9:8c:44:89:b7:b1:d1:9a:f5:fd:fb:27:02:
aa:01:17:21:3c:87:23:82:86:bd:4b:03:d4:f4:39:00:73:90:
1a:f4:5f:b3:0d:be:de:9c:08:8a:16:65:4c:c2:83:ce:e7:78:
8b:c2:23:3f:b5:74:fe:d8:e0:8d:09:80:98:0b:79:88:9f:f9:
24:c5:33:65:5d:62:15:f4:19:94:68:75:64:bf:2e:17:d0:ab:
ec:bc:13:94
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZQoJ2OG5Dq7j1O0cngMH8dcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMTAyMTc1NDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTgwZTk1NGZlNWY3M2FiMjQ4OTE5NDQwNmU0MjJjNDBlZWFiYTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxObblBH57K1uvuh02JR4uQgQvOc3
foOrzHT9yx5x1vDaVR+P0+SJUx1KP8s4wfkFEP58u+siTvcyVTnJ9KOLiQzNhl4J
OiVruhF4rg1ujtT4i/cnL6SGSsh2jhzgn1Q1n5ZXUebriUSCBp5OrhAr262n19BL
NqI8rgKqyoGWrYSt2xRgvHjkObSLru8GoXU9gZHwGZIBBlTVq92wBeuiEZtYhfTj
4H1JgbV1SXOw91wka2s4NINqkyWOmquqIxeJrzBexrKQ3CPfc6pzzMIdWqnDMGMp
1u4FdMoFf0p7qFXs6a4jt/1bJZXlwfrh7skCLR8WjoogoQM8WVKAnXABuQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFHGA6VT+X3OrJIkZRAbkIsQO6ro6MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvY1lEcFZQNWZjNnNraVJsRUJ1UWl4QTdxdWpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQATVFYAwQA
TVFkAwQAVmszAwQAWSXCAwQAWSd9AwQAWSs+AwQAWS2iAwQAXVpLAwQAXXNpAwQA
vPGJAwQA1MAFMA0GCSqGSIb3DQEBCwUAA4IBAQBuWeWZu/0/XRty54HG6SvI3I6g
gN+5uH+ogGnnkN4qNGqU8rcG2UrmBysY4Q1Kh4jGyRQms/pHgxG4Gdo7rxClcQYO
WrG8cdpimbzQbdrTnDsiXAcKzF3Ap4ItkdGnZbKMCImyx583yDEZDtuhiruXgztR
z+JU5yE61j31xIz1LY0QgHSFJqsRUSI3/D5aM+KlRT/Vs0VBNlJyYRBmoLzzmWoV
dmtSHbmMRIm3sdGa9f37JwKqARchPIcjgoa9SwPU9DkAc5Aa9F+zDb7enAiKFmVM
woPO53iLwiM/tXT+2OCNCYCYC3mIn/kkxTNlXWIV9BmUaHVkvy4X0KvsvBOU
-----END CERTIFICATE-----
Generated at Wed Feb 5 12:50:04 2025 by rpki-client