Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/OXiXJC1Rng_oQQ0si1CwBBU0fZg.roa
File: OXiXJC1Rng_oQQ0si1CwBBU0fZg.roa (raw, json)
Hash identifier: md0dQWvVb96m2jjYHWotAh9fBAtPCJ/r7TdWA9GoQ+A=
Subject key identifier: 39:78:97:24:2D:51:9E:0F:E8:41:0D:2C:8B:50:B0:04:15:34:7D:98
Certificate issuer: /CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Certificate serial: 0192AEFB4B6DB5984A252BB82B16CEBE998E
Authority key identifier: B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/OXiXJC1Rng_oQQ0si1CwBBU0fZg.roa
Signing time: Mon 21 Oct 2024 12:09:17 +0000
ROA not before: Mon 21 Oct 2024 12:09:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42325
IP address blocks: 77.72.104.0/21 maxlen: 24
77.72.106.0/24 maxlen: 24
77.72.107.0/24 maxlen: 24
77.72.108.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ae:fb:4b:6d:b5:98:4a:25:2b:b8:2b:16:ce:be:99:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Validity
Not Before: Oct 21 12:09:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=397897242d519e0fe8410d2c8b50b00415347d98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2b:28:14:72:09:84:b4:9f:66:1a:4b:d4:ad:
e3:59:bc:cb:fd:4a:e7:30:1c:4d:45:01:2e:40:09:
aa:cf:39:96:13:34:eb:e6:65:b1:f4:ea:24:05:2b:
8b:98:c8:e9:94:0d:60:a8:27:26:f0:2b:48:f7:08:
53:0d:78:a7:cf:dd:ad:e6:67:55:a9:c1:51:d5:59:
6d:f4:29:37:51:05:df:a1:00:dc:8c:26:18:e7:3d:
02:96:ad:f3:73:69:b1:b4:62:9a:a6:f3:a3:be:98:
8f:16:02:bb:07:53:38:10:88:17:56:95:a6:01:1d:
a6:1d:a8:2a:fa:27:79:1c:5a:24:8f:6b:78:69:9f:
fe:93:49:45:a0:d5:68:54:ad:47:c0:c0:7f:f5:db:
d7:b8:f4:1f:3b:65:78:6d:c4:75:99:22:fb:80:d2:
1b:4a:d8:33:16:3b:e3:fc:01:ff:35:5b:68:ef:3e:
7b:47:09:4b:ed:95:8a:f7:e3:27:d4:5a:38:1c:1b:
62:f8:5a:fc:e2:f2:92:dc:31:c3:de:c5:a6:04:1c:
55:e8:da:93:98:27:59:21:70:36:b4:3d:fd:25:da:
a3:e1:ec:77:ea:91:6e:a4:be:bc:17:01:9e:45:40:
51:f2:b3:e8:3e:bf:41:57:35:2e:20:f2:80:db:17:
19:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:78:97:24:2D:51:9E:0F:E8:41:0D:2C:8B:50:B0:04:15:34:7D:98
X509v3 Authority Key Identifier:
keyid:B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/OXiXJC1Rng_oQQ0si1CwBBU0fZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.104.0/21
Signature Algorithm: sha256WithRSAEncryption
eb:31:29:d0:45:86:8a:ac:2c:5e:48:51:33:49:59:7f:da:15:
84:63:53:ee:c7:d0:18:d2:3c:d9:cc:db:91:8d:b8:da:bf:a2:
93:9d:8f:30:dc:4c:c1:b6:cb:cf:46:1c:b0:4b:57:a2:87:d2:
dd:b6:bd:2a:83:6e:0c:54:5b:cd:7d:1e:26:33:bf:f3:e4:6f:
ab:a8:df:10:e6:35:95:a4:5b:44:8e:f3:29:11:71:52:b9:8c:
d5:0c:e3:e1:35:a1:e4:db:aa:53:0d:4a:3b:64:ab:c7:03:8a:
28:1d:6d:ce:93:05:d1:5f:be:06:50:c4:b6:9a:a3:e4:08:df:
90:6a:44:1c:b4:55:ef:d8:6d:d5:87:ae:cd:d8:22:f8:d1:2f:
52:b9:b7:11:f5:6f:60:e3:1c:d7:88:d5:c0:d6:0b:7e:0a:b1:
f3:83:ef:4d:8f:61:4f:57:f3:d3:64:cc:b1:9c:16:08:0b:c8:
d5:b6:1e:d9:78:98:e9:03:12:63:d2:70:78:da:95:31:42:85:
ee:0f:36:6c:aa:6b:c8:d9:63:43:f0:62:82:af:94:aa:40:31:
e1:3e:6a:af:fc:c9:b6:7d:39:86:38:af:9e:19:d9:a9:41:bc:
27:d2:11:41:55:26:ab:ce:9d:b3:ca:27:49:01:59:b6:61:b2:
29:b3:ab:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKu+0tttZhKJSu4KxbOvpmOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQ5NjFmNjdmMjJjNjFlODRhNjZjOGFkOWMxYThjZTUx
ZDA5OWIwHhcNMjQxMDIxMTIwOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTc4OTcyNDJkNTE5ZTBmZTg0MTBkMmM4YjUwYjAwNDE1MzQ3ZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSsoFHIJhLSfZhpL1K3jWbzL/Urn
MBxNRQEuQAmqzzmWEzTr5mWx9OokBSuLmMjplA1gqCcm8CtI9whTDXinz92t5mdV
qcFR1Vlt9Ck3UQXfoQDcjCYY5z0Clq3zc2mxtGKapvOjvpiPFgK7B1M4EIgXVpWm
AR2mHagq+id5HFokj2t4aZ/+k0lFoNVoVK1HwMB/9dvXuPQfO2V4bcR1mSL7gNIb
StgzFjvj/AH/NVto7z57RwlL7ZWK9+Mn1Fo4HBti+Fr84vKS3DHD3sWmBBxV6NqT
mCdZIXA2tD39Jdqj4ex36pFupL68FwGeRUBR8rPoPr9BVzUuIPKA2xcZ6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDl4lyQtUZ4P6EENLItQsAQVNH2YMB8GA1UdIwQY
MBaAFLkUlh9n8ixh6EpmyK2cGozlHQmbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTIt
Mjc0NzNjYTYxMmRlLzEvT1hpWEpDMVJuZ19vUVEwc2kxQ3dCQlUwZlpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTItMjc0NzNjYTYxMmRl
LzEvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDTUhoMA0G
CSqGSIb3DQEBCwUAA4IBAQDrMSnQRYaKrCxeSFEzSVl/2hWEY1Pux9AY0jzZzNuR
jbjav6KTnY8w3EzBtsvPRhywS1eih9Ldtr0qg24MVFvNfR4mM7/z5G+rqN8Q5jWV
pFtEjvMpEXFSuYzVDOPhNaHk26pTDUo7ZKvHA4ooHW3OkwXRX74GUMS2mqPkCN+Q
akQctFXv2G3Vh67N2CL40S9SubcR9W9g4xzXiNXA1gt+CrHzg+9Nj2FPV/PTZMyx
nBYIC8jVth7ZeJjpAxJj0nB42pUxQoXuDzZsqmvI2WND8GKCr5SqQDHhPmqv/Mm2
fTmGOK+eGdmpQbwn0hFBVSarzp2zyidJAVm2YbIps6sa
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:14:25 2025 by rpki-client