Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/d1e324-54f3-4df8-8ec6-038d53c23c39/1/Do-bMlPIZg9NNn3hQybnUjt0_Jo.roa
File: Do-bMlPIZg9NNn3hQybnUjt0_Jo.roa (raw, json)
Hash identifier: afBqVCrOArqrrH8rmmFoID1HO0iUYKyjFKPPffkLg20=
Subject key identifier: 0E:8F:9B:32:53:C8:66:0F:4D:36:7D:E1:43:26:E7:52:3B:74:FC:9A
Certificate issuer: /CN=f9aa8a3ea991333393f3ef2a1822451123d3eec7
Certificate serial: 01958E585AE4E1252388812827FA3FE2FDB9
Authority key identifier: F9:AA:8A:3E:A9:91:33:33:93:F3:EF:2A:18:22:45:11:23:D3:EE:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-aqKPqmRMzOT8-8qGCJFESPT7sc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/d1e324-54f3-4df8-8ec6-038d53c23c39/1/Do-bMlPIZg9NNn3hQybnUjt0_Jo.roa
Signing time: Thu 13 Mar 2025 07:11:49 +0000
ROA not before: Thu 13 Mar 2025 07:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42539
IP address blocks: 77.235.64.0/20 maxlen: 20
Validation: Failed, certificate revoked on Fri 14 Mar 2025 08:25:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8e:58:5a:e4:e1:25:23:88:81:28:27:fa:3f:e2:fd:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9aa8a3ea991333393f3ef2a1822451123d3eec7
Validity
Not Before: Mar 13 07:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e8f9b3253c8660f4d367de14326e7523b74fc9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:9f:f7:fc:f4:bb:61:c6:30:11:86:20:2f:38:
84:24:27:85:1b:96:1c:37:56:83:62:09:a3:d0:74:
eb:ca:5d:ed:f7:7a:f5:64:8d:04:09:01:3d:a7:1c:
01:18:80:c2:fe:22:6b:3a:6e:11:00:c3:7b:fb:0d:
b2:ab:4c:6e:6f:26:ca:58:33:de:ff:f0:54:df:32:
2a:b5:e5:f7:fc:f4:77:b2:22:de:0b:5c:85:f2:96:
d4:b7:a6:3f:36:e0:70:51:ef:16:6c:7e:d2:0f:5b:
c8:3b:38:36:60:34:f8:d7:ab:7e:6f:03:c2:04:89:
4f:4a:88:91:b2:55:0b:c4:d9:e6:53:f1:14:4b:ac:
e8:af:1a:ef:c8:64:9f:f5:e0:c1:14:d4:36:d3:06:
50:ff:a6:b5:ff:64:13:8a:f6:27:c5:c0:fe:3f:3a:
48:df:97:bb:e0:70:4e:43:23:95:be:cc:e3:d4:f4:
74:f5:c1:8a:17:9a:88:81:bc:b5:ab:64:c6:6b:92:
4c:f3:3f:bf:6f:dc:ea:dd:4c:87:28:7a:e7:52:12:
ed:a0:ab:09:5f:23:22:d5:62:97:11:85:bc:91:d7:
d9:7f:cb:81:32:d4:3a:88:54:35:3a:c1:70:93:54:
cc:dd:5c:fe:36:bc:1a:27:33:67:4b:c6:22:73:6e:
3b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:8F:9B:32:53:C8:66:0F:4D:36:7D:E1:43:26:E7:52:3B:74:FC:9A
X509v3 Authority Key Identifier:
keyid:F9:AA:8A:3E:A9:91:33:33:93:F3:EF:2A:18:22:45:11:23:D3:EE:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-aqKPqmRMzOT8-8qGCJFESPT7sc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d1e324-54f3-4df8-8ec6-038d53c23c39/1/Do-bMlPIZg9NNn3hQybnUjt0_Jo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d1e324-54f3-4df8-8ec6-038d53c23c39/1/1-aqKPqmRMzOT8-8qGCJFESPT7sc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.235.64.0/20
Signature Algorithm: sha256WithRSAEncryption
08:c1:c9:e1:db:73:b1:dc:6a:7f:56:33:da:4e:0f:8b:19:cb:
f2:00:4e:23:d1:b9:c0:6a:c3:af:7e:18:eb:02:1a:54:f3:85:
cc:db:02:e7:21:e9:89:8a:a8:ff:73:90:15:cf:ca:d5:d1:80:
37:ff:b6:ac:c6:56:92:ff:41:e6:6f:ed:c8:8e:ec:0d:6d:1d:
c0:6a:6d:69:0c:94:32:b0:a1:bb:e6:9c:d3:91:c9:88:38:e8:
41:b1:eb:06:5f:0f:9b:a3:68:cb:d5:1c:ff:23:7f:dd:ba:68:
32:09:d7:3d:5e:4c:97:4c:f9:b0:1d:44:2a:7f:42:45:2c:a4:
00:45:14:eb:aa:9c:25:8f:af:2d:fd:c3:a7:73:da:a5:f3:78:
97:f1:89:c3:d6:47:a2:d3:2b:e6:0f:e3:79:33:02:f3:f2:5e:
54:49:72:39:3b:5f:ff:19:7a:67:05:94:7a:60:f8:e9:22:9d:
ac:eb:3c:09:71:11:f4:72:c8:17:8b:93:bf:ed:83:80:c7:4a:
5d:77:37:ce:2f:72:3d:7c:ae:3c:8c:8c:c2:5b:35:2d:e1:d4:
19:96:db:03:b8:94:74:fd:35:39:57:74:21:14:97:dc:3b:c4:
a9:b3:a1:47:74:31:b2:83:9c:d5:bc:ed:23:54:6a:3d:4e:65:
82:58:88:56
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZWOWFrk4SUjiIEoJ/o/4v25MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5YWE4YTNlYTk5MTMzMzM5M2YzZWYyYTE4MjI0NTExMjNk
M2VlYzcwHhcNMjUwMzEzMDcxMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZThmOWIzMjUzYzg2NjBmNGQzNjdkZTE0MzI2ZTc1MjNiNzRmYzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3J/3/PS7YcYwEYYgLziEJCeFG5Yc
N1aDYgmj0HTryl3t93r1ZI0ECQE9pxwBGIDC/iJrOm4RAMN7+w2yq0xubybKWDPe
//BU3zIqteX3/PR3siLeC1yF8pbUt6Y/NuBwUe8WbH7SD1vIOzg2YDT416t+bwPC
BIlPSoiRslULxNnmU/EUS6zorxrvyGSf9eDBFNQ20wZQ/6a1/2QTivYnxcD+PzpI
35e74HBOQyOVvszj1PR09cGKF5qIgby1q2TGa5JM8z+/b9zq3UyHKHrnUhLtoKsJ
XyMi1WKXEYW8kdfZf8uBMtQ6iFQ1OsFwk1TM3Vz+NrwaJzNnS8Yic247KwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFA6PmzJTyGYPTTZ94UMm51I7dPyaMB8GA1UdIwQY
MBaAFPmqij6pkTMzk/PvKhgiRREj0+7HMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1hcUtQcW1STXpPVDgtOHFHQ0pGRVNQVDdzYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2QvZDFlMzI0LTU0ZjMtNGRmOC04ZWM2
LTAzOGQ1M2MyM2MzOS8xL0RvLWJNbFBJWmc5Tk5uM2hReWJuVWp0MF9Kby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2QvZDFlMzI0LTU0ZjMtNGRmOC04ZWM2LTAzOGQ1M2MyM2Mz
OS8xLzEtYXFLUHFtUk16T1Q4LThxR0NKRkVTUFQ3c2MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBARN60Aw
DQYJKoZIhvcNAQELBQADggEBAAjByeHbc7Hcan9WM9pOD4sZy/IATiPRucBqw69+
GOsCGlTzhczbAuch6YmKqP9zkBXPytXRgDf/tqzGVpL/QeZv7ciO7A1tHcBqbWkM
lDKwobvmnNORyYg46EGx6wZfD5ujaMvVHP8jf926aDIJ1z1eTJdM+bAdRCp/QkUs
pABFFOuqnCWPry39w6dz2qXzeJfxicPWR6LTK+YP43kzAvPyXlRJcjk7X/8ZemcF
lHpg+OkinazrPAlxEfRyyBeLk7/tg4DHSl13N84vcj18rjyMjMJbNS3h1BmW2wO4
lHT9NTlXdCEUl9w7xKmzoUd0MbKDnNW87SNUaj1OZYJYiFY=
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:03:32 2025 by rpki-client