Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bbHMqyj8POEdscT3uDWPFAe94e0.roa
File: bbHMqyj8POEdscT3uDWPFAe94e0.roa (raw, json)
Hash identifier: JRqOPLzpiKbvDmXPXjeVBpp73RjIU2bWx6PaxqOS1L0=
Subject key identifier: 6D:B1:CC:AB:28:FC:3C:E1:1D:B1:C4:F7:B8:35:8F:14:07:BD:E1:ED
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01939B423F5BFF6A2FF4392D2FE6051969EA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bbHMqyj8POEdscT3uDWPFAe94e0.roa
Signing time: Fri 06 Dec 2024 09:17:10 +0000
ROA not before: Fri 06 Dec 2024 09:17:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215567
IP address blocks: 77.93.133.0/24 maxlen: 24
77.93.140.0/24 maxlen: 24
77.93.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9b:42:3f:5b:ff:6a:2f:f4:39:2d:2f:e6:05:19:69:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 6 09:17:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6db1ccab28fc3ce11db1c4f7b8358f1407bde1ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8d:2b:65:9f:a4:ff:41:db:b6:32:0a:44:d2:
7b:1d:9e:74:8e:92:6a:e6:58:5f:9d:d6:16:e4:71:
cf:20:77:7d:6d:dc:ef:9f:02:45:51:eb:cb:74:4f:
44:76:af:07:46:75:87:3b:28:c3:de:2a:5d:12:ff:
af:6e:c6:5d:dd:69:9a:17:fa:74:b6:4b:0e:32:a6:
58:2b:9c:d0:ee:f9:38:5d:34:aa:34:82:6e:30:ff:
5d:03:59:45:99:61:f1:cc:53:89:9f:29:05:92:5d:
1c:c3:bf:90:a8:73:75:45:f5:94:d4:f8:90:83:26:
90:1c:96:1e:8d:61:26:22:38:e6:fb:f0:00:c2:27:
99:b8:82:ff:c9:8f:77:e5:56:e5:71:7b:8d:c4:d9:
58:e5:42:b1:aa:88:8f:cd:4f:a1:c6:fd:b2:54:28:
08:92:43:61:57:86:50:8f:ef:ba:eb:21:c6:2b:d3:
8d:d6:ec:b9:4f:b1:1b:d3:2a:be:f4:9d:f5:b5:ac:
30:98:3f:c1:31:3a:ee:5d:00:49:2a:73:0e:d6:c6:
35:f3:87:e4:8f:19:9d:86:b1:69:8f:bb:68:5c:9e:
bb:89:6f:5c:6c:67:cf:cc:e9:f8:22:5b:7b:33:ab:
4e:f3:ad:df:b2:b9:61:38:91:3a:9c:21:d2:96:44:
98:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:B1:CC:AB:28:FC:3C:E1:1D:B1:C4:F7:B8:35:8F:14:07:BD:E1:ED
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bbHMqyj8POEdscT3uDWPFAe94e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.133.0/24
77.93.140.0/24
77.93.142.0/24
Signature Algorithm: sha256WithRSAEncryption
15:51:b0:1f:6e:e9:f3:75:20:02:9e:ae:99:66:f5:2a:a6:02:
fb:dd:c6:51:db:c8:b1:fb:9b:2a:97:17:b5:45:9e:04:b9:82:
28:a6:74:f5:0f:5b:e3:4c:46:29:a8:5e:ba:3c:06:7a:78:c3:
cb:12:67:02:64:7c:56:98:e8:e1:f2:59:26:bf:4b:46:a1:70:
ed:9b:e8:bd:8b:7e:28:aa:26:ee:df:14:9a:05:be:f3:29:c5:
b8:b7:31:3b:24:ed:71:29:e4:e7:9e:a7:33:0f:54:5e:96:c3:
1e:1d:e4:b6:71:db:5a:b2:bb:75:6b:57:68:58:59:31:ed:84:
8f:c9:9d:ed:1c:33:f1:96:18:ab:dc:10:e6:0e:cd:79:7c:5b:
60:b6:15:d8:df:bf:4e:bd:a4:c9:89:c5:b1:95:f9:3f:2d:16:
1a:64:9c:5f:ba:cb:27:b9:ad:7b:aa:0d:36:68:2d:99:e5:07:
1b:a9:5c:78:b0:1a:2f:76:08:09:ce:63:5d:86:59:89:73:ad:
62:9d:48:f5:7d:94:12:bf:41:81:1f:15:70:e6:a7:57:7d:93:
9f:41:2e:f0:ab:06:32:5e:bf:60:0e:64:3d:12:ee:81:16:d8:
c1:cc:83:aa:85:94:87:77:91:18:2b:01:40:4b:f3:84:da:da:
98:86:b8:7e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZObQj9b/2ov9DktL+YFGWnqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjA2MDkxNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGIxY2NhYjI4ZmMzY2UxMWRiMWM0ZjdiODM1OGYxNDA3YmRlMWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxI0rZZ+k/0HbtjIKRNJ7HZ50jpJq
5lhfndYW5HHPIHd9bdzvnwJFUevLdE9Edq8HRnWHOyjD3ipdEv+vbsZd3WmaF/p0
tksOMqZYK5zQ7vk4XTSqNIJuMP9dA1lFmWHxzFOJnykFkl0cw7+QqHN1RfWU1PiQ
gyaQHJYejWEmIjjm+/AAwieZuIL/yY935VblcXuNxNlY5UKxqoiPzU+hxv2yVCgI
kkNhV4ZQj++66yHGK9ON1uy5T7Eb0yq+9J31tawwmD/BMTruXQBJKnMO1sY184fk
jxmdhrFpj7toXJ67iW9cbGfPzOn4Ilt7M6tO863fsrlhOJE6nCHSlkSYDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG2xzKso/DzhHbHE97g1jxQHveHtMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYmJITXF5ajhQT0Vkc2NUM3VEV1BGQWU5NGUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATV2FAwQA
TV2MAwQATV2OMA0GCSqGSIb3DQEBCwUAA4IBAQAVUbAfbunzdSACnq6ZZvUqpgL7
3cZR28ix+5sqlxe1RZ4EuYIopnT1D1vjTEYpqF66PAZ6eMPLEmcCZHxWmOjh8lkm
v0tGoXDtm+i9i34oqibu3xSaBb7zKcW4tzE7JO1xKeTnnqczD1RelsMeHeS2cdta
srt1a1doWFkx7YSPyZ3tHDPxlhir3BDmDs15fFtgthXY379OvaTJicWxlfk/LRYa
ZJxfussnua17qg02aC2Z5QcbqVx4sBovdggJzmNdhlmJc61inUj1fZQSv0GBHxVw
5qdXfZOfQS7wqwYyXr9gDmQ9Eu6BFtjBzIOqhZSHd5EYKwFAS/OE2tqYhrh+
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:12:58 2025 by rpki-client