Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/joWJtHIn8Wr0sTk-CBHDuUkhCGc.roa
File: joWJtHIn8Wr0sTk-CBHDuUkhCGc.roa (raw, json)
Hash identifier: 8050TNSlJL5Zz6XTutMJmgyJ+ZgFZfH20eoLfVTY99Q=
Subject key identifier: 8E:85:89:B4:72:27:F1:6A:F4:B1:39:3E:08:11:C3:B9:49:21:08:67
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01939B43291ED4BB122AA28BFBD6FDD666F1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/joWJtHIn8Wr0sTk-CBHDuUkhCGc.roa
Signing time: Fri 06 Dec 2024 09:18:10 +0000
ROA not before: Fri 06 Dec 2024 09:18:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214140
IP address blocks: 77.93.133.0/24 maxlen: 24
77.93.140.0/24 maxlen: 24
77.93.142.0/24 maxlen: 24
217.144.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9b:43:29:1e:d4:bb:12:2a:a2:8b:fb:d6:fd:d6:66:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 6 09:18:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e8589b47227f16af4b1393e0811c3b949210867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8e:d3:4c:e1:d2:99:b9:af:7c:ab:ac:f5:31:
ed:a2:34:48:1f:df:bd:83:85:9a:16:bd:e7:2e:1b:
42:c4:bd:b0:b1:04:75:00:39:a4:ca:01:ef:2d:9a:
21:bc:69:6f:81:07:13:e1:37:3a:20:1a:ee:fa:07:
43:b5:c2:17:2a:6b:03:78:ab:39:5c:7e:e3:03:05:
af:a6:c6:c2:18:b4:39:26:71:da:fe:bd:92:80:60:
b6:1b:84:99:b0:2c:8a:6d:ee:1a:be:9b:e3:85:0e:
47:55:63:75:b6:31:28:c6:0d:81:18:8e:a1:eb:ef:
8b:4a:5d:38:e8:cf:94:11:ce:b0:fa:8d:05:5e:39:
b0:7e:c7:e6:f2:30:ab:81:ce:bb:5c:ea:21:54:57:
32:ef:e6:5d:fe:a8:ee:cd:ee:f8:02:34:81:8f:34:
56:11:f7:6e:f7:0d:a0:20:a2:1d:83:95:45:26:5a:
03:1f:f3:7d:b4:87:3c:80:38:8a:c4:a2:55:3f:c8:
8a:b3:c5:8d:6e:fb:da:a2:e9:20:0a:ca:d0:2c:e1:
8b:5c:f0:48:cb:8c:14:46:e2:82:ba:cd:04:ef:db:
ef:af:0d:54:82:d0:fe:0e:1c:98:63:41:0b:c3:4c:
01:1c:37:c6:7a:53:da:50:30:23:1a:03:86:59:6a:
6c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:85:89:B4:72:27:F1:6A:F4:B1:39:3E:08:11:C3:B9:49:21:08:67
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/joWJtHIn8Wr0sTk-CBHDuUkhCGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.133.0/24
77.93.140.0/24
77.93.142.0/24
217.144.158.0/24
Signature Algorithm: sha256WithRSAEncryption
20:81:25:5a:de:f6:2d:cf:97:91:4a:f2:32:8f:1d:af:59:2f:
2b:86:7d:db:83:5c:c1:94:0c:5e:1b:f9:8c:9d:88:83:7f:b2:
4d:86:42:8b:07:45:87:eb:d5:88:ba:89:08:8d:15:e6:ae:12:
d8:4f:38:c8:35:c4:08:a1:6a:4c:9f:d5:4f:96:af:88:2c:9a:
bb:fa:77:95:30:3a:43:fc:2f:6f:d6:66:6f:46:21:23:62:bf:
fc:6c:96:d0:92:1c:fe:1f:29:66:0d:f6:05:7e:57:06:63:79:
f9:a9:20:e1:86:65:27:2e:7d:be:04:21:45:60:85:39:f8:fd:
ca:80:74:79:51:9b:f4:ea:7e:00:68:28:fa:c2:77:0b:7e:ec:
5a:d4:95:8c:af:ab:ab:03:e9:86:1d:43:01:b9:4d:be:19:2b:
8b:33:0a:d2:55:16:74:54:32:e4:92:3a:3b:43:70:a9:81:cd:
65:78:3c:c1:fe:7c:a8:0b:a0:61:15:6c:d7:00:6f:5c:26:79:
a7:eb:46:2f:ac:b5:8e:dd:63:2c:76:d6:91:b0:41:c2:a1:b5:
a8:d4:a7:29:a8:f6:35:60:fc:19:47:63:58:86:86:6f:5d:64:
0c:d8:da:ed:e7:f1:24:81:0c:e3:01:e1:c6:ab:1a:1c:70:b9:
91:a0:d2:15
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZObQyke1LsSKqKL+9b91mbxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjA2MDkxODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTg1ODliNDcyMjdmMTZhZjRiMTM5M2UwODExYzNiOTQ5MjEwODY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy47TTOHSmbmvfKus9THtojRIH9+9
g4WaFr3nLhtCxL2wsQR1ADmkygHvLZohvGlvgQcT4Tc6IBru+gdDtcIXKmsDeKs5
XH7jAwWvpsbCGLQ5JnHa/r2SgGC2G4SZsCyKbe4avpvjhQ5HVWN1tjEoxg2BGI6h
6++LSl046M+UEc6w+o0FXjmwfsfm8jCrgc67XOohVFcy7+Zd/qjuze74AjSBjzRW
Efdu9w2gIKIdg5VFJloDH/N9tIc8gDiKxKJVP8iKs8WNbvvaoukgCsrQLOGLXPBI
y4wURuKCus0E79vvrw1UgtD+DhyYY0ELw0wBHDfGelPaUDAjGgOGWWpsNQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI6FibRyJ/Fq9LE5PggRw7lJIQhnMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvam9XSnRISW44V3Iwc1RrLUNCSER1VWtoQ0djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATV2FAwQA
TV2MAwQATV2OAwQA2ZCeMA0GCSqGSIb3DQEBCwUAA4IBAQAggSVa3vYtz5eRSvIy
jx2vWS8rhn3bg1zBlAxeG/mMnYiDf7JNhkKLB0WH69WIuokIjRXmrhLYTzjINcQI
oWpMn9VPlq+ILJq7+neVMDpD/C9v1mZvRiEjYr/8bJbQkhz+HylmDfYFflcGY3n5
qSDhhmUnLn2+BCFFYIU5+P3KgHR5UZv06n4AaCj6wncLfuxa1JWMr6urA+mGHUMB
uU2+GSuLMwrSVRZ0VDLkkjo7Q3Cpgc1leDzB/nyoC6BhFWzXAG9cJnmn60YvrLWO
3WMsdtaRsEHCobWo1KcpqPY1YPwZR2NYhoZvXWQM2Nrt5/EkgQzjAeHGqxoccLmR
oNIV
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:18:13 2025 by rpki-client