Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/2e8537-36be-498f-8155-cc03bd315ff9/1/xrqgGIOB2rEEuas6HrJNKLaYKIg.roa
File: xrqgGIOB2rEEuas6HrJNKLaYKIg.roa (raw, json)
Hash identifier: llJ35Zth3QjsvQiNoImJoNLeR9TKrAPK49jGZseu/+w=
Subject key identifier: C6:BA:A0:18:83:81:DA:B1:04:B9:AB:3A:1E:B2:4D:28:B6:98:28:88
Certificate issuer: /CN=1690970ddbb7619cc82186ddb536eb4e8985d2de
Certificate serial: 019423694E317A8403B8BA782C1C86843A7D
Authority key identifier: 16:90:97:0D:DB:B7:61:9C:C8:21:86:DD:B5:36:EB:4E:89:85:D2:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FpCXDdu3YZzIIYbdtTbrTomF0t4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/2e8537-36be-498f-8155-cc03bd315ff9/1/xrqgGIOB2rEEuas6HrJNKLaYKIg.roa
Signing time: Wed 01 Jan 2025 19:48:11 +0000
ROA not before: Wed 01 Jan 2025 19:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42697
IP address blocks: 77.243.48.0/20 maxlen: 20
109.200.64.0/20 maxlen: 20
185.29.77.0/24 maxlen: 24
185.29.78.0/23 maxlen: 23
2a03:dc80::/29 maxlen: 32
2a03:dc82::/32 maxlen: 32
2a03:dc84::/32 maxlen: 32
2a03:dc86::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 22 Jan 2025 07:53:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:4e:31:7a:84:03:b8:ba:78:2c:1c:86:84:3a:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1690970ddbb7619cc82186ddb536eb4e8985d2de
Validity
Not Before: Jan 1 19:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6baa0188381dab104b9ab3a1eb24d28b6982888
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:77:64:fb:fa:65:4e:fb:db:28:a7:57:61:e6:
ed:e6:cf:c3:a8:ea:36:d5:81:3d:18:8e:67:42:78:
32:ae:82:f0:34:a0:3e:7c:8b:0c:68:ab:d0:ff:8c:
8c:0f:cd:4f:df:45:96:5d:53:5c:2b:08:a8:91:bc:
b9:40:a6:ce:6f:5c:8f:47:35:85:f2:fa:37:d4:9b:
ed:f9:47:39:e9:72:a3:8e:8f:36:ad:ae:27:9c:f2:
94:fe:25:20:98:8c:d3:e2:07:07:de:fb:0e:ad:2f:
61:f6:83:b7:55:be:d6:b7:91:19:77:0f:56:61:91:
1e:ba:a8:07:41:75:ab:83:da:38:14:5f:70:56:e2:
33:5a:d3:b1:61:4c:f0:99:95:05:c0:8a:7d:be:d6:
23:24:19:e8:38:49:09:58:cb:4a:dc:b4:fe:a7:b1:
f8:76:cc:63:b2:30:e4:76:57:44:ef:cb:01:5e:21:
03:14:76:a8:22:cf:20:ee:b8:72:d6:3e:5d:8e:6a:
42:60:dd:6f:14:be:ec:dd:58:6a:3b:9a:6b:36:5f:
66:f8:fb:cc:79:30:c0:d8:30:6c:82:9c:02:ff:c4:
80:d7:20:29:0d:ca:83:bc:35:63:4a:05:25:91:86:
7b:e5:a1:d0:1e:92:a8:9b:b4:ca:3a:68:29:09:ea:
30:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:BA:A0:18:83:81:DA:B1:04:B9:AB:3A:1E:B2:4D:28:B6:98:28:88
X509v3 Authority Key Identifier:
keyid:16:90:97:0D:DB:B7:61:9C:C8:21:86:DD:B5:36:EB:4E:89:85:D2:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FpCXDdu3YZzIIYbdtTbrTomF0t4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2e8537-36be-498f-8155-cc03bd315ff9/1/xrqgGIOB2rEEuas6HrJNKLaYKIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2e8537-36be-498f-8155-cc03bd315ff9/1/FpCXDdu3YZzIIYbdtTbrTomF0t4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.243.48.0/20
109.200.64.0/20
185.29.77.0-185.29.79.255
IPv6:
2a03:dc80::/29
Signature Algorithm: sha256WithRSAEncryption
9f:23:0c:f3:88:1d:b7:d1:31:f9:c9:b3:64:e5:16:2d:78:2c:
8f:e6:e9:e1:55:e3:7d:52:d9:bb:c1:13:a4:4f:26:cc:ec:ed:
4a:9c:10:ee:6b:51:a5:d4:d4:be:ce:de:70:d6:d6:9f:a3:57:
f0:b3:07:d2:b5:c4:2a:bd:97:22:ce:d1:2f:ed:f1:07:0d:c1:
bb:e4:1c:14:01:d1:45:b4:7a:c6:d8:d2:d8:3e:e8:5f:5d:31:
92:7a:d4:e8:6e:9a:09:76:bf:f7:4b:fa:9b:1a:d9:1a:37:fc:
62:5d:74:75:36:db:d7:9d:d2:d5:c7:d6:92:80:18:f3:94:d1:
3b:7e:75:d5:c5:e1:58:1e:98:7d:01:be:a7:d5:19:cd:03:f3:
34:1d:4d:76:b7:e4:78:da:e5:a0:e3:89:ee:94:af:f8:d9:8a:
61:57:d2:92:34:31:c2:0a:4d:6c:bd:f3:08:ae:47:d5:df:0f:
8b:fd:7c:71:00:88:c7:22:82:fb:ee:e3:84:19:fe:47:1b:bb:
9a:9e:3c:af:09:cd:6e:a5:4b:e3:4a:47:fe:9e:79:89:fd:59:
03:92:76:8d:d3:5e:e0:e6:ce:24:52:3e:10:0f:a9:da:3d:b0:
8f:86:9b:0f:1c:ee:2f:b3:9b:12:a4:8e:e2:de:6e:dd:44:25:
36:d7:db:e8
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQjaU4xeoQDuLp4LByGhDp9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OTA5NzBkZGJiNzYxOWNjODIxODZkZGI1MzZlYjRlODk4
NWQyZGUwHhcNMjUwMTAxMTk0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmJhYTAxODgzODFkYWIxMDRiOWFiM2ExZWIyNGQyOGI2OTgyODg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAondk+/plTvvbKKdXYebt5s/DqOo2
1YE9GI5nQngyroLwNKA+fIsMaKvQ/4yMD81P30WWXVNcKwiokby5QKbOb1yPRzWF
8vo31Jvt+Uc56XKjjo82ra4nnPKU/iUgmIzT4gcH3vsOrS9h9oO3Vb7Wt5EZdw9W
YZEeuqgHQXWrg9o4FF9wVuIzWtOxYUzwmZUFwIp9vtYjJBnoOEkJWMtK3LT+p7H4
dsxjsjDkdldE78sBXiEDFHaoIs8g7rhy1j5djmpCYN1vFL7s3VhqO5prNl9m+PvM
eTDA2DBsgpwC/8SA1yApDcqDvDVjSgUlkYZ75aHQHpKom7TKOmgpCeowFwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFMa6oBiDgdqxBLmrOh6yTSi2mCiIMB8GA1UdIwQY
MBaAFBaQlw3bt2GcyCGG3bU2606JhdLeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnBDWERkdTNZWnpJSVliZHRUYnJUb21GMHQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8yZTg1MzctMzZiZS00OThmLTgxNTUt
Y2MwM2JkMzE1ZmY5LzEveHJxZ0dJT0IyckVFdWFzNkhySk5LTGFZS0lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8yZTg1MzctMzZiZS00OThmLTgxNTUtY2MwM2JkMzE1ZmY5
LzEvRnBDWERkdTNZWnpJSVliZHRUYnJUb21GMHQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQETfMwAwQE
bchAMAwDBAC5HU0DBAS5HUAwDQQCAAIwBwMFAyoD3IAwDQYJKoZIhvcNAQELBQAD
ggEBAJ8jDPOIHbfRMfnJs2TlFi14LI/m6eFV431S2bvBE6RPJszs7UqcEO5rUaXU
1L7O3nDW1p+jV/CzB9K1xCq9lyLO0S/t8QcNwbvkHBQB0UW0esbY0tg+6F9dMZJ6
1Ohumgl2v/dL+psa2Ro3/GJddHU229ed0tXH1pKAGPOU0Tt+ddXF4VgemH0BvqfV
Gc0D8zQdTXa35Hja5aDjie6Ur/jZimFX0pI0McIKTWy98wiuR9XfD4v9fHEAiMci
gvvu44QZ/kcbu5qePK8JzW6lS+NKR/6eeYn9WQOSdo3TXuDmziRSPhAPqdo9sI+G
mw8c7i+zmxKkjuLebt1EJTbX2+g=
-----END CERTIFICATE-----
Generated at Sat Apr 19 04:50:30 2025 by rpki-client