Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/c52293-0678-4b42-8ae0-4891653eeb67/1/y-JN5yrxdSL2NPfASPBg38Xqp0Y.roa
File: y-JN5yrxdSL2NPfASPBg38Xqp0Y.roa (raw, json)
Hash identifier: NKNVbXPGT4OMzdCprZk8cDeF37Oap/9EZELbi8DB24Q=
Subject key identifier: CB:E2:4D:E7:2A:F1:75:22:F6:34:F7:C0:48:F0:60:DF:C5:EA:A7:46
Certificate issuer: /CN=e78ba5d98d48cebd5ad04c08bf09082b12a7e3ab
Certificate serial: 018CC3B731CBAB1BD381826E0F0D6DDD52FC
Authority key identifier: E7:8B:A5:D9:8D:48:CE:BD:5A:D0:4C:08:BF:09:08:2B:12:A7:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/54ul2Y1Izr1a0EwIvwkIKxKn46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/c52293-0678-4b42-8ae0-4891653eeb67/1/y-JN5yrxdSL2NPfASPBg38Xqp0Y.roa
Signing time: Mon 01 Jan 2024 06:30:12 +0000
ROA not before: Mon 01 Jan 2024 06:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 77.81.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:31:cb:ab:1b:d3:81:82:6e:0f:0d:6d:dd:52:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e78ba5d98d48cebd5ad04c08bf09082b12a7e3ab
Validity
Not Before: Jan 1 06:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbe24de72af17522f634f7c048f060dfc5eaa746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:48:34:3e:d4:f6:d6:45:62:70:8a:1d:ae:1a:
79:7f:12:8b:f5:07:36:3d:3e:89:da:29:16:7b:29:
6e:e0:f1:ab:0d:bc:ab:2a:62:bb:e4:4f:37:33:3c:
a4:5a:aa:e9:fb:47:df:74:b6:ea:5e:b5:af:d0:5d:
38:2f:ff:5f:58:e1:df:2d:ef:8e:78:23:c5:ba:25:
ee:7f:7d:5e:7d:19:2e:07:2c:f3:8f:c5:6a:67:00:
12:08:27:69:3f:e0:c4:68:e4:14:39:95:39:9b:93:
46:63:d9:d1:45:96:d9:a7:8d:6d:6e:96:e4:c8:6e:
ab:46:3e:bc:6a:f4:1d:84:ff:d6:3e:dc:6a:76:07:
5d:2a:b2:09:60:1f:94:8e:cb:04:2b:b2:4f:7a:f9:
fe:3c:77:1f:67:da:45:48:ce:bc:e1:17:86:c7:46:
58:30:24:dc:81:1f:b9:82:49:fb:1f:17:19:88:27:
cb:4f:16:49:cf:bd:66:00:20:43:dc:ad:13:4a:57:
42:f9:d0:14:c0:ce:58:bb:66:ee:2d:50:0a:16:0e:
be:28:2b:4b:2a:d4:c9:e0:3e:ee:3f:1c:b8:e2:c2:
cb:15:78:70:59:e4:f5:08:d2:76:78:05:86:34:4b:
21:7a:c8:35:36:75:fa:19:80:ad:2f:8f:20:ae:5d:
1e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:E2:4D:E7:2A:F1:75:22:F6:34:F7:C0:48:F0:60:DF:C5:EA:A7:46
X509v3 Authority Key Identifier:
keyid:E7:8B:A5:D9:8D:48:CE:BD:5A:D0:4C:08:BF:09:08:2B:12:A7:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/54ul2Y1Izr1a0EwIvwkIKxKn46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c52293-0678-4b42-8ae0-4891653eeb67/1/y-JN5yrxdSL2NPfASPBg38Xqp0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c52293-0678-4b42-8ae0-4891653eeb67/1/54ul2Y1Izr1a0EwIvwkIKxKn46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.0.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:3d:37:e2:32:5b:c1:10:b9:fd:b5:2a:3a:bc:32:b4:d3:18:
28:9d:27:91:fd:7a:d5:b2:33:a8:e0:c1:a2:7e:aa:8b:8b:a5:
1a:30:be:67:47:91:05:96:b4:e7:5d:78:62:7b:ce:0d:b8:25:
db:25:bd:38:c8:f6:4b:3c:b3:a8:32:48:b8:7a:f0:39:d4:a7:
81:2c:30:0e:9b:77:49:6e:8a:78:54:28:12:d4:b5:3d:31:af:
c3:b6:76:41:1e:04:be:75:15:86:7f:42:ca:3d:dd:c6:83:27:
05:54:f7:81:19:90:82:10:a0:ca:8a:38:96:95:5d:66:2d:5d:
40:83:8a:27:46:eb:a3:05:cd:65:06:7b:02:3c:ad:69:93:81:
f3:99:94:83:38:8c:56:ab:66:32:e2:97:9d:07:72:1c:5e:5b:
e0:0f:fd:fd:31:e8:df:ee:a3:75:a8:06:23:94:eb:52:82:8d:
cd:69:29:40:92:0c:ea:25:66:eb:ec:9a:55:91:e0:6b:db:ce:
c0:7f:58:51:91:d7:58:6a:ba:d5:58:ec:c2:23:6e:6e:4f:8f:
ad:3e:1a:d3:40:e0:c0:e4:66:72:d7:b9:ea:82:11:b9:87:e5:
7e:cb:f8:2c:ab:44:40:97:44:10:4c:72:44:30:0a:75:3a:bc:
6d:ed:76:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtzHLqxvTgYJuDw1t3VL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3OGJhNWQ5OGQ0OGNlYmQ1YWQwNGMwOGJmMDkwODJiMTJh
N2UzYWIwHhcNMjQwMTAxMDYzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmUyNGRlNzJhZjE3NTIyZjYzNGY3YzA0OGYwNjBkZmM1ZWFhNzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUg0PtT21kVicIodrhp5fxKL9Qc2
PT6J2ikWeylu4PGrDbyrKmK75E83MzykWqrp+0ffdLbqXrWv0F04L/9fWOHfLe+O
eCPFuiXuf31efRkuByzzj8VqZwASCCdpP+DEaOQUOZU5m5NGY9nRRZbZp41tbpbk
yG6rRj68avQdhP/WPtxqdgddKrIJYB+UjssEK7JPevn+PHcfZ9pFSM684ReGx0ZY
MCTcgR+5gkn7HxcZiCfLTxZJz71mACBD3K0TSldC+dAUwM5Yu2buLVAKFg6+KCtL
KtTJ4D7uPxy44sLLFXhwWeT1CNJ2eAWGNEshesg1NnX6GYCtL48grl0eDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMviTecq8XUi9jT3wEjwYN/F6qdGMB8GA1UdIwQY
MBaAFOeLpdmNSM69WtBMCL8JCCsSp+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTR1bDJZMUl6cjFhMEV3SXZ3a0lLeEtuNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9jNTIyOTMtMDY3OC00YjQyLThhZTAt
NDg5MTY1M2VlYjY3LzEveS1KTjV5cnhkU0wyTlBmQVNQQmczOFhxcDBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9jNTIyOTMtMDY3OC00YjQyLThhZTAtNDg5MTY1M2VlYjY3
LzEvNTR1bDJZMUl6cjFhMEV3SXZ3a0lLeEtuNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVEAMA0G
CSqGSIb3DQEBCwUAA4IBAQAPPTfiMlvBELn9tSo6vDK00xgonSeR/XrVsjOo4MGi
fqqLi6UaML5nR5EFlrTnXXhie84NuCXbJb04yPZLPLOoMki4evA51KeBLDAOm3dJ
bop4VCgS1LU9Ma/DtnZBHgS+dRWGf0LKPd3GgycFVPeBGZCCEKDKijiWlV1mLV1A
g4onRuujBc1lBnsCPK1pk4HzmZSDOIxWq2Yy4pedB3IcXlvgD/39Mejf7qN1qAYj
lOtSgo3NaSlAkgzqJWbr7JpVkeBr287Af1hRkddYarrVWOzCI25uT4+tPhrTQODA
5GZy17nqghG5h+V+y/gsq0RAl0QQTHJEMAp1Orxt7XbD
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:26:11 2025 by rpki-client