Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/b28a1d-f471-4eb7-a8de-c0c74809439e/1/1-6O_8At_baJT-4PGq_ukrtAzwrA.roa
File: 1-6O_8At_baJT-4PGq_ukrtAzwrA.roa (raw, json)
Hash identifier: R1kdOFgJ+wXtZA2Q2mENc+Ebi9/rpDDWTVW7n7VAnzM=
Subject key identifier: FB:A3:BF:F0:0B:7F:6D:A2:53:FB:83:C6:AB:FB:A4:AE:D0:33:C2:B0
Certificate issuer: /CN=66af1c224db29a5104a61aac32f60956025fad43
Certificate serial: 0193E3B6105DFA98D904FA32F58AC6211283
Authority key identifier: 66:AF:1C:22:4D:B2:9A:51:04:A6:1A:AC:32:F6:09:56:02:5F:AD:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zq8cIk2ymlEEphqsMvYJVgJfrUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/b28a1d-f471-4eb7-a8de-c0c74809439e/1/1-6O_8At_baJT-4PGq_ukrtAzwrA.roa
Signing time: Fri 20 Dec 2024 10:56:19 +0000
ROA not before: Fri 20 Dec 2024 10:56:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215037
IP address blocks: 81.177.208.0/22 maxlen: 22
81.177.208.0/24 maxlen: 24
81.177.209.0/24 maxlen: 24
81.177.210.0/24 maxlen: 24
81.177.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e3:b6:10:5d:fa:98:d9:04:fa:32:f5:8a:c6:21:12:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66af1c224db29a5104a61aac32f60956025fad43
Validity
Not Before: Dec 20 10:56:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fba3bff00b7f6da253fb83c6abfba4aed033c2b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2c:15:16:62:8c:8e:1a:96:bd:a0:b4:95:b3:
24:3a:5b:70:3a:af:8c:a2:fe:0e:e8:b5:ef:0b:af:
7d:3b:77:44:b3:f6:ae:5f:22:7b:34:07:7d:15:21:
39:d1:b0:03:26:41:6c:de:c4:f7:9a:56:23:82:16:
30:43:95:ed:f4:9f:51:8c:99:fc:54:cf:99:7e:5e:
ff:2c:3f:67:dd:46:1f:ac:5b:fd:6d:32:b8:a5:98:
52:28:13:25:25:f7:7b:72:ec:65:d1:ca:f5:b6:6c:
46:67:72:60:20:de:00:2e:5d:1d:71:60:98:11:8f:
22:c3:4b:a4:ac:40:f6:e6:0f:e2:dd:c0:96:b9:90:
63:96:de:25:37:f2:fd:f3:c1:89:e6:10:18:8f:c6:
97:68:94:81:83:44:a2:58:5f:ba:43:fe:29:6f:7d:
63:ac:83:57:c9:1e:33:7c:b8:bf:9f:58:d8:4a:38:
d2:7e:50:56:39:4f:4a:cd:54:19:ca:bb:12:93:24:
f0:06:02:d6:bc:36:2e:14:ad:99:bc:47:d7:e7:0e:
bf:b0:6f:48:f6:2a:24:b0:00:63:77:5c:90:62:9a:
15:3e:2a:0c:09:c3:46:4b:d7:12:c7:b8:11:e9:19:
bd:d7:dd:b5:92:62:a7:04:51:7b:4a:82:81:6c:ea:
e2:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:A3:BF:F0:0B:7F:6D:A2:53:FB:83:C6:AB:FB:A4:AE:D0:33:C2:B0
X509v3 Authority Key Identifier:
keyid:66:AF:1C:22:4D:B2:9A:51:04:A6:1A:AC:32:F6:09:56:02:5F:AD:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zq8cIk2ymlEEphqsMvYJVgJfrUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b28a1d-f471-4eb7-a8de-c0c74809439e/1/1-6O_8At_baJT-4PGq_ukrtAzwrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b28a1d-f471-4eb7-a8de-c0c74809439e/1/Zq8cIk2ymlEEphqsMvYJVgJfrUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.177.208.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:10:a4:0c:d3:ff:15:ed:ec:aa:e1:d7:19:f9:cd:53:d5:9b:
ff:d0:75:72:31:bb:36:f1:a6:65:9c:88:d8:20:99:68:21:e4:
93:96:c1:65:98:37:6b:f1:f4:2b:ec:9a:f3:78:6a:de:7c:be:
c8:33:00:9a:80:de:23:70:15:4c:85:f1:4e:ef:fa:b0:e0:a3:
d2:eb:74:57:aa:6e:a1:1e:10:98:4b:03:cd:30:be:33:fc:f9:
0c:47:b3:de:ed:25:82:e5:ff:b7:98:8a:55:2b:da:62:3e:56:
aa:9e:80:1b:bf:15:6d:bb:3e:74:ef:c8:bd:18:14:c9:3c:80:
2c:a9:5f:e7:c1:0f:40:93:df:bd:23:20:39:1e:77:19:d8:ab:
93:56:a5:ec:ba:0e:46:1f:58:b2:e0:cf:d3:39:52:5c:b0:84:
11:10:c2:7e:4a:69:66:9c:f1:7c:3b:3c:78:1a:06:1f:80:fb:
63:74:dc:c8:55:70:f9:d8:23:98:54:82:5e:d8:55:47:b5:df:
ff:9c:67:12:4f:86:84:d4:b2:e9:52:07:6e:87:d0:af:d0:65:
3c:96:16:a6:78:98:3a:b0:ca:4d:f7:6f:d5:48:46:38:6d:46:
60:ac:1e:18:af:50:7f:32:0c:57:d1:e5:6a:32:da:c0:ae:d5:
29:b8:23:46
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZPjthBd+pjZBPoy9YrGIRKDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2YWYxYzIyNGRiMjlhNTEwNGE2MWFhYzMyZjYwOTU2MDI1
ZmFkNDMwHhcNMjQxMjIwMTA1NjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmEzYmZmMDBiN2Y2ZGEyNTNmYjgzYzZhYmZiYTRhZWQwMzNjMmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSwVFmKMjhqWvaC0lbMkOltwOq+M
ov4O6LXvC699O3dEs/auXyJ7NAd9FSE50bADJkFs3sT3mlYjghYwQ5Xt9J9RjJn8
VM+Zfl7/LD9n3UYfrFv9bTK4pZhSKBMlJfd7cuxl0cr1tmxGZ3JgIN4ALl0dcWCY
EY8iw0ukrED25g/i3cCWuZBjlt4lN/L988GJ5hAYj8aXaJSBg0SiWF+6Q/4pb31j
rINXyR4zfLi/n1jYSjjSflBWOU9KzVQZyrsSkyTwBgLWvDYuFK2ZvEfX5w6/sG9I
9ioksABjd1yQYpoVPioMCcNGS9cSx7gR6Rm91921kmKnBFF7SoKBbOri+QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPujv/ALf22iU/uDxqv7pK7QM8KwMB8GA1UdIwQY
MBaAFGavHCJNsppRBKYarDL2CVYCX61DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnE4Y0lrMnltbEVFcGhxc012WUpWZ0pmclVNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9iMjhhMWQtZjQ3MS00ZWI3LWE4ZGUt
YzBjNzQ4MDk0MzllLzEvMS02T184QXRfYmFKVC00UEdxX3VrcnRBendyQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTUvYjI4YTFkLWY0NzEtNGViNy1hOGRlLWMwYzc0ODA5NDM5
ZS8xL1pxOGNJazJ5bWxFRXBocXNNdllKVmdKZnJVTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlGx0DAN
BgkqhkiG9w0BAQsFAAOCAQEAfRCkDNP/Fe3squHXGfnNU9Wb/9B1cjG7NvGmZZyI
2CCZaCHkk5bBZZg3a/H0K+ya83hq3ny+yDMAmoDeI3AVTIXxTu/6sOCj0ut0V6pu
oR4QmEsDzTC+M/z5DEez3u0lguX/t5iKVSvaYj5Wqp6AG78Vbbs+dO/IvRgUyTyA
LKlf58EPQJPfvSMgOR53Gdirk1al7LoORh9YsuDP0zlSXLCEERDCfkppZpzxfDs8
eBoGH4D7Y3TcyFVw+dgjmFSCXthVR7Xf/5xnEk+GhNSy6VIHbofQr9BlPJYWpniY
OrDKTfdv1UhGOG1GYKweGK9QfzIMV9HlajLawK7VKbgjRg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:14:55 2025 by rpki-client