Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/b28a1d-f471-4eb7-a8de-c0c74809439e/1/nYwlrqlbspthNM7GaJ7lkBnaPKY.roa
File: nYwlrqlbspthNM7GaJ7lkBnaPKY.roa (raw, json)
Hash identifier: Fs3nadYaU4nEmMsUogATA4MSBCFT8Dpu5z9qC9s0ip0=
Subject key identifier: 9D:8C:25:AE:A9:5B:B2:9B:61:34:CE:C6:68:9E:E5:90:19:DA:3C:A6
Certificate issuer: /CN=66af1c224db29a5104a61aac32f60956025fad43
Certificate serial: 01945FE7744C95C27E44FF10737518C09567
Authority key identifier: 66:AF:1C:22:4D:B2:9A:51:04:A6:1A:AC:32:F6:09:56:02:5F:AD:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zq8cIk2ymlEEphqsMvYJVgJfrUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/b28a1d-f471-4eb7-a8de-c0c74809439e/1/nYwlrqlbspthNM7GaJ7lkBnaPKY.roa
Signing time: Mon 13 Jan 2025 13:43:11 +0000
ROA not before: Mon 13 Jan 2025 13:43:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215037
IP address blocks: 81.177.208.0/22 maxlen: 24
81.177.208.0/24 maxlen: 24
81.177.209.0/24 maxlen: 24
81.177.210.0/24 maxlen: 24
81.177.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 12:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5f:e7:74:4c:95:c2:7e:44:ff:10:73:75:18:c0:95:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66af1c224db29a5104a61aac32f60956025fad43
Validity
Not Before: Jan 13 13:43:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d8c25aea95bb29b6134cec6689ee59019da3ca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:36:a2:93:e9:af:73:b2:bb:82:5f:64:f2:98:
94:06:f7:30:43:94:59:d6:fa:74:f6:45:34:30:e8:
01:cf:18:9e:76:e5:34:7b:2d:ca:f2:a1:6d:e6:59:
46:bb:10:35:65:5a:0c:5d:2b:85:8b:30:88:62:de:
49:74:e3:8c:23:96:bd:37:b2:ba:aa:09:27:15:56:
60:31:86:89:c8:c0:e3:00:13:8e:62:a9:e6:51:c7:
d1:98:13:84:50:71:60:9e:72:8b:21:89:4c:fb:ca:
dd:66:ae:cc:c6:b7:00:83:36:bf:42:e7:35:22:6d:
91:07:ac:44:aa:9d:e6:bd:61:dd:fd:c8:c4:b5:b2:
83:97:98:d4:6d:93:27:3e:1a:13:6e:e4:2d:56:d6:
7b:fc:3a:31:fb:c7:fa:53:7e:09:77:fc:f5:5d:83:
c5:69:f3:60:83:b1:49:df:ea:3c:cc:ba:cd:16:0d:
c2:06:cb:89:1e:26:e2:87:69:e8:ed:69:03:af:7a:
87:04:b5:d7:db:e8:15:7e:4f:24:da:26:65:b6:e1:
76:e5:51:e0:d4:4e:f2:fc:ac:49:76:93:0b:57:f4:
e9:17:7d:9e:a6:7c:84:e3:6e:5f:e6:06:9c:40:ac:
3b:83:12:5e:e6:6f:53:81:bd:84:e9:9d:dc:f3:f7:
d4:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:8C:25:AE:A9:5B:B2:9B:61:34:CE:C6:68:9E:E5:90:19:DA:3C:A6
X509v3 Authority Key Identifier:
keyid:66:AF:1C:22:4D:B2:9A:51:04:A6:1A:AC:32:F6:09:56:02:5F:AD:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zq8cIk2ymlEEphqsMvYJVgJfrUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b28a1d-f471-4eb7-a8de-c0c74809439e/1/nYwlrqlbspthNM7GaJ7lkBnaPKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b28a1d-f471-4eb7-a8de-c0c74809439e/1/Zq8cIk2ymlEEphqsMvYJVgJfrUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.177.208.0/22
Signature Algorithm: sha256WithRSAEncryption
90:5a:9b:68:40:18:39:89:b5:0c:a1:e5:22:ce:d4:88:b0:3c:
4b:18:fe:ee:6f:60:1d:82:7f:54:d1:85:6c:6f:39:f5:0f:b8:
6a:6a:05:32:5c:d3:ec:80:0a:e3:2e:ad:91:c7:d0:4f:a9:76:
2e:d1:37:9b:f1:37:66:d4:09:88:4a:04:c7:ae:c2:79:62:fc:
9b:6d:84:8d:3e:6c:46:81:32:21:c0:52:c9:6e:f7:a6:19:4f:
1e:3d:55:33:55:39:6f:64:d0:18:fa:94:9e:24:0f:99:f6:f1:
c5:30:5e:5c:ff:a6:e9:5c:45:b6:42:e7:ef:6c:1c:21:55:f3:
f7:27:47:62:c9:f2:12:8e:c1:94:2c:48:4c:33:19:ae:2c:13:
a5:11:60:61:dc:2c:94:16:c7:2e:c7:e3:cd:97:f5:e1:c0:15:
a8:fb:24:b2:df:c5:68:b3:32:a1:88:16:06:6f:22:87:56:7e:
d3:40:a7:c1:22:93:b6:9d:54:5c:7c:fa:b2:bd:72:f2:c2:19:
3b:ad:95:51:0c:ee:1c:c2:de:7a:9a:51:60:af:d0:b0:0c:73:
f6:68:ee:d3:24:fb:4e:2f:fc:7f:d2:86:fd:1a:e1:1f:e0:5b:
13:2d:4c:cc:f6:8c:af:1f:c0:84:1f:1a:ce:de:b0:95:2b:d4:
6b:9c:1b:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRf53RMlcJ+RP8Qc3UYwJVnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2YWYxYzIyNGRiMjlhNTEwNGE2MWFhYzMyZjYwOTU2MDI1
ZmFkNDMwHhcNMjUwMTEzMTM0MzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDhjMjVhZWE5NWJiMjliNjEzNGNlYzY2ODllZTU5MDE5ZGEzY2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Taik+mvc7K7gl9k8piUBvcwQ5RZ
1vp09kU0MOgBzxieduU0ey3K8qFt5llGuxA1ZVoMXSuFizCIYt5JdOOMI5a9N7K6
qgknFVZgMYaJyMDjABOOYqnmUcfRmBOEUHFgnnKLIYlM+8rdZq7MxrcAgza/Quc1
Im2RB6xEqp3mvWHd/cjEtbKDl5jUbZMnPhoTbuQtVtZ7/Dox+8f6U34Jd/z1XYPF
afNgg7FJ3+o8zLrNFg3CBsuJHibih2no7WkDr3qHBLXX2+gVfk8k2iZltuF25VHg
1E7y/KxJdpMLV/TpF32epnyE425f5gacQKw7gxJe5m9Tgb2E6Z3c8/fUCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ2MJa6pW7KbYTTOxmie5ZAZ2jymMB8GA1UdIwQY
MBaAFGavHCJNsppRBKYarDL2CVYCX61DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnE4Y0lrMnltbEVFcGhxc012WUpWZ0pmclVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9iMjhhMWQtZjQ3MS00ZWI3LWE4ZGUt
YzBjNzQ4MDk0MzllLzEvbll3bHJxbGJzcHRoTk03R2FKN2xrQm5hUEtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9iMjhhMWQtZjQ3MS00ZWI3LWE4ZGUtYzBjNzQ4MDk0Mzll
LzEvWnE4Y0lrMnltbEVFcGhxc012WUpWZ0pmclVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUbHQMA0G
CSqGSIb3DQEBCwUAA4IBAQCQWptoQBg5ibUMoeUiztSIsDxLGP7ub2Adgn9U0YVs
bzn1D7hqagUyXNPsgArjLq2Rx9BPqXYu0Teb8Tdm1AmISgTHrsJ5YvybbYSNPmxG
gTIhwFLJbvemGU8ePVUzVTlvZNAY+pSeJA+Z9vHFMF5c/6bpXEW2QufvbBwhVfP3
J0diyfISjsGULEhMMxmuLBOlEWBh3CyUFscux+PNl/XhwBWo+ySy38VoszKhiBYG
byKHVn7TQKfBIpO2nVRcfPqyvXLywhk7rZVRDO4cwt56mlFgr9CwDHP2aO7TJPtO
L/x/0ob9GuEf4FsTLUzM9oyvH8CEHxrO3rCVK9RrnBsv
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:02:23 2025 by rpki-client