Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/r3pX17TBcvXfGicgsxS8P5HiXDo.roa
File: r3pX17TBcvXfGicgsxS8P5HiXDo.roa (raw, json)
Hash identifier: mYsVjG4SgfK1NrjsOM9+AzVMh4qYsO99IFx0jAKAub0=
Subject key identifier: AF:7A:57:D7:B4:C1:72:F5:DF:1A:27:20:B3:14:BC:3F:91:E2:5C:3A
Certificate issuer: /CN=7302cdc29fdca09e9a0f3f7d2113da85a7e1d654
Certificate serial: 01956B16A1F583B03C7113FB80EC9E998AB3
Authority key identifier: 73:02:CD:C2:9F:DC:A0:9E:9A:0F:3F:7D:21:13:DA:85:A7:E1:D6:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cwLNwp_coJ6aDz99IRPahafh1lQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/r3pX17TBcvXfGicgsxS8P5HiXDo.roa
Signing time: Thu 06 Mar 2025 10:53:20 +0000
ROA not before: Thu 06 Mar 2025 10:53:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43391
IP address blocks: 77.223.128.0/20 maxlen: 20
77.223.128.0/24 maxlen: 24
77.223.129.0/24 maxlen: 24
77.223.130.0/24 maxlen: 24
77.223.131.0/24 maxlen: 24
77.223.132.0/24 maxlen: 24
77.223.133.0/24 maxlen: 24
77.223.134.0/24 maxlen: 24
77.223.135.0/24 maxlen: 24
77.223.136.0/24 maxlen: 24
77.223.137.0/24 maxlen: 24
77.223.138.0/24 maxlen: 24
77.223.139.0/24 maxlen: 24
77.223.140.0/24 maxlen: 24
77.223.141.0/24 maxlen: 24
77.223.142.0/24 maxlen: 24
77.223.143.0/24 maxlen: 24
77.223.146.0/24 maxlen: 24
77.223.147.0/24 maxlen: 24
77.223.148.0/24 maxlen: 24
77.223.149.0/24 maxlen: 24
77.223.150.0/24 maxlen: 24
77.223.151.0/24 maxlen: 24
77.223.152.0/24 maxlen: 24
77.223.153.0/24 maxlen: 24
77.223.154.0/24 maxlen: 24
77.223.155.0/24 maxlen: 24
77.223.156.0/24 maxlen: 24
77.223.157.0/24 maxlen: 24
77.223.158.0/24 maxlen: 24
77.223.159.0/24 maxlen: 24
78.40.224.0/21 maxlen: 21
78.40.224.0/24 maxlen: 24
78.40.225.0/24 maxlen: 24
78.40.226.0/24 maxlen: 24
78.40.227.0/24 maxlen: 24
78.40.228.0/24 maxlen: 24
78.40.229.0/24 maxlen: 24
78.40.230.0/24 maxlen: 24
78.40.231.0/24 maxlen: 24
91.191.160.0/21 maxlen: 21
91.191.160.0/24 maxlen: 24
91.191.161.0/24 maxlen: 24
91.191.162.0/24 maxlen: 24
91.191.163.0/24 maxlen: 24
91.191.164.0/24 maxlen: 24
91.191.165.0/24 maxlen: 24
91.191.166.0/24 maxlen: 24
91.191.167.0/24 maxlen: 24
91.191.168.0/21 maxlen: 21
91.191.168.0/24 maxlen: 24
91.191.169.0/24 maxlen: 24
91.191.170.0/24 maxlen: 24
91.191.171.0/24 maxlen: 24
91.191.172.0/24 maxlen: 24
91.191.173.0/24 maxlen: 24
91.191.174.0/24 maxlen: 24
91.191.175.0/24 maxlen: 24
93.187.200.0/21 maxlen: 21
93.187.200.0/24 maxlen: 24
93.187.201.0/24 maxlen: 24
93.187.202.0/24 maxlen: 24
93.187.203.0/24 maxlen: 24
93.187.204.0/24 maxlen: 24
93.187.205.0/24 maxlen: 24
93.187.206.0/24 maxlen: 24
93.187.207.0/24 maxlen: 24
185.80.72.0/24 maxlen: 24
195.244.32.0/19 maxlen: 19
195.244.32.0/24 maxlen: 24
195.244.33.0/24 maxlen: 24
195.244.34.0/24 maxlen: 24
195.244.35.0/24 maxlen: 24
195.244.36.0/24 maxlen: 24
195.244.37.0/24 maxlen: 24
195.244.38.0/24 maxlen: 24
195.244.39.0/24 maxlen: 24
195.244.40.0/24 maxlen: 24
195.244.41.0/24 maxlen: 24
195.244.42.0/24 maxlen: 24
195.244.43.0/24 maxlen: 24
195.244.44.0/24 maxlen: 24
195.244.46.0/24 maxlen: 24
195.244.47.0/24 maxlen: 24
195.244.48.0/24 maxlen: 24
195.244.49.0/24 maxlen: 24
195.244.50.0/24 maxlen: 24
195.244.51.0/24 maxlen: 24
195.244.52.0/24 maxlen: 24
195.244.53.0/24 maxlen: 24
195.244.54.0/24 maxlen: 24
195.244.55.0/24 maxlen: 24
195.244.56.0/24 maxlen: 24
195.244.57.0/24 maxlen: 24
195.244.58.0/24 maxlen: 24
195.244.59.0/24 maxlen: 24
195.244.60.0/24 maxlen: 24
195.244.61.0/24 maxlen: 24
195.244.62.0/24 maxlen: 24
195.244.63.0/24 maxlen: 24
2a01:aac0::/32 maxlen: 32
2a0a:be80::/29 maxlen: 29
2a0a:be80::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 12 Mar 2025 06:55:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6b:16:a1:f5:83:b0:3c:71:13:fb:80:ec:9e:99:8a:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7302cdc29fdca09e9a0f3f7d2113da85a7e1d654
Validity
Not Before: Mar 6 10:53:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af7a57d7b4c172f5df1a2720b314bc3f91e25c3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:1f:8d:f9:84:12:00:e8:ad:ed:69:a2:85:bb:
31:0b:17:18:cc:6d:9c:31:49:6c:ca:4a:79:0c:94:
62:d1:a2:50:fa:ae:2f:ff:a6:19:3e:26:d1:8e:e6:
3e:38:d9:08:ef:b7:e6:72:f0:a8:fd:05:88:56:ad:
77:f5:0a:3a:9d:0f:f6:48:a9:ea:56:b3:c9:15:4e:
8a:96:0c:b9:56:fe:64:96:98:50:9c:69:38:bb:8e:
f9:d1:df:be:54:59:b8:40:17:80:b5:0d:b8:8f:98:
5a:b5:11:f5:d3:14:6e:49:a8:3d:b1:6f:95:1f:6a:
34:c2:01:b3:a4:d2:55:29:5f:b0:ec:76:6e:2c:c7:
cd:71:9b:0c:7f:69:94:65:53:94:aa:04:5f:25:c1:
fc:76:8f:df:64:3f:b3:33:e1:a9:ec:fc:3c:04:ce:
1a:b4:d6:d5:99:8e:1f:79:28:66:44:3f:4c:db:84:
18:2b:a4:7b:9c:e4:d2:48:60:aa:6d:25:43:67:14:
29:d1:41:c1:98:6e:0b:91:a1:7b:8c:5f:58:ec:63:
2f:cf:b5:66:82:49:23:9f:f3:b0:92:68:aa:ed:7f:
8e:ac:1a:51:2e:1d:32:df:bf:09:d8:08:ad:82:74:
54:a1:c7:10:f7:62:f4:11:33:8e:60:08:6a:03:69:
a6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:7A:57:D7:B4:C1:72:F5:DF:1A:27:20:B3:14:BC:3F:91:E2:5C:3A
X509v3 Authority Key Identifier:
keyid:73:02:CD:C2:9F:DC:A0:9E:9A:0F:3F:7D:21:13:DA:85:A7:E1:D6:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cwLNwp_coJ6aDz99IRPahafh1lQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/r3pX17TBcvXfGicgsxS8P5HiXDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/cwLNwp_coJ6aDz99IRPahafh1lQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.223.128.0/20
77.223.146.0-77.223.159.255
78.40.224.0/21
91.191.160.0/20
93.187.200.0/21
185.80.72.0/24
195.244.32.0/19
IPv6:
2a01:aac0::/32
2a0a:be80::/29
Signature Algorithm: sha256WithRSAEncryption
1f:f2:e0:60:0f:ce:c9:7c:52:e3:81:aa:be:d4:e3:e2:31:3b:
16:9c:48:e8:1a:e4:41:58:57:cc:a8:6b:98:7e:02:e9:20:d8:
aa:dc:92:6b:b3:e2:30:9a:64:24:4a:e1:f2:59:93:7d:ec:25:
3d:f3:95:8d:a0:30:55:97:02:b4:19:11:1a:8c:3f:2d:d3:06:
54:76:48:0e:f1:84:23:dc:5f:63:ef:65:d9:ba:d9:ba:23:60:
8b:3d:31:f0:c2:83:ad:8f:ed:1a:85:c2:8d:fa:d5:78:58:ef:
f6:96:a0:be:81:d0:ab:02:29:a0:f3:34:c9:f4:85:df:b7:0b:
36:d0:24:ef:27:6f:b8:a3:2a:28:45:2d:fa:80:0b:63:6e:1d:
5c:dc:b6:72:b4:32:20:ee:6a:9c:16:c7:a8:f8:f7:c9:ce:5d:
eb:a0:2b:97:db:06:01:11:13:87:c3:5d:ee:a8:1e:17:a1:57:
c2:3d:f6:09:fb:24:28:92:b1:f3:fc:7d:b3:3b:8a:b2:45:c0:
e8:21:90:55:e0:a4:26:fb:3d:67:2b:7e:f5:81:ae:ce:1f:79:
c5:43:df:ef:a8:6b:d3:b9:87:cf:56:d0:bd:e2:a6:79:58:5f:
5e:d9:54:a9:e4:b8:3e:0c:5b:44:4f:38:43:8f:a7:ae:e4:ef:
f7:1c:27:4a
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZVrFqH1g7A8cRP7gOyemYqzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMDJjZGMyOWZkY2EwOWU5YTBmM2Y3ZDIxMTNkYTg1YTdl
MWQ2NTQwHhcNMjUwMzA2MTA1MzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjdhNTdkN2I0YzE3MmY1ZGYxYTI3MjBiMzE0YmMzZjkxZTI1YzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8B+N+YQSAOit7WmihbsxCxcYzG2c
MUlsykp5DJRi0aJQ+q4v/6YZPibRjuY+ONkI77fmcvCo/QWIVq139Qo6nQ/2SKnq
VrPJFU6Klgy5Vv5klphQnGk4u4750d++VFm4QBeAtQ24j5hatRH10xRuSag9sW+V
H2o0wgGzpNJVKV+w7HZuLMfNcZsMf2mUZVOUqgRfJcH8do/fZD+zM+Gp7Pw8BM4a
tNbVmY4feShmRD9M24QYK6R7nOTSSGCqbSVDZxQp0UHBmG4LkaF7jF9Y7GMvz7Vm
gkkjn/Owkmiq7X+OrBpRLh0y378J2AitgnRUoccQ92L0ETOOYAhqA2mmDwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFK96V9e0wXL13xonILMUvD+R4lw6MB8GA1UdIwQY
MBaAFHMCzcKf3KCemg8/fSET2oWn4dZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3dMTndwX2NvSjZhRHo5OUlSUGFoYWZoMWxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC83NzIxN2QtODE0Yi00ODZhLThlZjIt
ZmUwMzMzZWQwMDVmLzEvcjNwWDE3VEJjdlhmR2ljZ3N4UzhQNUhpWERvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC83NzIxN2QtODE0Yi00ODZhLThlZjItZmUwMzMzZWQwMDVm
LzEvY3dMTndwX2NvSjZhRHo5OUlSUGFoYWZoMWxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDA4BAIAATAyAwQETd+AMAwD
BAFN35IDBAVN34ADBANOKOADBARbv6ADBANdu8gDBAC5UEgDBAXD9CAwFAQCAAIw
DgMFACoBqsADBQMqCr6AMA0GCSqGSIb3DQEBCwUAA4IBAQAf8uBgD87JfFLjgaq+
1OPiMTsWnEjoGuRBWFfMqGuYfgLpINiq3JJrs+IwmmQkSuHyWZN97CU985WNoDBV
lwK0GREajD8t0wZUdkgO8YQj3F9j72XZutm6I2CLPTHwwoOtj+0ahcKN+tV4WO/2
lqC+gdCrAimg8zTJ9IXftws20CTvJ2+4oyooRS36gAtjbh1c3LZytDIg7mqcFseo
+PfJzl3roCuX2wYBEROHw13uqB4XoVfCPfYJ+yQokrHz/H2zO4qyRcDoIZBV4KQm
+z1nK371ga7OH3nFQ9/vqGvTuYfPVtC94qZ5WF9e2VSp5Lg+DFtETzhDj6eu5O/3
HCdK
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:04:24 2025 by rpki-client