Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/ioolkq2ys4TmnyeG_CSA2QxvuO0.roa
File: ioolkq2ys4TmnyeG_CSA2QxvuO0.roa (raw, json)
Hash identifier: s2ZFbFLPCSF+YwHvIev88iGXnKidn+UXLcY3Rwv5te4=
Subject key identifier: 8A:8A:25:92:AD:B2:B3:84:E6:9F:27:86:FC:24:80:D9:0C:6F:B8:ED
Certificate issuer: /CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Certificate serial: 018CC6B83C118559260FA02DEB1CF9ECB9DA
Authority key identifier: AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/ioolkq2ys4TmnyeG_CSA2QxvuO0.roa
Signing time: Mon 01 Jan 2024 20:30:11 +0000
ROA not before: Mon 01 Jan 2024 20:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 77.73.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Apr 2024 04:50:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:3c:11:85:59:26:0f:a0:2d:eb:1c:f9:ec:b9:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Validity
Not Before: Jan 1 20:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a8a2592adb2b384e69f2786fc2480d90c6fb8ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:55:12:4e:5f:c5:0b:11:05:8e:50:ba:1b:f9:
09:a4:4c:5c:2e:99:ba:58:3f:06:13:9b:95:fa:0f:
bb:a4:88:6c:cc:48:90:a6:f7:99:1c:a4:9a:1f:f4:
d0:b9:e3:3c:eb:ab:9e:9e:f9:ec:47:32:9d:57:1a:
cc:9b:f5:bc:f1:7b:1a:ea:33:80:16:30:94:e4:8d:
0c:09:ac:7e:9a:b2:03:a5:a5:33:94:53:c0:89:7e:
23:e2:70:b5:60:3a:7c:f5:a3:1a:f0:e4:d8:07:b7:
98:0d:25:6e:7a:b6:63:9d:85:d2:8a:84:8e:58:39:
3a:09:3e:f6:11:8b:c2:bd:d1:4c:ac:ba:78:72:da:
cd:3a:f4:01:7b:a4:7b:e5:82:0b:72:0e:d2:40:ab:
15:41:43:75:cf:1b:66:bd:52:5d:3e:11:80:97:93:
a9:10:00:5b:36:50:73:39:50:a2:3a:e2:87:c3:3b:
76:ff:8a:f0:07:ed:9d:92:02:e7:3b:cc:3f:ce:af:
ef:76:7d:a9:e4:84:b7:af:c5:d8:99:f2:35:0d:c9:
ea:d8:2d:00:cf:24:42:bb:df:60:0e:1c:37:e0:45:
a7:c8:cb:96:04:2e:4a:3d:e9:39:94:98:4c:9b:ab:
1c:c3:cd:1a:48:a9:a9:c1:df:e6:d8:4d:6f:75:e2:
73:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:8A:25:92:AD:B2:B3:84:E6:9F:27:86:FC:24:80:D9:0C:6F:B8:ED
X509v3 Authority Key Identifier:
keyid:AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/ioolkq2ys4TmnyeG_CSA2QxvuO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.132.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:f7:68:74:3e:75:4b:2b:3b:68:94:17:ce:0e:80:a3:a9:d4:
c5:98:ea:bb:18:76:e3:33:e4:3b:ee:26:76:43:96:25:23:a3:
7b:ad:e9:ac:77:bd:54:4d:7f:cb:ee:1d:0e:06:dd:97:d6:2b:
fd:91:59:f2:e9:b7:34:55:c9:b4:80:cb:37:2e:34:1a:b6:6a:
75:19:47:ad:1a:b7:c1:00:88:c4:92:b4:f3:5e:83:c3:32:6f:
91:af:cd:34:00:23:1d:ce:57:2d:52:d8:c1:3a:ee:39:9b:91:
d0:43:c8:39:1c:c4:92:35:5d:d7:94:e0:24:9e:8e:71:37:2c:
28:81:9b:d2:77:1b:0b:7d:57:ec:79:67:88:e8:1f:be:f7:fd:
91:78:37:fb:10:ec:01:fa:9d:fc:3e:b1:f7:cb:c0:cf:e9:91:
ad:a4:90:8f:c4:86:b6:2e:25:16:62:18:ef:5d:83:7f:11:b5:
a3:ea:c0:9e:35:08:e1:5c:c0:75:d6:04:40:3f:df:a9:23:78:
0d:99:e7:f9:c2:76:4c:da:f2:da:c8:9a:20:11:77:87:44:2d:
96:19:02:41:14:70:c3:75:e2:1c:7e:5c:29:a3:51:9b:71:34:
30:9f:19:49:2f:9d:ee:fd:3c:54:5a:bf:06:d6:84:29:d9:84:
81:f6:26:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuDwRhVkmD6At6xz57LnaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZmExM2YxYWUwNTM5MTYyODBlYzY4ZWUxYjA5NzZmOWVi
ZDNlYTgwHhcNMjQwMTAxMjAzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YThhMjU5MmFkYjJiMzg0ZTY5ZjI3ODZmYzI0ODBkOTBjNmZiOGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFUSTl/FCxEFjlC6G/kJpExcLpm6
WD8GE5uV+g+7pIhszEiQpveZHKSaH/TQueM866uenvnsRzKdVxrMm/W88Xsa6jOA
FjCU5I0MCax+mrIDpaUzlFPAiX4j4nC1YDp89aMa8OTYB7eYDSVuerZjnYXSioSO
WDk6CT72EYvCvdFMrLp4ctrNOvQBe6R75YILcg7SQKsVQUN1zxtmvVJdPhGAl5Op
EABbNlBzOVCiOuKHwzt2/4rwB+2dkgLnO8w/zq/vdn2p5IS3r8XYmfI1Dcnq2C0A
zyRCu99gDhw34EWnyMuWBC5KPek5lJhMm6scw80aSKmpwd/m2E1vdeJz9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIqKJZKtsrOE5p8nhvwkgNkMb7jtMB8GA1UdIwQY
MBaAFK/6E/GuBTkWKA7GjuGwl2+evT6oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAt
NDc4YzJjOGNiMmEwLzEvaW9vbGtxMnlzNFRtbnllR19DU0EyUXh2dU8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAtNDc4YzJjOGNiMmEw
LzEvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUmEMA0G
CSqGSIb3DQEBCwUAA4IBAQDD92h0PnVLKztolBfODoCjqdTFmOq7GHbjM+Q77iZ2
Q5YlI6N7remsd71UTX/L7h0OBt2X1iv9kVny6bc0Vcm0gMs3LjQatmp1GUetGrfB
AIjEkrTzXoPDMm+Rr800ACMdzlctUtjBOu45m5HQQ8g5HMSSNV3XlOAkno5xNywo
gZvSdxsLfVfseWeI6B++9/2ReDf7EOwB+p38PrH3y8DP6ZGtpJCPxIa2LiUWYhjv
XYN/EbWj6sCeNQjhXMB11gRAP9+pI3gNmef5wnZM2vLayJogEXeHRC2WGQJBFHDD
deIcflwpo1GbcTQwnxlJL53u/TxUWr8G1oQp2YSB9iap
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:36:51 2025 by rpki-client