Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/VnUCLOk43hyNzCSF7hsRXgxGJl0.roa
File: VnUCLOk43hyNzCSF7hsRXgxGJl0.roa (raw, json)
Hash identifier: ccd3ocgNQxALPht/wppekhUkjG1RoZqQ19sXODzwQkQ=
Subject key identifier: 56:75:02:2C:E9:38:DE:1C:8D:CC:24:85:EE:1B:11:5E:0C:46:26:5D
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 01944CF7DA4E242E549B7986DD56614BD038
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/VnUCLOk43hyNzCSF7hsRXgxGJl0.roa
Signing time: Thu 09 Jan 2025 21:28:18 +0000
ROA not before: Thu 09 Jan 2025 21:28:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62005
IP address blocks: 77.246.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 09 Feb 2025 08:46:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4c:f7:da:4e:24:2e:54:9b:79:86:dd:56:61:4b:d0:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Jan 9 21:28:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5675022ce938de1c8dcc2485ee1b115e0c46265d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:32:d7:c8:62:8d:55:21:4e:8f:5f:82:f7:77:
b2:cc:39:21:b3:3a:29:e0:1f:c9:7f:89:ba:08:d3:
10:66:df:bb:1e:db:dd:e1:62:24:e8:23:0d:44:6f:
6a:21:d2:50:4b:3e:17:96:c1:f4:b8:66:04:c1:56:
af:23:89:c9:51:e1:85:14:fe:00:25:2a:32:10:82:
c8:5d:c7:8e:c6:ec:be:69:19:4e:7b:32:99:48:34:
7c:cc:24:9a:95:8c:41:25:2e:d4:ae:95:66:55:98:
16:d4:fd:ba:8a:20:34:f5:90:28:a3:b3:b2:50:2e:
99:f5:27:3f:61:dd:92:e8:f9:33:e1:3a:65:35:91:
41:eb:3e:cd:da:07:3a:d4:46:11:a9:4c:d9:1d:c4:
ba:a1:bd:e1:2b:06:d0:86:24:c3:2b:74:ce:6e:f7:
02:4f:1c:c3:1f:87:bf:fa:fa:c1:20:5f:5c:ff:52:
4e:10:c9:9d:8e:64:52:de:28:88:2e:a9:e0:11:76:
9b:a3:84:f6:f6:91:a5:59:f2:ec:97:70:b5:1c:88:
c7:27:f5:78:7a:84:dd:e7:cf:b3:26:5d:33:81:bf:
88:0c:9d:aa:76:b1:ef:6d:e5:86:27:3a:ca:75:0e:
18:59:6f:90:52:ce:24:b6:62:9c:d8:2f:46:bc:ce:
88:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:75:02:2C:E9:38:DE:1C:8D:CC:24:85:EE:1B:11:5E:0C:46:26:5D
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/VnUCLOk43hyNzCSF7hsRXgxGJl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.220.0/24
Signature Algorithm: sha256WithRSAEncryption
65:8d:48:5f:34:32:6a:5e:ac:ee:c3:43:94:52:0a:16:76:df:
6c:49:2f:65:aa:fc:09:a2:a5:48:09:d8:20:ba:82:ad:4f:87:
37:cc:02:c0:a1:bc:5f:24:0a:14:b4:02:49:8b:83:e2:5f:2c:
a5:6c:57:4b:98:3d:5b:52:2c:80:40:5e:ce:0d:0d:af:2c:cb:
48:ae:44:5a:c5:70:50:4c:05:35:14:72:29:c5:f3:5e:bd:30:
12:07:a4:37:0a:6e:27:9f:35:0b:03:a2:f2:0f:93:09:71:32:
cd:59:6a:27:e7:ed:0c:d4:f0:12:1d:bc:00:01:4f:04:5a:94:
ac:51:be:6b:a6:45:31:b5:e0:28:d9:83:95:d9:1b:5b:b1:f8:
b9:af:0e:f2:85:ff:25:0b:00:03:77:77:3f:bf:29:3c:3d:55:
fd:eb:bd:e7:bb:81:d0:13:74:b8:0f:bb:a1:35:15:ae:8f:4d:
41:e8:f3:3e:5b:be:e8:b1:4b:f6:0b:84:67:c9:85:82:f6:07:
75:d3:04:e1:fa:b5:f7:37:2e:1f:e1:72:62:0f:4e:c0:9b:7a:
61:e2:d6:47:4e:b9:cc:7d:71:0f:77:bb:20:f8:d1:f1:56:d8:
26:90:4d:fa:c2:c4:0c:73:b5:64:25:d1:d2:2b:2b:4d:a1:11:
f3:97:05:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRM99pOJC5Um3mG3VZhS9A4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjUwMTA5MjEyODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Njc1MDIyY2U5MzhkZTFjOGRjYzI0ODVlZTFiMTE1ZTBjNDYyNjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTLXyGKNVSFOj1+C93eyzDkhszop
4B/Jf4m6CNMQZt+7Htvd4WIk6CMNRG9qIdJQSz4XlsH0uGYEwVavI4nJUeGFFP4A
JSoyEILIXceOxuy+aRlOezKZSDR8zCSalYxBJS7UrpVmVZgW1P26iiA09ZAoo7Oy
UC6Z9Sc/Yd2S6Pkz4TplNZFB6z7N2gc61EYRqUzZHcS6ob3hKwbQhiTDK3TObvcC
TxzDH4e/+vrBIF9c/1JOEMmdjmRS3iiILqngEXabo4T29pGlWfLsl3C1HIjHJ/V4
eoTd58+zJl0zgb+IDJ2qdrHvbeWGJzrKdQ4YWW+QUs4ktmKc2C9GvM6I6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFZ1AizpON4cjcwkhe4bEV4MRiZdMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvVm5VQ0xPazQzaHlOekNTRjdoc1JYZ3hHSmwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATfbcMA0G
CSqGSIb3DQEBCwUAA4IBAQBljUhfNDJqXqzuw0OUUgoWdt9sSS9lqvwJoqVICdgg
uoKtT4c3zALAobxfJAoUtAJJi4PiXyylbFdLmD1bUiyAQF7ODQ2vLMtIrkRaxXBQ
TAU1FHIpxfNevTASB6Q3Cm4nnzULA6LyD5MJcTLNWWon5+0M1PASHbwAAU8EWpSs
Ub5rpkUxteAo2YOV2Rtbsfi5rw7yhf8lCwADd3c/vyk8PVX9673nu4HQE3S4D7uh
NRWuj01B6PM+W77osUv2C4RnyYWC9gd10wTh+rX3Ny4f4XJiD07Am3ph4tZHTrnM
fXEPd7sg+NHxVtgmkE36wsQMc7VkJdHSKytNoRHzlwVS
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:35:09 2025 by rpki-client