Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/15641a-6614-45e4-a2a9-9b9cd89659e0/1/vHc3Y36sa-MDDBCBnNFiQCpChO4.roa
File: vHc3Y36sa-MDDBCBnNFiQCpChO4.roa (raw, json)
Hash identifier: s7NERvn3SN67IkbsbH9FzorwxJj08vzk/JZfBV4jjH0=
Subject key identifier: BC:77:37:63:7E:AC:6B:E3:03:0C:10:81:9C:D1:62:40:2A:42:84:EE
Certificate issuer: /CN=1c97b4823d3c9e121ec649821e00f0a79aeb9b8d
Certificate serial: 018CC8715AFFF2AEF5A4E52F2B4C050ABBDC
Authority key identifier: 1C:97:B4:82:3D:3C:9E:12:1E:C6:49:82:1E:00:F0:A7:9A:EB:9B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJe0gj08nhIexkmCHgDwp5rrm40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/15641a-6614-45e4-a2a9-9b9cd89659e0/1/vHc3Y36sa-MDDBCBnNFiQCpChO4.roa
Signing time: Tue 02 Jan 2024 04:32:01 +0000
ROA not before: Tue 02 Jan 2024 04:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43608
IP address blocks: 78.24.104.0/21 maxlen: 21
78.24.108.0/24 maxlen: 24
62.77.132.0/22 maxlen: 24
185.61.57.0/24 maxlen: 24
185.61.56.0/22 maxlen: 24
2a00:9500::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 20 Nov 2024 15:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:5a:ff:f2:ae:f5:a4:e5:2f:2b:4c:05:0a:bb:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c97b4823d3c9e121ec649821e00f0a79aeb9b8d
Validity
Not Before: Jan 2 04:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc7737637eac6be3030c10819cd162402a4284ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:33:58:11:63:fc:ff:4c:c8:ce:68:f0:4a:12:
f0:ef:9e:a6:52:c0:ca:61:02:32:a7:31:a6:ea:ba:
f6:ca:d4:3b:d6:c7:5f:e4:97:e8:e6:12:d9:71:64:
d1:e0:91:eb:e7:59:a1:89:cb:4c:bc:dd:dc:19:01:
be:de:52:19:d5:1d:06:6f:9b:b4:aa:35:94:88:fc:
47:db:09:4a:dd:ab:6e:45:55:4d:73:2c:6b:0e:68:
a1:09:d4:86:54:a6:8d:fb:eb:fb:4e:b5:56:2a:c2:
69:c5:88:7e:04:b3:26:75:9e:f9:b8:64:68:33:25:
a7:c2:fa:22:32:d8:fe:76:17:ca:62:9f:84:3c:42:
bc:4b:9b:50:8d:65:d6:9b:66:4e:42:fa:c3:b8:12:
bc:a1:f0:57:cc:61:80:7b:99:0a:01:f3:80:73:cd:
fb:01:87:a3:fd:2d:09:b9:c5:01:93:a0:66:d8:ca:
44:a8:ca:0e:e1:08:eb:70:5d:20:5f:6b:e7:06:cd:
8c:97:7d:e7:1b:7c:d5:8b:bb:42:a3:f6:da:73:b4:
31:df:06:f4:f3:87:ad:b5:22:cf:34:de:f1:79:87:
f4:b5:ff:21:da:e8:ab:0f:6a:1f:51:de:47:f7:68:
d5:87:7d:0c:d5:07:71:86:b0:bc:db:5f:69:37:6a:
0e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:77:37:63:7E:AC:6B:E3:03:0C:10:81:9C:D1:62:40:2A:42:84:EE
X509v3 Authority Key Identifier:
keyid:1C:97:B4:82:3D:3C:9E:12:1E:C6:49:82:1E:00:F0:A7:9A:EB:9B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJe0gj08nhIexkmCHgDwp5rrm40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/15641a-6614-45e4-a2a9-9b9cd89659e0/1/vHc3Y36sa-MDDBCBnNFiQCpChO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/15641a-6614-45e4-a2a9-9b9cd89659e0/1/HJe0gj08nhIexkmCHgDwp5rrm40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.77.132.0/22
78.24.104.0/21
185.61.56.0/22
IPv6:
2a00:9500::/32
Signature Algorithm: sha256WithRSAEncryption
88:83:09:de:41:bf:6d:27:f3:95:06:c4:df:1e:69:f3:55:02:
28:70:76:85:74:3b:d6:83:69:23:28:3c:9d:b0:11:06:43:82:
5f:98:b0:d9:b0:31:0f:68:46:4c:d1:36:a7:fe:7a:7d:80:51:
2c:60:ea:9f:16:10:21:2a:41:37:cb:c6:32:d2:b2:c7:1f:23:
4d:c7:59:e0:9d:f2:1e:bf:a9:e7:d1:ad:ec:4f:b3:5e:9f:aa:
10:4e:bb:53:a8:c3:31:56:23:35:c1:bf:f4:92:5c:5d:58:42:
1f:3f:74:ee:f7:f9:fe:73:1d:07:fb:9d:a1:70:2e:7f:05:8d:
ef:75:dc:2d:d7:7a:e4:a1:d5:d3:fe:8c:09:63:93:0b:81:f1:
d8:6a:67:31:5e:53:98:91:ac:36:41:e1:33:43:4e:63:b7:e1:
60:4e:da:21:6c:f1:5d:64:b7:c5:e2:f7:c8:20:d1:09:37:14:
a1:e9:f9:d6:ef:b0:60:09:82:a5:55:f8:40:72:b0:1f:52:fa:
0b:46:98:c6:b5:be:f7:d1:32:bd:26:06:57:65:6f:bf:f5:4d:
0b:37:b1:6f:5c:0e:07:19:ea:81:39:e3:ec:85:7b:97:fb:4c:
5e:19:04:84:3e:6a:f7:50:ad:bc:f6:01:d4:a3:03:b3:ea:7a:
41:7b:73:84
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzIcVr/8q71pOUvK0wFCrvcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTdiNDgyM2QzYzllMTIxZWM2NDk4MjFlMDBmMGE3OWFl
YjliOGQwHhcNMjQwMTAyMDQzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzc3Mzc2MzdlYWM2YmUzMDMwYzEwODE5Y2QxNjI0MDJhNDI4NGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjNYEWP8/0zIzmjwShLw756mUsDK
YQIypzGm6rr2ytQ71sdf5Jfo5hLZcWTR4JHr51mhictMvN3cGQG+3lIZ1R0Gb5u0
qjWUiPxH2wlK3atuRVVNcyxrDmihCdSGVKaN++v7TrVWKsJpxYh+BLMmdZ75uGRo
MyWnwvoiMtj+dhfKYp+EPEK8S5tQjWXWm2ZOQvrDuBK8ofBXzGGAe5kKAfOAc837
AYej/S0JucUBk6Bm2MpEqMoO4QjrcF0gX2vnBs2Ml33nG3zVi7tCo/bac7Qx3wb0
84ettSLPNN7xeYf0tf8h2uirD2ofUd5H92jVh30M1QdxhrC8219pN2oOFwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLx3N2N+rGvjAwwQgZzRYkAqQoTuMB8GA1UdIwQY
MBaAFByXtII9PJ4SHsZJgh4A8Kea65uNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEplMGdqMDhuaElleGttQ0hnRHdwNXJybTQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8xNTY0MWEtNjYxNC00NWU0LWEyYTkt
OWI5Y2Q4OTY1OWUwLzEvdkhjM1kzNnNhLU1EREJDQm5ORmlRQ3BDaE80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8xNTY0MWEtNjYxNC00NWU0LWEyYTktOWI5Y2Q4OTY1OWUw
LzEvSEplMGdqMDhuaElleGttQ0hnRHdwNXJybTQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCPk2EAwQD
ThhoAwQCuT04MA0EAgACMAcDBQAqAJUAMA0GCSqGSIb3DQEBCwUAA4IBAQCIgwne
Qb9tJ/OVBsTfHmnzVQIocHaFdDvWg2kjKDydsBEGQ4JfmLDZsDEPaEZM0Tan/np9
gFEsYOqfFhAhKkE3y8Yy0rLHHyNNx1ngnfIev6nn0a3sT7Nen6oQTrtTqMMxViM1
wb/0klxdWEIfP3Tu9/n+cx0H+52hcC5/BY3vddwt13rkodXT/owJY5MLgfHYamcx
XlOYkaw2QeEzQ05jt+FgTtohbPFdZLfF4vfIINEJNxSh6fnW77BgCYKlVfhAcrAf
UvoLRpjGtb730TK9JgZXZW+/9U0LN7FvXA4HGeqBOePshXuX+0xeGQSEPmr3UK28
9gHUowOz6npBe3OE
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:15:01 2025 by rpki-client