Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/17914b-ca63-4980-8740-8d106483e36e/1/1-SxgM-XZml2g2QfUmkiz1GeqxlQ.roa
File: 1-SxgM-XZml2g2QfUmkiz1GeqxlQ.roa (raw, json)
Hash identifier: +UaiY1UJcfYsrliyl4rrpX92CDuTKXqo2eYQEKMvwO0=
Subject key identifier: F9:2C:60:33:E5:D9:9A:5D:A0:D9:07:D4:9A:48:B3:D4:67:AA:C6:54
Certificate issuer: /CN=ffc4ce78a4d18ca6ef3108f4a365906da6b6b7f3
Certificate serial: 018CC26D2C08B2B204415D6795D3367B1B9C
Authority key identifier: FF:C4:CE:78:A4:D1:8C:A6:EF:31:08:F4:A3:65:90:6D:A6:B6:B7:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_8TOeKTRjKbvMQj0o2WQbaa2t_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/17914b-ca63-4980-8740-8d106483e36e/1/1-SxgM-XZml2g2QfUmkiz1GeqxlQ.roa
Signing time: Mon 01 Jan 2024 00:29:43 +0000
ROA not before: Mon 01 Jan 2024 00:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202005
IP address blocks: 185.77.186.0/24 maxlen: 24
185.77.185.0/24 maxlen: 24
185.77.184.0/24 maxlen: 24
185.77.184.0/22 maxlen: 22
185.77.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:2c:08:b2:b2:04:41:5d:67:95:d3:36:7b:1b:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffc4ce78a4d18ca6ef3108f4a365906da6b6b7f3
Validity
Not Before: Jan 1 00:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f92c6033e5d99a5da0d907d49a48b3d467aac654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:de:2d:4d:0d:9c:6a:81:60:7b:d0:5b:1d:af:
5b:e8:66:32:f7:b2:10:21:29:77:b0:03:5c:84:42:
81:e6:d5:8b:4d:48:b5:19:57:d6:bf:41:f3:1f:61:
96:7a:01:4c:0c:03:9b:0c:fb:ce:85:7d:e0:f7:38:
65:9b:c5:97:3b:f5:a7:2a:42:8d:a3:74:3c:29:44:
57:92:d8:c5:55:4e:17:6a:2c:db:1e:5c:5d:b4:4a:
96:9f:de:f5:f4:e6:40:11:57:d7:12:e8:f3:99:82:
b6:6e:c5:81:95:88:87:e9:bf:b2:bf:a2:46:c7:57:
ff:ce:e0:06:a8:47:d2:cc:ce:78:de:0f:94:f8:69:
34:d5:a4:84:ff:39:48:b0:11:b5:26:9a:c4:e8:85:
27:2a:c9:03:5e:15:d8:c1:5b:4c:83:0a:73:29:53:
ac:5f:3e:00:ef:70:ac:bd:60:1f:47:8c:0b:cd:72:
ac:f4:d5:dc:e9:aa:8b:ea:fa:9a:38:71:bd:51:05:
18:09:fe:4b:75:d6:1b:34:36:fb:d2:a7:dd:24:3f:
6c:30:5d:3a:09:f4:2c:55:f3:80:ec:28:1b:7b:26:
9f:a0:f7:87:8d:b7:a5:4c:3f:9b:b0:ee:e5:c4:35:
70:6e:3d:53:1f:34:78:97:8a:ab:df:43:e6:a8:ba:
29:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:2C:60:33:E5:D9:9A:5D:A0:D9:07:D4:9A:48:B3:D4:67:AA:C6:54
X509v3 Authority Key Identifier:
keyid:FF:C4:CE:78:A4:D1:8C:A6:EF:31:08:F4:A3:65:90:6D:A6:B6:B7:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_8TOeKTRjKbvMQj0o2WQbaa2t_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/17914b-ca63-4980-8740-8d106483e36e/1/1-SxgM-XZml2g2QfUmkiz1GeqxlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/17914b-ca63-4980-8740-8d106483e36e/1/_8TOeKTRjKbvMQj0o2WQbaa2t_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.184.0/22
Signature Algorithm: sha256WithRSAEncryption
19:e3:be:76:8c:b9:f9:d4:17:28:3d:6f:b3:ff:67:1f:5c:11:
8e:0a:a5:bf:34:b4:18:9a:67:77:b5:1c:85:c0:ea:2b:2c:99:
59:cf:41:2a:76:82:aa:24:71:c3:0b:c6:dc:bc:b7:91:65:88:
5c:fb:68:f4:75:8c:86:91:ef:d1:46:a1:62:59:ec:8e:af:e5:
2a:68:3d:6b:3e:b4:67:b4:d3:3b:2f:db:e0:8b:e8:3c:3e:83:
7d:0e:91:b2:16:f3:3e:0e:b2:f7:0f:0c:9f:94:19:4c:62:b3:
86:04:32:75:a9:8c:90:8b:0d:ac:91:e8:53:e0:ce:ed:db:65:
e2:54:2f:af:75:ac:5f:2c:d9:a0:02:ca:84:91:49:0e:67:45:
2f:82:cc:f5:24:f5:ee:35:75:24:7f:84:46:dd:8c:81:e6:40:
c2:62:9f:bf:43:b1:e6:cb:ae:89:59:1c:e8:73:ab:29:0d:f1:
17:4e:3d:6f:f9:06:85:99:e0:97:88:43:1b:d8:27:c9:03:fa:
a2:ee:2a:1d:86:4f:c0:a5:8b:9b:1d:88:27:6c:80:3e:cc:6c:
eb:53:d6:13:c9:fa:97:34:6d:4d:cd:c9:0b:53:22:24:86:03:
aa:76:02:65:6a:94:8b:28:a4:ef:49:83:32:4e:62:6c:3a:d9:
d4:cf:ac:90
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzCbSwIsrIEQV1nldM2exucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmYzRjZTc4YTRkMThjYTZlZjMxMDhmNGEzNjU5MDZkYTZi
NmI3ZjMwHhcNMjQwMTAxMDAyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTJjNjAzM2U1ZDk5YTVkYTBkOTA3ZDQ5YTQ4YjNkNDY3YWFjNjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq94tTQ2caoFge9BbHa9b6GYy97IQ
ISl3sANchEKB5tWLTUi1GVfWv0HzH2GWegFMDAObDPvOhX3g9zhlm8WXO/WnKkKN
o3Q8KURXktjFVU4XaizbHlxdtEqWn9719OZAEVfXEujzmYK2bsWBlYiH6b+yv6JG
x1f/zuAGqEfSzM543g+U+Gk01aSE/zlIsBG1JprE6IUnKskDXhXYwVtMgwpzKVOs
Xz4A73CsvWAfR4wLzXKs9NXc6aqL6vqaOHG9UQUYCf5LddYbNDb70qfdJD9sMF06
CfQsVfOA7CgbeyafoPeHjbelTD+bsO7lxDVwbj1THzR4l4qr30PmqLopOQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPksYDPl2ZpdoNkH1JpIs9RnqsZUMB8GA1UdIwQY
MBaAFP/Eznik0Yym7zEI9KNlkG2mtrfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzhUT2VLVFJqS2J2TVFqMG8yV1FiYWEydF9NLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8xNzkxNGItY2E2My00OTgwLTg3NDAt
OGQxMDY0ODNlMzZlLzEvMS1TeGdNLVhabWwyZzJRZlVta2l6MUdlcXhsUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWYvMTc5MTRiLWNhNjMtNDk4MC04NzQwLThkMTA2NDgzZTM2
ZS8xL184VE9lS1RSaktidk1RajBvMldRYmFhMnRfTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlNuDAN
BgkqhkiG9w0BAQsFAAOCAQEAGeO+doy5+dQXKD1vs/9nH1wRjgqlvzS0GJpnd7Uc
hcDqKyyZWc9BKnaCqiRxwwvG3Ly3kWWIXPto9HWMhpHv0UahYlnsjq/lKmg9az60
Z7TTOy/b4IvoPD6DfQ6RshbzPg6y9w8Mn5QZTGKzhgQydamMkIsNrJHoU+DO7dtl
4lQvr3WsXyzZoALKhJFJDmdFL4LM9ST17jV1JH+ERt2MgeZAwmKfv0Ox5suuiVkc
6HOrKQ3xF049b/kGhZngl4hDG9gnyQP6ou4qHYZPwKWLmx2IJ2yAPsxs61PWE8n6
lzRtTc3JC1MiJIYDqnYCZWqUiyik70mDMk5ibDrZ1M+skA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:23 2025 by rpki-client