Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/NeU3JsEorougp-RCpz9NhU4MQGI.roa
File: NeU3JsEorougp-RCpz9NhU4MQGI.roa (raw, json)
Hash identifier: eGwzJAtvAeq+Sc3CkDtQSthziroy4FpeeTSyrUZb8FE=
Subject key identifier: 35:E5:37:26:C1:28:AE:8B:A0:A7:E4:42:A7:3F:4D:85:4E:0C:40:62
Certificate issuer: /CN=7415fec4ae76b24e4f02991649917b99b740044a
Certificate serial: 019426D99C96F7790D0EAE22D7773449DB2D
Authority key identifier: 74:15:FE:C4:AE:76:B2:4E:4F:02:99:16:49:91:7B:99:B7:40:04:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/NeU3JsEorougp-RCpz9NhU4MQGI.roa
Signing time: Thu 02 Jan 2025 11:49:43 +0000
ROA not before: Thu 02 Jan 2025 11:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216334
IP address blocks: 77.105.133.0/24 maxlen: 24
2a00:f9a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 10 Feb 2025 12:38:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:9c:96:f7:79:0d:0e:ae:22:d7:77:34:49:db:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7415fec4ae76b24e4f02991649917b99b740044a
Validity
Not Before: Jan 2 11:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35e53726c128ae8ba0a7e442a73f4d854e0c4062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c2:0a:0a:29:d0:4a:59:91:76:02:c8:f1:b3:
e1:61:d7:e3:ab:8d:22:2b:60:98:52:54:10:54:af:
c0:cb:b9:98:ca:1d:42:f3:e9:43:b8:17:09:ce:66:
1e:6f:cc:bf:a6:63:57:b8:a2:c7:d2:bb:2c:09:b0:
7c:9b:0b:f4:78:f9:da:13:86:c9:3c:8f:e6:fe:fb:
dd:de:b3:df:ed:4d:0e:82:a7:b7:db:56:15:83:97:
31:54:17:f0:2f:52:41:c4:be:b3:2b:ad:48:54:ee:
bf:82:57:0d:55:bc:e6:f5:c9:5e:a2:a6:aa:77:5f:
af:d2:13:6f:bf:7b:27:21:4a:a0:53:16:61:08:bc:
df:2b:37:cb:fb:2d:45:05:49:a4:a3:13:ad:4e:da:
66:dd:be:fd:22:f6:99:7d:b9:1f:9e:da:33:e6:10:
e2:d3:f2:45:3c:9e:b5:4a:d5:54:a3:af:9e:f8:ea:
f7:38:57:74:23:4e:92:92:f8:6b:c2:88:28:b9:e4:
2e:c8:dd:ca:5a:eb:8e:d4:13:a3:d0:64:90:eb:4f:
f2:56:71:5d:ff:85:9d:76:7b:1d:4a:95:aa:65:75:
a9:d5:ff:fa:01:e6:21:71:39:e9:35:e7:f1:8f:f5:
69:0a:f7:d1:e2:7c:d6:8f:48:65:97:e3:a9:6a:58:
ab:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:E5:37:26:C1:28:AE:8B:A0:A7:E4:42:A7:3F:4D:85:4E:0C:40:62
X509v3 Authority Key Identifier:
keyid:74:15:FE:C4:AE:76:B2:4E:4F:02:99:16:49:91:7B:99:B7:40:04:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/NeU3JsEorougp-RCpz9NhU4MQGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/dBX-xK52sk5PApkWSZF7mbdABEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.133.0/24
IPv6:
2a00:f9a0::/32
Signature Algorithm: sha256WithRSAEncryption
0c:fa:43:40:36:66:89:4e:6b:37:28:ac:01:86:bb:a7:1c:20:
ea:0e:a9:e5:99:7b:be:18:12:a3:ca:08:9a:90:36:f2:d1:2a:
11:95:50:47:1d:30:29:c1:6d:f6:25:02:27:62:a6:c1:6e:89:
d8:f8:90:42:8c:93:2a:ec:4a:db:cd:ac:f1:e9:ca:d5:96:02:
ad:59:48:d5:fb:df:77:08:4c:e4:30:9f:7d:05:a5:26:8c:2c:
6a:c7:c2:d1:66:dc:04:1a:be:67:a1:f9:b2:5d:ba:91:96:96:
44:25:32:c1:a5:98:34:6f:9f:ec:da:3d:dd:f2:a1:20:db:d9:
2b:ab:81:51:c6:ef:6d:83:9d:5a:a0:35:1e:45:74:b7:fa:d2:
d2:cf:85:4e:57:92:e7:56:31:63:e9:98:28:a7:f5:72:c1:f7:
c5:35:23:ce:ad:3b:67:a9:da:b8:96:d4:f9:0b:13:39:36:a0:
ca:d6:1f:a2:ba:16:fc:40:75:7f:a9:b6:72:47:23:b6:cb:4a:
b2:6a:e0:0f:01:aa:08:35:2b:c8:45:22:22:2e:4e:42:bc:c7:
f4:6a:23:22:6a:bb:a8:b1:8d:4b:79:00:96:23:cb:c7:24:ac:
bd:1f:3d:f5:47:68:c3:e8:93:46:1d:9a:88:29:a1:e0:9c:a9:
94:4a:a4:3a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2ZyW93kNDq4i13c0SdstMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MTVmZWM0YWU3NmIyNGU0ZjAyOTkxNjQ5OTE3Yjk5Yjc0
MDA0NGEwHhcNMjUwMTAyMTE0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWU1MzcyNmMxMjhhZThiYTBhN2U0NDJhNzNmNGQ4NTRlMGM0MDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcIKCinQSlmRdgLI8bPhYdfjq40i
K2CYUlQQVK/Ay7mYyh1C8+lDuBcJzmYeb8y/pmNXuKLH0rssCbB8mwv0ePnaE4bJ
PI/m/vvd3rPf7U0Ogqe321YVg5cxVBfwL1JBxL6zK61IVO6/glcNVbzm9cleoqaq
d1+v0hNvv3snIUqgUxZhCLzfKzfL+y1FBUmkoxOtTtpm3b79IvaZfbkfntoz5hDi
0/JFPJ61StVUo6+e+Or3OFd0I06SkvhrwogoueQuyN3KWuuO1BOj0GSQ60/yVnFd
/4WddnsdSpWqZXWp1f/6AeYhcTnpNefxj/VpCvfR4nzWj0hll+OpalirjQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDXlNybBKK6LoKfkQqc/TYVODEBiMB8GA1UdIwQY
MBaAFHQV/sSudrJOTwKZFkmRe5m3QARKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEJYLXhLNTJzazVQQXBrV1NaRjdtYmRBQkVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy85ODc5NzktOTY5My00NWUzLTg1YmEt
ZWQ1MzU4YjZkYTMxLzEvTmVVM0pzRW9yb3VncC1SQ3B6OU5oVTRNUUdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy85ODc5NzktOTY5My00NWUzLTg1YmEtZWQ1MzU4YjZkYTMx
LzEvZEJYLXhLNTJzazVQQXBrV1NaRjdtYmRBQkVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQATWmFMA0E
AgACMAcDBQAqAPmgMA0GCSqGSIb3DQEBCwUAA4IBAQAM+kNANmaJTms3KKwBhrun
HCDqDqnlmXu+GBKjygiakDby0SoRlVBHHTApwW32JQInYqbBbonY+JBCjJMq7Erb
zazx6crVlgKtWUjV+993CEzkMJ99BaUmjCxqx8LRZtwEGr5nofmyXbqRlpZEJTLB
pZg0b5/s2j3d8qEg29krq4FRxu9tg51aoDUeRXS3+tLSz4VOV5LnVjFj6Zgop/Vy
wffFNSPOrTtnqdq4ltT5CxM5NqDK1h+iuhb8QHV/qbZyRyO2y0qyauAPAaoINSvI
RSIiLk5CvMf0aiMiaruosY1LeQCWI8vHJKy9Hz31R2jD6JNGHZqIKaHgnKmUSqQ6
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:56:05 2025 by rpki-client