Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/8_r8uVVmoIEeVSFlIE9kiihe45s.roa
File: 8_r8uVVmoIEeVSFlIE9kiihe45s.roa (raw, json)
Hash identifier: 1TMnTtayMxmtEui3cNjYTywGTUfnEAqvi+NGndCwGYU=
Subject key identifier: F3:FA:FC:B9:55:66:A0:81:1E:55:21:65:20:4F:64:8A:28:5E:E3:9B
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 018D30250FF70FEA8EE25054F52F493D86AA
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/8_r8uVVmoIEeVSFlIE9kiihe45s.roa
Signing time: Mon 22 Jan 2024 07:49:11 +0000
ROA not before: Mon 22 Jan 2024 07:49:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49934
IP address blocks: 195.77.132.0/23 maxlen: 23
195.77.132.0/24 maxlen: 24
195.77.133.0/24 maxlen: 24
195.77.134.0/24 maxlen: 24
195.77.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 08:23:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:30:25:0f:f7:0f:ea:8e:e2:50:54:f5:2f:49:3d:86:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Jan 22 07:49:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3fafcb95566a0811e552165204f648a285ee39b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:84:7e:12:72:6d:ed:93:d4:fe:2c:3c:15:a5:
d1:7c:8f:93:bb:df:97:7b:95:68:b9:de:15:88:7b:
08:f9:7b:2c:97:cc:bc:8b:3a:76:9b:c0:b3:67:01:
0a:30:7d:a4:c4:87:95:45:b3:57:62:94:aa:61:3f:
f0:1c:34:94:bf:32:14:f1:06:ee:b0:e6:e4:b2:b8:
6f:b0:bb:41:aa:5e:1e:48:0d:47:c4:e0:84:59:ed:
74:7d:e5:46:76:4f:2c:fd:08:d4:74:2f:f8:18:77:
a6:0a:74:e4:46:3e:c6:27:47:67:bf:da:54:c6:df:
7d:76:4f:d4:02:d2:bd:3b:2e:e1:db:9e:9a:f0:b3:
44:63:4c:9e:a3:b2:e1:bd:de:10:b0:c5:21:25:13:
c7:9c:62:9b:ce:1d:08:60:6d:b3:14:14:cd:e3:b5:
5a:d4:0c:b3:40:1f:f2:d2:3d:92:6d:bb:41:21:be:
c1:e1:b9:64:bd:17:2b:06:34:ab:b8:6e:09:5e:2c:
8a:bf:8e:87:fb:4a:fe:b3:21:ed:bb:73:52:a8:31:
45:40:6c:52:f8:c7:b1:f4:5a:56:d2:81:82:73:5a:
9f:db:93:e9:4f:ae:93:82:81:cc:98:2e:5a:b3:1f:
c8:7c:f1:0c:c9:8a:48:eb:e6:ee:f7:d5:82:d3:3f:
c3:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:FA:FC:B9:55:66:A0:81:1E:55:21:65:20:4F:64:8A:28:5E:E3:9B
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/8_r8uVVmoIEeVSFlIE9kiihe45s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.77.132.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:98:9a:7e:fa:b1:0d:e9:bd:25:e1:bb:b2:f5:e9:da:54:41:
30:39:a2:4e:85:91:22:1e:66:fd:cb:79:1c:7c:1b:47:4a:83:
32:6c:8e:aa:99:29:a7:d2:6c:b1:d2:c7:3f:f3:73:77:54:76:
4d:00:84:33:67:a5:a3:a9:5f:5b:54:d6:61:d1:8d:75:68:b5:
05:68:28:cf:c1:9b:6f:f0:5a:47:3a:54:a1:b3:ec:6d:6f:79:
07:8c:49:60:28:31:35:46:43:cd:c5:a8:4c:aa:f5:43:fe:86:
7b:74:1d:fc:2a:55:0b:82:e0:24:11:c0:cf:f0:32:23:6d:2a:
17:77:fe:f2:d3:8b:b0:b8:e6:b0:94:15:78:3c:f0:ca:1c:be:
3b:0f:17:55:80:32:df:1f:14:dd:10:49:ba:5a:b3:9f:e6:92:
e2:17:99:94:9f:25:4c:95:c7:6b:d2:20:34:95:18:d2:3a:37:
44:7e:45:80:b4:0f:8a:37:da:8f:a1:5a:5a:41:64:4d:10:15:
52:44:48:71:93:e9:49:42:05:31:2b:d8:48:39:75:8a:75:7a:
ef:81:35:a8:a7:a2:4d:29:77:b0:b9:c3:52:70:58:c7:5f:58:
d9:7e:d5:b7:9e:a7:d7:0d:f6:19:6e:fc:1b:a2:a9:9c:35:90:
d5:7d:90:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0wJQ/3D+qO4lBU9S9JPYaqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjQwMTIyMDc0OTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2ZhZmNiOTU1NjZhMDgxMWU1NTIxNjUyMDRmNjQ4YTI4NWVlMzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIR+EnJt7ZPU/iw8FaXRfI+Tu9+X
e5Voud4ViHsI+Xssl8y8izp2m8CzZwEKMH2kxIeVRbNXYpSqYT/wHDSUvzIU8Qbu
sObksrhvsLtBql4eSA1HxOCEWe10feVGdk8s/QjUdC/4GHemCnTkRj7GJ0dnv9pU
xt99dk/UAtK9Oy7h256a8LNEY0yeo7Lhvd4QsMUhJRPHnGKbzh0IYG2zFBTN47Va
1AyzQB/y0j2SbbtBIb7B4blkvRcrBjSruG4JXiyKv46H+0r+syHtu3NSqDFFQGxS
+Mex9FpW0oGCc1qf25PpT66TgoHMmC5asx/IfPEMyYpI6+bu99WC0z/D1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPP6/LlVZqCBHlUhZSBPZIooXuObMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvOF9yOHVWVm1vSUVlVlNGbElFOWtpaWhlNDVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw02EMA0G
CSqGSIb3DQEBCwUAA4IBAQCbmJp++rEN6b0l4buy9enaVEEwOaJOhZEiHmb9y3kc
fBtHSoMybI6qmSmn0myx0sc/83N3VHZNAIQzZ6WjqV9bVNZh0Y11aLUFaCjPwZtv
8FpHOlShs+xtb3kHjElgKDE1RkPNxahMqvVD/oZ7dB38KlULguAkEcDP8DIjbSoX
d/7y04uwuOawlBV4PPDKHL47DxdVgDLfHxTdEEm6WrOf5pLiF5mUnyVMlcdr0iA0
lRjSOjdEfkWAtA+KN9qPoVpaQWRNEBVSREhxk+lJQgUxK9hIOXWKdXrvgTWop6JN
KXewucNScFjHX1jZftW3nqfXDfYZbvwboqmcNZDVfZB+
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:26:47 2025 by rpki-client