Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/9a6834-e768-409b-b8ce-ec9b69b46cc0/1/aXp_uIHpqmNhpk-XnmBkxe360gw.roa
File: aXp_uIHpqmNhpk-XnmBkxe360gw.roa (raw, json)
Hash identifier: mKvYg4FXwC3aRzJtsxAQoh/FdJEaps2xI0EFrCCHp0Y=
Subject key identifier: 69:7A:7F:B8:81:E9:AA:63:61:A6:4F:97:9E:60:64:C5:ED:FA:D2:0C
Certificate issuer: /CN=eed755c51275ab2342d8f6fca5b56606ab9c3b4f
Certificate serial: 018CC86FAA99D469100F85FEB72616C526E9
Authority key identifier: EE:D7:55:C5:12:75:AB:23:42:D8:F6:FC:A5:B5:66:06:AB:9C:3B:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7tdVxRJ1qyNC2Pb8pbVmBqucO08.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/9a6834-e768-409b-b8ce-ec9b69b46cc0/1/aXp_uIHpqmNhpk-XnmBkxe360gw.roa
Signing time: Tue 02 Jan 2024 04:30:10 +0000
ROA not before: Tue 02 Jan 2024 04:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39449
IP address blocks: 77.95.160.0/21 maxlen: 21
178.20.80.0/21 maxlen: 21
88.151.80.0/21 maxlen: 21
185.52.92.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:aa:99:d4:69:10:0f:85:fe:b7:26:16:c5:26:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eed755c51275ab2342d8f6fca5b56606ab9c3b4f
Validity
Not Before: Jan 2 04:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=697a7fb881e9aa6361a64f979e6064c5edfad20c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d5:b7:2c:44:2c:65:2c:72:dc:46:1b:a9:36:
37:c3:4e:35:96:6c:d2:35:1a:91:6d:78:e9:77:a8:
b3:48:22:60:51:fa:4e:bd:f9:0e:d1:fa:02:08:d9:
fd:bf:09:34:40:65:63:b2:ca:f5:98:d2:d0:f2:e8:
a6:c1:e2:14:15:6f:ba:f9:5c:54:8c:49:19:8b:ab:
b5:d4:10:fb:a3:66:bb:03:49:03:a8:f1:c8:e1:1b:
fb:91:29:c5:6f:fa:3f:db:3c:30:3c:d3:06:43:75:
66:b0:8b:2a:18:3c:4e:be:fd:9e:57:55:88:0b:02:
4e:62:78:1f:6a:59:52:b8:7b:19:74:b6:44:9b:d2:
58:ad:fb:43:15:10:41:c1:48:81:28:63:6a:23:62:
6d:be:f4:13:e0:3b:08:ef:9f:4a:99:a8:f3:49:d7:
5f:4f:0c:34:df:c5:34:45:9b:9a:b8:83:75:94:b5:
61:5c:38:91:c7:20:75:c0:13:5b:bd:c6:8a:0b:72:
e5:c9:15:e6:a3:1d:b7:5d:79:e5:26:ec:85:b0:31:
86:cd:4d:37:85:7a:80:f7:5e:22:dc:dd:c1:c4:2e:
ac:98:61:3e:5a:53:fe:71:3b:4f:6b:06:de:57:7b:
ff:f8:6a:21:e9:3e:ed:af:69:ed:02:50:7b:48:57:
e7:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:7A:7F:B8:81:E9:AA:63:61:A6:4F:97:9E:60:64:C5:ED:FA:D2:0C
X509v3 Authority Key Identifier:
keyid:EE:D7:55:C5:12:75:AB:23:42:D8:F6:FC:A5:B5:66:06:AB:9C:3B:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7tdVxRJ1qyNC2Pb8pbVmBqucO08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/9a6834-e768-409b-b8ce-ec9b69b46cc0/1/aXp_uIHpqmNhpk-XnmBkxe360gw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/9a6834-e768-409b-b8ce-ec9b69b46cc0/1/7tdVxRJ1qyNC2Pb8pbVmBqucO08.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.160.0/21
88.151.80.0/21
178.20.80.0/21
185.52.92.0/22
Signature Algorithm: sha256WithRSAEncryption
71:bd:d2:e1:39:fe:c7:c2:06:dd:75:ce:7f:2d:b7:e8:c9:d0:
31:1d:1f:12:7e:fb:2e:4c:a7:88:64:50:73:a6:66:07:a0:c2:
c6:8f:55:53:ad:db:6c:29:44:3c:fa:e2:14:90:06:d7:f9:7e:
62:a8:81:fd:9e:0c:d5:1a:77:da:93:cb:7d:3e:b1:b1:5c:fc:
61:e7:eb:4d:26:e4:10:5c:63:39:e9:1e:03:98:6a:76:ed:14:
52:e7:85:6e:68:6a:fd:e6:89:c6:07:d7:0e:8f:57:0d:25:e2:
6f:83:fb:ac:19:f8:2d:3b:0c:30:71:02:20:c5:f0:29:cd:e6:
bb:43:d9:08:b0:cf:ed:b8:9b:4d:db:96:87:54:65:29:36:ec:
dc:10:7c:02:40:04:e6:ca:d4:a1:16:f4:44:41:76:a7:a1:86:
dc:af:d7:ea:f1:32:fe:f3:3f:0d:88:0a:81:03:09:56:11:d3:
6d:cf:ec:52:8e:ba:63:18:d8:33:9e:f5:40:0c:a1:cb:a8:bf:
e5:a5:0e:1b:af:ec:97:73:28:77:76:f1:8e:ef:75:d9:c0:2e:
ce:75:96:80:28:af:e6:c7:5e:70:21:67:ce:e0:eb:c1:a6:9f:
c4:ce:16:fe:90:e2:cf:14:f2:65:96:b7:7f:08:a0:47:8c:f3:
90:05:a0:d6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIb6qZ1GkQD4X+tyYWxSbpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZDc1NWM1MTI3NWFiMjM0MmQ4ZjZmY2E1YjU2NjA2YWI5
YzNiNGYwHhcNMjQwMTAyMDQzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTdhN2ZiODgxZTlhYTYzNjFhNjRmOTc5ZTYwNjRjNWVkZmFkMjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdW3LEQsZSxy3EYbqTY3w041lmzS
NRqRbXjpd6izSCJgUfpOvfkO0foCCNn9vwk0QGVjssr1mNLQ8uimweIUFW+6+VxU
jEkZi6u11BD7o2a7A0kDqPHI4Rv7kSnFb/o/2zwwPNMGQ3VmsIsqGDxOvv2eV1WI
CwJOYngfallSuHsZdLZEm9JYrftDFRBBwUiBKGNqI2JtvvQT4DsI759KmajzSddf
Tww038U0RZuauIN1lLVhXDiRxyB1wBNbvcaKC3LlyRXmox23XXnlJuyFsDGGzU03
hXqA914i3N3BxC6smGE+WlP+cTtPawbeV3v/+Goh6T7tr2ntAlB7SFfnYwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGl6f7iB6apjYaZPl55gZMXt+tIMMB8GA1UdIwQY
MBaAFO7XVcUSdasjQtj2/KW1ZgarnDtPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3RkVnhSSjFxeU5DMlBiOHBiVm1CcXVjTzA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC85YTY4MzQtZTc2OC00MDliLWI4Y2Ut
ZWM5YjY5YjQ2Y2MwLzEvYVhwX3VJSHBxbU5ocGstWG5tQmt4ZTM2MGd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC85YTY4MzQtZTc2OC00MDliLWI4Y2UtZWM5YjY5YjQ2Y2Mw
LzEvN3RkVnhSSjFxeU5DMlBiOHBiVm1CcXVjTzA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDTV+gAwQD
WJdQAwQDshRQAwQCuTRcMA0GCSqGSIb3DQEBCwUAA4IBAQBxvdLhOf7Hwgbddc5/
LbfoydAxHR8SfvsuTKeIZFBzpmYHoMLGj1VTrdtsKUQ8+uIUkAbX+X5iqIH9ngzV
Gnfak8t9PrGxXPxh5+tNJuQQXGM56R4DmGp27RRS54VuaGr95onGB9cOj1cNJeJv
g/usGfgtOwwwcQIgxfApzea7Q9kIsM/tuJtN25aHVGUpNuzcEHwCQATmytShFvRE
QXanoYbcr9fq8TL+8z8NiAqBAwlWEdNtz+xSjrpjGNgznvVADKHLqL/lpQ4br+yX
cyh3dvGO73XZwC7OdZaAKK/mx15wIWfO4OvBpp/Ezhb+kOLPFPJllrd/CKBHjPOQ
BaDW
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:56 2025 by rpki-client