Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/ipLZgfx8zE-u0LB_rlQq0RYOB9g.roa
File: ipLZgfx8zE-u0LB_rlQq0RYOB9g.roa (raw, json)
Hash identifier: lu6qfVIu8wOjz6hQW4b+fyLvQNzq2v6zA5/pXVm2C0g=
Subject key identifier: 8A:92:D9:81:FC:7C:CC:4F:AE:D0:B0:7F:AE:54:2A:D1:16:0E:07:D8
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 0191124A00DAE98651784E85BC5B2CEF0C21
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/ipLZgfx8zE-u0LB_rlQq0RYOB9g.roa
Signing time: Fri 02 Aug 2024 08:52:05 +0000
ROA not before: Fri 02 Aug 2024 08:52:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 77.81.1.0/24 maxlen: 24
89.42.215.0/24 maxlen: 24
94.177.27.0/24 maxlen: 24
176.223.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:12:4a:00:da:e9:86:51:78:4e:85:bc:5b:2c:ef:0c:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Aug 2 08:52:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a92d981fc7ccc4faed0b07fae542ad1160e07d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:51:5c:30:69:ec:23:f9:e7:5d:b7:78:99:cf:
fe:eb:9e:2a:31:9b:6b:dd:d2:38:be:26:c4:6e:43:
4b:20:38:25:0b:d9:f0:c6:fb:eb:ae:ef:d2:9a:22:
b4:56:37:6d:92:99:5f:a1:cd:c9:09:d7:dc:ec:be:
eb:b7:74:e4:58:b8:99:c5:cb:36:01:6c:6b:db:e2:
4a:28:c1:b7:f0:1b:8e:43:41:ba:08:c5:d3:dd:81:
cc:02:70:8e:19:37:0f:95:9d:04:66:05:43:1f:af:
dc:5d:fd:5c:f3:8e:68:93:95:db:e5:d1:c5:e0:50:
1b:6b:40:29:bb:f6:bd:5c:68:df:fe:b5:b1:0d:c1:
0b:ed:12:f5:ea:b5:a3:f8:fc:fa:20:ef:0a:e2:1a:
c2:66:7e:46:af:15:6b:87:11:59:c6:f0:75:e3:92:
dc:a6:33:08:7e:bf:7d:3b:0d:60:e3:29:f9:06:50:
dc:71:25:eb:65:cd:66:a8:a1:7a:92:0c:1e:2d:a7:
db:74:4d:dd:06:d3:11:07:a9:ee:7f:6d:92:20:92:
4d:24:42:c8:5c:a0:84:ff:ea:d8:f9:e2:69:0f:d9:
f2:7e:cd:db:bd:ca:ea:ee:19:54:7e:f9:ef:f0:d4:
30:eb:d8:25:b7:3d:58:74:14:85:61:79:62:8d:6c:
26:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:92:D9:81:FC:7C:CC:4F:AE:D0:B0:7F:AE:54:2A:D1:16:0E:07:D8
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/ipLZgfx8zE-u0LB_rlQq0RYOB9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.1.0/24
89.42.215.0/24
94.177.27.0/24
176.223.181.0/24
Signature Algorithm: sha256WithRSAEncryption
34:28:76:a8:4e:47:01:92:99:fe:43:72:e9:6c:76:e2:c8:f7:
35:af:51:14:aa:b4:5c:af:cd:fb:21:ed:26:26:b0:02:15:1f:
91:8c:13:5e:b4:56:c5:d4:dc:84:4c:e8:a2:ac:27:55:45:ae:
8e:ad:8a:93:2d:f2:9d:49:c5:ec:c2:3f:18:5d:09:39:53:d2:
dc:dc:cb:96:c6:3c:44:82:92:94:5a:02:66:6e:69:7e:44:4e:
d2:f2:e0:6c:86:db:80:8f:e2:ad:78:40:ae:f5:7b:31:c5:69:
23:d7:2f:11:ab:f9:e4:b8:34:c3:74:07:83:88:60:c4:79:30:
1e:5b:69:1d:58:84:a4:1b:01:95:44:bc:a5:0a:a0:3b:90:32:
b4:16:f3:bc:b0:90:6d:d0:a2:9f:29:69:6c:84:7a:1a:9a:3b:
c9:4f:ec:c2:52:a3:54:ad:c1:96:22:d5:5e:18:d9:5d:09:c0:
48:c5:d6:ef:fa:46:ed:bb:69:2e:35:08:b9:5f:e1:c3:4b:1f:
7e:09:12:f4:6e:46:15:ec:23:32:ce:38:20:3c:0f:b5:e5:4a:
04:4a:e2:6e:38:c1:dc:3c:46:2a:24:c1:e0:6c:c4:75:a6:39:
84:c4:1d:fe:d8:0c:fb:81:05:0d:91:ee:9c:83:63:99:63:1d:
c0:8f:2e:56
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZESSgDa6YZReE6FvFss7wwhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwODAyMDg1MjA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTkyZDk4MWZjN2NjYzRmYWVkMGIwN2ZhZTU0MmFkMTE2MGUwN2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FFcMGnsI/nnXbd4mc/+654qMZtr
3dI4vibEbkNLIDglC9nwxvvrru/SmiK0Vjdtkplfoc3JCdfc7L7rt3TkWLiZxcs2
AWxr2+JKKMG38BuOQ0G6CMXT3YHMAnCOGTcPlZ0EZgVDH6/cXf1c845ok5Xb5dHF
4FAba0Apu/a9XGjf/rWxDcEL7RL16rWj+Pz6IO8K4hrCZn5GrxVrhxFZxvB145Lc
pjMIfr99Ow1g4yn5BlDccSXrZc1mqKF6kgweLafbdE3dBtMRB6nuf22SIJJNJELI
XKCE/+rY+eJpD9nyfs3bvcrq7hlUfvnv8NQw69gltz1YdBSFYXlijWwmtwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIqS2YH8fMxPrtCwf65UKtEWDgfYMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvaXBMWmdmeDh6RS11MExCX3JsUXEwUllPQjlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVEBAwQA
WSrXAwQAXrEbAwQAsN+1MA0GCSqGSIb3DQEBCwUAA4IBAQA0KHaoTkcBkpn+Q3Lp
bHbiyPc1r1EUqrRcr837Ie0mJrACFR+RjBNetFbF1NyETOiirCdVRa6OrYqTLfKd
ScXswj8YXQk5U9Lc3MuWxjxEgpKUWgJmbml+RE7S8uBshtuAj+KteECu9XsxxWkj
1y8Rq/nkuDTDdAeDiGDEeTAeW2kdWISkGwGVRLylCqA7kDK0FvO8sJBt0KKfKWls
hHoamjvJT+zCUqNUrcGWItVeGNldCcBIxdbv+kbtu2kuNQi5X+HDSx9+CRL0bkYV
7CMyzjggPA+15UoESuJuOMHcPEYqJMHgbMR1pjmExB3+2Az7gQUNke6cg2OZYx3A
jy5W
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:04:40 2025 by rpki-client