Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/tPkMwXTyogS3x8z1qJMmqld-W84.roa
File: tPkMwXTyogS3x8z1qJMmqld-W84.roa (raw, json)
Hash identifier: 4/TGBWNPRDyUPg32Y/Vo0SNv1Dr2liNwx1eDj5+FttQ=
Subject key identifier: B4:F9:0C:C1:74:F2:A2:04:B7:C7:CC:F5:A8:93:26:AA:57:7E:5B:CE
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 0194126D9B2DBC350699CAF49B3600671B7B
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/tPkMwXTyogS3x8z1qJMmqld-W84.roa
Signing time: Sun 29 Dec 2024 12:39:20 +0000
ROA not before: Sun 29 Dec 2024 12:39:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205207
IP address blocks: 77.104.92.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:12:6d:9b:2d:bc:35:06:99:ca:f4:9b:36:00:67:1b:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Dec 29 12:39:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4f90cc174f2a204b7c7ccf5a89326aa577e5bce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:94:2c:11:91:0a:b7:35:e7:8c:dd:31:74:7a:
2e:8d:24:4c:ce:2f:b2:4c:9d:6b:f0:f2:9c:a2:04:
84:6d:1b:3d:2b:89:19:25:07:06:88:4f:63:f0:36:
01:29:4e:b0:01:47:19:1f:c5:0b:74:c9:df:0b:b4:
8d:40:55:58:6c:6a:bc:13:95:66:35:24:b6:9e:73:
4f:3b:ac:ee:8c:4d:38:32:cd:06:fd:f9:84:a8:29:
70:8a:1f:23:bd:81:d7:14:94:8a:7d:0e:9f:a1:02:
70:d1:dd:f0:dc:f4:e2:d6:75:ad:ab:ba:16:00:bf:
95:8e:22:f3:2d:a6:02:02:18:18:a7:80:27:4e:9e:
e5:ca:44:2e:c7:83:b3:b1:54:b6:52:1c:ab:61:24:
e1:38:6a:32:d1:7a:b2:0a:e7:09:97:a0:8b:d4:2d:
6e:e2:54:01:ae:84:bc:a6:25:6e:ea:61:34:0f:8c:
39:f5:bf:35:34:48:4c:1f:1e:56:d9:9d:c0:95:06:
79:86:83:c9:17:44:ab:26:f6:ff:2f:2a:70:63:a9:
2a:81:08:2e:1c:ee:c7:d1:80:13:ad:18:f6:d1:79:
26:b5:a3:4d:3c:5a:cf:67:f2:2e:7d:d0:80:28:14:
36:cc:16:c0:4e:3d:75:a3:db:ea:ff:62:e7:13:f0:
f1:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:F9:0C:C1:74:F2:A2:04:B7:C7:CC:F5:A8:93:26:AA:57:7E:5B:CE
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/tPkMwXTyogS3x8z1qJMmqld-W84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.104.92.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:5d:09:1b:e0:0a:a8:cf:88:75:3c:65:57:e5:46:fc:26:8d:
29:de:a1:d6:ed:da:e6:8c:4a:cb:5a:e2:86:f4:c6:6c:54:49:
75:20:61:04:68:2c:0c:db:35:9e:1c:40:92:89:ff:c2:9a:fc:
a8:97:bd:dd:92:bf:fa:b2:50:61:f9:89:57:df:20:82:46:e1:
ec:7d:ae:f4:91:12:7f:66:0d:a9:00:9e:e2:c3:35:41:bc:7a:
3c:c7:5e:19:a7:97:b7:18:26:8d:01:36:99:7c:c2:9c:e3:0a:
df:5d:b0:cd:16:54:77:ff:59:b2:a2:28:ad:9d:3a:69:e1:1b:
5a:15:43:4a:f8:b2:d2:79:dc:db:7c:4a:05:e7:a5:9e:3b:e6:
25:ff:a5:92:c6:b7:21:55:d9:c3:54:37:67:66:5a:f7:ab:2f:
88:05:2c:7c:00:a3:34:b3:5e:bc:1d:46:1a:20:92:29:c8:f9:
9a:e0:74:00:da:66:b8:18:ac:16:11:4e:45:4f:78:c8:a1:a1:
15:52:1a:00:4d:72:79:6d:ff:5e:aa:57:4b:fe:26:47:c8:2c:
5e:8a:69:3d:4c:5a:fd:77:5f:35:64:64:13:44:55:93:eb:be:
8b:a1:ed:e7:9e:51:15:76:b2:93:96:8b:4a:3d:26:2f:7d:13:
68:98:9e:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQSbZstvDUGmcr0mzYAZxt7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjQxMjI5MTIzOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGY5MGNjMTc0ZjJhMjA0YjdjN2NjZjVhODkzMjZhYTU3N2U1YmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpQsEZEKtzXnjN0xdHoujSRMzi+y
TJ1r8PKcogSEbRs9K4kZJQcGiE9j8DYBKU6wAUcZH8ULdMnfC7SNQFVYbGq8E5Vm
NSS2nnNPO6zujE04Ms0G/fmEqClwih8jvYHXFJSKfQ6foQJw0d3w3PTi1nWtq7oW
AL+VjiLzLaYCAhgYp4AnTp7lykQux4OzsVS2UhyrYSThOGoy0XqyCucJl6CL1C1u
4lQBroS8piVu6mE0D4w59b81NEhMHx5W2Z3AlQZ5hoPJF0SrJvb/LypwY6kqgQgu
HO7H0YATrRj20XkmtaNNPFrPZ/IufdCAKBQ2zBbATj11o9vq/2LnE/DxQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLT5DMF08qIEt8fM9aiTJqpXflvOMB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvdFBrTXdYVHlvZ1MzeDh6MXFKTW1xbGQtVzg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATWhcMA0G
CSqGSIb3DQEBCwUAA4IBAQANXQkb4Aqoz4h1PGVX5Ub8Jo0p3qHW7drmjErLWuKG
9MZsVEl1IGEEaCwM2zWeHECSif/Cmvyol73dkr/6slBh+YlX3yCCRuHsfa70kRJ/
Zg2pAJ7iwzVBvHo8x14Zp5e3GCaNATaZfMKc4wrfXbDNFlR3/1myoiitnTpp4Rta
FUNK+LLSedzbfEoF56WeO+Yl/6WSxrchVdnDVDdnZlr3qy+IBSx8AKM0s168HUYa
IJIpyPma4HQA2ma4GKwWEU5FT3jIoaEVUhoATXJ5bf9eqldL/iZHyCxeimk9TFr9
d181ZGQTRFWT676Loe3nnlEVdrKTlotKPSYvfRNomJ6w
-----END CERTIFICATE-----
Generated at Sun Jun 8 17:09:07 2025 by rpki-client