Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/3cHRy9I3drK1Aph9l8MdP00OJ50.roa
File: 3cHRy9I3drK1Aph9l8MdP00OJ50.roa (raw, json)
Hash identifier: xBQcrU6UawGhMehgMg65scErEW+zDdHdnGYmHomheyM=
Subject key identifier: DD:C1:D1:CB:D2:37:76:B2:B5:02:98:7D:97:C3:1D:3F:4D:0E:27:9D
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 0195378909DF2E47C1B630351E1DFD48B01E
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/3cHRy9I3drK1Aph9l8MdP00OJ50.roa
Signing time: Mon 24 Feb 2025 10:38:02 +0000
ROA not before: Mon 24 Feb 2025 10:38:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16202
IP address blocks: 77.64.128.0/17 maxlen: 18
77.64.128.0/18 maxlen: 18
77.64.128.0/19 maxlen: 19
77.64.146.0/23 maxlen: 23
77.64.160.0/19 maxlen: 19
77.64.192.0/19 maxlen: 19
77.64.192.0/20 maxlen: 20
77.64.208.0/20 maxlen: 20
77.64.224.0/20 maxlen: 20
77.64.240.0/20 maxlen: 20
77.64.252.0/23 maxlen: 23
77.64.254.0/23 maxlen: 23
83.221.64.0/19 maxlen: 23
83.221.64.0/20 maxlen: 23
83.221.64.0/21 maxlen: 21
83.221.72.0/21 maxlen: 21
83.221.80.0/20 maxlen: 20
83.221.80.0/21 maxlen: 21
83.221.88.0/21 maxlen: 21
89.186.128.0/19 maxlen: 19
89.186.128.0/20 maxlen: 20
89.186.128.0/21 maxlen: 21
89.186.136.0/21 maxlen: 21
89.186.144.0/20 maxlen: 20
89.186.144.0/21 maxlen: 21
89.186.152.0/21 maxlen: 21
92.206.0.0/16 maxlen: 16
92.206.0.0/17 maxlen: 17
92.206.0.0/18 maxlen: 18
92.206.64.0/18 maxlen: 23
92.206.128.0/18 maxlen: 23
92.206.160.0/19 maxlen: 19
92.206.190.0/23 maxlen: 23
92.206.192.0/18 maxlen: 23
92.206.224.0/19 maxlen: 19
95.168.128.0/19 maxlen: 19
95.168.128.0/20 maxlen: 20
95.168.144.0/20 maxlen: 20
185.44.148.0/22 maxlen: 22
185.44.150.0/23 maxlen: 23
217.68.160.0/19 maxlen: 19
217.68.160.0/20 maxlen: 20
217.68.176.0/20 maxlen: 20
2a00:c1a0::/32 maxlen: 32
2a00:c1a0::/34 maxlen: 34
2a00:c1a0:4000::/34 maxlen: 34
2a00:c1a0:8000::/34 maxlen: 34
2a00:c1a0:c000::/34 maxlen: 34
2a02:2454:8000::/33 maxlen: 36
2a02:2457:100::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 31 Mar 2025 09:12:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:37:89:09:df:2e:47:c1:b6:30:35:1e:1d:fd:48:b0:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: Feb 24 10:38:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddc1d1cbd23776b2b502987d97c31d3f4d0e279d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:23:4d:30:1e:fb:ec:8e:9d:28:6b:4e:7c:de:
fb:eb:68:9c:b2:50:7f:8f:79:c5:01:4b:a3:b9:7e:
8a:5d:04:ef:52:c0:90:80:e6:70:c7:6f:8b:1b:17:
91:47:1a:aa:91:9e:10:d8:e4:de:e8:14:1c:61:47:
f8:57:e5:e6:b2:1a:62:31:87:b5:a8:7e:98:63:87:
57:40:94:0e:66:f6:b2:a5:ab:e1:dd:e6:1b:11:b7:
e4:00:4d:aa:06:25:dc:e9:76:33:cb:b8:4a:60:85:
e3:0a:9b:a9:14:0a:6a:78:67:79:04:c2:69:2c:6a:
f0:8f:d0:f9:6b:a1:a7:5b:45:0e:8c:70:9e:c3:00:
d9:39:a5:39:07:98:fb:ee:71:0e:a6:9f:5c:6b:4d:
5d:ac:77:90:1f:2c:da:ff:38:7e:0c:68:e7:e7:80:
a5:22:9a:fb:d8:21:58:48:b9:88:03:61:a3:8c:a3:
b4:a5:d5:5b:d6:24:a1:08:00:6f:73:5b:7e:51:01:
d6:88:ac:c8:bc:01:d9:fa:d0:88:2c:3f:f2:b8:74:
60:a9:e5:77:31:88:0b:64:c1:1f:a8:01:dd:43:67:
94:41:42:0c:c1:2f:b7:05:85:c2:e2:ac:81:41:72:
a6:30:0e:0d:3c:fb:a0:c9:9a:f3:7c:95:fa:8f:fc:
26:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C1:D1:CB:D2:37:76:B2:B5:02:98:7D:97:C3:1D:3F:4D:0E:27:9D
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/3cHRy9I3drK1Aph9l8MdP00OJ50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.64.128.0/17
83.221.64.0/19
89.186.128.0/19
92.206.0.0/16
95.168.128.0/19
185.44.148.0/22
217.68.160.0/19
IPv6:
2a00:c1a0::/32
2a02:2454:8000::/33
2a02:2457:100::/40
Signature Algorithm: sha256WithRSAEncryption
4a:d3:38:4a:29:3d:6f:02:5c:4f:7d:49:c4:77:1f:ae:88:bc:
6c:32:e2:6b:34:67:2f:c1:0b:48:fa:e4:eb:51:23:4b:57:5d:
9d:f2:fc:64:92:de:60:b0:b8:83:05:c4:40:39:9d:b1:c7:ee:
6c:9f:14:b5:5a:4c:ab:6d:25:c3:4c:14:e6:0b:05:2d:03:ee:
30:d2:00:95:c2:14:97:ab:b2:ef:ee:56:94:d3:c2:ae:28:07:
51:71:8a:4e:ce:55:02:a9:7f:f8:1e:cc:2d:9d:69:6b:7d:77:
32:50:48:cc:57:13:b8:f3:34:e0:f0:b4:27:49:c4:15:30:41:
9a:78:6a:e1:c4:38:84:8d:34:cd:c4:c2:36:cd:54:38:00:19:
8a:31:af:fe:53:08:2f:ca:62:7b:09:c0:b7:9e:04:58:4c:3e:
0d:41:e2:75:ac:26:99:55:91:21:2b:dd:fe:75:94:db:44:2c:
ba:a4:7c:cd:a8:a8:45:5e:f0:cc:e5:2c:df:d6:82:6e:53:05:
6b:6c:d1:c2:a3:e2:e8:2f:c6:13:63:94:95:24:5f:83:d5:61:
81:ef:6b:a7:39:eb:32:23:7b:cb:98:63:29:ea:dc:db:7c:80:
e5:fb:20:10:99:bd:f7:da:11:f2:21:e6:a0:a3:59:8f:50:4b:
7c:5c:6f:57
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZU3iQnfLkfBtjA1Hh39SLAeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2OWE1M2RkODYzNTJkMzQ0MGYyMjJiZGY5MDdjZjA5
YzJkYmEwHhcNMjUwMjI0MTAzODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGMxZDFjYmQyMzc3NmIyYjUwMjk4N2Q5N2MzMWQzZjRkMGUyNzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCNNMB777I6dKGtOfN7762icslB/
j3nFAUujuX6KXQTvUsCQgOZwx2+LGxeRRxqqkZ4Q2OTe6BQcYUf4V+XmshpiMYe1
qH6YY4dXQJQOZvaypavh3eYbEbfkAE2qBiXc6XYzy7hKYIXjCpupFApqeGd5BMJp
LGrwj9D5a6GnW0UOjHCewwDZOaU5B5j77nEOpp9ca01drHeQHyza/zh+DGjn54Cl
Ipr72CFYSLmIA2GjjKO0pdVb1iShCABvc1t+UQHWiKzIvAHZ+tCILD/yuHRgqeV3
MYgLZMEfqAHdQ2eUQUIMwS+3BYXC4qyBQXKmMA4NPPugyZrzfJX6j/wmRwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFN3B0cvSN3aytQKYfZfDHT9NDiedMB8GA1UdIwQY
MBaAFPS3aaU92GNS00QPIivfkHzwnC26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMt
ZDdjMzZjMjdjMDg3LzEvM2NIUnk5STNkcksxQXBoOWw4TWRQMDBPSjUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMtZDdjMzZjMjdjMDg3
LzEvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDAvBAIAATApAwQHTUCAAwQF
U91AAwQFWbqAAwMAXM4DBAVfqIADBAK5LJQDBAXZRKAwHQQCAAIwFwMFACoAwaAD
BgcqAiRUgAMGACoCJFcBMA0GCSqGSIb3DQEBCwUAA4IBAQBK0zhKKT1vAlxPfUnE
dx+uiLxsMuJrNGcvwQtI+uTrUSNLV12d8vxkkt5gsLiDBcRAOZ2xx+5snxS1Wkyr
bSXDTBTmCwUtA+4w0gCVwhSXq7Lv7laU08KuKAdRcYpOzlUCqX/4HswtnWlrfXcy
UEjMVxO48zTg8LQnScQVMEGaeGrhxDiEjTTNxMI2zVQ4ABmKMa/+UwgvymJ7CcC3
ngRYTD4NQeJ1rCaZVZEhK93+dZTbRCy6pHzNqKhFXvDM5Szf1oJuUwVrbNHCo+Lo
L8YTY5SVJF+D1WGB72unOesyI3vLmGMp6tzbfIDl+yAQmb332hHyIeago1mPUEt8
XG9X
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:22:35 2025 by rpki-client