Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/h4VRfUnzCD0HBM7LUr_GmO1RqPI.roa
File: h4VRfUnzCD0HBM7LUr_GmO1RqPI.roa (raw, json)
Hash identifier: 5Xpm9FXE9ySnoJz7/gCSqixz4HRDtfbXtXLVKvncKW8=
Subject key identifier: 87:85:51:7D:49:F3:08:3D:07:04:CE:CB:52:BF:C6:98:ED:51:A8:F2
Certificate issuer: /CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Certificate serial: 018E5D31BFDF0AD128234B8A0EAB1F95D7BB
Authority key identifier: 03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/h4VRfUnzCD0HBM7LUr_GmO1RqPI.roa
Signing time: Wed 20 Mar 2024 18:48:45 +0000
ROA not before: Wed 20 Mar 2024 18:48:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212341
IP address blocks: 77.87.185.0/24 maxlen: 24
185.66.176.0/22 maxlen: 22
185.66.178.0/24 maxlen: 24
2a05:900::/32 maxlen: 32
2a05:901::/32 maxlen: 32
2a05:902::/32 maxlen: 32
2a05:903::/32 maxlen: 32
2a05:904::/32 maxlen: 32
2a05:905::/32 maxlen: 32
2a05:907::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 23 Mar 2024 08:12:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5d:31:bf:df:0a:d1:28:23:4b:8a:0e:ab:1f:95:d7:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Validity
Not Before: Mar 20 18:48:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8785517d49f3083d0704cecb52bfc698ed51a8f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:52:15:eb:1d:7b:5a:7d:86:cb:59:96:a6:9b:
ba:e8:14:b5:32:18:d5:30:1a:bb:87:2d:39:7d:ac:
e9:07:eb:99:c6:0d:b1:78:b8:17:58:c1:43:10:0b:
40:6f:d7:8d:70:80:aa:29:0f:0e:eb:0e:ac:5c:cb:
36:16:4f:75:bb:32:9b:03:48:b0:c0:29:f2:85:21:
e3:13:76:d9:f3:9d:7c:1f:47:02:ec:84:df:37:7e:
3a:f5:a0:97:f9:4a:33:bd:b8:8f:d5:03:5a:8b:e8:
a8:06:ea:73:cf:de:f3:7b:cf:d9:35:eb:c7:23:78:
0f:68:b9:03:c9:1e:e8:40:7d:95:76:7c:ab:81:d4:
22:7b:50:db:3c:88:21:1b:fd:b0:11:c7:c0:c7:53:
5b:e1:18:35:10:9b:72:c2:41:9f:fb:2e:29:ca:67:
7b:8b:d5:bd:f4:9d:22:a1:c7:73:a7:5c:98:a7:79:
31:ae:a3:d9:8e:9e:b8:c1:5a:d9:91:c3:c5:c8:6d:
c5:85:bd:31:1d:10:db:1c:b0:db:f2:ea:7e:fc:95:
a2:76:f5:30:81:eb:91:90:45:7c:3c:fe:97:2c:99:
2e:6e:f9:00:40:f7:0e:9a:a4:74:6e:ec:41:2d:e9:
56:bd:64:21:f9:6d:11:49:04:a7:e5:c1:5e:c9:58:
18:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:85:51:7D:49:F3:08:3D:07:04:CE:CB:52:BF:C6:98:ED:51:A8:F2
X509v3 Authority Key Identifier:
keyid:03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/h4VRfUnzCD0HBM7LUr_GmO1RqPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.185.0/24
185.66.176.0/22
IPv6:
2a05:900::-2a05:905:ffff:ffff:ffff:ffff:ffff:ffff
2a05:907::/32
Signature Algorithm: sha256WithRSAEncryption
2d:f0:ce:b6:e0:49:33:ec:69:39:c6:0d:ad:64:1b:cb:1c:fa:
24:7f:29:7f:d7:0f:34:5d:0f:a7:24:d0:77:05:89:1f:40:69:
8c:14:e8:ad:6e:6a:b6:9f:ec:fb:91:6f:f7:87:40:8b:1f:ce:
e3:02:85:f1:49:c2:9e:17:d1:87:d6:d9:79:29:e0:f8:ed:8a:
d7:d1:cb:f8:42:22:aa:70:41:f2:85:c3:df:98:e8:08:25:a7:
8d:0c:7e:c8:a1:6f:34:75:46:2d:82:a2:a4:8c:69:fe:9d:15:
79:31:9f:fd:9b:39:b1:ed:cd:8e:70:f8:30:06:55:4d:4a:c2:
50:fc:ec:b7:e8:66:9d:56:1e:22:e0:4d:e0:71:ff:6e:fd:2f:
98:f6:e6:63:f4:6c:cc:cc:aa:2e:14:5f:eb:e0:5f:b0:91:51:
f3:ce:43:54:bf:ad:49:1b:7c:cf:44:ac:e0:28:47:9e:b8:90:
c5:d5:06:73:0f:7f:b7:03:dc:fd:1d:d8:35:c9:63:f9:22:0d:
7f:c3:59:1c:fc:e4:94:cf:1c:e5:df:4e:9b:49:5b:85:c9:e1:
ed:79:5c:8e:9b:ce:24:4e:61:9c:b1:5d:4e:2b:1e:a8:9b:aa:
74:5d:ea:38:2b:b0:a8:4c:f7:4f:9d:ed:61:0d:0b:14:be:e2:
69:e5:57:87
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY5dMb/fCtEoI0uKDqsflde7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYzMzZTQzZWY1NjUyN2ExNjlkNmFjNmQ3ZTYyYzYzZDE5
NzMwNTEwHhcNMjQwMzIwMTg0ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzg1NTE3ZDQ5ZjMwODNkMDcwNGNlY2I1MmJmYzY5OGVkNTFhOGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulIV6x17Wn2Gy1mWppu66BS1MhjV
MBq7hy05fazpB+uZxg2xeLgXWMFDEAtAb9eNcICqKQ8O6w6sXMs2Fk91uzKbA0iw
wCnyhSHjE3bZ8518H0cC7ITfN3469aCX+UozvbiP1QNai+ioBupzz97ze8/ZNevH
I3gPaLkDyR7oQH2VdnyrgdQie1DbPIghG/2wEcfAx1Nb4Rg1EJtywkGf+y4pymd7
i9W99J0iocdzp1yYp3kxrqPZjp64wVrZkcPFyG3Fhb0xHRDbHLDb8up+/JWidvUw
geuRkEV8PP6XLJkubvkAQPcOmqR0buxBLelWvWQh+W0RSQSn5cFeyVgYPQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIeFUX1J8wg9BwTOy1K/xpjtUajyMB8GA1UdIwQY
MBaAFAPDPkPvVlJ6Fp1qxtfmLGPRlzBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUt
YTNhM2ViODc5ZjJiLzEvaDRWUmZVbnpDRDBIQk03TFVyX0dtTzFScVBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUtYTNhM2ViODc5ZjJi
LzEvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjASBAIAATAMAwQATVe5AwQC
uUKwMBwEAgACMBYwDQMEACoFCQMFASoFCQQDBQAqBQkHMA0GCSqGSIb3DQEBCwUA
A4IBAQAt8M624Ekz7Gk5xg2tZBvLHPokfyl/1w80XQ+nJNB3BYkfQGmMFOitbmq2
n+z7kW/3h0CLH87jAoXxScKeF9GH1tl5KeD47YrX0cv4QiKqcEHyhcPfmOgIJaeN
DH7IoW80dUYtgqKkjGn+nRV5MZ/9mzmx7c2OcPgwBlVNSsJQ/Oy36GadVh4i4E3g
cf9u/S+Y9uZj9GzMzKouFF/r4F+wkVHzzkNUv61JG3zPRKzgKEeeuJDF1QZzD3+3
A9z9Hdg1yWP5Ig1/w1kc/OSUzxzl306bSVuFyeHteVyOm84kTmGcsV1OKx6om6p0
Xeo4K7CoTPdPne1hDQsUvuJp5VeH
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:14:48 2025 by rpki-client