Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/XrgRtu2fx8QocFuYPQ7KDeAxao8.roa
File: XrgRtu2fx8QocFuYPQ7KDeAxao8.roa (raw, json)
Hash identifier: VE4DEo/PgY06LyrHZl5Osnfd7kf7cTLi1hI0WCdZfE8=
Subject key identifier: 5E:B8:11:B6:ED:9F:C7:C4:28:70:5B:98:3D:0E:CA:0D:E0:31:6A:8F
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019461193DC456C9DC0FB276EA4551ACC35F
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/XrgRtu2fx8QocFuYPQ7KDeAxao8.roa
Signing time: Mon 13 Jan 2025 19:17:11 +0000
ROA not before: Mon 13 Jan 2025 19:17:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213877
IP address blocks: 77.239.104.0/24 maxlen: 24
77.239.105.0/24 maxlen: 24
150.241.105.0/24 maxlen: 24
150.241.108.0/24 maxlen: 24
150.241.123.0/24 maxlen: 24
185.184.122.0/24 maxlen: 24
185.184.123.0/24 maxlen: 24
185.207.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Feb 2025 19:10:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:61:19:3d:c4:56:c9:dc:0f:b2:76:ea:45:51:ac:c3:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jan 13 19:17:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5eb811b6ed9fc7c428705b983d0eca0de0316a8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8d:43:79:55:7f:73:65:5d:0c:78:9a:e6:97:
99:ec:d3:dd:a2:f7:83:3a:8f:de:1c:c1:e6:33:12:
85:2d:3e:83:14:f5:e5:c2:30:62:bf:d2:3b:5f:8b:
4c:22:4d:22:3c:15:2b:2d:7b:11:e9:ab:bd:e6:73:
08:da:6c:82:17:98:5c:9a:25:20:7f:16:0f:e9:db:
87:03:b9:55:95:3b:35:e4:6b:ae:14:31:f4:62:28:
14:0a:b1:2d:ec:f6:26:6d:7b:12:cc:19:56:c5:70:
9a:1a:a7:22:f7:f9:0f:d2:c2:bc:75:d4:ef:ed:e8:
56:f8:e7:c4:9d:d0:d7:a7:97:09:85:dd:86:9d:03:
fd:41:22:72:3c:64:f5:0b:f2:bf:d3:c7:87:5d:b6:
03:d7:23:02:df:6c:e6:62:9a:d3:ba:11:2b:9a:d1:
de:b8:03:7a:86:85:f2:51:ec:d5:83:21:76:ce:5e:
f0:28:ef:16:89:aa:14:d0:5b:94:a6:b5:dc:b8:72:
56:c3:25:d0:48:2e:f8:fa:03:28:ff:f7:0a:ee:ab:
7e:37:46:15:a8:b7:de:0a:46:fe:e0:ed:08:bf:af:
3e:f8:00:9a:2c:95:45:f3:b2:6d:cc:c6:fd:cd:a0:
43:74:9e:d6:36:56:b0:df:3e:52:8a:e7:e2:d6:f6:
92:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:B8:11:B6:ED:9F:C7:C4:28:70:5B:98:3D:0E:CA:0D:E0:31:6A:8F
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/XrgRtu2fx8QocFuYPQ7KDeAxao8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.239.104.0/23
150.241.105.0/24
150.241.108.0/24
150.241.123.0/24
185.184.122.0/23
185.207.133.0/24
Signature Algorithm: sha256WithRSAEncryption
af:b2:fd:54:42:02:04:c6:81:be:25:d8:69:71:fc:29:82:f0:
ee:e8:bc:b8:20:40:f5:99:c8:82:23:ba:0c:be:bd:62:20:b1:
f3:e0:07:3f:a1:88:91:a2:29:0c:dd:9a:9c:ae:b9:66:2e:21:
2f:32:cb:25:e9:bb:16:2d:d0:8d:05:df:cc:da:2f:d0:29:32:
04:8b:5f:11:70:97:f2:3c:14:b7:3a:78:58:1f:c1:29:53:0e:
eb:5a:63:13:c9:3c:6b:b7:38:ba:fb:8d:12:85:df:80:2d:21:
d0:dc:5a:25:9d:d3:0f:d3:27:5c:2d:9c:f2:1f:7d:ba:0f:c4:
52:92:75:8e:38:ef:9a:61:95:36:87:6d:7f:28:ae:12:03:b2:
50:e1:d3:d5:17:7a:14:6c:d1:f5:37:26:f2:ea:bf:b9:ef:01:
26:97:c1:e3:a5:7d:ce:28:ce:5a:10:bb:33:9f:18:cf:1b:d2:
5c:3a:d2:4c:f7:37:bf:17:c9:47:7a:43:26:e8:23:99:ee:ce:
86:66:64:22:09:81:b8:e4:62:69:95:7e:31:af:64:59:69:8b:
15:12:34:90:1b:f1:e8:7f:6b:e7:ce:18:0d:52:4b:73:5b:16:
a8:e2:6a:2a:0a:1a:45:dc:a5:12:aa:4e:76:2e:a9:67:4d:60:
9c:75:e7:c1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZRhGT3EVsncD7J26kVRrMNfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMTEzMTkxNzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWI4MTFiNmVkOWZjN2M0Mjg3MDViOTgzZDBlY2EwZGUwMzE2YThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqI1DeVV/c2VdDHia5peZ7NPdoveD
Oo/eHMHmMxKFLT6DFPXlwjBiv9I7X4tMIk0iPBUrLXsR6au95nMI2myCF5hcmiUg
fxYP6duHA7lVlTs15GuuFDH0YigUCrEt7PYmbXsSzBlWxXCaGqci9/kP0sK8ddTv
7ehW+OfEndDXp5cJhd2GnQP9QSJyPGT1C/K/08eHXbYD1yMC32zmYprTuhErmtHe
uAN6hoXyUezVgyF2zl7wKO8WiaoU0FuUprXcuHJWwyXQSC74+gMo//cK7qt+N0YV
qLfeCkb+4O0Iv68++ACaLJVF87JtzMb9zaBDdJ7WNlaw3z5Siufi1vaSVQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFF64Ebbtn8fEKHBbmD0Oyg3gMWqPMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvWHJnUnR1MmZ4OFFvY0Z1WVBRN0tEZUF4YW84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBTe9oAwQA
lvFpAwQAlvFsAwQAlvF7AwQBubh6AwQAuc+FMA0GCSqGSIb3DQEBCwUAA4IBAQCv
sv1UQgIExoG+JdhpcfwpgvDu6Ly4IED1mciCI7oMvr1iILHz4Ac/oYiRoikM3Zqc
rrlmLiEvMssl6bsWLdCNBd/M2i/QKTIEi18RcJfyPBS3OnhYH8EpUw7rWmMTyTxr
tzi6+40Shd+ALSHQ3FolndMP0ydcLZzyH326D8RSknWOOO+aYZU2h21/KK4SA7JQ
4dPVF3oUbNH1Nyby6r+57wEml8HjpX3OKM5aELsznxjPG9JcOtJM9ze/F8lHekMm
6COZ7s6GZmQiCYG45GJplX4xr2RZaYsVEjSQG/Hof2vnzhgNUktzWxao4moqChpF
3KUSqk52LqlnTWCcdefB
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:11 2025 by rpki-client