Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/rKRzY5-D7upEqF94V_CsihgdS_I.roa
File: rKRzY5-D7upEqF94V_CsihgdS_I.roa (raw, json)
Hash identifier: iTaX76Ew1AqHYVZae8YZcg/3X+oDgxHn0tGJgv1wI7k=
Subject key identifier: AC:A4:73:63:9F:83:EE:EA:44:A8:5F:78:57:F0:AC:8A:18:1D:4B:F2
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 01946B2A5FA638F851FCE058E6E940291A22
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/rKRzY5-D7upEqF94V_CsihgdS_I.roa
Signing time: Wed 15 Jan 2025 18:12:06 +0000
ROA not before: Wed 15 Jan 2025 18:12:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 77.239.96.0/21 maxlen: 24
77.239.112.0/21 maxlen: 24
77.239.120.0/22 maxlen: 24
77.239.124.0/23 maxlen: 24
150.241.64.0/24 maxlen: 24
150.241.65.0/24 maxlen: 24
150.241.66.0/24 maxlen: 24
150.241.67.0/24 maxlen: 24
150.241.68.0/24 maxlen: 24
150.241.69.0/24 maxlen: 24
150.241.70.0/24 maxlen: 24
150.241.71.0/24 maxlen: 24
150.241.72.0/24 maxlen: 24
150.241.73.0/24 maxlen: 24
150.241.74.0/24 maxlen: 24
150.241.75.0/24 maxlen: 24
150.241.76.0/24 maxlen: 24
150.241.77.0/24 maxlen: 24
150.241.78.0/24 maxlen: 24
150.241.79.0/24 maxlen: 24
150.241.80.0/24 maxlen: 24
150.241.81.0/24 maxlen: 24
150.241.82.0/24 maxlen: 24
150.241.83.0/24 maxlen: 24
150.241.84.0/24 maxlen: 24
150.241.85.0/24 maxlen: 24
150.241.86.0/24 maxlen: 24
150.241.87.0/24 maxlen: 24
150.241.88.0/24 maxlen: 24
150.241.89.0/24 maxlen: 24
150.241.90.0/24 maxlen: 24
150.241.91.0/24 maxlen: 24
150.241.92.0/24 maxlen: 24
150.241.93.0/24 maxlen: 24
150.241.94.0/24 maxlen: 24
150.241.95.0/24 maxlen: 24
150.241.96.0/24 maxlen: 24
150.241.97.0/24 maxlen: 24
150.241.98.0/24 maxlen: 24
150.241.99.0/24 maxlen: 24
150.241.100.0/24 maxlen: 24
150.241.101.0/24 maxlen: 24
150.241.102.0/24 maxlen: 24
150.241.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Jan 2025 20:34:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6b:2a:5f:a6:38:f8:51:fc:e0:58:e6:e9:40:29:1a:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jan 15 18:12:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aca473639f83eeea44a85f7857f0ac8a181d4bf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:de:08:63:40:bf:79:3e:8c:12:10:7d:b6:4b:
98:0c:a9:b0:c6:db:6f:23:b6:3b:44:68:43:17:e7:
fd:0c:77:d9:9a:1d:4b:34:21:37:73:c5:83:92:41:
95:8f:1b:a0:06:e8:96:ff:1e:0e:34:01:dd:1d:0c:
84:3f:89:27:98:46:4f:90:6f:32:76:cf:5a:41:bf:
4d:87:71:7f:77:5b:e7:95:06:b8:ef:f4:f2:85:98:
37:96:b2:9e:d2:19:a4:c1:be:5d:ae:0b:fc:9e:a5:
a4:e1:11:b8:f4:b0:57:55:7b:2d:95:c9:2d:c4:16:
73:51:d4:82:ad:1b:00:e6:d4:7c:5e:32:6c:d5:7e:
41:d6:a9:eb:be:6f:5c:2d:57:8d:65:3e:d0:1e:3c:
de:1c:1c:5e:d7:7c:ff:67:9b:fa:39:77:54:c7:a7:
0a:bc:ed:ff:76:5b:4f:d3:20:db:89:ce:16:8d:0e:
ea:6b:f1:5d:93:ef:49:6c:da:aa:51:cf:a5:38:95:
6b:7a:37:3b:4d:97:fb:76:85:9d:36:9f:c9:eb:d4:
b0:1c:a6:19:7b:95:60:c7:13:1b:27:3a:0b:e4:b2:
e0:b9:59:e8:84:e6:1b:2f:e1:37:80:4b:87:72:03:
9b:85:70:2c:be:52:bc:76:fc:71:54:23:fe:5b:23:
81:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:A4:73:63:9F:83:EE:EA:44:A8:5F:78:57:F0:AC:8A:18:1D:4B:F2
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/rKRzY5-D7upEqF94V_CsihgdS_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.239.96.0/21
77.239.112.0-77.239.125.255
150.241.64.0-150.241.103.255
Signature Algorithm: sha256WithRSAEncryption
30:9d:aa:66:87:da:50:dc:92:cb:dd:91:bc:68:86:f5:29:76:
4a:b7:ac:ee:91:49:1d:c7:80:78:b0:07:8a:60:53:59:22:f1:
1f:19:77:39:6e:aa:0c:1c:81:51:a6:d4:68:6f:99:44:fc:1e:
c8:ec:3f:a7:1f:c0:46:7b:08:82:e1:14:c1:af:3c:6e:63:98:
4a:27:01:8c:70:29:4e:78:c7:fd:d8:44:7d:a9:7c:9e:df:80:
bc:d7:50:d3:61:1b:6e:f7:4a:1b:d8:dc:f4:5c:16:2d:d5:1e:
05:73:6a:e2:0f:8f:bb:73:92:26:f8:81:ba:2d:1d:e9:7f:9a:
25:81:fd:00:ff:4b:e3:44:87:f7:09:b0:a6:c8:0e:9b:a0:1a:
30:47:11:32:fc:72:80:0f:ab:df:db:88:f9:3a:e9:09:67:74:
d8:ce:ee:26:19:ae:ea:a9:31:63:2b:e8:ad:43:de:ed:bf:7d:
2d:5d:ba:2b:13:2f:9a:c8:6e:9b:f1:a3:16:b5:ef:50:96:1b:
73:14:af:61:89:57:21:82:ad:78:1b:54:71:95:9b:f7:e1:c5:
3c:0e:3c:21:be:55:eb:07:38:69:72:ee:67:03:b4:1a:91:4f:
7c:b1:93:00:93:6f:e1:57:2d:8c:06:7a:59:9e:4f:14:af:00:
b8:60:13:3b
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZRrKl+mOPhR/OBY5ulAKRoiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMTE1MTgxMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2E0NzM2MzlmODNlZWVhNDRhODVmNzg1N2YwYWM4YTE4MWQ0YmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst4IY0C/eT6MEhB9tkuYDKmwxttv
I7Y7RGhDF+f9DHfZmh1LNCE3c8WDkkGVjxugBuiW/x4ONAHdHQyEP4knmEZPkG8y
ds9aQb9Nh3F/d1vnlQa47/TyhZg3lrKe0hmkwb5drgv8nqWk4RG49LBXVXstlckt
xBZzUdSCrRsA5tR8XjJs1X5B1qnrvm9cLVeNZT7QHjzeHBxe13z/Z5v6OXdUx6cK
vO3/dltP0yDbic4WjQ7qa/Fdk+9JbNqqUc+lOJVrejc7TZf7doWdNp/J69SwHKYZ
e5VgxxMbJzoL5LLguVnohOYbL+E3gEuHcgObhXAsvlK8dvxxVCP+WyOBcwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFKykc2Ofg+7qRKhfeFfwrIoYHUvyMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvcktSelk1LUQ3dXBFcUY5NFZfQ3NpaGdkU19JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQDTe9gMAwD
BARN73ADBAFN73wwDAMEBpbxQAMEA5bxYDANBgkqhkiG9w0BAQsFAAOCAQEAMJ2q
ZofaUNySy92RvGiG9Sl2Sres7pFJHceAeLAHimBTWSLxHxl3OW6qDByBUabUaG+Z
RPweyOw/px/ARnsIguEUwa88bmOYSicBjHApTnjH/dhEfal8nt+AvNdQ02EbbvdK
G9jc9FwWLdUeBXNq4g+Pu3OSJviBui0d6X+aJYH9AP9L40SH9wmwpsgOm6AaMEcR
MvxygA+r39uI+TrpCWd02M7uJhmu6qkxYyvorUPe7b99LV26KxMvmshum/GjFrXv
UJYbcxSvYYlXIYKteBtUcZWb9+HFPA48Ib5V6wc4aXLuZwO0GpFPfLGTAJNv4Vct
jAZ6WZ5PFK8AuGATOw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:13:11 2025 by rpki-client