Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/E8A2ngINwNUGjwgMadqjSEQmyc8.roa
File: E8A2ngINwNUGjwgMadqjSEQmyc8.roa (raw, json)
Hash identifier: +1x9hbwLAeQ9B1e6GOxabmLEueKdz/HHxFd/KFen/9c=
Subject key identifier: 13:C0:36:9E:02:0D:C0:D5:06:8F:08:0C:69:DA:A3:48:44:26:C9:CF
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 0194418E674BF9E7E0CE106769C9C0AEA224
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/E8A2ngINwNUGjwgMadqjSEQmyc8.roa
Signing time: Tue 07 Jan 2025 16:17:19 +0000
ROA not before: Tue 07 Jan 2025 16:17:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 77.76.0.0/23 maxlen: 23
77.76.4.0/22 maxlen: 22
78.128.2.0/23 maxlen: 23
78.128.10.0/23 maxlen: 23
78.128.12.0/22 maxlen: 22
78.128.16.0/20 maxlen: 20
78.128.36.0/22 maxlen: 22
78.128.40.0/23 maxlen: 23
78.128.52.0/22 maxlen: 22
78.128.56.0/22 maxlen: 22
78.128.63.0/24 maxlen: 24
78.128.74.0/24 maxlen: 24
78.128.75.0/24 maxlen: 24
78.128.82.0/23 maxlen: 23
78.128.84.0/22 maxlen: 22
78.128.96.0/23 maxlen: 23
78.128.100.0/22 maxlen: 22
78.128.104.0/22 maxlen: 22
78.128.115.0/24 maxlen: 24
78.128.116.0/23 maxlen: 23
78.128.120.0/23 maxlen: 23
78.128.122.0/24 maxlen: 24
78.128.123.0/24 maxlen: 24
78.142.9.0/24 maxlen: 24
78.142.10.0/23 maxlen: 23
78.142.12.0/22 maxlen: 22
78.142.30.0/23 maxlen: 23
79.124.47.0/24 maxlen: 24
83.222.185.0/24 maxlen: 24
84.201.224.0/20 maxlen: 20
91.148.149.0/24 maxlen: 24
91.148.150.0/23 maxlen: 23
91.148.152.0/21 maxlen: 21
91.148.162.0/23 maxlen: 23
91.148.164.0/23 maxlen: 23
91.148.166.0/24 maxlen: 24
91.148.169.0/24 maxlen: 24
91.148.170.0/23 maxlen: 23
91.148.172.0/22 maxlen: 22
91.148.176.0/21 maxlen: 21
91.148.186.0/23 maxlen: 23
130.185.227.0/24 maxlen: 24
193.200.14.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 08 Jan 2025 07:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:41:8e:67:4b:f9:e7:e0:ce:10:67:69:c9:c0:ae:a2:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 7 16:17:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=13c0369e020dc0d5068f080c69daa3484426c9cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:75:75:fa:34:dd:18:d3:98:13:a0:78:c5:f3:
56:08:18:01:5b:0c:7d:03:ae:b4:83:6e:78:57:e4:
d7:5c:ad:46:e7:0a:56:fb:a0:68:aa:9c:62:e3:d6:
5d:18:e7:77:55:84:00:4c:82:21:d8:a4:3c:3c:42:
f0:98:23:3a:74:13:77:b2:e3:97:e3:e5:45:43:4e:
9b:ab:55:7b:09:ec:5a:77:e3:a0:f1:12:6d:f2:bf:
55:33:c9:86:01:fb:17:d8:7c:d3:19:3f:07:86:94:
a1:01:17:1c:d5:9c:46:c5:14:e1:68:1e:cf:6e:fc:
94:a3:e8:aa:34:f9:3a:20:de:cc:52:13:d6:29:41:
b0:b8:82:f9:5b:4e:ed:63:fb:7a:b6:88:75:53:af:
d9:0a:d6:15:c7:2c:1d:5a:2b:8f:62:ff:f2:33:94:
71:75:5d:9e:4b:27:b2:69:d2:c2:d7:2a:3a:75:20:
ed:cc:ef:1a:1e:65:5d:4e:09:5d:39:48:40:c1:18:
1e:7a:29:23:1c:14:14:23:54:68:b1:6a:53:b0:c4:
dd:ed:12:56:4c:a6:72:30:08:85:28:6b:32:b4:95:
09:37:0b:8f:3b:c2:69:e1:2d:ec:a6:46:75:ad:a1:
71:c3:be:12:61:24:fd:8e:0a:73:af:50:54:7c:93:
f5:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:C0:36:9E:02:0D:C0:D5:06:8F:08:0C:69:DA:A3:48:44:26:C9:CF
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/E8A2ngINwNUGjwgMadqjSEQmyc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.0.0/23
77.76.4.0/22
78.128.2.0/23
78.128.10.0-78.128.31.255
78.128.36.0-78.128.41.255
78.128.52.0-78.128.59.255
78.128.63.0/24
78.128.74.0/23
78.128.82.0-78.128.87.255
78.128.96.0/23
78.128.100.0-78.128.107.255
78.128.115.0-78.128.117.255
78.128.120.0/22
78.142.9.0-78.142.15.255
78.142.30.0/23
79.124.47.0/24
83.222.185.0/24
84.201.224.0/20
91.148.149.0-91.148.159.255
91.148.162.0-91.148.166.255
91.148.169.0-91.148.183.255
91.148.186.0/23
130.185.227.0/24
193.200.14.0/23
Signature Algorithm: sha256WithRSAEncryption
59:cc:3a:cc:16:ca:5e:28:39:e2:4c:ab:23:53:53:8b:de:aa:
b5:49:57:ee:18:95:15:88:77:06:ee:e3:95:ed:42:d9:df:9a:
5a:e8:e3:60:3f:29:75:b5:06:0e:31:49:71:9e:d9:92:44:fc:
f2:99:db:e0:e9:11:70:4c:90:5a:8d:4a:3c:0f:1e:5a:12:f3:
21:cc:39:d3:c7:b8:1b:04:0b:6e:46:c6:c6:4e:c7:fe:72:4e:
4f:9a:8b:34:3e:97:e1:fa:5f:ab:c6:1d:89:6e:5b:c0:e5:87:
fb:71:b3:5c:13:62:ce:4a:26:60:ff:bf:e8:22:c7:51:9c:cf:
d6:8b:d7:cc:ad:fc:06:11:a4:00:fe:de:77:c6:99:9f:7d:55:
1c:91:8c:64:e0:bb:b0:28:b5:8c:2c:94:8d:15:6a:eb:2f:2d:
ad:60:c8:df:19:5e:dd:ab:13:f0:7e:9a:e5:e1:aa:04:38:0d:
b7:6e:ef:c0:2d:8a:12:f5:f0:0d:9d:8a:dc:c6:27:78:89:55:
ad:93:29:ea:7d:bd:21:6b:6c:69:3c:64:6a:44:b1:b9:7b:5f:
49:f7:f2:09:6b:83:15:3b:a0:70:51:91:73:ef:46:cf:d5:59:
5a:0f:97:30:06:bf:d6:96:c7:8b:9b:07:4a:7b:87:2e:e2:de:
08:66:83:33
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAZRBjmdL+efgzhBnacnArqIkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTA3MTYxNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2MwMzY5ZTAyMGRjMGQ1MDY4ZjA4MGM2OWRhYTM0ODQ0MjZjOWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXV1+jTdGNOYE6B4xfNWCBgBWwx9
A660g254V+TXXK1G5wpW+6Boqpxi49ZdGOd3VYQATIIh2KQ8PELwmCM6dBN3suOX
4+VFQ06bq1V7Cexad+Og8RJt8r9VM8mGAfsX2HzTGT8HhpShARcc1ZxGxRThaB7P
bvyUo+iqNPk6IN7MUhPWKUGwuIL5W07tY/t6toh1U6/ZCtYVxywdWiuPYv/yM5Rx
dV2eSyeyadLC1yo6dSDtzO8aHmVdTgldOUhAwRgeeikjHBQUI1RosWpTsMTd7RJW
TKZyMAiFKGsytJUJNwuPO8Jp4S3spkZ1raFxw74SYST9jgpzr1BUfJP19QIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFBPANp4CDcDVBo8IDGnao0hEJsnPMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvRThBMm5nSU53TlVHandnTWFkcWpTRVFteWM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jCB5wQCAAEwgeADBAFN
TAADBAJNTAQDBAFOgAIwDAMEAU6ACgMEBU6AADAMAwQCToAkAwQBToAoMAwDBAJO
gDQDBAJOgDgDBABOgD8DBAFOgEowDAMEAU6AUgMEA06AUAMEAU6AYDAMAwQCToBk
AwQCToBoMAwDBABOgHMDBAFOgHQDBAJOgHgwDAMEAE6OCQMEBE6OAAMEAU6OHgME
AE98LwMEAFPeuQMEBFTJ4DAMAwQAW5SVAwQFW5SAMAwDBAFblKIDBABblKYwDAME
AFuUqQMEA1uUsAMEAVuUugMEAIK54wMEAcHIDjANBgkqhkiG9w0BAQsFAAOCAQEA
Wcw6zBbKXig54kyrI1NTi96qtUlX7hiVFYh3Bu7jle1C2d+aWujjYD8pdbUGDjFJ
cZ7ZkkT88pnb4OkRcEyQWo1KPA8eWhLzIcw508e4GwQLbkbGxk7H/nJOT5qLND6X
4fpfq8YdiW5bwOWH+3GzXBNizkomYP+/6CLHUZzP1ovXzK38BhGkAP7ed8aZn31V
HJGMZOC7sCi1jCyUjRVq6y8trWDI3xle3asT8H6a5eGqBDgNt27vwC2KEvXwDZ2K
3MYneIlVrZMp6n29IWtsaTxkakSxuXtfSffyCWuDFTugcFGRc+9Gz9VZWg+XMAa/
1pbHi5sHSnuHLuLeCGaDMw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 10:41:16 2025 by rpki-client