Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/T7IsYGZr3XJw_RnpuA2P0sNVNgA.roa
File: T7IsYGZr3XJw_RnpuA2P0sNVNgA.roa (raw, json)
Hash identifier: Q9srCt599bDgaIDwTsSRNxJn1uln5d/QIL/5/BN3twI=
Subject key identifier: 4F:B2:2C:60:66:6B:DD:72:70:FD:19:E9:B8:0D:8F:D2:C3:55:36:00
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 019446023CF46C77A19C7EA9FD6D63D8B713
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/T7IsYGZr3XJw_RnpuA2P0sNVNgA.roa
Signing time: Wed 08 Jan 2025 13:02:19 +0000
ROA not before: Wed 08 Jan 2025 13:02:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203380
IP address blocks: 77.76.13.0/24 maxlen: 24
78.128.99.0/24 maxlen: 24
78.128.127.0/24 maxlen: 24
79.124.7.0/24 maxlen: 24
79.124.77.0/24 maxlen: 24
82.118.227.0/24 maxlen: 24
82.118.230.0/24 maxlen: 24
82.118.234.0/24 maxlen: 24
82.118.235.0/24 maxlen: 24
82.118.245.0/24 maxlen: 24
91.148.141.0/24 maxlen: 24
94.72.140.0/23 maxlen: 24
94.72.143.0/24 maxlen: 24
130.185.251.0/24 maxlen: 24
2a01:8740:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 09 Jan 2025 09:28:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:46:02:3c:f4:6c:77:a1:9c:7e:a9:fd:6d:63:d8:b7:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 8 13:02:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4fb22c60666bdd7270fd19e9b80d8fd2c3553600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:55:76:63:b1:1c:5b:b5:b6:53:3d:ab:9e:87:
73:a3:36:45:b8:82:3a:e9:d6:5b:84:4b:d5:b4:de:
65:16:51:f4:74:be:73:76:ba:a7:16:e5:00:13:1c:
51:30:ee:dd:db:ed:5c:c2:70:ac:0d:a0:80:f2:df:
ec:e7:e0:35:50:be:a1:cb:38:8d:34:dc:5c:5f:98:
17:af:5e:94:f1:db:ee:cf:1b:41:d2:d2:7b:c8:cd:
22:c9:d3:9b:83:5b:e7:4c:ea:15:31:44:fe:a1:96:
5f:ab:a9:91:eb:ba:c9:68:76:13:3b:5f:49:1d:c4:
b1:d1:a8:73:39:2f:2b:2b:92:93:2c:cc:a6:b1:fc:
ef:a6:5f:42:ae:aa:96:e6:ec:b6:06:97:0a:95:cb:
83:f7:21:1a:2a:11:4a:2f:fc:36:4e:b0:7a:4f:05:
05:b3:41:74:fe:13:44:55:a1:6a:a8:6f:56:2b:51:
fd:eb:27:22:81:44:97:a1:2c:57:2e:e1:e1:c3:63:
11:6b:43:7e:42:b3:f8:45:b8:44:58:1b:74:ac:e2:
93:d7:82:52:97:d5:91:30:dd:0f:61:cf:79:b3:b3:
43:26:4c:54:04:1c:e9:42:cb:74:6e:8d:34:44:08:
1e:35:76:b7:36:ea:8f:79:18:9e:de:76:6d:e1:ad:
db:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:B2:2C:60:66:6B:DD:72:70:FD:19:E9:B8:0D:8F:D2:C3:55:36:00
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/T7IsYGZr3XJw_RnpuA2P0sNVNgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.13.0/24
78.128.99.0/24
78.128.127.0/24
79.124.7.0/24
79.124.77.0/24
82.118.227.0/24
82.118.230.0/24
82.118.234.0/23
82.118.245.0/24
91.148.141.0/24
94.72.140.0/23
94.72.143.0/24
130.185.251.0/24
IPv6:
2a01:8740:1::/48
Signature Algorithm: sha256WithRSAEncryption
83:ec:82:73:ed:58:28:1d:b4:da:6d:dd:2a:fc:f6:e4:2c:6b:
d0:c3:77:f3:99:2d:15:55:8a:8e:1b:a5:fe:81:91:52:5c:af:
4e:f3:77:5c:e0:45:e7:95:f5:c5:a1:6f:68:f4:5c:3a:03:19:
ef:ef:49:20:bc:00:e0:19:8c:ef:80:5d:fb:0e:37:51:87:e5:
70:3b:31:de:9a:15:eb:d7:30:19:91:36:d5:5e:55:62:e1:6f:
9d:76:72:9e:d0:ea:fb:ab:cd:2a:76:b4:ae:86:3a:b6:3b:92:
26:9a:b7:fd:04:ae:56:cd:2d:1e:b8:bd:03:52:2d:e3:88:1b:
ab:ea:cc:e2:a6:4f:75:17:aa:4b:61:7c:35:ab:d0:ba:0b:7f:
2e:00:f1:de:5a:3b:68:a0:ba:a4:2b:72:58:3a:02:d9:8e:1e:
08:42:29:e0:77:25:78:23:f8:7b:61:a8:42:e6:1a:fc:02:79:
8f:a6:88:88:3e:6d:ca:f3:80:10:39:20:61:7c:4c:f9:bc:83:
0c:ad:5f:73:1f:4b:8a:e4:c7:52:7d:ec:ab:41:40:43:23:45:
71:d8:83:67:f0:12:f8:4b:5a:1c:84:55:02:40:c2:58:e5:06:
0d:21:6c:6c:42:ad:2d:ec:ed:eb:34:d9:a6:32:7d:5c:c2:aa:
8c:e3:73:ea
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZRGAjz0bHehnH6p/W1j2LcTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTA4MTMwMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmIyMmM2MDY2NmJkZDcyNzBmZDE5ZTliODBkOGZkMmMzNTUzNjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFV2Y7EcW7W2Uz2rnodzozZFuII6
6dZbhEvVtN5lFlH0dL5zdrqnFuUAExxRMO7d2+1cwnCsDaCA8t/s5+A1UL6hyziN
NNxcX5gXr16U8dvuzxtB0tJ7yM0iydObg1vnTOoVMUT+oZZfq6mR67rJaHYTO19J
HcSx0ahzOS8rK5KTLMymsfzvpl9CrqqW5uy2BpcKlcuD9yEaKhFKL/w2TrB6TwUF
s0F0/hNEVaFqqG9WK1H96ycigUSXoSxXLuHhw2MRa0N+QrP4RbhEWBt0rOKT14JS
l9WRMN0PYc95s7NDJkxUBBzpQst0bo00RAgeNXa3NuqPeRie3nZt4a3bgQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFE+yLGBma91ycP0Z6bgNj9LDVTYAMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvVDdJc1lHWnIzWEp3X1JucHVBMlAwc05WTmdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBUBAIAATBOAwQATUwNAwQA
ToBjAwQAToB/AwQAT3wHAwQAT3xNAwQAUnbjAwQAUnbmAwQBUnbqAwQAUnb1AwQA
W5SNAwQBXkiMAwQAXkiPAwQAgrn7MA8EAgACMAkDBwAqAYdAAAEwDQYJKoZIhvcN
AQELBQADggEBAIPsgnPtWCgdtNpt3Sr89uQsa9DDd/OZLRVVio4bpf6BkVJcr07z
d1zgReeV9cWhb2j0XDoDGe/vSSC8AOAZjO+AXfsON1GH5XA7Md6aFevXMBmRNtVe
VWLhb512cp7Q6vurzSp2tK6GOrY7kiaat/0ErlbNLR64vQNSLeOIG6vqzOKmT3UX
qkthfDWr0LoLfy4A8d5aO2iguqQrclg6AtmOHghCKeB3JXgj+HthqELmGvwCeY+m
iIg+bcrzgBA5IGF8TPm8gwytX3MfS4rkx1J97KtBQEMjRXHYg2fwEvhLWhyEVQJA
wljlBg0hbGxCrS3s7es02aYyfVzCqozjc+o=
-----END CERTIFICATE-----
Generated at Sat Apr 19 10:20:13 2025 by rpki-client