Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/gHrIS4Dd9yNcKC3W14O_0ezO2vo.roa
File: gHrIS4Dd9yNcKC3W14O_0ezO2vo.roa (raw, json)
Hash identifier: +A3MpZZDM6/F7IHcWtcwtITwPQzZnV81uEOypwXWBlg=
Subject key identifier: 80:7A:C8:4B:80:DD:F7:23:5C:28:2D:D6:D7:83:BF:D1:EC:CE:DA:FA
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 019428242833D4152B564CC2CAA1C6C9A55C
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/gHrIS4Dd9yNcKC3W14O_0ezO2vo.roa
Signing time: Thu 02 Jan 2025 17:50:45 +0000
ROA not before: Thu 02 Jan 2025 17:50:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200628
IP address blocks: 77.76.2.0/24 maxlen: 24
83.222.184.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Jan 2025 09:28:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:28:33:d4:15:2b:56:4c:c2:ca:a1:c6:c9:a5:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 2 17:50:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=807ac84b80ddf7235c282dd6d783bfd1eccedafa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:80:e3:fa:b5:7e:de:10:18:00:9a:bc:b0:92:
64:25:92:3c:67:79:13:cd:0d:97:47:21:e3:49:52:
f2:93:55:a9:44:88:c5:e3:00:49:9d:44:7f:5e:ee:
77:a0:70:e4:41:79:a1:13:99:f6:2a:bf:48:b4:47:
53:86:ac:7e:fb:a8:6e:33:a3:25:b9:81:65:6f:99:
01:53:50:e8:ac:b4:3c:77:67:34:fc:a9:b1:7f:94:
1c:19:d9:b4:22:ee:3e:f2:8e:c7:d4:e6:b8:90:72:
0e:78:77:56:23:c3:24:7f:d4:1c:f6:05:5d:6e:a8:
2b:a8:73:fc:fe:40:aa:8a:61:ac:96:af:d0:67:0b:
f7:af:a5:c8:d2:6e:f4:5c:7f:b7:0b:85:b0:49:4e:
83:c6:51:07:81:25:a7:99:d8:5c:36:99:99:da:f6:
f1:f5:40:03:f8:fc:7b:8c:9d:64:79:cc:25:c3:2a:
28:0c:1d:6e:a1:4e:42:82:23:ce:dc:2d:4f:a0:e6:
10:e7:89:56:4e:e7:4a:cc:e5:3c:26:e5:03:74:9b:
29:94:98:d4:93:aa:7d:cf:68:21:ef:30:a2:cf:ee:
75:c3:49:b6:39:df:bf:21:8b:a1:7c:d3:1c:e4:c7:
7c:bf:15:25:e1:e0:90:de:5e:79:11:96:d7:ef:58:
b1:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:7A:C8:4B:80:DD:F7:23:5C:28:2D:D6:D7:83:BF:D1:EC:CE:DA:FA
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/gHrIS4Dd9yNcKC3W14O_0ezO2vo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.2.0/24
83.222.184.0/24
Signature Algorithm: sha256WithRSAEncryption
06:de:c9:32:a2:25:1a:a6:bc:24:02:5a:66:0a:24:9b:28:02:
e7:98:35:da:84:f2:53:2a:e1:fe:13:c9:87:98:63:0a:1d:77:
ba:e4:6c:65:45:54:88:d1:c9:35:7b:5e:cf:99:72:50:dd:c6:
66:7f:62:df:2e:89:f9:9d:a2:76:1c:7a:d0:77:9c:9f:78:33:
df:de:fb:bb:51:73:af:d5:88:ba:36:29:6a:64:71:72:7e:5d:
cb:61:38:f6:bb:50:44:b1:e2:bd:c0:e2:a8:67:f1:4e:5c:86:
8d:e5:96:88:59:b8:65:7c:91:f7:b1:6b:00:69:12:16:e0:d5:
6f:98:6f:da:78:e3:13:c1:47:27:68:73:ae:a6:a3:62:d0:0e:
96:d1:a2:46:70:c6:ad:b4:e9:16:b8:ef:da:20:1a:69:d8:ad:
46:33:f8:6a:6c:bb:2a:c1:75:a9:ed:dc:fe:95:28:68:b1:5d:
e4:bf:ed:77:10:ce:d8:35:9d:06:97:39:61:85:08:22:f3:57:
cd:1c:fe:86:1b:b8:ce:d0:3d:61:3e:a9:69:96:b7:57:f6:c8:
cb:a4:1c:6b:75:cf:33:d4:7a:9d:66:f4:fd:4d:d6:ad:10:28:
97:1a:b7:b2:e0:88:c2:dc:74:29:4e:2e:c2:b3:13:f5:21:87:
30:b8:ae:d8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJCgz1BUrVkzCyqHGyaVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTAyMTc1MDQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDdhYzg0YjgwZGRmNzIzNWMyODJkZDZkNzgzYmZkMWVjY2VkYWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA54Dj+rV+3hAYAJq8sJJkJZI8Z3kT
zQ2XRyHjSVLyk1WpRIjF4wBJnUR/Xu53oHDkQXmhE5n2Kr9ItEdThqx++6huM6Ml
uYFlb5kBU1DorLQ8d2c0/Kmxf5QcGdm0Iu4+8o7H1Oa4kHIOeHdWI8Mkf9Qc9gVd
bqgrqHP8/kCqimGslq/QZwv3r6XI0m70XH+3C4WwSU6DxlEHgSWnmdhcNpmZ2vbx
9UAD+Px7jJ1kecwlwyooDB1uoU5CgiPO3C1PoOYQ54lWTudKzOU8JuUDdJsplJjU
k6p9z2gh7zCiz+51w0m2Od+/IYuhfNMc5Md8vxUl4eCQ3l55EZbX71ix+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIB6yEuA3fcjXCgt1teDv9Hsztr6MB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvZ0hySVM0RGQ5eU5jS0MzVzE0T18wZXpPMnZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATUwCAwQA
U964MA0GCSqGSIb3DQEBCwUAA4IBAQAG3skyoiUaprwkAlpmCiSbKALnmDXahPJT
KuH+E8mHmGMKHXe65GxlRVSI0ck1e17PmXJQ3cZmf2LfLon5naJ2HHrQd5yfeDPf
3vu7UXOv1Yi6NilqZHFyfl3LYTj2u1BEseK9wOKoZ/FOXIaN5ZaIWbhlfJH3sWsA
aRIW4NVvmG/aeOMTwUcnaHOupqNi0A6W0aJGcMattOkWuO/aIBpp2K1GM/hqbLsq
wXWp7dz+lShosV3kv+13EM7YNZ0GlzlhhQgi81fNHP6GG7jO0D1hPqlplrdX9sjL
pBxrdc8z1HqdZvT9TdatECiXGrey4IjC3HQpTi7CsxP1IYcwuK7Y
-----END CERTIFICATE-----
Generated at Sat Apr 19 10:29:13 2025 by rpki-client