Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/1-twMVnP22KYC3OhSeu6gdAEZYyU.roa
File: 1-twMVnP22KYC3OhSeu6gdAEZYyU.roa (raw, json)
Hash identifier: AdKIHGc8RnVWrWMEyBBsJ5UBzLihAMCaMBQ/Gk/wz3g=
Subject key identifier: FA:DC:0C:56:73:F6:D8:A6:02:DC:E8:52:7A:EE:A0:74:01:19:63:25
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 0193A6686FC81153B6BF7DE98C950E9720D2
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/1-twMVnP22KYC3OhSeu6gdAEZYyU.roa
Signing time: Sun 08 Dec 2024 13:14:42 +0000
ROA not before: Sun 08 Dec 2024 13:14:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 77.111.117.0/24 maxlen: 24
77.111.123.0/24 maxlen: 24
91.190.187.0/24 maxlen: 24
92.61.103.0/24 maxlen: 24
92.61.106.0/24 maxlen: 24
92.61.109.0/24 maxlen: 24
185.112.240.0/24 maxlen: 24
185.112.241.0/24 maxlen: 24
185.112.242.0/24 maxlen: 24
185.112.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a6:68:6f:c8:11:53:b6:bf:7d:e9:8c:95:0e:97:20:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Dec 8 13:14:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fadc0c5673f6d8a602dce8527aeea07401196325
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b7:97:61:22:78:54:c5:a2:9d:1b:48:a6:96:
84:55:8e:6a:19:f3:5f:00:64:77:17:a0:1c:84:93:
b4:76:17:3b:32:32:a5:bc:07:b2:90:0f:c9:64:2f:
69:c5:13:fc:09:1d:3e:1b:bc:38:84:67:f0:6d:6e:
17:84:ba:03:dc:87:88:5b:1c:46:89:e3:a1:20:b7:
b3:d1:60:86:e8:14:ff:9b:a0:40:38:1b:36:cf:92:
27:ed:5d:8c:46:70:e3:64:e7:f0:8b:83:2d:16:47:
92:05:e7:50:b9:d5:25:ab:b5:3b:d5:f6:63:c6:7b:
1f:9e:b0:03:68:ab:79:48:0f:f8:62:a6:34:2a:7f:
e0:17:b9:37:9e:e5:e9:50:b2:d0:49:b8:dc:a7:dc:
d2:5d:60:c6:80:03:4d:ad:d8:79:07:cc:d4:c0:06:
4e:47:19:b1:2a:9f:07:14:30:2c:b8:b1:7c:20:fe:
76:b3:be:4d:92:60:19:35:2e:17:59:24:47:6a:4a:
f1:2f:22:61:dd:46:68:74:59:37:a0:f3:15:3f:6a:
c3:00:09:61:42:66:f4:06:e4:e5:e0:4f:6c:65:f5:
f5:37:e3:a2:81:be:c3:cb:8b:c0:d0:1f:02:43:df:
79:0b:5e:77:d5:01:08:cf:5f:3c:c4:3f:dd:bb:63:
34:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:DC:0C:56:73:F6:D8:A6:02:DC:E8:52:7A:EE:A0:74:01:19:63:25
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/1-twMVnP22KYC3OhSeu6gdAEZYyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.117.0/24
77.111.123.0/24
91.190.187.0/24
92.61.103.0/24
92.61.106.0/24
92.61.109.0/24
185.112.240.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:3b:6f:8c:34:1f:e2:d7:d7:b1:40:5c:00:07:23:e9:97:cf:
91:ab:4d:cd:37:5a:37:40:30:76:9b:ee:c3:f8:a1:0e:fd:57:
9b:38:59:75:84:27:15:02:4f:1b:1b:e3:ab:26:a4:ff:26:4b:
70:f4:8b:85:9c:40:25:ee:3f:6d:d5:76:e7:80:63:f2:dc:52:
72:4c:b2:d5:cc:1b:ca:96:1a:74:32:7b:c5:9c:ac:02:17:4b:
32:5d:bb:4b:7f:5e:e0:71:4c:3b:c5:93:6a:f2:d7:3f:6e:19:
99:5b:56:6a:05:32:64:96:eb:ad:54:d4:7b:30:2f:56:ae:12:
6f:12:23:b0:a6:be:0c:b6:5b:75:a3:94:f3:07:79:94:26:e5:
c5:e5:80:e5:2b:b0:60:73:8b:53:62:0e:6b:6a:43:6c:ea:f4:
6d:e3:1e:3f:53:de:83:d6:b2:d4:d2:2a:51:59:a4:e6:f5:57:
7a:47:df:a7:e4:d9:a3:19:1f:de:52:50:4c:44:bb:23:21:de:
3d:17:63:09:1d:55:ed:82:43:8f:25:cb:59:fc:52:88:a5:b9:
4a:01:15:20:27:fe:b9:a1:82:bc:de:d2:8b:80:bf:a1:99:15:
4d:22:d1:e1:9c:81:b6:b8:b3:45:a2:4a:07:29:aa:cc:df:8b:
58:b0:aa:de
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZOmaG/IEVO2v33pjJUOlyDSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjQxMjA4MTMxNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWRjMGM1NjczZjZkOGE2MDJkY2U4NTI3YWVlYTA3NDAxMTk2MzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2reXYSJ4VMWinRtIppaEVY5qGfNf
AGR3F6AchJO0dhc7MjKlvAeykA/JZC9pxRP8CR0+G7w4hGfwbW4XhLoD3IeIWxxG
ieOhILez0WCG6BT/m6BAOBs2z5In7V2MRnDjZOfwi4MtFkeSBedQudUlq7U71fZj
xnsfnrADaKt5SA/4YqY0Kn/gF7k3nuXpULLQSbjcp9zSXWDGgANNrdh5B8zUwAZO
RxmxKp8HFDAsuLF8IP52s75NkmAZNS4XWSRHakrxLyJh3UZodFk3oPMVP2rDAAlh
Qmb0BuTl4E9sZfX1N+Oigb7Dy4vA0B8CQ995C1531QEIz188xD/du2M05wIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFPrcDFZz9timAtzoUnruoHQBGWMlMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvMS10d01WblAyMktZQzNPaFNldTZnZEFFWll5VS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDQvOThhNWVkLTkwNWUtNGJmYS05MTU0LWYxYzMzYWEyZmQ1
MC8xL1pCbDFXRHNsQTJMSUZROWpyYk1LRDJvTWI4TS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAE1vdQME
AE1vewMEAFu+uwMEAFw9ZwMEAFw9agMEAFw9bQMEArlw8DANBgkqhkiG9w0BAQsF
AAOCAQEAOjtvjDQf4tfXsUBcAAcj6ZfPkatNzTdaN0Awdpvuw/ihDv1XmzhZdYQn
FQJPGxvjqyak/yZLcPSLhZxAJe4/bdV254Bj8txSckyy1cwbypYadDJ7xZysAhdL
Ml27S39e4HFMO8WTavLXP24ZmVtWagUyZJbrrVTUezAvVq4SbxIjsKa+DLZbdaOU
8wd5lCblxeWA5SuwYHOLU2IOa2pDbOr0beMeP1Peg9ay1NIqUVmk5vVXekffp+TZ
oxkf3lJQTES7IyHePRdjCR1V7YJDjyXLWfxSiKW5SgEVICf+uaGCvN7Si4C/oZkV
TSLR4ZyBtrizRaJKBymqzN+LWLCq3g==
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:06:11 2025 by rpki-client