Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/0i_HCBn8fOkPJLuduL1qrOa8w2M.roa
File: 0i_HCBn8fOkPJLuduL1qrOa8w2M.roa (raw, json)
Hash identifier: n4jCcFauxyPs09tOlfIYPNrnEFiacui2aDb9MLlPuHo=
Subject key identifier: D2:2F:C7:08:19:FC:7C:E9:0F:24:BB:9D:B8:BD:6A:AC:E6:BC:C3:63
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0194F157F4BAE8581A23CAE14AC9C6F76AB1
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/0i_HCBn8fOkPJLuduL1qrOa8w2M.roa
Signing time: Mon 10 Feb 2025 19:31:00 +0000
ROA not before: Mon 10 Feb 2025 19:31:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 77.242.150.0/24 maxlen: 24
88.209.201.0/24 maxlen: 24
88.209.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Mar 2025 12:25:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f1:57:f4:ba:e8:58:1a:23:ca:e1:4a:c9:c6:f7:6a:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 10 19:31:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d22fc70819fc7ce90f24bb9db8bd6aace6bcc363
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6c:dd:66:e6:13:c3:b5:6c:4a:93:18:ec:22:
5b:11:1b:67:bf:64:b4:1b:61:54:af:4a:12:f6:9f:
35:35:01:a7:a2:64:f7:db:a1:19:f5:f0:dc:16:a8:
f6:94:61:c5:73:1c:b1:ff:f0:2a:3e:8e:9f:40:e1:
9e:69:5c:bf:73:8a:04:26:a4:9f:24:b7:b1:93:6d:
24:51:12:2d:05:80:d4:68:3c:f0:c7:54:42:35:6d:
e9:c5:f1:c2:46:a1:6c:2a:33:d4:4c:32:3d:22:33:
47:14:50:72:1b:c7:35:53:65:6a:52:e3:a8:74:77:
ed:d4:63:6e:16:43:09:ea:36:8e:8f:80:21:84:c5:
c0:58:50:00:dd:2b:65:be:96:91:84:ce:b1:b0:79:
f3:e6:d5:36:28:0b:76:0f:28:d7:27:e4:14:d9:ee:
68:de:a8:5a:12:17:1f:fb:79:38:3b:d3:f7:2b:cf:
73:5a:28:20:00:29:d3:c2:9e:9a:19:24:cf:fa:9f:
6c:b4:d6:fa:4c:30:ef:cd:d9:a2:4b:d5:e9:4d:59:
bb:68:f3:95:3b:d8:40:d3:5e:f9:4b:49:82:98:15:
74:e9:be:a1:34:7b:20:c3:2e:31:9d:1a:48:b3:22:
26:f2:69:b7:6e:1c:1b:30:e6:5b:95:91:39:9c:20:
10:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:2F:C7:08:19:FC:7C:E9:0F:24:BB:9D:B8:BD:6A:AC:E6:BC:C3:63
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/0i_HCBn8fOkPJLuduL1qrOa8w2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.150.0/24
88.209.201.0/24
88.209.216.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:91:7d:8e:1c:27:0a:00:28:56:c2:a6:d3:11:20:46:39:15:
78:5e:67:3c:52:e2:40:c6:1d:2d:30:ad:79:c1:5f:10:4f:b9:
06:08:a5:af:50:e3:83:ce:03:41:b3:07:62:91:98:9a:aa:43:
f1:40:c9:0e:89:f5:39:5c:74:78:11:a8:af:9e:56:e9:18:24:
e3:7d:aa:57:91:1f:ac:7c:63:91:9b:1b:05:8c:af:6b:54:bb:
c0:cb:31:97:c1:fe:80:c3:06:bc:be:86:54:54:e5:f6:d0:31:
e0:39:00:ab:69:ae:1a:22:a7:3a:de:05:80:cb:d9:ee:08:b3:
d8:9b:99:fd:fb:8d:de:1e:86:7b:d5:46:d5:f8:e7:42:b8:97:
6a:f5:6f:d4:b8:26:0b:e0:6e:98:1a:39:70:0f:01:83:5d:f2:
24:e9:87:a5:4d:b7:a9:b9:db:54:e0:c8:04:01:d1:9f:df:53:
ba:34:0e:bb:30:ff:10:6e:6d:10:e2:54:34:0b:9f:9d:a0:16:
13:e0:29:d0:e0:06:68:1f:22:80:13:54:23:17:2f:c5:cb:5e:
d8:48:13:c6:cd:d9:08:24:9d:d1:9d:24:49:b1:97:94:2e:8b:
ef:90:7a:2d:b7:4e:b2:ab:c0:2c:58:ce:17:1d:cb:41:31:a5:
bf:66:10:9c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZTxV/S66FgaI8rhSsnG92qxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMjEwMTkzMTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjJmYzcwODE5ZmM3Y2U5MGYyNGJiOWRiOGJkNmFhY2U2YmNjMzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWzdZuYTw7VsSpMY7CJbERtnv2S0
G2FUr0oS9p81NQGnomT326EZ9fDcFqj2lGHFcxyx//AqPo6fQOGeaVy/c4oEJqSf
JLexk20kURItBYDUaDzwx1RCNW3pxfHCRqFsKjPUTDI9IjNHFFByG8c1U2VqUuOo
dHft1GNuFkMJ6jaOj4AhhMXAWFAA3StlvpaRhM6xsHnz5tU2KAt2DyjXJ+QU2e5o
3qhaEhcf+3k4O9P3K89zWiggACnTwp6aGSTP+p9stNb6TDDvzdmiS9XpTVm7aPOV
O9hA0175S0mCmBV06b6hNHsgwy4xnRpIsyIm8mm3bhwbMOZblZE5nCAQpwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNIvxwgZ/HzpDyS7nbi9aqzmvMNjMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvMGlfSENCbjhmT2tQSkx1ZHVMMXFyT2E4dzJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATfKWAwQA
WNHJAwQAWNHYMA0GCSqGSIb3DQEBCwUAA4IBAQBtkX2OHCcKAChWwqbTESBGORV4
Xmc8UuJAxh0tMK15wV8QT7kGCKWvUOODzgNBswdikZiaqkPxQMkOifU5XHR4Eaiv
nlbpGCTjfapXkR+sfGORmxsFjK9rVLvAyzGXwf6Awwa8voZUVOX20DHgOQCraa4a
Iqc63gWAy9nuCLPYm5n9+43eHoZ71UbV+OdCuJdq9W/UuCYL4G6YGjlwDwGDXfIk
6YelTbepudtU4MgEAdGf31O6NA67MP8Qbm0Q4lQ0C5+doBYT4CnQ4AZoHyKAE1Qj
Fy/Fy17YSBPGzdkIJJ3RnSRJsZeULovvkHott06yq8AsWM4XHctBMaW/ZhCc
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:13:06 2025 by rpki-client