Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/h5h4WA4h18kf6_1mAS6dTaAGiio.roa
File: h5h4WA4h18kf6_1mAS6dTaAGiio.roa (raw, json)
Hash identifier: nPDV797NRZuEL303I1Rj+MWktmPapcooHJUH94LAaMM=
Subject key identifier: 87:98:78:58:0E:21:D7:C9:1F:EB:FD:66:01:2E:9D:4D:A0:06:8A:2A
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01939653BB1DC8874BBD92DBAD675BA2D2E6
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/h5h4WA4h18kf6_1mAS6dTaAGiio.roa
Signing time: Thu 05 Dec 2024 10:18:09 +0000
ROA not before: Thu 05 Dec 2024 10:18:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54339
IP address blocks: 77.242.145.0/24 maxlen: 24
77.242.149.0/24 maxlen: 24
77.242.157.0/24 maxlen: 24
88.209.200.0/24 maxlen: 24
88.209.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:96:53:bb:1d:c8:87:4b:bd:92:db:ad:67:5b:a2:d2:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Dec 5 10:18:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=879878580e21d7c91febfd66012e9d4da0068a2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:56:57:c0:f4:d6:3e:6f:5c:29:fd:4a:22:94:
c6:a8:14:d7:4a:bb:b4:19:e2:8a:d1:42:7f:d9:06:
f8:04:be:86:3e:97:16:c7:9c:8e:c9:e9:a5:ee:e7:
b4:f5:54:aa:c5:b5:0e:fa:07:3f:b1:02:9b:09:2c:
ca:96:c6:32:a7:66:69:65:b1:21:0d:00:21:48:9a:
ac:06:6e:d2:58:49:00:f4:b6:76:bd:66:7f:2c:e7:
5d:3b:65:5e:06:0a:52:e4:5b:e4:d9:48:91:04:df:
a0:9c:7a:a9:be:05:61:3b:8c:c4:36:d9:2a:a4:3e:
ac:c8:88:77:af:0f:67:7a:62:07:ae:da:59:f7:1c:
93:ef:b3:e4:1b:fd:b7:ee:18:82:3e:53:0a:a0:35:
36:3e:e7:5d:84:fe:c0:ea:95:ca:c9:88:31:33:37:
a9:b8:26:7e:3f:31:83:f1:6b:aa:97:cc:dd:4f:df:
7f:ea:d1:46:56:aa:1f:a9:62:39:b1:5d:8c:94:7c:
4f:26:5e:56:b7:4d:5e:4a:80:b0:5a:ac:95:27:25:
3f:17:25:4c:c9:ca:db:25:eb:62:cd:db:b8:d2:4e:
4e:97:04:9e:95:d2:56:3e:74:f5:1c:07:90:15:1f:
b2:c5:1f:69:a4:39:af:7b:99:b9:76:38:49:e1:8d:
7a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:98:78:58:0E:21:D7:C9:1F:EB:FD:66:01:2E:9D:4D:A0:06:8A:2A
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/h5h4WA4h18kf6_1mAS6dTaAGiio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.145.0/24
77.242.149.0/24
77.242.157.0/24
88.209.200.0/24
88.209.220.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:43:ac:fe:6e:3e:ad:14:88:87:06:11:89:45:75:c7:a1:a0:
84:f4:38:25:0d:f5:ed:61:42:2f:f8:65:f4:8a:97:d4:ac:00:
dd:8d:dd:00:d1:a2:4e:82:70:ae:81:42:72:81:fd:e2:a7:3b:
ab:a8:ca:54:c7:54:7a:07:97:19:d7:6a:4e:c6:a5:fe:9f:bf:
a5:95:a5:ae:b6:1b:08:76:d1:a3:f9:ac:35:0e:71:fb:7f:3e:
d8:8c:3f:c1:e8:1b:94:9d:ff:db:6d:0f:e9:7e:2a:ab:a9:d7:
02:86:d5:f0:1c:7d:15:62:de:e8:30:46:12:33:5c:35:ed:bf:
7c:05:d3:d9:07:af:95:57:75:fc:8f:90:be:08:71:1f:0c:fd:
58:a6:d0:2f:6c:2e:7a:f0:c3:66:bc:6a:a1:61:04:a9:85:9b:
67:11:d4:52:b6:e9:02:3b:81:05:62:7e:a0:ab:c3:4a:16:fb:
49:8a:27:cd:52:57:b5:72:37:6b:31:c0:cc:c9:c2:e5:e8:16:
78:53:58:41:a9:ce:6a:a1:4f:fa:b7:3b:0c:13:cf:76:5c:da:
e1:94:3e:31:6c:4e:fd:36:13:46:b5:55:84:cf:c0:2f:6b:ca:
0d:7e:aa:64:50:84:bd:2f:d1:a7:e0:7c:cc:a4:52:0f:ee:89:
2c:93:7a:62
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZOWU7sdyIdLvZLbrWdbotLmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQxMjA1MTAxODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzk4Nzg1ODBlMjFkN2M5MWZlYmZkNjYwMTJlOWQ0ZGEwMDY4YTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVZXwPTWPm9cKf1KIpTGqBTXSru0
GeKK0UJ/2Qb4BL6GPpcWx5yOyeml7ue09VSqxbUO+gc/sQKbCSzKlsYyp2ZpZbEh
DQAhSJqsBm7SWEkA9LZ2vWZ/LOddO2VeBgpS5Fvk2UiRBN+gnHqpvgVhO4zENtkq
pD6syIh3rw9nemIHrtpZ9xyT77PkG/237hiCPlMKoDU2PuddhP7A6pXKyYgxMzep
uCZ+PzGD8Wuql8zdT99/6tFGVqofqWI5sV2MlHxPJl5Wt01eSoCwWqyVJyU/FyVM
ycrbJetizdu40k5OlwSeldJWPnT1HAeQFR+yxR9ppDmve5m5djhJ4Y165QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIeYeFgOIdfJH+v9ZgEunU2gBooqMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvaDVoNFdBNGgxOGtmNl8xbUFTNmRUYUFHaWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATfKRAwQA
TfKVAwQATfKdAwQAWNHIAwQAWNHcMA0GCSqGSIb3DQEBCwUAA4IBAQC5Q6z+bj6t
FIiHBhGJRXXHoaCE9DglDfXtYUIv+GX0ipfUrADdjd0A0aJOgnCugUJygf3ipzur
qMpUx1R6B5cZ12pOxqX+n7+llaWuthsIdtGj+aw1DnH7fz7YjD/B6BuUnf/bbQ/p
fiqrqdcChtXwHH0VYt7oMEYSM1w17b98BdPZB6+VV3X8j5C+CHEfDP1YptAvbC56
8MNmvGqhYQSphZtnEdRStukCO4EFYn6gq8NKFvtJiifNUle1cjdrMcDMycLl6BZ4
U1hBqc5qoU/6tzsME892XNrhlD4xbE79NhNGtVWEz8Ava8oNfqpkUIS9L9Gn4HzM
pFIP7oksk3pi
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:11:21 2025 by rpki-client