Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zzXa_sRegISx-Ft2SN5I9C-D69Q.roa
File: zzXa_sRegISx-Ft2SN5I9C-D69Q.roa (raw, json)
Hash identifier: wZfBLIBOprzVNr7PF9uEzPzxm8gcGmTBp52Lq0vHrrw=
Subject key identifier: CF:35:DA:FE:C4:5E:80:84:B1:F8:5B:76:48:DE:48:F4:2F:83:EB:D4
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0195B7E6C80F503E052D20C77808B06ED426
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zzXa_sRegISx-Ft2SN5I9C-D69Q.roa
Signing time: Fri 21 Mar 2025 08:51:49 +0000
ROA not before: Fri 21 Mar 2025 08:51:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 77.242.150.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.151.56.0/24 maxlen: 24
88.209.221.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Mar 2025 15:34:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b7:e6:c8:0f:50:3e:05:2d:20:c7:78:08:b0:6e:d4:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 21 08:51:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf35dafec45e8084b1f85b7648de48f42f83ebd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:17:04:0f:2c:56:ec:48:c5:75:3e:f0:be:c5:
22:c2:90:a1:80:83:31:aa:fa:9e:cd:3a:ce:82:a9:
cc:74:7b:71:2c:b7:db:2f:c4:de:3c:80:a3:96:24:
97:d8:3a:e0:c9:67:2c:ec:74:4a:46:ef:59:09:c5:
46:70:b2:01:a3:78:01:c5:c3:24:30:f9:5a:ac:e2:
80:ab:4a:e8:87:9c:51:1f:ef:af:06:42:16:9f:6d:
35:ac:55:48:86:77:03:72:df:f9:73:cf:45:9a:9f:
ee:78:48:cb:b8:2b:56:f9:83:9f:89:dd:0c:d0:29:
05:30:21:37:74:57:91:63:e2:e9:80:91:97:95:0d:
e5:dd:4d:a9:58:6e:44:93:4b:23:a4:ff:bc:47:d3:
0f:40:e1:7e:2b:42:04:52:46:06:d6:06:1f:12:6d:
87:57:c9:55:3c:61:ae:b8:88:99:f6:41:0f:ee:b6:
50:f1:22:54:cc:cf:af:1d:4c:72:7d:2e:21:94:35:
a6:4b:4a:34:d6:12:68:dd:9b:96:b1:43:b6:05:30:
6b:44:92:8a:6e:ed:a9:ca:e4:33:37:e2:78:1e:de:
0d:b5:4d:20:0b:64:30:91:fc:a1:97:14:0c:27:b3:
a3:3a:97:6e:98:5a:30:ba:c3:8c:bf:10:ba:6d:6d:
9e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:35:DA:FE:C4:5E:80:84:B1:F8:5B:76:48:DE:48:F4:2F:83:EB:D4
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zzXa_sRegISx-Ft2SN5I9C-D69Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.150.0/24
88.151.56.0/23
88.209.221.0/24
88.209.224.0/24
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
46:da:7a:7c:50:32:7f:d6:2d:d6:39:02:3b:f3:33:c7:b4:e2:
d1:3d:8f:cd:ad:3d:f4:55:7f:78:e1:01:c9:60:e0:8c:d5:e8:
16:0c:71:f6:f4:9c:26:71:a3:b8:6c:d4:74:49:44:96:a1:de:
cd:55:72:2e:35:39:15:47:04:5d:7f:06:0c:0b:eb:7c:aa:16:
93:5c:05:01:76:1d:79:91:6b:ce:5f:bf:a5:82:7f:f0:6c:ba:
b1:62:95:f2:d1:7e:c2:f7:b9:52:73:f1:c3:71:75:08:e0:b1:
f8:19:75:78:95:54:0b:ce:d8:55:21:b5:9c:e3:d6:bd:c9:05:
87:9b:aa:14:9b:51:a0:20:77:89:32:81:0b:12:ea:fe:94:7f:
18:01:9e:fb:03:63:8b:56:98:8a:ac:f5:37:19:28:d9:49:bb:
66:2d:09:b3:c5:f5:cd:d6:13:a2:38:fe:4c:0d:9b:1b:1a:f5:
16:15:80:9f:93:8f:4d:93:45:65:ae:f1:06:a9:2e:27:dc:ee:
0b:2a:87:83:f6:7a:a1:e5:bd:1a:71:2a:c1:86:ff:8b:2b:9e:
59:22:75:34:35:fb:f0:8c:4b:b2:e4:eb:45:90:f4:6d:11:66:
fd:f8:96:23:f0:b0:7c:1f:0b:e5:7a:42:50:77:c1:94:1d:38:
b9:ce:dd:98
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZW35sgPUD4FLSDHeAiwbtQmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMzIxMDg1MTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjM1ZGFmZWM0NWU4MDg0YjFmODViNzY0OGRlNDhmNDJmODNlYmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshcEDyxW7EjFdT7wvsUiwpChgIMx
qvqezTrOgqnMdHtxLLfbL8TePICjliSX2DrgyWcs7HRKRu9ZCcVGcLIBo3gBxcMk
MPlarOKAq0roh5xRH++vBkIWn201rFVIhncDct/5c89Fmp/ueEjLuCtW+YOfid0M
0CkFMCE3dFeRY+LpgJGXlQ3l3U2pWG5Ek0sjpP+8R9MPQOF+K0IEUkYG1gYfEm2H
V8lVPGGuuIiZ9kEP7rZQ8SJUzM+vHUxyfS4hlDWmS0o01hJo3ZuWsUO2BTBrRJKK
bu2pyuQzN+J4Ht4NtU0gC2QwkfyhlxQMJ7OjOpdumFowusOMvxC6bW2eZwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFM812v7EXoCEsfhbdkjeSPQvg+vUMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvenpYYV9zUmVnSVN4LUZ0MlNONUk5Qy1ENjlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATfKWAwQB
WJc4AwQAWNHdAwQAWNHgAwQCWNHoMA0GCSqGSIb3DQEBCwUAA4IBAQBG2np8UDJ/
1i3WOQI78zPHtOLRPY/NrT30VX944QHJYOCM1egWDHH29JwmcaO4bNR0SUSWod7N
VXIuNTkVRwRdfwYMC+t8qhaTXAUBdh15kWvOX7+lgn/wbLqxYpXy0X7C97lSc/HD
cXUI4LH4GXV4lVQLzthVIbWc49a9yQWHm6oUm1GgIHeJMoELEur+lH8YAZ77A2OL
VpiKrPU3GSjZSbtmLQmzxfXN1hOiOP5MDZsbGvUWFYCfk49Nk0VlrvEGqS4n3O4L
KoeD9nqh5b0acSrBhv+LK55ZInU0NfvwjEuy5OtFkPRtEWb9+JYj8LB8HwvlekJQ
d8GUHTi5zt2Y
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:12:15 2025 by rpki-client