Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/ZYAUNK9WMNGvT3hIywUIsU4o4aI.roa
File: ZYAUNK9WMNGvT3hIywUIsU4o4aI.roa (raw, json)
Hash identifier: g3ETU3swXKLtnT6aA+69M/03dKePSAv921vNm9DU1iU=
Subject key identifier: 65:80:14:34:AF:56:30:D1:AF:4F:78:48:CB:05:08:B1:4E:28:E1:A2
Certificate issuer: /CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Certificate serial: 01958AE4275086E144A9A7F90EA3EC648ABC
Authority key identifier: 58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/ZYAUNK9WMNGvT3hIywUIsU4o4aI.roa
Signing time: Wed 12 Mar 2025 15:06:02 +0000
ROA not before: Wed 12 Mar 2025 15:06:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39040
IP address blocks: 77.95.120.0/24 maxlen: 24
77.95.120.0/26 maxlen: 26
77.95.120.64/26 maxlen: 26
77.95.120.128/27 maxlen: 27
77.95.120.160/27 maxlen: 27
77.95.120.192/26 maxlen: 26
194.187.88.0/22 maxlen: 22
194.187.89.0/24 maxlen: 24
194.187.90.0/23 maxlen: 23
2a02:388::/32 maxlen: 32
2a02:388:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 18 Mar 2025 13:58:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8a:e4:27:50:86:e1:44:a9:a7:f9:0e:a3:ec:64:8a:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Validity
Not Before: Mar 12 15:06:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65801434af5630d1af4f7848cb0508b14e28e1a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ba:fa:bc:ee:17:67:fa:f1:d0:31:ca:4d:ec:
b6:9e:13:5a:9a:8e:df:ce:9a:cb:e4:18:e8:4b:b2:
33:a5:19:22:ec:69:e9:c0:13:bb:09:18:5b:f8:64:
7d:67:39:66:90:1a:9c:05:ec:9c:73:8b:da:4a:8f:
a5:c6:e9:dc:e7:2b:d9:8f:d7:8d:58:21:54:f8:b0:
4f:ad:40:39:59:58:1c:e1:d1:03:56:95:76:4c:1c:
6c:77:c8:47:33:a6:43:21:18:2c:2b:0f:6e:b5:c0:
24:cd:f2:bb:ae:2b:1f:43:a6:98:b3:23:30:16:8f:
d7:64:f2:b3:e3:e9:69:1e:90:28:68:b1:70:e3:23:
d1:01:21:d2:98:75:49:1d:3e:2b:a2:15:01:88:fd:
94:6c:96:f5:92:33:0c:39:4a:d1:b7:a2:31:e0:07:
f9:4b:0f:2c:76:d5:8e:33:aa:d8:37:3c:3b:6f:71:
ed:da:68:fc:06:b0:5a:11:be:18:34:e6:9e:a3:14:
b3:cf:09:d5:7a:39:c0:cc:a0:23:f2:7d:ec:ea:93:
a9:fc:af:34:b3:b8:e5:18:14:49:8f:00:01:e7:d4:
9b:d6:18:bf:7d:28:07:8d:69:14:b8:f5:b2:18:58:
e6:66:d2:18:ba:ed:c2:47:73:6e:e8:cd:6e:92:0d:
51:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:80:14:34:AF:56:30:D1:AF:4F:78:48:CB:05:08:B1:4E:28:E1:A2
X509v3 Authority Key Identifier:
keyid:58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/ZYAUNK9WMNGvT3hIywUIsU4o4aI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/WAFcyNofG780PiarII34uyb9U64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.120.0/24
194.187.88.0/22
IPv6:
2a02:388::/32
Signature Algorithm: sha256WithRSAEncryption
9c:16:b2:33:0e:17:4e:dc:d3:02:b9:9b:27:80:fc:3c:25:dd:
bc:d0:14:01:d5:88:c8:51:10:be:04:ff:74:f0:ea:ac:a4:46:
c9:ba:d0:09:81:b3:cf:fe:6b:3b:55:b5:37:ad:ee:c3:5a:06:
b2:ce:38:54:37:5d:fa:fa:09:fd:56:e3:f1:da:8d:fb:59:6e:
9f:c4:7a:2e:49:53:97:a8:19:8a:d2:9e:dc:10:13:80:0f:24:
22:5e:bf:b5:27:5d:3e:68:e8:70:62:51:e8:67:8a:db:05:30:
69:a7:ea:47:f3:06:1e:af:8a:1f:d2:45:60:35:81:f3:1e:52:
3b:4c:36:a8:c0:7d:3d:2d:01:a3:bc:97:fb:05:b2:54:b4:e0:
5d:fc:ae:61:cd:39:43:1c:30:94:0f:e4:39:96:67:2d:5f:46:
a1:96:2a:8e:2a:5f:ac:ea:39:a0:3a:60:6a:69:4c:27:05:f8:
8d:7b:0c:ce:48:c0:40:c6:ea:39:4f:e9:e0:b9:83:13:75:bd:
4c:04:e0:2f:5e:3b:6e:3a:f0:1a:3c:52:d0:ef:56:51:10:15:
a4:d8:e0:71:0e:86:b2:05:f2:da:f1:e4:c6:3f:02:ae:08:69:
fd:66:e7:ee:4b:de:df:c1:6c:d9:65:05:c8:86:ac:91:2a:5e:
27:4e:c3:9a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZWK5CdQhuFEqaf5DqPsZIq8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDE1Y2M4ZGExZjFiYmYzNDNlMjZhYjIwOGRmOGJiMjZm
ZDUzYWUwHhcNMjUwMzEyMTUwNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTgwMTQzNGFmNTYzMGQxYWY0Zjc4NDhjYjA1MDhiMTRlMjhlMWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprr6vO4XZ/rx0DHKTey2nhNamo7f
zprL5BjoS7IzpRki7GnpwBO7CRhb+GR9ZzlmkBqcBeycc4vaSo+lxunc5yvZj9eN
WCFU+LBPrUA5WVgc4dEDVpV2TBxsd8hHM6ZDIRgsKw9utcAkzfK7risfQ6aYsyMw
Fo/XZPKz4+lpHpAoaLFw4yPRASHSmHVJHT4rohUBiP2UbJb1kjMMOUrRt6Ix4Af5
Sw8sdtWOM6rYNzw7b3Ht2mj8BrBaEb4YNOaeoxSzzwnVejnAzKAj8n3s6pOp/K80
s7jlGBRJjwAB59Sb1hi/fSgHjWkUuPWyGFjmZtIYuu3CR3Nu6M1ukg1RgwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGWAFDSvVjDRr094SMsFCLFOKOGiMB8GA1UdIwQY
MBaAFFgBXMjaHxu/ND4mqyCN+Lsm/VOuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYt
OGVlMjFiNzRkZDU2LzEvWllBVU5LOVdNTkd2VDNoSXl3VUlzVTRvNGFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYtOGVlMjFiNzRkZDU2
LzEvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQATV94AwQC
wrtYMA0EAgACMAcDBQAqAgOIMA0GCSqGSIb3DQEBCwUAA4IBAQCcFrIzDhdO3NMC
uZsngPw8Jd280BQB1YjIURC+BP908OqspEbJutAJgbPP/ms7VbU3re7DWgayzjhU
N136+gn9VuPx2o37WW6fxHouSVOXqBmK0p7cEBOADyQiXr+1J10+aOhwYlHoZ4rb
BTBpp+pH8wYer4of0kVgNYHzHlI7TDaowH09LQGjvJf7BbJUtOBd/K5hzTlDHDCU
D+Q5lmctX0ahliqOKl+s6jmgOmBqaUwnBfiNewzOSMBAxuo5T+nguYMTdb1MBOAv
XjtuOvAaPFLQ71ZREBWk2OBxDoayBfLa8eTGPwKuCGn9ZufuS97fwWzZZQXIhqyR
Kl4nTsOa
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:46 2025 by rpki-client