Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Cbb1RtAsmz1QDaCbVuUXFQgrSaA.roa
File: Cbb1RtAsmz1QDaCbVuUXFQgrSaA.roa (raw, json)
Hash identifier: hpr6wuiel3xD2XHonKlYmJcYySkhUbW3/jorWBb0BA4=
Subject key identifier: 09:B6:F5:46:D0:2C:9B:3D:50:0D:A0:9B:56:E5:17:15:08:2B:49:A0
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 01935B8233398CA1E62C149B15E7DCAECD9A
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Cbb1RtAsmz1QDaCbVuUXFQgrSaA.roa
Signing time: Sun 24 Nov 2024 00:11:19 +0000
ROA not before: Sun 24 Nov 2024 00:11:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 77.111.96.0/22 maxlen: 22
77.111.106.0/24 maxlen: 24
85.208.9.0/24 maxlen: 24
94.229.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 Nov 2024 20:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:5b:82:33:39:8c:a1:e6:2c:14:9b:15:e7:dc:ae:cd:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Nov 24 00:11:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09b6f546d02c9b3d500da09b56e51715082b49a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:81:1d:e2:fc:f3:c5:a9:7e:f2:f9:86:6a:94:
59:fa:1a:0b:77:9d:5e:c6:4d:de:be:5f:4e:77:6c:
bb:e4:86:19:ce:bb:2b:54:d5:f1:fc:e5:f1:11:ad:
a4:36:19:32:31:9b:0d:91:1b:2c:98:cf:af:a9:9e:
ae:ed:53:c8:74:9b:e1:e5:0f:90:9b:7c:bd:7f:35:
1f:38:65:aa:e5:83:e5:e8:5c:ee:a4:a5:50:8e:d4:
0b:ca:a3:6a:17:c7:1d:2c:89:bb:c5:f5:e3:49:21:
70:6c:7f:66:81:81:51:27:dc:0a:a0:55:4c:87:6a:
84:97:1d:68:d5:62:4f:51:64:3d:a0:9e:4e:b5:7b:
02:81:26:fc:3b:b9:3f:2c:db:d4:00:94:0a:f7:4c:
1c:2e:be:71:20:ab:01:ef:7b:d1:aa:b1:76:f1:77:
dd:90:bf:82:5a:55:65:af:d4:ed:63:27:34:96:f5:
fa:2c:77:f1:f3:57:d7:6b:54:ca:a1:20:32:27:ad:
d1:cb:2b:90:11:23:5c:61:50:05:af:2f:d6:eb:9b:
91:3f:04:39:64:65:89:00:dc:37:d7:4f:14:b9:68:
3e:d7:47:76:2b:c9:8e:81:5c:60:52:cf:47:44:90:
49:12:91:0f:73:33:ba:97:ac:2e:c4:2b:2c:1e:ca:
50:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:B6:F5:46:D0:2C:9B:3D:50:0D:A0:9B:56:E5:17:15:08:2B:49:A0
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Cbb1RtAsmz1QDaCbVuUXFQgrSaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.96.0/22
77.111.106.0/24
85.208.9.0/24
94.229.212.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:f6:a8:0d:19:db:29:45:56:de:5f:56:7d:0c:bf:9b:6e:b1:
59:98:2d:63:01:ba:49:60:58:90:a3:ff:2e:2f:0f:30:3f:46:
9e:20:ce:cf:ac:98:e7:a1:91:a8:73:76:54:9a:aa:b0:1c:e1:
33:a2:98:91:be:9b:33:64:ef:69:26:40:d9:a6:ad:cc:a0:29:
51:c5:6e:10:ba:01:38:57:a4:0a:4a:1e:2a:22:f3:82:f2:ad:
80:c9:c4:b1:f6:b2:76:ef:28:ad:02:fd:c9:d8:3b:b5:e5:a0:
00:42:05:ba:04:51:2f:27:3b:4e:13:08:6c:34:d8:1a:be:ee:
ca:ef:68:08:d0:e2:15:0e:a5:ea:cc:5a:f2:9b:5d:d3:1f:2d:
1b:79:be:e6:78:4a:e5:4d:b4:71:ff:b0:58:36:9b:87:b1:55:
b7:fa:6a:91:90:68:22:ac:ab:c4:4e:b2:ae:05:27:bc:f6:ff:
ec:e4:af:0e:00:cc:fe:ff:e0:f6:ac:5d:1e:d6:79:c1:65:9e:
66:65:1d:f2:37:b6:91:82:9e:91:f2:09:a9:38:b1:2f:e0:09:
21:22:c6:20:f4:61:40:aa:be:de:82:52:b5:07:4f:7b:a4:34:
f1:32:5e:36:d6:07:5c:19:0c:f0:cf:29:a5:58:6f:f1:fa:3e:
21:93:fd:6b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZNbgjM5jKHmLBSbFefcrs2aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQxMTI0MDAxMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWI2ZjU0NmQwMmM5YjNkNTAwZGEwOWI1NmU1MTcxNTA4MmI0OWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYEd4vzzxal+8vmGapRZ+hoLd51e
xk3evl9Od2y75IYZzrsrVNXx/OXxEa2kNhkyMZsNkRssmM+vqZ6u7VPIdJvh5Q+Q
m3y9fzUfOGWq5YPl6FzupKVQjtQLyqNqF8cdLIm7xfXjSSFwbH9mgYFRJ9wKoFVM
h2qElx1o1WJPUWQ9oJ5OtXsCgSb8O7k/LNvUAJQK90wcLr5xIKsB73vRqrF28Xfd
kL+CWlVlr9TtYyc0lvX6LHfx81fXa1TKoSAyJ63RyyuQESNcYVAFry/W65uRPwQ5
ZGWJANw3108UuWg+10d2K8mOgVxgUs9HRJBJEpEPczO6l6wuxCssHspQewIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAm29UbQLJs9UA2gm1blFxUIK0mgMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvQ2JiMVJ0QXNtejFRRGFDYlZ1VVhGUWdyU2FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCTW9gAwQA
TW9qAwQAVdAJAwQAXuXUMA0GCSqGSIb3DQEBCwUAA4IBAQCw9qgNGdspRVbeX1Z9
DL+bbrFZmC1jAbpJYFiQo/8uLw8wP0aeIM7PrJjnoZGoc3ZUmqqwHOEzopiRvpsz
ZO9pJkDZpq3MoClRxW4QugE4V6QKSh4qIvOC8q2AycSx9rJ27yitAv3J2Du15aAA
QgW6BFEvJztOEwhsNNgavu7K72gI0OIVDqXqzFrym13THy0beb7meErlTbRx/7BY
NpuHsVW3+mqRkGgirKvETrKuBSe89v/s5K8OAMz+/+D2rF0e1nnBZZ5mZR3yN7aR
gp6R8gmpOLEv4AkhIsYg9GFAqr7eglK1B097pDTxMl421gdcGQzwzymlWG/x+j4h
k/1r
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:07 2025 by rpki-client