Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/fZD-8TZC2Eqm6bF9NuTEzXgSxyI.roa
File: fZD-8TZC2Eqm6bF9NuTEzXgSxyI.roa (raw, json)
Hash identifier: HH7YdO1b8fZD7FROtEPqGh/HriUkx0XYpbfXGNlk2o4=
Subject key identifier: 7D:90:FE:F1:36:42:D8:4A:A6:E9:B1:7D:36:E4:C4:CD:78:12:C7:22
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0192AAE6AC6C5AA31F68A94CB624E50EDC4C
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/fZD-8TZC2Eqm6bF9NuTEzXgSxyI.roa
Signing time: Sun 20 Oct 2024 17:08:16 +0000
ROA not before: Sun 20 Oct 2024 17:08:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22599
IP address blocks: 77.111.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:aa:e6:ac:6c:5a:a3:1f:68:a9:4c:b6:24:e5:0e:dc:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Oct 20 17:08:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d90fef13642d84aa6e9b17d36e4c4cd7812c722
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e8:c9:d4:e8:af:1e:35:97:0d:47:fd:fa:f5:
8b:65:60:a5:bc:27:be:9c:91:fb:8c:de:d7:13:2d:
79:cf:76:6b:a0:94:e5:5b:cc:32:df:c7:6a:c4:84:
f8:0a:b7:16:cb:ea:52:dd:8c:42:ae:a5:75:0c:94:
13:15:21:de:51:62:6e:30:69:92:ce:1f:53:39:a4:
9d:f4:3a:6e:52:cf:95:c4:f0:b0:a9:b9:36:52:21:
a9:b3:5e:62:7b:34:7f:18:aa:26:02:52:a4:81:47:
b4:e6:5e:e6:56:2c:5c:64:c0:28:0a:14:52:cd:05:
4b:fb:19:79:ed:bf:9f:64:84:ef:2a:46:ca:af:7d:
05:d3:3e:30:0b:bb:d8:e8:fc:87:75:3a:99:92:af:
e3:28:ee:73:66:e0:0a:35:20:57:2f:c6:67:7c:d3:
4b:34:28:dc:cf:59:2d:02:3a:7c:1b:69:e4:22:87:
9f:92:63:b6:c3:58:a2:ee:13:a8:80:56:12:d1:db:
0d:a3:c2:87:95:98:da:70:7b:d2:ef:45:3f:93:43:
30:10:7b:4f:1f:29:7f:d9:2f:49:b4:a9:44:0f:3c:
18:ab:b6:a7:79:ec:ce:b8:c4:14:57:0f:a9:03:03:
6d:3d:c8:f8:ea:a2:70:01:81:27:e0:72:4c:02:64:
2d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:90:FE:F1:36:42:D8:4A:A6:E9:B1:7D:36:E4:C4:CD:78:12:C7:22
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/fZD-8TZC2Eqm6bF9NuTEzXgSxyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.111.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:35:80:37:dd:c5:fc:02:6d:f6:e5:fb:0b:8a:6b:89:7f:77:
fb:fe:13:b2:ff:b0:00:e8:2a:ce:46:cc:f9:59:5d:3c:d6:1b:
cb:8f:23:15:2d:1f:9d:b0:7a:19:64:97:ce:7c:7e:79:6b:8b:
5a:9a:8e:8b:c6:ba:7d:c6:64:19:df:0c:3f:3c:78:63:29:a0:
f0:1f:36:aa:8f:f0:4c:e7:a1:d6:b6:86:1c:e1:46:2f:53:71:
6f:8c:dc:89:10:e2:7e:54:2f:37:04:77:7e:b1:c3:3a:4d:70:
66:89:6f:54:65:2e:f0:a4:57:9e:34:60:8c:f7:14:fe:18:d2:
fd:b3:f8:4a:71:93:66:e3:c9:c7:b7:a4:63:c4:57:fd:37:84:
1b:d0:fa:6f:0f:f7:ec:ae:4b:19:55:c2:6a:f7:58:82:56:62:
f8:e4:04:86:d5:23:e9:55:18:c1:51:50:9f:07:c2:28:ee:61:
1d:6b:33:1f:66:06:9d:de:31:83:e3:99:bd:5d:cc:c1:7f:e8:
2a:ef:98:e8:35:55:11:01:4a:1e:f2:fd:6e:e9:58:64:03:1e:
be:36:8f:07:07:47:b9:84:93:e8:b2:81:95:a4:13:04:2a:2f:
eb:db:e0:a9:69:87:40:89:b0:f9:85:9f:e7:e6:6d:ce:28:35:
c8:75:9f:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKq5qxsWqMfaKlMtiTlDtxMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQxMDIwMTcwODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDkwZmVmMTM2NDJkODRhYTZlOWIxN2QzNmU0YzRjZDc4MTJjNzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuujJ1OivHjWXDUf9+vWLZWClvCe+
nJH7jN7XEy15z3ZroJTlW8wy38dqxIT4CrcWy+pS3YxCrqV1DJQTFSHeUWJuMGmS
zh9TOaSd9DpuUs+VxPCwqbk2UiGps15iezR/GKomAlKkgUe05l7mVixcZMAoChRS
zQVL+xl57b+fZITvKkbKr30F0z4wC7vY6PyHdTqZkq/jKO5zZuAKNSBXL8ZnfNNL
NCjcz1ktAjp8G2nkIoefkmO2w1ii7hOogFYS0dsNo8KHlZjacHvS70U/k0MwEHtP
Hyl/2S9JtKlEDzwYq7aneezOuMQUVw+pAwNtPcj46qJwAYEn4HJMAmQtIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH2Q/vE2QthKpumxfTbkxM14EsciMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvZlpELThUWkMyRXFtNmJGOU51VEV6WGdTeHlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATW9vMA0G
CSqGSIb3DQEBCwUAA4IBAQDHNYA33cX8Am325fsLimuJf3f7/hOy/7AA6CrORsz5
WV081hvLjyMVLR+dsHoZZJfOfH55a4tamo6Lxrp9xmQZ3ww/PHhjKaDwHzaqj/BM
56HWtoYc4UYvU3FvjNyJEOJ+VC83BHd+scM6TXBmiW9UZS7wpFeeNGCM9xT+GNL9
s/hKcZNm48nHt6RjxFf9N4Qb0PpvD/fsrksZVcJq91iCVmL45ASG1SPpVRjBUVCf
B8Io7mEdazMfZgad3jGD45m9XczBf+gq75joNVURAUoe8v1u6VhkAx6+No8HB0e5
hJPosoGVpBMEKi/r2+CpaYdAibD5hZ/n5m3OKDXIdZ8C
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:38:36 2025 by rpki-client