Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/77c6fc-8a99-42f4-ac23-56c6a1031dbb/1/ko4Kpefc12El2UxbmWge4qcMZYA.roa
File: ko4Kpefc12El2UxbmWge4qcMZYA.roa (raw, json)
Hash identifier: EeTlI9E/2clyBLKy3K32WRlp7Z5d12RmPhVQmqrbqE4=
Subject key identifier: 92:8E:0A:A5:E7:DC:D7:61:25:D9:4C:5B:99:68:1E:E2:A7:0C:65:80
Certificate issuer: /CN=252cb35c3f56b2798ff61bd4d9a5ced0ee039fb0
Certificate serial: 018CC9BCFA4CFF4DFD55B4C24886B2142908
Authority key identifier: 25:2C:B3:5C:3F:56:B2:79:8F:F6:1B:D4:D9:A5:CE:D0:EE:03:9F:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JSyzXD9WsnmP9hvU2aXO0O4Dn7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/77c6fc-8a99-42f4-ac23-56c6a1031dbb/1/ko4Kpefc12El2UxbmWge4qcMZYA.roa
Signing time: Tue 02 Jan 2024 10:34:14 +0000
ROA not before: Tue 02 Jan 2024 10:34:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41157
IP address blocks: 81.201.176.0/20 maxlen: 20
2a02:2218::/29 maxlen: 32
2a02:2218::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:fa:4c:ff:4d:fd:55:b4:c2:48:86:b2:14:29:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=252cb35c3f56b2798ff61bd4d9a5ced0ee039fb0
Validity
Not Before: Jan 2 10:34:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=928e0aa5e7dcd76125d94c5b99681ee2a70c6580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4f:b3:81:e5:cd:26:04:8a:c9:2d:27:42:5e:
4b:dc:76:f6:61:e6:c9:e7:72:bb:2e:6c:18:6b:bc:
c5:2e:81:40:d6:41:59:e1:be:01:b3:9a:34:3c:0b:
48:73:bf:7f:11:d5:43:f5:7a:c1:36:a9:92:9a:8a:
02:d7:ac:71:4a:3e:e7:4e:af:76:d1:db:c2:bc:a5:
55:f2:b2:51:a4:a8:86:20:b5:c9:8b:4b:7c:d6:da:
de:95:dc:bc:f0:95:83:11:4d:0a:29:0f:09:b1:10:
da:ef:b9:aa:72:20:25:77:f0:fc:7b:e9:b1:9d:2d:
d1:0a:7b:9b:1e:b5:6b:2b:6c:1f:56:ca:6e:bf:7d:
12:36:82:0c:3b:b6:cb:ea:0c:72:ea:8b:21:38:06:
5b:12:4a:d2:71:9c:b2:22:34:9e:7f:56:a6:78:c7:
19:e8:a8:5f:f1:02:3a:f2:2b:66:eb:06:17:24:a7:
a5:d5:e0:3f:ae:bd:1a:1a:b7:2d:62:12:2f:9a:c4:
57:c3:19:35:c9:45:ec:b7:a5:84:24:14:f8:04:51:
22:27:b9:a4:d1:b0:ad:bd:52:70:50:a2:90:f8:ef:
79:23:31:c0:e4:1f:6c:4b:f8:24:8c:83:ba:6a:1a:
e1:c8:9e:32:40:ef:97:32:da:44:1c:85:51:96:10:
22:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:8E:0A:A5:E7:DC:D7:61:25:D9:4C:5B:99:68:1E:E2:A7:0C:65:80
X509v3 Authority Key Identifier:
keyid:25:2C:B3:5C:3F:56:B2:79:8F:F6:1B:D4:D9:A5:CE:D0:EE:03:9F:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JSyzXD9WsnmP9hvU2aXO0O4Dn7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/77c6fc-8a99-42f4-ac23-56c6a1031dbb/1/ko4Kpefc12El2UxbmWge4qcMZYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/77c6fc-8a99-42f4-ac23-56c6a1031dbb/1/JSyzXD9WsnmP9hvU2aXO0O4Dn7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.201.176.0/20
IPv6:
2a02:2218::/29
Signature Algorithm: sha256WithRSAEncryption
20:1e:1a:2e:e5:65:2e:87:67:fa:0a:6f:97:b2:bd:5b:7a:81:
bb:2c:55:25:ad:2c:7f:af:ad:c4:10:e3:19:da:80:09:62:56:
90:58:41:c9:66:7a:8b:46:1b:db:3b:73:eb:aa:78:33:33:a0:
ed:d9:16:24:1f:e0:6d:62:a4:f5:10:95:e6:dc:28:59:80:46:
c9:b0:55:b3:af:cd:26:67:ae:88:ed:44:fe:2a:8e:9c:08:a0:
f6:5e:70:72:8d:8e:b3:08:61:05:1a:2c:c7:18:d5:cd:41:04:
b1:14:b2:8d:7d:ed:29:c6:24:9d:39:fa:f2:4c:4e:ec:e5:c5:
d9:c1:78:84:9b:04:14:93:36:68:85:41:a1:45:b6:a0:a2:70:
a8:60:e6:27:ea:49:68:28:09:ff:66:b1:d4:94:e5:b7:bf:a1:
55:44:ce:35:de:b6:3a:90:44:b8:e9:98:bb:82:d9:3f:72:dd:
ec:7e:78:a2:65:58:f5:ce:1a:e6:9a:ba:32:ab:b5:b3:a3:1f:
ba:50:0d:50:58:94:1b:74:0a:f9:97:89:4e:2f:9e:9c:50:9d:
e0:36:a3:17:f4:84:d0:bd:37:56:82:0d:65:5f:64:7c:91:43:
45:40:c1:36:c1:7c:3e:e3:ec:69:4a:68:da:c5:df:9f:1b:39:
3c:b4:a0:da
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvPpM/039VbTCSIayFCkIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MmNiMzVjM2Y1NmIyNzk4ZmY2MWJkNGQ5YTVjZWQwZWUw
MzlmYjAwHhcNMjQwMTAyMTAzNDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjhlMGFhNWU3ZGNkNzYxMjVkOTRjNWI5OTY4MWVlMmE3MGM2NTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApU+zgeXNJgSKyS0nQl5L3Hb2YebJ
53K7LmwYa7zFLoFA1kFZ4b4Bs5o0PAtIc79/EdVD9XrBNqmSmooC16xxSj7nTq92
0dvCvKVV8rJRpKiGILXJi0t81treldy88JWDEU0KKQ8JsRDa77mqciAld/D8e+mx
nS3RCnubHrVrK2wfVspuv30SNoIMO7bL6gxy6oshOAZbEkrScZyyIjSef1ameMcZ
6Khf8QI68itm6wYXJKel1eA/rr0aGrctYhIvmsRXwxk1yUXst6WEJBT4BFEiJ7mk
0bCtvVJwUKKQ+O95IzHA5B9sS/gkjIO6ahrhyJ4yQO+XMtpEHIVRlhAitwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJKOCqXn3NdhJdlMW5loHuKnDGWAMB8GA1UdIwQY
MBaAFCUss1w/VrJ5j/Yb1NmlztDuA5+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlN5elhEOVdzbm1QOWh2VTJhWE8wTzREbjdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy83N2M2ZmMtOGE5OS00MmY0LWFjMjMt
NTZjNmExMDMxZGJiLzEva280S3BlZmMxMkVsMlV4Ym1XZ2U0cWNNWllBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy83N2M2ZmMtOGE5OS00MmY0LWFjMjMtNTZjNmExMDMxZGJi
LzEvSlN5elhEOVdzbm1QOWh2VTJhWE8wTzREbjdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUcmwMA0E
AgACMAcDBQMqAiIYMA0GCSqGSIb3DQEBCwUAA4IBAQAgHhou5WUuh2f6Cm+Xsr1b
eoG7LFUlrSx/r63EEOMZ2oAJYlaQWEHJZnqLRhvbO3PrqngzM6Dt2RYkH+BtYqT1
EJXm3ChZgEbJsFWzr80mZ66I7UT+Ko6cCKD2XnByjY6zCGEFGizHGNXNQQSxFLKN
fe0pxiSdOfryTE7s5cXZwXiEmwQUkzZohUGhRbagonCoYOYn6kloKAn/ZrHUlOW3
v6FVRM413rY6kES46Zi7gtk/ct3sfniiZVj1zhrmmroyq7Wzox+6UA1QWJQbdAr5
l4lOL56cUJ3gNqMX9ITQvTdWgg1lX2R8kUNFQME2wXw+4+xpSmjaxd+fGzk8tKDa
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:12 2025 by rpki-client