Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Tdpf8LdWq4E_5DuqsZEeuGEBDZg.roa
File: Tdpf8LdWq4E_5DuqsZEeuGEBDZg.roa (raw, json)
Hash identifier: F9JmZp9RUrYQwtQn+5bmprtOsk9ks9jLyuyf2PPJZQA=
Subject key identifier: 4D:DA:5F:F0:B7:56:AB:81:3F:E4:3B:AA:B1:91:1E:B8:61:01:0D:98
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EF50801403AD6BCA9E5961009645BE86A
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Tdpf8LdWq4E_5DuqsZEeuGEBDZg.roa
Signing time: Fri 19 Apr 2024 06:25:26 +0000
ROA not before: Fri 19 Apr 2024 06:25:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34974
IP address blocks: 77.82.0.0/20 maxlen: 20
77.82.48.0/20 maxlen: 20
77.82.64.0/18 maxlen: 18
77.82.80.0/21 maxlen: 21
77.82.128.0/17 maxlen: 17
85.28.192.0/18 maxlen: 18
85.28.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Apr 2024 10:51:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f5:08:01:40:3a:d6:bc:a9:e5:96:10:09:64:5b:e8:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 19 06:25:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4dda5ff0b756ab813fe43baab1911eb861010d98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d6:10:21:dc:87:e1:c4:e8:30:8d:3b:4b:17:
e8:08:73:21:20:ad:68:5e:0e:fe:a3:07:c4:3c:92:
a7:b7:84:58:d8:98:07:dc:70:d5:92:25:05:69:e4:
bf:97:6c:d5:61:bb:53:82:60:77:0c:f6:68:ec:e6:
3f:3a:19:5f:7d:d8:17:36:ac:1a:44:94:60:64:1b:
73:99:df:26:22:5b:8b:cc:65:ed:c9:15:58:a0:f1:
b5:49:62:96:c2:6e:dc:08:a6:a9:c4:d2:38:ed:06:
ac:98:b4:6f:31:a9:9e:34:cd:f1:75:4e:ee:e8:d2:
2e:2e:e2:11:19:de:d6:50:4a:9f:a7:3e:61:81:06:
c3:12:dd:98:76:53:bc:bd:e9:84:9e:a1:da:d3:a9:
c3:43:2d:63:70:18:d1:16:3f:78:ee:d9:b3:d8:b9:
cb:9f:04:e0:83:2c:af:43:67:e2:f1:1a:d7:bb:8a:
60:98:f4:dd:cb:2b:ee:a8:32:1b:5c:20:b6:b7:ee:
5e:b2:ed:e5:42:5d:7f:11:46:e9:c6:09:3b:f9:d1:
95:db:2b:0d:87:d1:34:a0:8b:24:c6:58:ec:02:0f:
bf:0c:ae:c6:b4:a6:72:43:44:86:37:51:43:37:74:
2e:d3:ba:7b:84:07:2e:43:ab:5e:98:71:c0:81:ec:
77:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:DA:5F:F0:B7:56:AB:81:3F:E4:3B:AA:B1:91:1E:B8:61:01:0D:98
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Tdpf8LdWq4E_5DuqsZEeuGEBDZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.82.0.0/20
77.82.48.0-77.82.255.255
85.28.192.0/18
Signature Algorithm: sha256WithRSAEncryption
78:f7:24:12:54:53:33:45:25:89:5d:7f:c1:e1:8d:d6:b3:d3:
9f:b4:17:b2:be:2c:3e:1c:73:9e:a3:cd:3f:25:8f:37:ca:2e:
32:12:12:aa:3b:9b:42:86:55:39:ce:3d:20:31:7f:67:37:55:
8d:d8:3b:26:cf:14:1b:77:44:75:d3:42:49:af:7d:98:9e:5f:
f8:56:e6:30:03:3c:d6:e1:29:2f:09:7f:77:80:6f:37:c9:4f:
ef:46:75:4f:b6:3d:17:f3:7a:32:73:f1:cb:07:56:0e:8d:ee:
c8:cb:58:1b:37:eb:ea:df:08:e6:4a:4f:47:3c:bb:91:ca:b5:
f7:c2:a1:c1:44:06:70:8e:4a:eb:7c:23:2f:17:46:cd:3d:95:
d5:71:54:30:45:e7:cd:4c:ad:27:8c:51:45:56:fc:9a:ce:95:
98:25:b9:6b:1c:39:39:67:0d:37:53:9f:0d:3c:bc:e3:b8:44:
e5:94:ef:84:1e:15:27:87:00:b1:25:cd:8d:19:f4:97:a2:37:
e3:0f:20:de:dc:26:27:c7:90:2e:fd:4c:6a:5d:34:b0:95:81:
4f:30:4c:eb:04:b9:29:ae:07:d6:2b:6f:af:52:dc:60:79:c8:
79:f1:72:9a:3b:14:cf:0d:8d:59:f8:ed:ba:c6:60:bc:f1:e6:
68:a1:35:24
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAY71CAFAOta8qeWWEAlkW+hqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDE5MDYyNTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGRhNWZmMGI3NTZhYjgxM2ZlNDNiYWFiMTkxMWViODYxMDEwZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9YQIdyH4cToMI07SxfoCHMhIK1o
Xg7+owfEPJKnt4RY2JgH3HDVkiUFaeS/l2zVYbtTgmB3DPZo7OY/OhlffdgXNqwa
RJRgZBtzmd8mIluLzGXtyRVYoPG1SWKWwm7cCKapxNI47QasmLRvMameNM3xdU7u
6NIuLuIRGd7WUEqfpz5hgQbDEt2YdlO8vemEnqHa06nDQy1jcBjRFj947tmz2LnL
nwTggyyvQ2fi8RrXu4pgmPTdyyvuqDIbXCC2t+5esu3lQl1/EUbpxgk7+dGV2ysN
h9E0oIskxljsAg+/DK7GtKZyQ0SGN1FDN3Qu07p7hAcuQ6temHHAgex3AwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFE3aX/C3VquBP+Q7qrGRHrhhAQ2YMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvVGRwZjhMZFdxNEVfNUR1cXNaRWV1R0VCRFpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZAwQETVIAMAsD
BARNUjADAwBNUgMEBlUcwDANBgkqhkiG9w0BAQsFAAOCAQEAePckElRTM0UliV1/
weGN1rPTn7QXsr4sPhxznqPNPyWPN8ouMhISqjubQoZVOc49IDF/ZzdVjdg7Js8U
G3dEddNCSa99mJ5f+FbmMAM81uEpLwl/d4BvN8lP70Z1T7Y9F/N6MnPxywdWDo3u
yMtYGzfr6t8I5kpPRzy7kcq198KhwUQGcI5K63wjLxdGzT2V1XFUMEXnzUytJ4xR
RVb8ms6VmCW5axw5OWcNN1OfDTy847hE5ZTvhB4VJ4cAsSXNjRn0l6I34w8g3twm
J8eQLv1Mal00sJWBTzBM6wS5Ka4H1itvr1LcYHnIefFymjsUzw2NWfjtusZgvPHm
aKE1JA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:23:49 2025 by rpki-client