Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/i7zaDL9_nPz-UniYPdH-T4O1JQA.roa
File: i7zaDL9_nPz-UniYPdH-T4O1JQA.roa (raw, json)
Hash identifier: 2ShFSVynjSe+AL5dzKOL4789Vwqmc5IjiB6TGoSf5Cg=
Subject key identifier: 8B:BC:DA:0C:BF:7F:9C:FC:FE:52:78:98:3D:D1:FE:4F:83:B5:25:00
Certificate issuer: /CN=d4ce2bf0001cd430e9277fb00ed1abe51c0b5c7c
Certificate serial: 0196169602ACC34B772C4F93530D6CA2A326
Authority key identifier: D4:CE:2B:F0:00:1C:D4:30:E9:27:7F:B0:0E:D1:AB:E5:1C:0B:5C:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/i7zaDL9_nPz-UniYPdH-T4O1JQA.roa
Signing time: Tue 08 Apr 2025 18:07:31 +0000
ROA not before: Tue 08 Apr 2025 18:07:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 77.110.96.0/20 maxlen: 20
77.110.112.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 09 Apr 2025 07:06:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:16:96:02:ac:c3:4b:77:2c:4f:93:53:0d:6c:a2:a3:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ce2bf0001cd430e9277fb00ed1abe51c0b5c7c
Validity
Not Before: Apr 8 18:07:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8bbcda0cbf7f9cfcfe5278983dd1fe4f83b52500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:b4:12:fb:fc:7e:3b:60:40:63:ea:91:23:ac:
f3:55:d7:3d:f8:4b:9e:13:ae:75:f6:81:38:95:5f:
4b:9e:d9:71:78:1b:16:9f:7b:8f:73:6f:eb:38:de:
85:41:a5:af:47:9d:53:9e:35:bd:3c:55:97:49:77:
ac:98:c1:f7:2f:93:d3:48:ea:3b:ae:3d:ac:6b:4b:
f9:4c:da:c4:27:48:6e:a6:52:b7:18:8f:26:fc:f6:
28:1e:91:1c:8c:84:87:30:7b:2b:5c:91:75:87:e7:
f1:2f:7b:40:e3:f2:b4:9f:cf:06:bc:2d:e0:eb:6b:
30:78:bd:79:c0:e8:f1:f9:1f:21:53:11:7d:1a:be:
a9:67:4d:65:48:f9:ce:71:4a:a4:d0:f8:33:91:c4:
3b:d0:28:8e:42:d4:42:87:b3:2a:ed:3a:b7:0b:f8:
ab:ab:05:dd:a4:61:ed:4f:0d:b4:24:14:b1:35:ac:
5b:22:83:b5:46:0a:76:24:81:d4:20:0d:89:9a:b7:
63:73:0a:07:a6:cc:9d:2b:8a:73:25:ec:de:4a:a8:
2f:68:f8:e2:fa:32:b3:9e:db:62:82:00:4b:ee:b0:
b4:8a:f7:0e:95:49:a2:69:07:92:05:51:ae:1d:ac:
4c:ca:17:ce:aa:50:40:c5:a7:25:82:e3:55:66:da:
06:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:BC:DA:0C:BF:7F:9C:FC:FE:52:78:98:3D:D1:FE:4F:83:B5:25:00
X509v3 Authority Key Identifier:
keyid:D4:CE:2B:F0:00:1C:D4:30:E9:27:7F:B0:0E:D1:AB:E5:1C:0B:5C:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/i7zaDL9_nPz-UniYPdH-T4O1JQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.110.96.0/19
Signature Algorithm: sha256WithRSAEncryption
44:bb:19:33:af:8b:ea:c6:0d:07:73:20:44:81:c2:ad:07:ba:
b9:90:6c:c3:50:da:f3:44:55:2d:d5:90:e7:8a:2a:74:74:d1:
14:01:78:55:43:c4:68:d5:0c:48:4e:dd:42:c1:84:b0:43:0f:
f6:9e:17:9d:bb:85:b7:e8:e8:fa:d4:c3:9b:74:ff:25:1d:97:
7f:b4:c6:66:20:34:c0:d1:38:62:8b:c5:3e:c2:19:34:cf:58:
8f:9a:8a:7d:78:99:2c:18:80:54:37:31:99:0f:97:02:70:81:
3d:25:75:40:53:5a:10:ae:74:97:77:bf:e9:76:82:a6:77:b7:
31:38:af:8b:5c:ec:b0:ef:4c:93:c4:b8:fb:ba:20:eb:eb:78:
a8:0f:ce:66:5f:2c:3a:16:9b:e4:95:62:80:46:2c:99:b2:da:
a4:b5:01:3b:c0:04:c9:9f:a9:7e:7e:33:79:db:05:37:bf:1a:
63:ec:c3:2e:88:1b:10:69:b7:33:cb:c5:93:ba:46:a2:30:68:
af:0a:36:b3:4a:6e:0d:9e:94:12:3a:f4:10:9e:0f:75:3a:3f:
bd:78:2e:ae:85:c2:ce:42:7c:78:97:13:51:a9:37:e0:2f:5c:
d9:f3:cb:90:0a:c8:eb:19:b8:6f:d9:80:e3:e9:9f:11:d7:36:
89:b6:df:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYWlgKsw0t3LE+TUw1soqMmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Y2UyYmYwMDAxY2Q0MzBlOTI3N2ZiMDBlZDFhYmU1MWMw
YjVjN2MwHhcNMjUwNDA4MTgwNzMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmJjZGEwY2JmN2Y5Y2ZjZmU1Mjc4OTgzZGQxZmU0ZjgzYjUyNTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7LQS+/x+O2BAY+qRI6zzVdc9+Eue
E6519oE4lV9LntlxeBsWn3uPc2/rON6FQaWvR51TnjW9PFWXSXesmMH3L5PTSOo7
rj2sa0v5TNrEJ0huplK3GI8m/PYoHpEcjISHMHsrXJF1h+fxL3tA4/K0n88GvC3g
62sweL15wOjx+R8hUxF9Gr6pZ01lSPnOcUqk0PgzkcQ70CiOQtRCh7Mq7Tq3C/ir
qwXdpGHtTw20JBSxNaxbIoO1Rgp2JIHUIA2JmrdjcwoHpsydK4pzJezeSqgvaPji
+jKznttiggBL7rC0ivcOlUmiaQeSBVGuHaxMyhfOqlBAxaclguNVZtoGcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIu82gy/f5z8/lJ4mD3R/k+DtSUAMB8GA1UdIwQY
MBaAFNTOK/AAHNQw6Sd/sA7Rq+UcC1x8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU00cjhBQWMxRERwSjMtd0R0R3I1UndMWEh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iYTBiZDMtYjM2NS00NDYxLThmZmEt
MWY1NDMxZTJhNWFmLzEvaTd6YURMOV9uUHotVW5pWVBkSC1UNE8xSlFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iYTBiZDMtYjM2NS00NDYxLThmZmEtMWY1NDMxZTJhNWFm
LzEvMU00cjhBQWMxRERwSjMtd0R0R3I1UndMWEh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFTW5gMA0G
CSqGSIb3DQEBCwUAA4IBAQBEuxkzr4vqxg0HcyBEgcKtB7q5kGzDUNrzRFUt1ZDn
iip0dNEUAXhVQ8Ro1QxITt1CwYSwQw/2nhedu4W36Oj61MObdP8lHZd/tMZmIDTA
0Thii8U+whk0z1iPmop9eJksGIBUNzGZD5cCcIE9JXVAU1oQrnSXd7/pdoKmd7cx
OK+LXOyw70yTxLj7uiDr63ioD85mXyw6FpvklWKARiyZstqktQE7wATJn6l+fjN5
2wU3vxpj7MMuiBsQabczy8WTukaiMGivCjazSm4NnpQSOvQQng91Oj+9eC6uhcLO
Qnx4lxNRqTfgL1zZ88uQCsjrGbhv2YDj6Z8R1zaJtt8f
-----END CERTIFICATE-----
Generated at Mon Apr 28 11:57:11 2025 by rpki-client