Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/TRXamFgzRcF0RPvGznNLID69pcU.roa
File: TRXamFgzRcF0RPvGznNLID69pcU.roa (raw, json)
Hash identifier: dcpKHfrP1TCTB6BwhHc9CAWRSTAiTgBMHMKEw/GrPPE=
Subject key identifier: 4D:15:DA:98:58:33:45:C1:74:44:FB:C6:CE:73:4B:20:3E:BD:A5:C5
Certificate issuer: /CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4
Certificate serial: 018CC349141E1D7F0413FE4C34AE895C235B
Authority key identifier: 85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/TRXamFgzRcF0RPvGznNLID69pcU.roa
Signing time: Mon 01 Jan 2024 04:29:55 +0000
ROA not before: Mon 01 Jan 2024 04:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42334
IP address blocks: 77.235.148.0/24 maxlen: 24
185.131.39.0/24 maxlen: 24
77.235.147.0/24 maxlen: 24
77.235.146.0/24 maxlen: 24
77.235.151.0/24 maxlen: 24
77.235.150.0/24 maxlen: 24
77.235.149.0/24 maxlen: 24
77.235.152.0/24 maxlen: 24
77.235.158.0/24 maxlen: 24
77.235.157.0/24 maxlen: 24
77.235.159.0/24 maxlen: 24
77.235.154.0/24 maxlen: 24
77.235.130.0/24 maxlen: 24
77.235.129.0/24 maxlen: 24
77.235.128.0/24 maxlen: 24
77.235.132.0/24 maxlen: 24
77.235.131.0/24 maxlen: 24
77.235.134.0/24 maxlen: 24
77.235.133.0/24 maxlen: 24
77.235.137.0/24 maxlen: 24
77.235.136.0/24 maxlen: 24
77.235.135.0/24 maxlen: 24
77.235.139.0/24 maxlen: 24
77.235.138.0/24 maxlen: 24
77.235.144.0/24 maxlen: 24
185.131.36.0/24 maxlen: 24
77.235.143.0/24 maxlen: 24
185.131.38.0/24 maxlen: 24
77.235.145.0/24 maxlen: 24
185.131.37.0/24 maxlen: 24
77.235.141.0/24 maxlen: 24
77.235.140.0/24 maxlen: 24
2a02:4180::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:14:1e:1d:7f:04:13:fe:4c:34:ae:89:5c:23:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4
Validity
Not Before: Jan 1 04:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d15da98583345c17444fbc6ce734b203ebda5c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7d:14:c9:05:5b:a3:f9:0d:52:8c:d8:02:29:
64:1f:86:a0:e7:bd:46:9f:87:15:c5:1a:98:91:96:
be:dc:2f:46:09:e6:f5:8b:4a:56:35:bf:5f:ba:e9:
67:6a:60:46:4c:24:03:3e:5b:16:47:87:17:01:92:
92:63:ce:38:f7:4e:cd:35:70:80:0e:2a:d4:b2:b5:
e2:11:38:6b:91:7b:96:5c:3d:8b:b7:57:98:82:96:
4c:3f:38:28:cb:72:97:f8:07:c9:7b:13:1c:ad:b4:
2e:1b:07:4c:15:ca:9e:ae:75:6f:86:6e:0d:57:eb:
8f:f3:30:c0:9d:10:45:a4:07:68:28:2a:e0:77:23:
30:b1:62:22:2b:fc:31:ad:ee:9e:f1:11:b3:5b:68:
4e:40:c1:5c:32:96:3e:ac:d3:2b:ac:97:58:a8:99:
9b:79:d5:c5:81:59:d6:32:6a:50:d9:50:fa:22:a8:
bb:25:47:18:cf:ab:65:26:af:32:7c:ba:ac:84:cd:
c0:7d:2a:71:02:e4:22:bb:6a:cd:c5:73:ca:ab:d5:
46:93:14:17:72:0c:85:b4:d8:ca:54:81:bd:d3:72:
48:b1:01:43:8b:41:9d:cd:4e:30:00:41:bb:b0:b3:
89:d6:3c:83:c8:d1:5e:66:96:91:01:d5:1c:05:c8:
9e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:15:DA:98:58:33:45:C1:74:44:FB:C6:CE:73:4B:20:3E:BD:A5:C5
X509v3 Authority Key Identifier:
keyid:85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/TRXamFgzRcF0RPvGznNLID69pcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.235.128.0-77.235.141.255
77.235.143.0-77.235.152.255
77.235.154.0/24
77.235.157.0-77.235.159.255
185.131.36.0/22
IPv6:
2a02:4180::/32
Signature Algorithm: sha256WithRSAEncryption
83:10:54:f7:3c:ec:af:5a:57:99:58:93:fb:d8:f9:c4:06:44:
01:b9:88:72:54:f3:21:5f:95:44:9d:0a:31:25:8d:43:53:7b:
8c:1c:bf:c2:24:54:1a:de:c1:2b:23:c9:11:9c:34:47:f5:64:
7e:bd:3d:08:1e:62:d4:63:f5:36:5a:0c:f2:f7:a3:d1:df:84:
33:9c:ae:7a:87:81:d1:8a:04:ed:2c:12:47:50:92:9d:be:8c:
3c:c8:00:8c:45:17:4d:c4:70:0f:f2:02:3f:a0:4a:e7:8b:a6:
5e:c5:e4:53:5b:fc:dd:a8:67:c9:39:ef:09:83:60:cd:59:83:
6c:e6:cc:66:24:0a:f7:c7:ca:be:4d:7c:9f:ee:1b:e0:5e:02:
0e:5c:75:1f:7b:87:3e:b2:be:c6:cd:eb:5c:5e:6a:85:3a:06:
bc:24:7d:82:65:7f:ab:b3:3d:b7:5f:d1:be:84:60:df:d5:ce:
69:e3:ca:8b:25:9d:f4:4a:ca:18:90:8d:f5:8d:1e:17:ef:df:
60:02:ee:3e:61:7d:77:a3:e4:6e:ac:2d:76:bc:c5:3b:c4:f4:
30:b7:0b:5f:2a:eb:c0:83:3f:ca:7b:2f:d8:60:cc:0b:01:e6:
74:f7:21:ac:49:d9:ef:f1:e4:bb:86:ac:1e:c7:82:5a:1e:9b:
99:db:66:4b
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzDSRQeHX8EE/5MNK6JXCNbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZTE1NjdiMTY4MTgzM2M5NDRhNWYyNjQwYTllMDNiZThl
ZjBiZjQwHhcNMjQwMTAxMDQyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDE1ZGE5ODU4MzM0NWMxNzQ0NGZiYzZjZTczNGIyMDNlYmRhNWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqX0UyQVbo/kNUozYAilkH4ag571G
n4cVxRqYkZa+3C9GCeb1i0pWNb9fuulnamBGTCQDPlsWR4cXAZKSY844907NNXCA
DirUsrXiEThrkXuWXD2Lt1eYgpZMPzgoy3KX+AfJexMcrbQuGwdMFcqernVvhm4N
V+uP8zDAnRBFpAdoKCrgdyMwsWIiK/wxre6e8RGzW2hOQMFcMpY+rNMrrJdYqJmb
edXFgVnWMmpQ2VD6Iqi7JUcYz6tlJq8yfLqshM3AfSpxAuQiu2rNxXPKq9VGkxQX
cgyFtNjKVIG903JIsQFDi0GdzU4wAEG7sLOJ1jyDyNFeZpaRAdUcBcieCQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFE0V2phYM0XBdET7xs5zSyA+vaXFMB8GA1UdIwQY
MBaAFIXhVnsWgYM8lEpfJkCp4Dvo7wv0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEt
NTNhOTk4ZGU2M2UzLzEvVFJYYW1GZ3pSY0YwUlB2R3puTkxJRDY5cGNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEtNTNhOTk4ZGU2M2Uz
LzEvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2MAwDBAdN64AD
BAFN64wwDAMEAE3rjwMEAE3rmAMEAE3rmjAMAwQATeudAwQFTeuAAwQCuYMkMA0E
AgACMAcDBQAqAkGAMA0GCSqGSIb3DQEBCwUAA4IBAQCDEFT3POyvWleZWJP72PnE
BkQBuYhyVPMhX5VEnQoxJY1DU3uMHL/CJFQa3sErI8kRnDRH9WR+vT0IHmLUY/U2
Wgzy96PR34QznK56h4HRigTtLBJHUJKdvow8yACMRRdNxHAP8gI/oErni6ZexeRT
W/zdqGfJOe8Jg2DNWYNs5sxmJAr3x8q+TXyf7hvgXgIOXHUfe4c+sr7GzetcXmqF
Oga8JH2CZX+rsz23X9G+hGDf1c5p48qLJZ30SsoYkI31jR4X799gAu4+YX13o+Ru
rC12vMU7xPQwtwtfKuvAgz/Key/YYMwLAeZ09yGsSdnv8eS7hqwex4JaHpuZ22ZL
-----END CERTIFICATE-----
Generated at Fri May 2 23:21:46 2025 by rpki-client