Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/HXxmdCZ1VRQy3Gh-m4C1tg6LIOE.roa
File: HXxmdCZ1VRQy3Gh-m4C1tg6LIOE.roa (raw, json)
Hash identifier: AikJoCeXRVPuA/KreObrd69996M0fKeA+3ZgpXTNZJ4=
Subject key identifier: 1D:7C:66:74:26:75:55:14:32:DC:68:7E:9B:80:B5:B6:0E:8B:20:E1
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0194010D0AB3D4D61A267B9BD4BC4DED906D
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/HXxmdCZ1VRQy3Gh-m4C1tg6LIOE.roa
Signing time: Thu 26 Dec 2024 03:40:19 +0000
ROA not before: Thu 26 Dec 2024 03:40:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42216
IP address blocks: 77.92.142.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.152.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
188.132.206.0/24 maxlen: 24
188.132.207.0/24 maxlen: 24
2a10:9440:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 26 Dec 2024 06:03:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:01:0d:0a:b3:d4:d6:1a:26:7b:9b:d4:bc:4d:ed:90:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Dec 26 03:40:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d7c66742675551432dc687e9b80b5b60e8b20e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:56:a0:0f:2d:0e:ac:87:ca:35:4a:6c:f7:9e:
a1:46:10:37:49:b8:70:12:24:30:aa:c7:2d:a6:4f:
f2:36:18:45:84:0b:ea:89:7c:e5:5a:0b:a3:61:89:
50:8f:a9:c3:c0:f2:66:5b:b9:41:b7:83:91:7f:0f:
51:21:bf:42:32:79:57:3d:98:60:d0:74:c3:53:1c:
d3:59:38:e8:f6:16:9b:c0:40:27:47:e5:ab:f7:44:
b8:76:a7:17:47:ef:3c:77:66:85:d1:a9:21:a9:f1:
55:47:b3:ff:34:46:94:b5:2f:62:97:cc:0e:dc:b5:
ae:0a:b7:b5:f9:32:f5:37:5c:42:ad:0e:fb:51:44:
ac:82:e1:2a:9a:e0:08:66:80:90:19:46:47:65:96:
e2:ec:d6:ef:45:7a:79:fd:3a:1e:a9:46:9d:64:1e:
00:50:77:d6:44:c6:ec:ef:e2:c4:9f:b4:ad:5a:5e:
54:22:e4:25:4b:26:21:a2:7b:ec:48:ce:7c:78:da:
30:59:c9:39:76:f5:c2:cd:fc:e0:26:93:bd:a6:98:
6d:5c:b2:b7:be:bb:77:41:b2:1b:d2:a9:83:02:55:
62:bf:cb:1c:de:66:f8:b3:ed:e2:e8:3b:7d:ca:91:
94:5d:36:ae:9e:98:1b:de:8c:2f:35:26:08:0a:0c:
97:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:7C:66:74:26:75:55:14:32:DC:68:7E:9B:80:B5:B6:0E:8B:20:E1
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/HXxmdCZ1VRQy3Gh-m4C1tg6LIOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.142.0/23
77.92.152.0/24
78.135.86.0/24
188.132.206.0/23
IPv6:
2a10:9440:1::/48
Signature Algorithm: sha256WithRSAEncryption
7f:54:0c:88:82:41:58:56:ea:79:57:ce:42:c7:59:26:5a:8c:
0d:78:32:be:31:a4:99:3c:1f:4e:b4:1a:80:52:5b:4c:b0:b9:
a6:7f:57:c1:86:8c:d4:1c:20:00:be:66:0c:7c:6a:b9:5a:84:
dd:51:0d:14:55:d1:55:60:39:52:3f:53:ea:81:18:2f:25:6c:
27:4e:b1:f1:f8:45:67:83:23:1b:67:c4:3f:8d:50:f1:c3:91:
9c:61:58:81:69:8b:ff:87:03:9b:93:b2:44:68:fe:e8:9c:0f:
06:e5:80:91:38:85:d6:cc:5f:7f:db:8a:4c:9f:e4:7e:a8:c5:
49:ad:af:ff:fb:0d:1b:5f:5d:68:f6:0d:a8:cb:01:45:55:17:
69:dc:d1:d2:91:54:6f:3e:40:83:72:86:bf:1a:12:0a:5c:a9:
0d:a7:d8:06:26:b4:2f:75:85:ac:67:07:5e:e8:1f:16:88:46:
fc:72:a5:a4:a9:ad:db:ef:fc:04:c8:71:24:ce:c7:2e:74:61:
02:d9:21:71:86:74:25:f3:ba:d7:88:d3:25:ba:fd:52:bb:79:
8b:32:fb:97:d0:71:54:fe:51:0f:f0:8c:86:2c:7e:7c:be:ba:
88:11:03:15:d5:69:f5:29:57:71:8e:36:ce:cc:26:de:91:55:
a3:6f:f9:a4
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQBDQqz1NYaJnub1LxN7ZBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQxMjI2MDM0MDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDdjNjY3NDI2NzU1NTE0MzJkYzY4N2U5YjgwYjViNjBlOGIyMGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFagDy0OrIfKNUps956hRhA3Sbhw
EiQwqsctpk/yNhhFhAvqiXzlWgujYYlQj6nDwPJmW7lBt4ORfw9RIb9CMnlXPZhg
0HTDUxzTWTjo9habwEAnR+Wr90S4dqcXR+88d2aF0akhqfFVR7P/NEaUtS9il8wO
3LWuCre1+TL1N1xCrQ77UUSsguEqmuAIZoCQGUZHZZbi7NbvRXp5/ToeqUadZB4A
UHfWRMbs7+LEn7StWl5UIuQlSyYhonvsSM58eNowWck5dvXCzfzgJpO9pphtXLK3
vrt3QbIb0qmDAlViv8sc3mb4s+3i6Dt9ypGUXTaunpgb3owvNSYICgyXZQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFB18ZnQmdVUUMtxofpuAtbYOiyDhMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvSFh4bWRDWjFWUlF5M0doLW00QzF0ZzZMSU9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQBTVyOAwQA
TVyYAwQATodWAwQBvITOMA8EAgACMAkDBwAqEJRAAAEwDQYJKoZIhvcNAQELBQAD
ggEBAH9UDIiCQVhW6nlXzkLHWSZajA14Mr4xpJk8H060GoBSW0ywuaZ/V8GGjNQc
IAC+Zgx8arlahN1RDRRV0VVgOVI/U+qBGC8lbCdOsfH4RWeDIxtnxD+NUPHDkZxh
WIFpi/+HA5uTskRo/uicDwblgJE4hdbMX3/bikyf5H6oxUmtr//7DRtfXWj2DajL
AUVVF2nc0dKRVG8+QINyhr8aEgpcqQ2n2AYmtC91haxnB17oHxaIRvxypaSprdvv
/ATIcSTOxy50YQLZIXGGdCXzuteI0yW6/VK7eYsy+5fQcVT+UQ/wjIYsfny+uogR
AxXVafUpV3GONs7MJt6RVaNv+aQ=
-----END CERTIFICATE-----
Generated at Sun Apr 27 15:26:50 2025 by rpki-client