Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/NQNOHPIIhGARUOnNAtY2csRpBAQ.roa
File: NQNOHPIIhGARUOnNAtY2csRpBAQ.roa (raw, json)
Hash identifier: tK09lpGZ5RkHcipseyoEpMK4Y2hpmQlroyGoz6tUWsI=
Subject key identifier: 35:03:4E:1C:F2:08:84:60:11:50:E9:CD:02:D6:36:72:C4:69:04:04
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01946735E09904C69B33F2D3BE3FF2A4F621
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/NQNOHPIIhGARUOnNAtY2csRpBAQ.roa
Signing time: Tue 14 Jan 2025 23:46:11 +0000
ROA not before: Tue 14 Jan 2025 23:46:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42216
IP address blocks: 77.92.142.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.152.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
188.132.206.0/24 maxlen: 24
188.132.207.0/24 maxlen: 24
2a10:9440:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 Jan 2025 23:56:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:67:35:e0:99:04:c6:9b:33:f2:d3:be:3f:f2:a4:f6:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 14 23:46:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35034e1cf20884601150e9cd02d63672c4690404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:24:cd:fd:67:31:b6:28:98:02:ac:9c:ae:de:
dd:fb:7a:d5:cd:1d:ab:7c:20:41:8c:91:3a:39:26:
b1:95:6a:38:52:1d:32:e5:ab:4e:42:a1:e1:e8:c1:
0f:e8:e3:96:04:96:7c:55:87:e4:58:3f:73:00:02:
cf:0f:f0:2f:48:25:24:83:58:14:44:71:6a:be:54:
08:9a:9a:45:c7:59:7e:0d:32:ab:bd:ae:03:7a:df:
63:0c:04:8a:b0:8b:d7:af:ca:7a:e8:3f:34:34:f7:
f2:8c:0b:6c:37:2f:0d:6d:a3:f1:12:0b:84:7e:85:
a1:b5:7d:3c:f5:49:82:92:cd:fd:df:29:e5:84:ca:
b0:c4:dc:dc:42:11:53:88:3c:5e:b6:aa:62:d8:c2:
e1:31:43:21:dc:b8:c2:e0:53:b8:c4:48:7c:fb:06:
d5:88:36:24:9e:e9:ce:6a:73:9a:8f:61:14:db:79:
0c:d2:11:54:8e:fa:a1:38:5d:89:7b:47:37:b4:25:
20:e4:c7:11:f0:7d:a0:e5:2c:c4:93:54:e2:42:f2:
e9:2f:13:a7:58:2f:da:49:27:97:87:25:36:5d:2c:
6d:bb:6f:43:95:db:52:d1:ea:b4:cf:bd:4e:0f:26:
58:8f:76:78:d0:dc:1b:0c:e2:b7:e2:86:c8:36:90:
ea:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:03:4E:1C:F2:08:84:60:11:50:E9:CD:02:D6:36:72:C4:69:04:04
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/NQNOHPIIhGARUOnNAtY2csRpBAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.142.0/23
77.92.152.0/24
78.135.86.0/24
188.132.206.0/23
IPv6:
2a10:9440:1::/48
Signature Algorithm: sha256WithRSAEncryption
06:8e:0c:d8:0b:ca:b1:a1:47:cd:c4:9d:a8:d9:f8:b5:35:16:
a0:cc:54:4b:f4:61:d6:4d:17:3d:a8:e6:4a:62:d3:c3:db:a5:
66:fe:92:b8:d3:e7:e0:9f:ab:5f:2f:22:cc:e2:d5:08:60:bb:
9f:21:39:ef:7e:ad:a1:3b:7b:71:a7:df:96:0b:66:92:97:5f:
6c:c3:a5:c4:c5:90:bf:d9:a7:47:e5:eb:14:87:5d:5b:0f:56:
26:34:34:84:35:ee:2c:97:0a:64:38:66:1e:65:48:bb:c8:b2:
bf:af:4a:42:38:53:50:c2:65:25:5d:f0:4f:bc:e0:9f:19:89:
c9:de:92:73:8d:b8:c8:c4:61:b9:8a:74:97:03:4e:2e:a0:29:
81:c4:da:26:02:14:ff:f5:44:0c:8c:c8:9b:1c:66:73:9a:a4:
0a:3f:db:48:af:09:d3:6a:5d:be:7a:39:85:5e:0d:77:84:d0:
f4:1b:b2:73:ba:24:4e:f7:09:98:69:25:a6:72:16:05:28:fa:
46:6c:e9:a5:40:90:dc:95:bf:ab:a7:82:08:b4:e8:30:bf:6f:
39:97:70:69:3e:d7:1d:8a:1a:e7:59:5e:f2:46:c9:b9:20:97:
f0:8c:9a:45:4f:d8:1b:d2:04:bd:0f:bb:bf:af:d5:c4:74:40:
27:36:f8:a2
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZRnNeCZBMabM/LTvj/ypPYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMTE0MjM0NjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTAzNGUxY2YyMDg4NDYwMTE1MGU5Y2QwMmQ2MzY3MmM0NjkwNDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSTN/WcxtiiYAqycrt7d+3rVzR2r
fCBBjJE6OSaxlWo4Uh0y5atOQqHh6MEP6OOWBJZ8VYfkWD9zAALPD/AvSCUkg1gU
RHFqvlQImppFx1l+DTKrva4Det9jDASKsIvXr8p66D80NPfyjAtsNy8NbaPxEguE
foWhtX089UmCks393ynlhMqwxNzcQhFTiDxetqpi2MLhMUMh3LjC4FO4xEh8+wbV
iDYknunOanOaj2EU23kM0hFUjvqhOF2Je0c3tCUg5McR8H2g5SzEk1TiQvLpLxOn
WC/aSSeXhyU2XSxtu29DldtS0eq0z71ODyZYj3Z40NwbDOK34obINpDqBwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFDUDThzyCIRgEVDpzQLWNnLEaQQEMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvTlFOT0hQSUloR0FSVU9uTkF0WTJjc1JwQkFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQBTVyOAwQA
TVyYAwQATodWAwQBvITOMA8EAgACMAkDBwAqEJRAAAEwDQYJKoZIhvcNAQELBQAD
ggEBAAaODNgLyrGhR83EnajZ+LU1FqDMVEv0YdZNFz2o5kpi08PbpWb+krjT5+Cf
q18vIszi1Qhgu58hOe9+raE7e3Gn35YLZpKXX2zDpcTFkL/Zp0fl6xSHXVsPViY0
NIQ17iyXCmQ4Zh5lSLvIsr+vSkI4U1DCZSVd8E+84J8ZicneknONuMjEYbmKdJcD
Ti6gKYHE2iYCFP/1RAyMyJscZnOapAo/20ivCdNqXb56OYVeDXeE0PQbsnO6JE73
CZhpJaZyFgUo+kZs6aVAkNyVv6unggi06DC/bzmXcGk+1x2KGudZXvJGybkgl/CM
mkVP2BvSBL0Pu7+v1cR0QCc2+KI=
-----END CERTIFICATE-----
Generated at Sun Apr 27 18:06:15 2025 by rpki-client