Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/O-MZfoQWsYpPhZugMMFMIFOxi8E.roa
File: O-MZfoQWsYpPhZugMMFMIFOxi8E.roa (raw, json)
Hash identifier: iJ5L/zoXN3J4ViUzPh2go7pWElW+bEB6ZrXWj6lMNYU=
Subject key identifier: 3B:E3:19:7E:84:16:B1:8A:4F:85:9B:A0:30:C1:4C:20:53:B1:8B:C1
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0193F5907404B4F4898DAB0B7708F0301AA1
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/O-MZfoQWsYpPhZugMMFMIFOxi8E.roa
Signing time: Mon 23 Dec 2024 22:08:25 +0000
ROA not before: Mon 23 Dec 2024 22:08:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42216
IP address blocks: 77.92.142.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.152.0/24 maxlen: 24
78.135.78.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
188.132.206.0/24 maxlen: 24
188.132.207.0/24 maxlen: 24
2a10:9440:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Dec 2024 22:16:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f5:90:74:04:b4:f4:89:8d:ab:0b:77:08:f0:30:1a:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Dec 23 22:08:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3be3197e8416b18a4f859ba030c14c2053b18bc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0b:ad:ad:ee:fc:b4:f2:06:0f:c4:0f:57:11:
ba:a8:95:ee:99:2a:a2:91:bd:54:e8:af:d2:67:c9:
4d:60:1c:c5:8b:75:38:f0:95:60:b4:1f:ae:ef:67:
96:ef:c8:4a:73:00:b4:27:46:5c:3b:1f:f2:cd:4a:
ea:a6:e0:b3:4a:dc:ab:ef:05:1c:0d:b0:3d:e8:f8:
d3:04:7d:54:33:b5:7c:1d:dd:dd:4a:80:5b:23:4e:
54:7a:7c:30:d1:c7:34:40:81:b4:ec:9f:f1:7e:60:
8d:3e:0a:42:18:e3:87:53:61:28:65:7d:fb:1f:34:
ad:22:5c:c5:64:1b:33:36:aa:43:5a:6a:32:c7:f3:
fc:2a:9d:8c:f9:cf:8f:52:d5:7f:11:8e:19:d1:8f:
aa:3b:81:1c:ff:49:51:d0:92:ef:d9:8c:ce:46:78:
6e:2f:bc:ee:a6:cd:b8:ac:44:f6:82:95:df:2a:f5:
27:65:07:76:30:ce:6f:fd:85:6d:74:83:a5:47:15:
bc:38:1a:af:2b:03:b5:77:19:fc:0c:6f:5d:84:d7:
a6:d9:6c:14:7e:2f:1e:da:c4:2b:61:67:81:4d:37:
d3:16:2e:ee:f5:d5:a0:7b:9f:c0:ee:e0:80:42:4c:
27:78:85:7f:1a:ed:09:15:df:93:89:1c:a7:f1:bd:
a5:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E3:19:7E:84:16:B1:8A:4F:85:9B:A0:30:C1:4C:20:53:B1:8B:C1
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/O-MZfoQWsYpPhZugMMFMIFOxi8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.142.0/23
77.92.152.0/24
78.135.78.0/24
78.135.86.0/24
188.132.206.0/23
IPv6:
2a10:9440:1::/48
Signature Algorithm: sha256WithRSAEncryption
96:04:f1:52:8a:6b:f6:60:bb:c3:00:08:b0:25:4f:8d:32:b2:
65:94:d0:81:ee:ec:b1:55:c5:e0:5f:60:ea:7e:7e:8b:ad:7d:
89:47:6d:db:ca:0a:60:7e:79:46:fb:1d:da:cc:a3:46:41:3e:
ea:ee:70:d6:9b:4f:63:75:c5:ed:70:a1:63:65:fd:d5:ec:af:
94:e0:2f:cc:67:f4:67:12:b0:75:19:99:0c:f9:f2:3c:87:41:
56:0a:91:c5:6a:a8:5a:27:9e:5e:40:a0:20:b0:5d:b0:2a:55:
90:25:5a:d9:29:f3:ce:15:0f:5b:e2:87:ff:0f:ab:2c:05:39:
de:0c:87:79:0b:b1:e0:b6:31:64:90:ce:70:8a:d3:42:ba:25:
5f:ec:3c:cb:85:77:49:8c:e7:fe:7c:a9:5e:10:c4:a4:00:11:
d9:a5:be:bc:fa:55:5b:b1:b7:f9:b9:09:b3:5e:1d:1f:54:6b:
c1:c0:03:77:ca:a9:eb:c3:e2:b9:e4:c5:66:ca:c4:be:4f:a3:
2e:25:9c:cf:32:bb:71:c8:71:4e:19:ee:6b:44:7d:ca:2d:c2:
37:1c:45:e9:7e:91:a5:8a:e0:fc:84:44:ab:67:c7:b8:28:9c:
d2:b2:fe:87:93:73:f4:5c:42:66:d8:44:0f:60:a6:45:c5:76:
e4:69:7c:4e
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZP1kHQEtPSJjasLdwjwMBqhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQxMjIzMjIwODI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmUzMTk3ZTg0MTZiMThhNGY4NTliYTAzMGMxNGMyMDUzYjE4YmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAutre78tPIGD8QPVxG6qJXumSqi
kb1U6K/SZ8lNYBzFi3U48JVgtB+u72eW78hKcwC0J0ZcOx/yzUrqpuCzStyr7wUc
DbA96PjTBH1UM7V8Hd3dSoBbI05Uenww0cc0QIG07J/xfmCNPgpCGOOHU2EoZX37
HzStIlzFZBszNqpDWmoyx/P8Kp2M+c+PUtV/EY4Z0Y+qO4Ec/0lR0JLv2YzORnhu
L7zups24rET2gpXfKvUnZQd2MM5v/YVtdIOlRxW8OBqvKwO1dxn8DG9dhNem2WwU
fi8e2sQrYWeBTTfTFi7u9dWge5/A7uCAQkwneIV/Gu0JFd+TiRyn8b2lAQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFDvjGX6EFrGKT4WboDDBTCBTsYvBMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvTy1NWmZvUVdzWXBQaFp1Z01NRk1JRk94aThFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQBTVyOAwQA
TVyYAwQATodOAwQATodWAwQBvITOMA8EAgACMAkDBwAqEJRAAAEwDQYJKoZIhvcN
AQELBQADggEBAJYE8VKKa/Zgu8MACLAlT40ysmWU0IHu7LFVxeBfYOp+foutfYlH
bdvKCmB+eUb7HdrMo0ZBPurucNabT2N1xe1woWNl/dXsr5TgL8xn9GcSsHUZmQz5
8jyHQVYKkcVqqFonnl5AoCCwXbAqVZAlWtkp884VD1vih/8PqywFOd4Mh3kLseC2
MWSQznCK00K6JV/sPMuFd0mM5/58qV4QxKQAEdmlvrz6VVuxt/m5CbNeHR9Ua8HA
A3fKqevD4rnkxWbKxL5Poy4lnM8yu3HIcU4Z7mtEfcotwjccRel+kaWK4PyERKtn
x7gonNKy/oeTc/RcQmbYRA9gpkXFduRpfE4=
-----END CERTIFICATE-----
Generated at Mon Apr 28 00:51:08 2025 by rpki-client