Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/n7LiVB0V26-X3LtHjJ0kPOSVdZA.roa
File: n7LiVB0V26-X3LtHjJ0kPOSVdZA.roa (raw, json)
Hash identifier: CEv4CLCZ4iE7e3znEt1a4EkRpzxN/S8W6+PnH5ukOWI=
Subject key identifier: 9F:B2:E2:54:1D:15:DB:AF:97:DC:BB:47:8C:9D:24:3C:E4:95:75:90
Certificate issuer: /CN=48e06a351a5189bcdc44840948dbfb40abf58be5
Certificate serial: 018CC64A884C8446CB62BAA56652C2E8D22B
Authority key identifier: 48:E0:6A:35:1A:51:89:BC:DC:44:84:09:48:DB:FB:40:AB:F5:8B:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SOBqNRpRibzcRIQJSNv7QKv1i-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/n7LiVB0V26-X3LtHjJ0kPOSVdZA.roa
Signing time: Mon 01 Jan 2024 18:30:22 +0000
ROA not before: Mon 01 Jan 2024 18:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201029
IP address blocks: 185.77.76.0/24 maxlen: 24
185.77.77.0/24 maxlen: 24
2a00:8dc0:ff00::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:88:4c:84:46:cb:62:ba:a5:66:52:c2:e8:d2:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48e06a351a5189bcdc44840948dbfb40abf58be5
Validity
Not Before: Jan 1 18:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fb2e2541d15dbaf97dcbb478c9d243ce4957590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c2:10:2c:a5:0f:7c:05:d2:e0:24:88:b2:31:
19:c8:d8:e1:0b:ec:eb:36:a3:c8:52:17:9b:75:1d:
62:10:53:80:35:85:cd:6c:96:1b:11:7b:23:05:3b:
55:44:9f:00:05:90:26:b6:64:d1:98:06:a4:1e:31:
19:0e:05:aa:15:5b:cf:ef:d0:57:2d:5a:8e:d5:55:
9f:13:fe:75:c6:05:75:ad:ae:6f:f6:e7:2c:61:73:
9f:85:c4:a8:58:fb:27:82:0b:3e:35:fb:bb:7b:47:
9e:c0:37:e4:02:5b:cd:14:d3:19:c3:1f:6e:d8:0e:
fe:49:52:ec:c2:7b:33:61:05:43:55:21:ff:ac:13:
8d:64:cc:4e:cc:7e:02:3d:fe:35:22:c1:36:ac:01:
69:b7:19:9f:c4:95:f9:23:43:9b:17:8d:8a:d4:0f:
26:2a:99:04:02:12:99:f7:27:c1:ec:c1:80:03:c1:
65:f4:62:2e:90:19:9d:65:02:dc:2e:b4:c7:ff:15:
37:1d:88:f8:83:98:68:68:e6:7b:c1:b3:02:04:e8:
84:e3:3c:b1:0c:6b:5f:e7:d2:65:36:f0:09:1c:91:
d9:c9:cc:11:8d:68:2b:e1:08:ba:ac:e1:04:d6:ff:
e3:1b:62:3e:ef:5f:f6:f4:fb:c7:10:53:a3:16:2f:
1e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:B2:E2:54:1D:15:DB:AF:97:DC:BB:47:8C:9D:24:3C:E4:95:75:90
X509v3 Authority Key Identifier:
keyid:48:E0:6A:35:1A:51:89:BC:DC:44:84:09:48:DB:FB:40:AB:F5:8B:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SOBqNRpRibzcRIQJSNv7QKv1i-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/n7LiVB0V26-X3LtHjJ0kPOSVdZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/SOBqNRpRibzcRIQJSNv7QKv1i-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.76.0/23
IPv6:
2a00:8dc0:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
69:3b:89:42:a7:bf:81:14:9d:63:87:ef:45:54:2e:08:60:88:
b4:10:6d:26:9b:31:75:ef:b4:a7:d8:8f:5d:0f:81:c9:62:ed:
48:55:bd:f8:3d:e2:2a:41:4b:67:26:5c:a2:d3:9d:f4:ba:2a:
de:49:68:d2:d8:bf:86:04:d7:b9:33:92:91:97:45:00:fb:0e:
72:d7:73:8c:6b:06:60:fc:d8:4b:f0:f2:20:c5:65:9f:1c:be:
d0:f6:b7:6b:a6:ef:25:4b:ee:6a:76:2f:8e:f6:61:09:d5:84:
84:90:4f:6b:55:e7:0c:db:f6:70:a9:f0:2b:4c:3d:89:99:ec:
9d:85:df:cf:30:0d:2d:4e:22:24:ee:e3:29:95:ac:36:db:83:
56:c3:4d:a7:b2:14:b1:f3:d7:85:f3:a5:2d:3e:9d:d6:2f:91:
2c:c8:3a:55:1f:9d:7d:53:99:f0:3f:6a:a7:e3:d1:7f:15:55:
f6:64:c9:b8:a8:71:2e:6c:85:05:b0:d8:9f:a5:55:23:2d:a8:
d7:b2:d0:e1:4e:f4:ca:c5:3e:6b:5c:41:0d:37:1b:ec:7b:83:
2b:a1:14:7b:e0:5c:6c:e6:53:1b:a2:bb:d7:f8:fa:47:b5:de:
44:a9:b0:9f:6a:75:62:51:8f:8a:4e:16:e2:93:a7:a0:b3:2f:
a4:2e:ed:0f
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzGSohMhEbLYrqlZlLC6NIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4ZTA2YTM1MWE1MTg5YmNkYzQ0ODQwOTQ4ZGJmYjQwYWJm
NThiZTUwHhcNMjQwMTAxMTgzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmIyZTI1NDFkMTVkYmFmOTdkY2JiNDc4YzlkMjQzY2U0OTU3NTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisIQLKUPfAXS4CSIsjEZyNjhC+zr
NqPIUhebdR1iEFOANYXNbJYbEXsjBTtVRJ8ABZAmtmTRmAakHjEZDgWqFVvP79BX
LVqO1VWfE/51xgV1ra5v9ucsYXOfhcSoWPsnggs+Nfu7e0eewDfkAlvNFNMZwx9u
2A7+SVLswnszYQVDVSH/rBONZMxOzH4CPf41IsE2rAFptxmfxJX5I0ObF42K1A8m
KpkEAhKZ9yfB7MGAA8Fl9GIukBmdZQLcLrTH/xU3HYj4g5hoaOZ7wbMCBOiE4zyx
DGtf59JlNvAJHJHZycwRjWgr4Qi6rOEE1v/jG2I+71/29PvHEFOjFi8eaQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFJ+y4lQdFduvl9y7R4ydJDzklXWQMB8GA1UdIwQY
MBaAFEjgajUaUYm83ESECUjb+0Cr9YvlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU09CcU5ScFJpYnpjUklRSlNOdjdRS3YxaS1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS82MDBhZWEtOWVhNS00YzY3LWE2MDIt
YWIxYTg3ZWNkZjFiLzEvbjdMaVZCMFYyNi1YM0x0SGpKMGtQT1NWZFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS82MDBhZWEtOWVhNS00YzY3LWE2MDItYWIxYTg3ZWNkZjFi
LzEvU09CcU5ScFJpYnpjUklRSlNOdjdRS3YxaS1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuU1MMA4E
AgACMAgDBgAqAI3A/zANBgkqhkiG9w0BAQsFAAOCAQEAaTuJQqe/gRSdY4fvRVQu
CGCItBBtJpsxde+0p9iPXQ+ByWLtSFW9+D3iKkFLZyZcotOd9Loq3klo0ti/hgTX
uTOSkZdFAPsOctdzjGsGYPzYS/DyIMVlnxy+0Pa3a6bvJUvuanYvjvZhCdWEhJBP
a1XnDNv2cKnwK0w9iZnsnYXfzzANLU4iJO7jKZWsNtuDVsNNp7IUsfPXhfOlLT6d
1i+RLMg6VR+dfVOZ8D9qp+PRfxVV9mTJuKhxLmyFBbDYn6VVIy2o17LQ4U70ysU+
a1xBDTcb7HuDK6EUe+BcbOZTG6K71/j6R7XeRKmwn2p1YlGPik4W4pOnoLMvpC7t
Dw==
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:21:41 2025 by rpki-client