Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/aUUhjxnqhypluLi-uC7PjhMFpVM.roa
File: aUUhjxnqhypluLi-uC7PjhMFpVM.roa (raw, json)
Hash identifier: m+ARDiJmGMHS/oZz8KhC+TzAwTpdAz2g6GiW1jGtdB8=
Subject key identifier: 69:45:21:8F:19:EA:87:2A:65:B8:B8:BE:B8:2E:CF:8E:13:05:A5:53
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019599C5764547AA7168DF28929471F71EE2
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/aUUhjxnqhypluLi-uC7PjhMFpVM.roa
Signing time: Sat 15 Mar 2025 12:26:49 +0000
ROA not before: Sat 15 Mar 2025 12:26:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 77.242.150.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.151.59.0/24 maxlen: 24
88.209.216.0/24 maxlen: 24
88.209.221.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 06:55:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:99:c5:76:45:47:aa:71:68:df:28:92:94:71:f7:1e:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 15 12:26:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6945218f19ea872a65b8b8beb82ecf8e1305a553
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:d8:08:17:df:ce:fe:b8:25:0e:f4:2c:2e:e7:
83:eb:3d:db:07:c1:71:1c:5b:e4:1b:56:2a:66:96:
0a:bc:bf:8a:78:08:2d:98:d1:ee:4e:74:4c:4d:56:
bc:9b:ba:b2:7b:b8:3e:f1:ee:d7:e5:b0:d4:18:bb:
2d:15:83:54:a0:67:b2:22:1a:38:4c:a3:63:cd:53:
41:fa:50:9c:0e:56:e2:8e:6e:ff:3a:97:70:ac:0a:
e2:13:31:29:25:a7:ff:97:fd:06:40:f0:3a:c9:69:
09:40:1c:f0:35:b0:2e:f1:5b:a8:58:ed:5a:92:98:
23:62:59:32:b8:4d:c3:e7:62:c7:4f:58:28:4f:65:
ba:39:7a:de:20:d2:08:fd:dc:71:24:7b:1c:b0:bf:
8e:96:51:ff:a9:04:3f:6b:7a:61:28:71:83:d7:0d:
90:3b:a4:a3:5e:9f:38:bb:5d:48:c3:0a:61:af:9f:
bd:cf:a5:40:bc:b2:0f:81:85:32:0a:ce:9c:0c:94:
5d:ea:f5:e4:c6:e1:3f:1b:c5:1c:05:f5:e5:5f:75:
4a:46:c4:95:b7:7f:70:9c:c8:37:7c:6b:36:79:0d:
c3:6e:fc:36:0c:53:46:fc:53:c3:b7:2d:b9:94:42:
55:78:cf:80:31:34:8b:a3:9d:7f:2d:ad:16:f6:a7:
e4:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:45:21:8F:19:EA:87:2A:65:B8:B8:BE:B8:2E:CF:8E:13:05:A5:53
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/aUUhjxnqhypluLi-uC7PjhMFpVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.150.0/24
88.151.56.0/23
88.151.59.0/24
88.209.216.0/24
88.209.221.0/24
88.209.224.0/24
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:67:fb:26:63:80:ec:7c:7e:0c:bd:37:ba:12:4e:9b:ee:87:
f8:4a:5d:f0:af:d9:b7:bf:ef:3f:e1:08:04:34:7b:a5:37:b6:
63:4c:5b:16:e6:a3:06:d6:68:89:8d:78:d2:7c:49:e9:36:79:
6f:10:27:d0:40:3d:00:ee:77:34:b2:12:c8:c8:bd:61:6f:a5:
24:c8:07:57:fb:44:d6:01:22:46:e4:f4:59:5f:a4:b1:f5:7d:
da:72:6d:fc:79:e5:95:1a:59:ad:37:5f:92:aa:65:43:63:e0:
ff:a2:e6:5e:a5:40:53:34:5d:3e:b1:16:b0:a9:88:ba:c7:e5:
47:1e:7d:f6:81:44:e5:1e:e1:5e:43:f8:eb:81:52:7e:f0:be:
5f:2c:23:1a:8c:fd:fb:65:7b:63:25:3b:d8:94:0f:07:3f:ae:
8d:68:20:48:ac:95:58:87:48:51:4b:23:91:36:e3:fa:f6:89:
57:92:bb:27:48:5a:ef:5c:d3:09:9d:1b:59:bf:db:91:69:9a:
37:0f:bb:46:34:41:41:0a:aa:a8:03:69:38:8b:ce:19:9f:3e:
05:a0:bc:a9:8a:6d:c6:19:41:f6:45:51:2e:08:4e:fa:47:17:
eb:7d:d2:65:1f:41:1b:b1:0b:dc:34:c6:54:6e:90:ab:3a:e3:
55:13:f7:b2
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZWZxXZFR6pxaN8okpRx9x7iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMzE1MTIyNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTQ1MjE4ZjE5ZWE4NzJhNjViOGI4YmViODJlY2Y4ZTEzMDVhNTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8tgIF9/O/rglDvQsLueD6z3bB8Fx
HFvkG1YqZpYKvL+KeAgtmNHuTnRMTVa8m7qye7g+8e7X5bDUGLstFYNUoGeyIho4
TKNjzVNB+lCcDlbijm7/OpdwrAriEzEpJaf/l/0GQPA6yWkJQBzwNbAu8VuoWO1a
kpgjYlkyuE3D52LHT1goT2W6OXreINII/dxxJHscsL+OllH/qQQ/a3phKHGD1w2Q
O6SjXp84u11Iwwphr5+9z6VAvLIPgYUyCs6cDJRd6vXkxuE/G8UcBfXlX3VKRsSV
t39wnMg3fGs2eQ3Dbvw2DFNG/FPDty25lEJVeM+AMTSLo51/La0W9qfkwwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGlFIY8Z6ocqZbi4vrguz44TBaVTMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvYVVVaGp4bnFoeXBsdUxpLXVDN1BqaE1GcFZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQATfKWAwQB
WJc4AwQAWJc7AwQAWNHYAwQAWNHdAwQAWNHgAwQCWNHoMA0GCSqGSIb3DQEBCwUA
A4IBAQC8Z/smY4DsfH4MvTe6Ek6b7of4Sl3wr9m3v+8/4QgENHulN7ZjTFsW5qMG
1miJjXjSfEnpNnlvECfQQD0A7nc0shLIyL1hb6UkyAdX+0TWASJG5PRZX6Sx9X3a
cm38eeWVGlmtN1+SqmVDY+D/ouZepUBTNF0+sRawqYi6x+VHHn32gUTlHuFeQ/jr
gVJ+8L5fLCMajP37ZXtjJTvYlA8HP66NaCBIrJVYh0hRSyORNuP69olXkrsnSFrv
XNMJnRtZv9uRaZo3D7tGNEFBCqqoA2k4i84Znz4FoLypim3GGUH2RVEuCE76Rxfr
fdJlH0EbsQvcNMZUbpCrOuNVE/ey
-----END CERTIFICATE-----
Generated at Fri May 2 14:59:27 2025 by rpki-client