Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/X9knzrl8uD6nuJ4mpBcpazfh2JU.roa
File: X9knzrl8uD6nuJ4mpBcpazfh2JU.roa (raw, json)
Hash identifier: i3mNfJr+Aguz+craSXGCw2YA1qLcCLbhwPzWYNtaAuc=
Subject key identifier: 5F:D9:27:CE:B9:7C:B8:3E:A7:B8:9E:26:A4:17:29:6B:37:E1:D8:95
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EC7C09E27BDACEC3A7BD04FD67F11090F
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/X9knzrl8uD6nuJ4mpBcpazfh2JU.roa
Signing time: Wed 10 Apr 2024 11:24:33 +0000
ROA not before: Wed 10 Apr 2024 11:24:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21017
IP address blocks: 77.45.128.0/17 maxlen: 17
77.45.128.0/19 maxlen: 19
77.45.192.0/19 maxlen: 19
77.45.224.0/19 maxlen: 19
80.82.32.0/19 maxlen: 19
88.83.192.0/19 maxlen: 19
95.32.0.0/18 maxlen: 18
95.32.128.0/18 maxlen: 18
Validation: Failed, certificate revoked on Wed 10 Apr 2024 12:21:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c7:c0:9e:27:bd:ac:ec:3a:7b:d0:4f:d6:7f:11:09:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 10 11:24:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fd927ceb97cb83ea7b89e26a417296b37e1d895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:cf:d5:42:f4:2f:1e:cb:95:79:00:5d:8b:81:
cb:1f:f7:a2:be:f2:a5:f6:6a:b5:e7:86:de:17:7c:
b2:fa:b0:ef:39:0f:61:d4:ed:ea:62:0e:c5:7f:a8:
56:aa:00:4c:5e:c1:30:46:17:0a:8b:40:7d:b4:0e:
c6:c4:d5:9d:02:c0:c7:4d:78:69:6c:e0:2f:ae:83:
a3:a2:ef:1a:f7:c6:da:33:f9:b2:9d:67:9e:eb:4b:
7d:0f:69:16:2d:63:5a:ca:25:7e:f5:06:4a:54:8e:
99:17:22:7d:fa:09:ea:7a:ce:1e:c0:b5:b0:60:80:
4f:60:62:5a:20:a2:f6:8e:b2:76:c7:09:30:d4:86:
18:6c:0e:87:a1:9a:97:a2:93:7a:93:5b:68:09:a5:
be:86:d7:42:38:f0:27:a9:41:16:6a:c0:6e:d2:63:
5a:c8:87:51:c4:0f:29:77:f7:18:2a:c8:7a:77:32:
7c:c6:6f:e7:db:13:87:37:d8:59:b2:07:3c:f7:17:
50:fe:3a:b0:61:14:e0:94:6a:60:fc:b4:0b:e3:ba:
a8:1d:9b:33:55:ce:8c:40:45:06:af:d5:73:c8:17:
e0:be:90:42:81:52:dc:4d:fa:c9:5d:e0:2c:f5:c7:
5f:af:c5:b5:33:fb:ff:23:b3:0f:25:a6:8f:00:0d:
80:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:D9:27:CE:B9:7C:B8:3E:A7:B8:9E:26:A4:17:29:6B:37:E1:D8:95
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/X9knzrl8uD6nuJ4mpBcpazfh2JU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.45.128.0/17
80.82.32.0/19
88.83.192.0/19
95.32.0.0/18
95.32.128.0/18
Signature Algorithm: sha256WithRSAEncryption
8d:b5:48:29:5d:b1:9e:24:88:b5:bb:a1:60:b9:b8:1a:ea:36:
8a:3a:23:9c:f3:99:b3:80:e9:da:33:de:0e:b4:8d:1b:ab:1f:
f2:11:08:68:a5:6e:2b:49:dc:a1:e9:82:1f:78:87:43:a9:12:
79:f7:7e:1e:7a:4c:8b:3f:4b:fb:ea:58:bc:20:25:1a:ca:2d:
3f:fd:2b:18:a8:40:5f:b4:44:4c:01:47:a9:b5:d6:68:34:e3:
9e:ba:8c:0b:ab:3d:e0:b7:92:42:b0:2e:3c:2c:5a:7b:aa:1b:
d4:56:1e:b4:76:86:da:17:67:f8:f0:be:32:21:33:b5:f9:5c:
8f:34:9c:65:bf:b9:15:d0:0d:6d:09:53:0d:a9:06:ac:73:a2:
c6:cf:ca:67:17:5d:ec:2b:3b:9b:57:2e:b4:51:89:44:83:da:
6c:04:73:63:d3:d5:35:47:3f:f5:0b:d1:25:dd:f8:50:f2:31:
96:6b:26:cc:03:f7:39:b7:d7:65:b2:27:b0:3c:9b:8a:0a:c9:
59:99:0b:b6:77:ed:8f:6f:b6:6b:71:27:a4:64:b3:e8:8e:33:
9f:7f:16:1d:91:fd:38:b5:8a:41:88:67:27:7e:e2:74:2e:33:
ab:73:c6:0a:44:71:21:1d:fd:43:0d:ca:d3:3a:ce:68:e3:b1:
e4:3e:5b:4f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7HwJ4nvazsOnvQT9Z/EQkPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDEwMTEyNDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmQ5MjdjZWI5N2NiODNlYTdiODllMjZhNDE3Mjk2YjM3ZTFkODk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAks/VQvQvHsuVeQBdi4HLH/eivvKl
9mq154beF3yy+rDvOQ9h1O3qYg7Ff6hWqgBMXsEwRhcKi0B9tA7GxNWdAsDHTXhp
bOAvroOjou8a98baM/mynWee60t9D2kWLWNayiV+9QZKVI6ZFyJ9+gnqes4ewLWw
YIBPYGJaIKL2jrJ2xwkw1IYYbA6HoZqXopN6k1toCaW+htdCOPAnqUEWasBu0mNa
yIdRxA8pd/cYKsh6dzJ8xm/n2xOHN9hZsgc89xdQ/jqwYRTglGpg/LQL47qoHZsz
Vc6MQEUGr9VzyBfgvpBCgVLcTfrJXeAs9cdfr8W1M/v/I7MPJaaPAA2AwwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFF/ZJ865fLg+p7ieJqQXKWs34diVMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvWDlrbnpybDh1RDZudUo0bXBCY3BhemZoMkpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQHTS2AAwQF
UFIgAwQFWFPAAwQGXyAAAwQGXyCAMA0GCSqGSIb3DQEBCwUAA4IBAQCNtUgpXbGe
JIi1u6Fgubga6jaKOiOc85mzgOnaM94OtI0bqx/yEQhopW4rSdyh6YIfeIdDqRJ5
934eekyLP0v76li8ICUayi0//SsYqEBftERMAUeptdZoNOOeuowLqz3gt5JCsC48
LFp7qhvUVh60dobaF2f48L4yITO1+VyPNJxlv7kV0A1tCVMNqQasc6LGz8pnF13s
KzubVy60UYlEg9psBHNj09U1Rz/1C9El3fhQ8jGWaybMA/c5t9dlsiewPJuKCslZ
mQu2d+2Pb7ZrcSekZLPojjOffxYdkf04tYpBiGcnfuJ0LjOrc8YKRHEhHf1DDcrT
Os5o47HkPltP
-----END CERTIFICATE-----
Generated at Fri Jun 20 04:01:02 2025 by rpki-client