Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/b28a1d-f471-4eb7-a8de-c0c74809439e/1/KMigE0ogV4ZLPvhEGrhzfl78Xyw.roa
File: KMigE0ogV4ZLPvhEGrhzfl78Xyw.roa (raw, json)
Hash identifier: 7vsQI/Qh8rxJC3RUpsJHvbZVZZE7vAfCiGBqcJ16WHM=
Subject key identifier: 28:C8:A0:13:4A:20:57:86:4B:3E:F8:44:1A:B8:73:7E:5E:FC:5F:2C
Certificate issuer: /CN=66af1c224db29a5104a61aac32f60956025fad43
Certificate serial: 019420D649CA7CD1DF6E8C4401D6318101ED
Authority key identifier: 66:AF:1C:22:4D:B2:9A:51:04:A6:1A:AC:32:F6:09:56:02:5F:AD:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zq8cIk2ymlEEphqsMvYJVgJfrUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/b28a1d-f471-4eb7-a8de-c0c74809439e/1/KMigE0ogV4ZLPvhEGrhzfl78Xyw.roa
Signing time: Wed 01 Jan 2025 07:48:21 +0000
ROA not before: Wed 01 Jan 2025 07:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215037
IP address blocks: 81.177.208.0/22 maxlen: 22
81.177.208.0/24 maxlen: 24
81.177.209.0/24 maxlen: 24
81.177.210.0/24 maxlen: 24
81.177.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 12:22:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:49:ca:7c:d1:df:6e:8c:44:01:d6:31:81:01:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66af1c224db29a5104a61aac32f60956025fad43
Validity
Not Before: Jan 1 07:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28c8a0134a2057864b3ef8441ab8737e5efc5f2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:13:42:f8:24:ba:3f:a9:85:7b:31:ad:5a:10:
a1:ec:70:95:00:a5:ca:79:77:cf:0d:7b:d3:4f:df:
9c:0a:d9:a4:9a:25:4e:6e:22:fb:46:25:70:15:f7:
62:a5:2f:da:72:ba:be:75:9e:72:a0:b3:e4:fd:e4:
88:96:2b:77:f6:65:66:61:35:3b:5f:d1:bc:da:eb:
fc:75:ef:cb:31:6b:c0:de:e4:10:2e:70:f1:91:94:
51:0b:6d:64:b5:93:a2:e1:d5:6a:89:b1:34:0c:49:
e2:e5:20:25:a5:b7:1e:ce:0f:6c:f2:4c:f2:6a:e9:
47:fe:7f:ec:f9:a2:ed:47:78:f7:00:a6:e1:8d:16:
4a:96:e8:71:22:b0:86:35:de:2f:b8:c6:f3:22:de:
8a:1c:b3:19:f0:82:e7:e2:02:83:0c:12:de:40:5f:
99:93:ee:a9:31:4e:15:d2:75:a6:e7:8f:3a:ea:0b:
c7:fa:b4:f5:1a:fe:48:fd:d4:d3:03:e6:41:d4:bb:
80:c6:51:47:8c:c0:45:64:a6:84:c3:fa:4d:de:d9:
fb:6d:54:3a:f7:8b:5f:4e:6f:7b:d9:cf:d7:da:d8:
c6:99:70:13:21:4d:a8:28:a2:b6:ef:80:18:a1:66:
ca:2a:d3:a0:3b:86:43:70:75:b1:0c:1a:ec:96:a7:
d6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C8:A0:13:4A:20:57:86:4B:3E:F8:44:1A:B8:73:7E:5E:FC:5F:2C
X509v3 Authority Key Identifier:
keyid:66:AF:1C:22:4D:B2:9A:51:04:A6:1A:AC:32:F6:09:56:02:5F:AD:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zq8cIk2ymlEEphqsMvYJVgJfrUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b28a1d-f471-4eb7-a8de-c0c74809439e/1/KMigE0ogV4ZLPvhEGrhzfl78Xyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b28a1d-f471-4eb7-a8de-c0c74809439e/1/Zq8cIk2ymlEEphqsMvYJVgJfrUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.177.208.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:ec:66:af:ee:1c:ff:f9:c7:50:f3:04:d7:5c:9d:da:43:3c:
f6:7b:05:04:58:56:2b:28:e1:06:c7:e8:45:5d:41:51:f9:29:
1b:f3:68:07:9f:ad:c3:d3:43:0f:2d:01:8f:76:fd:0a:db:b8:
71:3b:59:15:a3:99:e6:f4:e9:b7:1d:31:8a:4a:6c:e6:d2:3a:
cf:a2:9e:d8:bd:79:bb:8f:1b:6c:47:a8:f5:af:cf:c4:d5:0d:
8b:36:b6:2a:9c:c3:ed:9e:f2:fc:f4:6d:ec:ab:cb:56:5a:bf:
18:ca:16:49:65:fa:20:b8:a3:1f:bf:2e:6c:47:18:e3:fb:f3:
06:5e:dc:5a:8e:65:d5:aa:93:f5:76:d0:4d:48:84:05:07:7c:
33:bf:48:01:2f:33:90:13:97:80:cb:a9:62:72:58:12:f8:ef:
42:3a:f6:ae:50:8f:85:0c:5a:bd:29:b5:84:64:ab:25:4c:7d:
c2:b8:0b:a1:4f:a5:fc:eb:5b:21:a6:46:eb:aa:63:fe:bc:9d:
1f:4e:37:a2:e3:7d:e5:f7:fe:ec:ef:3e:3d:98:70:f3:53:89:
35:74:29:bd:2e:db:ee:92:5d:e2:a6:4c:51:e5:5e:86:4c:f3:
63:1d:6f:f2:a2:e6:a4:d8:c7:db:cd:cf:77:1e:86:bd:80:11:
db:b8:e2:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1knKfNHfboxEAdYxgQHtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2YWYxYzIyNGRiMjlhNTEwNGE2MWFhYzMyZjYwOTU2MDI1
ZmFkNDMwHhcNMjUwMTAxMDc0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGM4YTAxMzRhMjA1Nzg2NGIzZWY4NDQxYWI4NzM3ZTVlZmM1ZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxNC+CS6P6mFezGtWhCh7HCVAKXK
eXfPDXvTT9+cCtmkmiVObiL7RiVwFfdipS/acrq+dZ5yoLPk/eSIlit39mVmYTU7
X9G82uv8de/LMWvA3uQQLnDxkZRRC21ktZOi4dVqibE0DEni5SAlpbcezg9s8kzy
aulH/n/s+aLtR3j3AKbhjRZKluhxIrCGNd4vuMbzIt6KHLMZ8ILn4gKDDBLeQF+Z
k+6pMU4V0nWm54866gvH+rT1Gv5I/dTTA+ZB1LuAxlFHjMBFZKaEw/pN3tn7bVQ6
94tfTm972c/X2tjGmXATIU2oKKK274AYoWbKKtOgO4ZDcHWxDBrslqfWNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCjIoBNKIFeGSz74RBq4c35e/F8sMB8GA1UdIwQY
MBaAFGavHCJNsppRBKYarDL2CVYCX61DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnE4Y0lrMnltbEVFcGhxc012WUpWZ0pmclVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9iMjhhMWQtZjQ3MS00ZWI3LWE4ZGUt
YzBjNzQ4MDk0MzllLzEvS01pZ0Uwb2dWNFpMUHZoRUdyaHpmbDc4WHl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9iMjhhMWQtZjQ3MS00ZWI3LWE4ZGUtYzBjNzQ4MDk0Mzll
LzEvWnE4Y0lrMnltbEVFcGhxc012WUpWZ0pmclVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUbHQMA0G
CSqGSIb3DQEBCwUAA4IBAQBr7Gav7hz/+cdQ8wTXXJ3aQzz2ewUEWFYrKOEGx+hF
XUFR+Skb82gHn63D00MPLQGPdv0K27hxO1kVo5nm9Om3HTGKSmzm0jrPop7YvXm7
jxtsR6j1r8/E1Q2LNrYqnMPtnvL89G3sq8tWWr8YyhZJZfoguKMfvy5sRxjj+/MG
XtxajmXVqpP1dtBNSIQFB3wzv0gBLzOQE5eAy6liclgS+O9COvauUI+FDFq9KbWE
ZKslTH3CuAuhT6X861shpkbrqmP+vJ0fTjei433l9/7s7z49mHDzU4k1dCm9Ltvu
kl3ipkxR5V6GTPNjHW/youak2Mfbzc93Hoa9gBHbuOJf
-----END CERTIFICATE-----
Generated at Thu May 15 14:32:56 2025 by rpki-client