Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/b28a1d-f471-4eb7-a8de-c0c74809439e/1/Wz24CPXAmIsEdf_T0cKFfBr3hzM.roa
File: Wz24CPXAmIsEdf_T0cKFfBr3hzM.roa (raw, json)
Hash identifier: FNK5NNSigxja3R7dPpYNoFe+rs7lzWeOHF+eBF/L8ro=
Subject key identifier: 5B:3D:B8:08:F5:C0:98:8B:04:75:FF:D3:D1:C2:85:7C:1A:F7:87:33
Certificate issuer: /CN=66af1c224db29a5104a61aac32f60956025fad43
Certificate serial: 01945FAA1C33ACB2DE31F6BF2D9AB492CFF4
Authority key identifier: 66:AF:1C:22:4D:B2:9A:51:04:A6:1A:AC:32:F6:09:56:02:5F:AD:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zq8cIk2ymlEEphqsMvYJVgJfrUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/b28a1d-f471-4eb7-a8de-c0c74809439e/1/Wz24CPXAmIsEdf_T0cKFfBr3hzM.roa
Signing time: Mon 13 Jan 2025 12:36:11 +0000
ROA not before: Mon 13 Jan 2025 12:36:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215037
IP address blocks: 81.177.208.0/22 maxlen: 22
81.177.208.0/24 maxlen: 24
81.177.210.0/24 maxlen: 24
81.177.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 12:42:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5f:aa:1c:33:ac:b2:de:31:f6:bf:2d:9a:b4:92:cf:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66af1c224db29a5104a61aac32f60956025fad43
Validity
Not Before: Jan 13 12:36:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b3db808f5c0988b0475ffd3d1c2857c1af78733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a9:7d:08:8c:fc:1e:de:25:f1:d8:17:ab:59:
54:05:f0:7c:76:59:f9:f2:18:ff:14:c2:52:a5:48:
3f:48:9f:d8:a5:3c:36:1f:ec:2b:03:4f:d0:58:52:
ac:e9:c5:d0:6c:40:1e:46:d7:fa:4a:06:8e:90:d0:
b0:5a:c5:7d:6b:a5:4b:db:b1:b3:ed:22:5f:7e:f4:
8a:c4:a7:0c:2b:7d:b4:c8:fb:bb:b0:3c:b8:9f:cd:
1b:f8:5c:94:14:2f:bb:74:e1:b0:4c:75:5c:9d:57:
58:0c:40:22:97:0b:c4:a8:5c:10:fd:50:7e:79:2f:
8b:18:56:3f:2a:ea:9a:95:31:65:52:29:2e:8d:e1:
b5:4c:dd:5d:fd:87:e9:51:90:99:a4:f7:0c:6a:f9:
b6:c5:db:c7:6c:06:5f:8e:aa:b8:75:96:63:48:b1:
f6:4f:32:88:66:7e:57:5f:41:11:97:d6:97:85:d4:
f4:36:e8:80:0a:7d:f2:13:fe:bf:0b:36:c3:8c:6f:
4d:d1:c5:8c:20:24:81:fb:41:57:ce:ba:2f:a3:33:
ad:19:5f:64:e6:1c:6e:97:2a:d0:58:fe:2c:96:4d:
6e:9a:33:27:72:f4:22:80:e0:ef:1f:35:12:5e:7e:
c5:80:1b:9a:ca:03:17:33:43:b5:6c:f9:47:49:7d:
16:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:3D:B8:08:F5:C0:98:8B:04:75:FF:D3:D1:C2:85:7C:1A:F7:87:33
X509v3 Authority Key Identifier:
keyid:66:AF:1C:22:4D:B2:9A:51:04:A6:1A:AC:32:F6:09:56:02:5F:AD:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zq8cIk2ymlEEphqsMvYJVgJfrUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b28a1d-f471-4eb7-a8de-c0c74809439e/1/Wz24CPXAmIsEdf_T0cKFfBr3hzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b28a1d-f471-4eb7-a8de-c0c74809439e/1/Zq8cIk2ymlEEphqsMvYJVgJfrUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.177.208.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:39:dc:4d:98:d2:82:01:96:a8:26:7d:1b:5a:5f:3d:39:c0:
a7:26:7c:5c:2e:3e:c3:fd:57:15:95:28:c1:8c:05:3c:c8:47:
b1:82:25:92:8b:3b:9f:ed:02:60:a7:bc:ed:b1:25:5b:60:3e:
10:ba:fa:ac:f2:dc:9d:e5:c1:50:7b:f4:c5:0e:b2:05:f9:8c:
d6:e0:34:c1:75:f9:d3:63:f8:d3:97:74:24:92:33:c1:41:e3:
04:17:fd:ad:3b:7c:af:d7:97:f5:64:b1:d2:b0:e5:89:cc:96:
60:5b:b8:18:9d:be:1a:94:01:9d:00:29:c0:14:f0:ec:e4:d7:
e3:68:fc:ae:49:a5:92:7b:80:e7:4a:83:74:85:83:35:e3:7a:
39:dd:df:ca:b4:2b:b9:6c:bf:e8:01:1d:7b:fc:e5:3a:85:7c:
2f:c1:af:82:e4:6d:c6:24:d4:dc:5b:12:2f:29:a6:9e:08:de:
8a:c1:0a:e9:31:00:4c:b1:ac:7a:91:2c:38:87:f6:0f:19:b3:
73:3e:0e:7b:16:05:c2:0f:ac:67:71:73:27:91:95:91:9f:51:
aa:b3:e7:f0:18:93:86:54:45:f7:7f:bc:58:a2:57:a1:22:4c:
d9:49:6f:29:de:92:3c:44:51:97:72:f3:3d:a5:aa:d3:97:7f:
26:eb:b5:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRfqhwzrLLeMfa/LZq0ks/0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2YWYxYzIyNGRiMjlhNTEwNGE2MWFhYzMyZjYwOTU2MDI1
ZmFkNDMwHhcNMjUwMTEzMTIzNjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjNkYjgwOGY1YzA5ODhiMDQ3NWZmZDNkMWMyODU3YzFhZjc4NzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKl9CIz8Ht4l8dgXq1lUBfB8dln5
8hj/FMJSpUg/SJ/YpTw2H+wrA0/QWFKs6cXQbEAeRtf6SgaOkNCwWsV9a6VL27Gz
7SJffvSKxKcMK320yPu7sDy4n80b+FyUFC+7dOGwTHVcnVdYDEAilwvEqFwQ/VB+
eS+LGFY/KuqalTFlUikujeG1TN1d/YfpUZCZpPcMavm2xdvHbAZfjqq4dZZjSLH2
TzKIZn5XX0ERl9aXhdT0NuiACn3yE/6/CzbDjG9N0cWMICSB+0FXzrovozOtGV9k
5hxulyrQWP4slk1umjMncvQigODvHzUSXn7FgBuaygMXM0O1bPlHSX0W+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFs9uAj1wJiLBHX/09HChXwa94czMB8GA1UdIwQY
MBaAFGavHCJNsppRBKYarDL2CVYCX61DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnE4Y0lrMnltbEVFcGhxc012WUpWZ0pmclVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9iMjhhMWQtZjQ3MS00ZWI3LWE4ZGUt
YzBjNzQ4MDk0MzllLzEvV3oyNENQWEFtSXNFZGZfVDBjS0ZmQnIzaHpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9iMjhhMWQtZjQ3MS00ZWI3LWE4ZGUtYzBjNzQ4MDk0Mzll
LzEvWnE4Y0lrMnltbEVFcGhxc012WUpWZ0pmclVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUbHQMA0G
CSqGSIb3DQEBCwUAA4IBAQArOdxNmNKCAZaoJn0bWl89OcCnJnxcLj7D/VcVlSjB
jAU8yEexgiWSizuf7QJgp7ztsSVbYD4Quvqs8tyd5cFQe/TFDrIF+YzW4DTBdfnT
Y/jTl3QkkjPBQeMEF/2tO3yv15f1ZLHSsOWJzJZgW7gYnb4alAGdACnAFPDs5Nfj
aPyuSaWSe4DnSoN0hYM143o53d/KtCu5bL/oAR17/OU6hXwvwa+C5G3GJNTcWxIv
KaaeCN6KwQrpMQBMsax6kSw4h/YPGbNzPg57FgXCD6xncXMnkZWRn1Gqs+fwGJOG
VEX3f7xYolehIkzZSW8p3pI8RFGXcvM9parTl38m67VS
-----END CERTIFICATE-----
Generated at Thu May 15 13:42:43 2025 by rpki-client