Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/f819cc-b294-460e-8be4-86e24260516f/1/ILlOXVm5ixN6Z-dUZMeLv1nnLhY.roa
File: ILlOXVm5ixN6Z-dUZMeLv1nnLhY.roa (raw, json)
Hash identifier: 5AHlSbeZ/C+KX1Njmo6jxX/HytW4nDEc2vewmLu65e0=
Subject key identifier: 20:B9:4E:5D:59:B9:8B:13:7A:67:E7:54:64:C7:8B:BF:59:E7:2E:16
Certificate issuer: /CN=cea79dcd5a3dee450eaf3f93152ed6da806bbf71
Certificate serial: 01963E905C8A5FBC1888A7D9768499206D33
Authority key identifier: CE:A7:9D:CD:5A:3D:EE:45:0E:AF:3F:93:15:2E:D6:DA:80:6B:BF:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zqedzVo97kUOrz-TFS7W2oBrv3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/f819cc-b294-460e-8be4-86e24260516f/1/ILlOXVm5ixN6Z-dUZMeLv1nnLhY.roa
Signing time: Wed 16 Apr 2025 12:26:10 +0000
ROA not before: Wed 16 Apr 2025 12:26:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31445
IP address blocks: 77.88.224.0/20 maxlen: 24
185.112.40.0/22 maxlen: 24
195.128.226.0/23 maxlen: 24
195.177.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Apr 2025 08:23:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3e:90:5c:8a:5f:bc:18:88:a7:d9:76:84:99:20:6d:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cea79dcd5a3dee450eaf3f93152ed6da806bbf71
Validity
Not Before: Apr 16 12:26:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20b94e5d59b98b137a67e75464c78bbf59e72e16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5f:79:ce:22:53:51:31:7e:f0:77:04:3d:af:
1a:c9:0e:55:04:3f:f0:8d:a3:79:06:9f:e8:f2:cf:
55:4d:5e:8e:29:31:90:64:2b:52:81:7b:4e:ec:67:
e6:79:e3:0f:08:93:43:b9:e7:34:d9:cd:5c:c2:d9:
98:eb:c5:66:29:d0:5b:3b:3d:ae:ee:fe:a8:a2:31:
ba:22:d1:70:08:9a:58:31:cb:f2:ef:f1:49:fe:e0:
a1:9b:14:a5:88:fd:54:5f:9a:96:04:64:4b:1e:17:
d1:7e:11:03:07:c5:91:df:1c:28:f5:7d:bf:ff:76:
8f:86:a8:62:be:29:c1:27:b7:6e:c4:54:7f:65:fb:
43:11:2e:5d:be:0d:97:9c:86:94:ca:af:2f:11:87:
72:8d:a6:2d:af:01:6b:56:92:62:88:fa:61:9c:08:
e5:1e:d2:a1:f0:b8:a7:c0:d3:ed:6d:8d:46:d5:d9:
8b:2e:69:e3:c0:d3:f2:a5:3b:24:0c:cb:1a:eb:3a:
06:d3:9a:bc:ba:fd:ed:26:33:52:96:69:44:6e:6b:
fe:4f:e1:cf:55:62:98:63:bb:0e:10:22:96:2e:5a:
5c:63:8c:8d:c9:a7:03:56:28:00:4a:29:eb:ce:1f:
b0:89:51:08:d5:d0:20:32:99:ab:fa:32:be:ff:dc:
68:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:B9:4E:5D:59:B9:8B:13:7A:67:E7:54:64:C7:8B:BF:59:E7:2E:16
X509v3 Authority Key Identifier:
keyid:CE:A7:9D:CD:5A:3D:EE:45:0E:AF:3F:93:15:2E:D6:DA:80:6B:BF:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zqedzVo97kUOrz-TFS7W2oBrv3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f819cc-b294-460e-8be4-86e24260516f/1/ILlOXVm5ixN6Z-dUZMeLv1nnLhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f819cc-b294-460e-8be4-86e24260516f/1/zqedzVo97kUOrz-TFS7W2oBrv3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.88.224.0/20
185.112.40.0/22
195.128.226.0/23
195.177.70.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:58:7f:a3:c5:cb:bb:d4:01:fe:a5:2e:a5:54:42:39:c3:32:
0a:7f:58:75:5f:c7:3f:ad:25:8b:a9:71:cb:4e:c6:43:32:32:
1c:db:80:f5:fa:c8:01:32:32:c8:98:e9:2a:ea:5c:06:66:e0:
39:e8:52:fa:1d:08:7d:e9:a2:66:93:a2:ea:3a:a3:fe:8c:67:
a2:fa:6e:74:18:f6:4c:c9:4c:0a:6b:92:51:4a:44:3b:5e:5b:
5d:cd:61:32:46:36:22:2d:42:fd:15:73:9c:8e:e8:a8:06:8f:
e4:3f:4c:48:eb:c7:06:54:4c:3c:69:00:d9:07:e6:05:d3:e5:
62:69:31:9e:70:d9:0f:5e:eb:3a:07:b7:96:1d:67:73:0f:d8:
e6:c5:b8:ba:ec:30:45:0e:23:53:26:3d:0e:be:a9:4e:e1:40:
9b:05:9e:2e:b3:74:2f:20:8e:56:61:1d:4a:ab:95:ef:fc:54:
67:99:0f:59:e6:7e:f6:68:75:86:82:39:b8:5a:4a:f3:c0:59:
1a:e9:eb:88:3c:ea:42:7c:08:b1:e4:b2:fb:ba:2e:96:45:fb:
fd:1d:5f:98:77:8b:ed:e9:ca:e4:76:46:ef:5f:0b:9f:c0:08:
8e:e3:7d:2c:6b:1f:d7:03:08:9c:73:ce:16:ed:3e:30:d0:f1:
1c:0e:f0:db
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZY+kFyKX7wYiKfZdoSZIG0zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYTc5ZGNkNWEzZGVlNDUwZWFmM2Y5MzE1MmVkNmRhODA2
YmJmNzEwHhcNMjUwNDE2MTIyNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGI5NGU1ZDU5Yjk4YjEzN2E2N2U3NTQ2NGM3OGJiZjU5ZTcyZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwF95ziJTUTF+8HcEPa8ayQ5VBD/w
jaN5Bp/o8s9VTV6OKTGQZCtSgXtO7GfmeeMPCJNDuec02c1cwtmY68VmKdBbOz2u
7v6oojG6ItFwCJpYMcvy7/FJ/uChmxSliP1UX5qWBGRLHhfRfhEDB8WR3xwo9X2/
/3aPhqhivinBJ7duxFR/ZftDES5dvg2XnIaUyq8vEYdyjaYtrwFrVpJiiPphnAjl
HtKh8LinwNPtbY1G1dmLLmnjwNPypTskDMsa6zoG05q8uv3tJjNSlmlEbmv+T+HP
VWKYY7sOECKWLlpcY4yNyacDVigASinrzh+wiVEI1dAgMpmr+jK+/9xoUQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCC5Tl1ZuYsTemfnVGTHi79Z5y4WMB8GA1UdIwQY
MBaAFM6nnc1aPe5FDq8/kxUu1tqAa79xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenFlZHpWbzk3a1VPcnotVEZTN1cyb0JydjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9mODE5Y2MtYjI5NC00NjBlLThiZTQt
ODZlMjQyNjA1MTZmLzEvSUxsT1hWbTVpeE42Wi1kVVpNZUx2MW5uTGhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9mODE5Y2MtYjI5NC00NjBlLThiZTQtODZlMjQyNjA1MTZm
LzEvenFlZHpWbzk3a1VPcnotVEZTN1cyb0JydjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQETVjgAwQC
uXAoAwQBw4DiAwQAw7FGMA0GCSqGSIb3DQEBCwUAA4IBAQBNWH+jxcu71AH+pS6l
VEI5wzIKf1h1X8c/rSWLqXHLTsZDMjIc24D1+sgBMjLImOkq6lwGZuA56FL6HQh9
6aJmk6LqOqP+jGei+m50GPZMyUwKa5JRSkQ7XltdzWEyRjYiLUL9FXOcjuioBo/k
P0xI68cGVEw8aQDZB+YF0+ViaTGecNkPXus6B7eWHWdzD9jmxbi67DBFDiNTJj0O
vqlO4UCbBZ4us3QvII5WYR1Kq5Xv/FRnmQ9Z5n72aHWGgjm4WkrzwFka6euIPOpC
fAix5LL7ui6WRfv9HV+Yd4vt6crkdkbvXwufwAiO430sax/XAwicc84W7T4w0PEc
DvDb
-----END CERTIFICATE-----
Generated at Sat May 10 03:49:54 2025 by rpki-client