Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/L7HdRb_NXx-ayto9e1EDSDSvurk.roa
File: L7HdRb_NXx-ayto9e1EDSDSvurk.roa (raw, json)
Hash identifier: iPkvAsjW5mMalERxxGh7kowUHkxsHQ9pBkgThXPTzIQ=
Subject key identifier: 2F:B1:DD:45:BF:CD:5F:1F:9A:CA:DA:3D:7B:51:03:48:34:AF:BA:B9
Certificate issuer: /CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Certificate serial: 01958A918E851B86A6B04AD452D71BE3C53D
Authority key identifier: 58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/L7HdRb_NXx-ayto9e1EDSDSvurk.roa
Signing time: Wed 12 Mar 2025 13:35:49 +0000
ROA not before: Wed 12 Mar 2025 13:35:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39040
IP address blocks: 77.95.120.0/24 maxlen: 24
77.95.120.0/26 maxlen: 26
77.95.120.64/26 maxlen: 26
77.95.120.128/27 maxlen: 27
77.95.120.160/27 maxlen: 27
77.95.120.192/26 maxlen: 26
194.187.88.0/22 maxlen: 24
194.187.89.0/24 maxlen: 24
194.187.90.0/23 maxlen: 23
2a02:388::/32 maxlen: 32
2a02:388:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 12 Mar 2025 15:06:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8a:91:8e:85:1b:86:a6:b0:4a:d4:52:d7:1b:e3:c5:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Validity
Not Before: Mar 12 13:35:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2fb1dd45bfcd5f1f9acada3d7b51034834afbab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ef:52:91:56:1b:17:cd:53:d6:61:7f:0b:ab:
62:30:9f:fe:24:a4:05:e4:5e:9e:8f:22:8d:1b:b7:
90:08:9d:b9:0f:26:48:e2:f9:d0:79:0d:54:1f:3b:
14:e1:cc:6a:55:f0:32:d9:f4:a2:51:56:4f:50:e8:
cf:4f:b2:62:94:e5:2e:15:3e:e4:5c:94:2b:88:5e:
46:74:c3:8a:1c:a9:c9:af:04:58:d6:75:9f:50:de:
b8:7d:ec:af:a0:3f:9e:c2:cd:60:6a:30:aa:73:46:
e1:c9:39:3c:b7:c4:e1:60:cf:05:9c:b9:81:a3:50:
61:20:d7:df:2b:83:f8:72:9a:b9:4d:b5:42:e9:ef:
00:ca:c2:f8:c7:1c:0f:40:5c:74:67:34:ef:02:5b:
df:89:38:45:d0:9f:b8:81:09:86:65:6b:90:c8:45:
1f:01:9a:8a:37:8b:92:11:5e:cd:51:57:88:a3:ca:
87:db:99:bd:55:7b:d3:3b:3b:0c:c7:e0:3f:03:f4:
8c:ee:96:98:32:7b:a5:94:32:5c:e6:87:06:e7:32:
e7:c0:ff:27:b6:97:9e:2e:30:c4:de:b6:a2:b4:9e:
c0:4c:23:53:eb:11:dd:dc:55:c5:e9:0f:7d:c6:65:
c5:a5:89:a1:d3:c0:1d:54:9a:ba:60:96:8a:83:5c:
78:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:B1:DD:45:BF:CD:5F:1F:9A:CA:DA:3D:7B:51:03:48:34:AF:BA:B9
X509v3 Authority Key Identifier:
keyid:58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/L7HdRb_NXx-ayto9e1EDSDSvurk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/WAFcyNofG780PiarII34uyb9U64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.120.0/24
194.187.88.0/22
IPv6:
2a02:388::/32
Signature Algorithm: sha256WithRSAEncryption
29:8a:ba:13:32:7b:28:ce:b3:5a:81:61:46:b3:45:c7:61:33:
18:6f:21:b1:98:0f:b4:1c:53:38:77:15:23:f1:17:43:14:8d:
17:0e:0f:86:13:cd:42:20:67:b8:6d:8b:d2:dc:ea:98:1e:33:
21:1c:38:3e:b0:98:e4:33:e2:09:c7:f3:33:c6:f5:45:3b:b5:
29:b0:b3:00:e9:8d:10:b1:5c:8f:28:b9:0e:51:1e:fc:ba:1f:
e0:d0:f1:f4:df:84:8d:27:01:ed:3d:d7:bf:a2:7f:66:38:23:
bd:de:e9:55:05:07:a1:fb:18:c3:e2:42:4b:53:1b:66:ed:76:
b3:cb:22:79:9b:a9:47:d2:4e:36:91:b2:74:27:fa:78:66:73:
de:de:ce:e3:31:00:d0:49:6d:98:fa:3b:88:66:2a:bf:7b:d2:
70:a3:1e:7c:2e:6f:f4:1b:57:d4:48:07:2b:32:51:5e:77:b1:
64:c3:f7:1a:46:4e:07:88:b7:73:4d:39:12:2b:5a:ef:f4:38:
50:b9:67:10:4a:16:f5:9a:c0:82:9c:b7:2d:2f:02:9e:73:a7:
fa:35:a1:75:4b:40:24:14:f9:84:4a:15:d1:2f:d3:37:9a:18:
ea:99:dd:63:41:4a:ae:ad:ae:90:32:02:b7:bd:2e:7d:45:19:
dd:f5:e6:e3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZWKkY6FG4amsErUUtcb48U9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDE1Y2M4ZGExZjFiYmYzNDNlMjZhYjIwOGRmOGJiMjZm
ZDUzYWUwHhcNMjUwMzEyMTMzNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmIxZGQ0NWJmY2Q1ZjFmOWFjYWRhM2Q3YjUxMDM0ODM0YWZiYWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtu9SkVYbF81T1mF/C6tiMJ/+JKQF
5F6ejyKNG7eQCJ25DyZI4vnQeQ1UHzsU4cxqVfAy2fSiUVZPUOjPT7JilOUuFT7k
XJQriF5GdMOKHKnJrwRY1nWfUN64feyvoD+ews1gajCqc0bhyTk8t8ThYM8FnLmB
o1BhINffK4P4cpq5TbVC6e8AysL4xxwPQFx0ZzTvAlvfiThF0J+4gQmGZWuQyEUf
AZqKN4uSEV7NUVeIo8qH25m9VXvTOzsMx+A/A/SM7paYMnullDJc5ocG5zLnwP8n
tpeeLjDE3raitJ7ATCNT6xHd3FXF6Q99xmXFpYmh08AdVJq6YJaKg1x4ZQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC+x3UW/zV8fmsraPXtRA0g0r7q5MB8GA1UdIwQY
MBaAFFgBXMjaHxu/ND4mqyCN+Lsm/VOuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYt
OGVlMjFiNzRkZDU2LzEvTDdIZFJiX05YeC1heXRvOWUxRURTRFN2dXJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYtOGVlMjFiNzRkZDU2
LzEvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQATV94AwQC
wrtYMA0EAgACMAcDBQAqAgOIMA0GCSqGSIb3DQEBCwUAA4IBAQApiroTMnsozrNa
gWFGs0XHYTMYbyGxmA+0HFM4dxUj8RdDFI0XDg+GE81CIGe4bYvS3OqYHjMhHDg+
sJjkM+IJx/MzxvVFO7UpsLMA6Y0QsVyPKLkOUR78uh/g0PH034SNJwHtPde/on9m
OCO93ulVBQeh+xjD4kJLUxtm7XazyyJ5m6lH0k42kbJ0J/p4ZnPe3s7jMQDQSW2Y
+juIZiq/e9Jwox58Lm/0G1fUSAcrMlFed7Fkw/caRk4HiLdzTTkSK1rv9DhQuWcQ
Shb1msCCnLctLwKec6f6NaF1S0AkFPmEShXRL9M3mhjqmd1jQUqura6QMgK3vS59
RRnd9ebj
-----END CERTIFICATE-----
Generated at Sat May 10 08:19:36 2025 by rpki-client