Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/bx74Gb_0doRQTiNzJfGv-Ye3gq0.roa
File: bx74Gb_0doRQTiNzJfGv-Ye3gq0.roa (raw, json)
Hash identifier: hXpyPuI3tHQ+ZQpOfp/MBJscdJXiwUbvX7oz5IVm2zg=
Subject key identifier: 6F:1E:F8:19:BF:F4:76:84:50:4E:23:73:25:F1:AF:F9:87:B7:82:AD
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0194222020280107D38571AFC98ABC1866CE
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/bx74Gb_0doRQTiNzJfGv-Ye3gq0.roa
Signing time: Wed 01 Jan 2025 13:48:38 +0000
ROA not before: Wed 01 Jan 2025 13:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215287
IP address blocks: 77.111.96.0/24 maxlen: 24
77.111.97.0/24 maxlen: 24
77.111.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Jan 2025 18:05:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:20:28:01:07:d3:85:71:af:c9:8a:bc:18:66:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jan 1 13:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f1ef819bff47684504e237325f1aff987b782ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:55:8a:82:13:24:5d:91:de:f7:49:11:7d:e8:
da:3f:69:1e:7d:83:c9:b2:09:ce:7d:91:bb:04:95:
6d:d0:fb:60:72:a3:87:4e:ad:1f:e6:79:f5:43:e5:
44:bc:d0:2d:5c:5c:da:9c:5d:fb:98:9c:55:9a:5e:
d4:cc:c7:0e:1e:8b:c1:de:c0:3a:82:99:97:e4:3b:
34:df:ab:5b:41:b4:40:cb:b9:f7:a8:1e:1c:a6:a7:
7f:a4:a5:d4:0a:0f:e0:86:a2:02:e3:87:d3:6a:52:
35:63:76:5a:27:f1:5c:4c:9c:01:5c:74:91:86:bb:
52:2e:82:3c:c1:e9:ad:92:67:ca:55:ef:58:ca:34:
e4:63:d1:c3:79:a8:dc:bc:a7:e5:c9:5b:00:fa:7d:
27:3f:c4:33:4a:11:19:9d:a4:3d:40:c0:53:38:14:
ce:63:71:e5:9e:71:ba:d9:bf:b7:bd:e7:62:bc:79:
e6:79:4f:df:12:8b:cb:65:50:00:3f:fe:24:a8:37:
37:b5:43:7c:de:ac:28:14:17:5d:4c:5d:73:81:73:
97:96:7c:97:bf:ec:d1:25:1e:f5:b6:e2:5d:38:c3:
32:cb:88:2b:4d:a0:4a:95:71:30:eb:ce:0c:36:bc:
42:b8:be:3f:67:1e:a7:fc:e5:51:81:5e:7a:19:e7:
b4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:1E:F8:19:BF:F4:76:84:50:4E:23:73:25:F1:AF:F9:87:B7:82:AD
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/bx74Gb_0doRQTiNzJfGv-Ye3gq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.96.0/23
77.111.107.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:f8:57:d0:79:0a:4b:36:51:aa:63:bd:b1:12:15:20:3c:94:
ab:bb:f6:da:30:5d:54:be:fe:5e:13:27:21:9d:46:24:63:a9:
96:c3:98:74:3d:44:3b:c3:35:3e:1f:d4:d4:b1:26:25:e5:3e:
6e:6d:81:07:60:26:e9:8d:cf:95:47:49:2a:3c:44:c5:65:0d:
66:77:ed:e5:b0:0f:ad:79:cd:34:2a:1f:39:f2:e7:5e:8b:cd:
de:6e:8d:87:7d:d6:b3:c3:3b:30:7d:a1:ab:f5:02:bf:8f:9a:
0c:52:0c:b9:77:48:d5:f1:ed:98:ab:90:5d:09:1d:ee:1e:20:
47:fa:33:4b:b6:30:20:09:8d:34:26:fc:00:89:50:6c:02:40:
c5:3b:64:63:6c:c1:3d:d8:07:eb:61:74:b6:f6:ec:9c:2e:00:
09:a8:ff:17:99:3b:b8:82:9f:2f:51:46:5c:e6:e2:03:6e:8b:
bd:de:85:6d:dd:73:77:da:64:74:e0:b4:33:e4:93:a9:1e:f3:
ec:5c:da:b5:c4:e4:37:46:d1:56:62:74:8b:4c:4f:12:1d:53:
bf:e4:a5:58:aa:68:59:e3:5a:38:c4:07:f3:9d:62:3f:35:62:
93:2c:b2:64:ec:c7:b6:a0:47:e4:90:75:fb:f5:86:e5:7a:56:
6d:fe:60:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiICAoAQfThXGvyYq8GGbOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwMTAxMTM0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjFlZjgxOWJmZjQ3Njg0NTA0ZTIzNzMyNWYxYWZmOTg3Yjc4MmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslWKghMkXZHe90kRfejaP2kefYPJ
sgnOfZG7BJVt0PtgcqOHTq0f5nn1Q+VEvNAtXFzanF37mJxVml7UzMcOHovB3sA6
gpmX5Ds036tbQbRAy7n3qB4cpqd/pKXUCg/ghqIC44fTalI1Y3ZaJ/FcTJwBXHSR
hrtSLoI8wemtkmfKVe9YyjTkY9HDeajcvKflyVsA+n0nP8QzShEZnaQ9QMBTOBTO
Y3HlnnG62b+3vedivHnmeU/fEovLZVAAP/4kqDc3tUN83qwoFBddTF1zgXOXlnyX
v+zRJR71tuJdOMMyy4grTaBKlXEw684MNrxCuL4/Zx6n/OVRgV56Gee0mwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG8e+Bm/9HaEUE4jcyXxr/mHt4KtMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvYng3NEdiXzBkb1JRVGlOekpmR3YtWWUzZ3EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBTW9gAwQA
TW9rMA0GCSqGSIb3DQEBCwUAA4IBAQC1+FfQeQpLNlGqY72xEhUgPJSru/baMF1U
vv5eEychnUYkY6mWw5h0PUQ7wzU+H9TUsSYl5T5ubYEHYCbpjc+VR0kqPETFZQ1m
d+3lsA+tec00Kh858udei83ebo2HfdazwzswfaGr9QK/j5oMUgy5d0jV8e2Yq5Bd
CR3uHiBH+jNLtjAgCY00JvwAiVBsAkDFO2RjbME92AfrYXS29uycLgAJqP8XmTu4
gp8vUUZc5uIDbou93oVt3XN32mR04LQz5JOpHvPsXNq1xOQ3RtFWYnSLTE8SHVO/
5KVYqmhZ41o4xAfznWI/NWKTLLJk7Me2oEfkkHX79YblelZt/mDA
-----END CERTIFICATE-----
Generated at Wed May 14 18:23:22 2025 by rpki-client