Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/1qSbEZCMo_8-imxIenskRThMYpg.roa
File: 1qSbEZCMo_8-imxIenskRThMYpg.roa (raw, json)
Hash identifier: hGB3U9kxWudoPImZy6x3ac1FQTyT/ePz+kg3O2YjDWM=
Subject key identifier: D6:A4:9B:11:90:8C:A3:FF:3E:8A:6C:48:7A:7B:24:45:38:4C:62:98
Certificate issuer: /CN=d6aa3fbc78e31229157c78b6d23a65eb2e353dce
Certificate serial: 01980164A1773A84BBCA1DE432BFFF1D4D52
Authority key identifier: D6:AA:3F:BC:78:E3:12:29:15:7C:78:B6:D2:3A:65:EB:2E:35:3D:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1qo_vHjjEikVfHi20jpl6y41Pc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/1qSbEZCMo_8-imxIenskRThMYpg.roa
Signing time: Sun 13 Jul 2025 01:27:08 +0000
ROA not before: Sun 13 Jul 2025 01:27:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 78.108.59.0/24 maxlen: 24
78.108.60.0/23 maxlen: 23
78.108.62.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 14 Jul 2025 10:20:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:01:64:a1:77:3a:84:bb:ca:1d:e4:32:bf:ff:1d:4d:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6aa3fbc78e31229157c78b6d23a65eb2e353dce
Validity
Not Before: Jul 13 01:27:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6a49b11908ca3ff3e8a6c487a7b2445384c6298
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b5:92:f9:26:53:70:52:5c:3c:e7:24:ce:5e:
d1:80:85:a7:dd:8f:26:ba:6e:0c:66:a5:14:38:6e:
86:3d:e2:a1:60:c3:1e:29:8f:d1:16:ed:78:2f:39:
a2:29:81:b6:dd:0a:ba:45:08:c5:b3:11:8a:b6:fc:
64:63:5a:30:d0:72:4e:0e:83:20:7b:9e:40:46:a2:
9e:f8:c8:ab:94:43:5c:d5:fa:f3:60:52:34:78:c9:
b5:50:5c:1f:61:f9:ee:a0:7c:7f:02:5b:9f:78:0c:
b2:77:29:53:38:ee:3b:b3:3f:96:17:15:7e:7f:66:
9f:b8:2a:c4:f9:53:52:3d:e5:eb:28:9c:ed:3f:ff:
60:fb:6e:da:9e:71:ec:1d:87:db:11:bb:ab:d1:86:
94:eb:91:3b:03:de:ff:5f:72:bf:21:aa:cf:5e:92:
be:33:dc:4e:60:2e:2a:40:89:ad:21:0c:23:d0:83:
48:73:53:12:50:a1:42:11:c3:52:5c:ae:3d:02:f9:
6b:48:ed:57:23:16:1a:f1:f7:5a:80:95:5c:5c:2a:
a1:06:55:bd:8e:8e:57:00:46:2f:d3:bd:3e:c6:3b:
6e:e7:6a:08:db:7d:1d:25:6d:74:b1:9a:1e:11:b9:
f5:d9:9d:a7:0a:85:5a:41:08:da:b7:0d:32:62:76:
27:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A4:9B:11:90:8C:A3:FF:3E:8A:6C:48:7A:7B:24:45:38:4C:62:98
X509v3 Authority Key Identifier:
keyid:D6:AA:3F:BC:78:E3:12:29:15:7C:78:B6:D2:3A:65:EB:2E:35:3D:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1qo_vHjjEikVfHi20jpl6y41Pc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/1qSbEZCMo_8-imxIenskRThMYpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/1qo_vHjjEikVfHi20jpl6y41Pc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.59.0-78.108.63.255
Signature Algorithm: sha256WithRSAEncryption
35:05:3a:c2:37:10:93:60:79:22:0a:d8:db:8a:d9:d9:4b:0a:
fd:7c:2c:ae:a6:05:c7:13:c1:57:c9:7c:74:e4:2a:40:1e:86:
a8:4a:92:e7:6f:a8:1f:09:15:1f:e4:b5:fa:82:c1:16:c2:18:
be:ef:b8:b8:af:aa:cf:a2:16:fb:77:a6:45:5b:4a:80:70:4d:
84:10:13:a7:a1:96:57:75:d7:f7:30:65:36:71:ce:4c:45:25:
a9:ba:07:0f:05:09:e0:36:d1:93:f8:f7:cd:65:af:31:64:34:
79:b0:a8:a1:cb:05:c8:a9:1a:86:80:e7:75:04:bf:77:8f:1c:
e5:12:96:5a:22:35:1b:2c:a8:43:17:2a:73:0d:91:fd:2e:df:
63:42:0c:e8:4e:9c:09:25:e1:75:fc:89:5a:f5:b2:31:d6:06:
c9:01:ee:7a:a8:a2:6f:13:50:56:d6:2c:db:43:e9:4d:92:b9:
b3:5f:ef:6e:cc:ea:20:d5:7f:8f:c7:dd:7a:47:6e:82:da:11:
50:ce:a8:a3:d9:46:c6:62:05:b3:23:5e:ab:ff:bc:11:54:de:
ba:31:17:ea:e6:f3:03:36:83:1d:ed:73:b3:7f:d6:63:20:6a:
47:5e:fd:8d:9d:35:e8:a9:16:a7:35:70:73:51:bb:40:9b:3e:
9a:c3:32:05
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZgBZKF3OoS7yh3kMr//HU1SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2YWEzZmJjNzhlMzEyMjkxNTdjNzhiNmQyM2E2NWViMmUz
NTNkY2UwHhcNMjUwNzEzMDEyNzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmE0OWIxMTkwOGNhM2ZmM2U4YTZjNDg3YTdiMjQ0NTM4NGM2Mjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLWS+SZTcFJcPOckzl7RgIWn3Y8m
um4MZqUUOG6GPeKhYMMeKY/RFu14LzmiKYG23Qq6RQjFsxGKtvxkY1ow0HJODoMg
e55ARqKe+MirlENc1frzYFI0eMm1UFwfYfnuoHx/AlufeAyydylTOO47sz+WFxV+
f2afuCrE+VNSPeXrKJztP/9g+27annHsHYfbEbur0YaU65E7A97/X3K/IarPXpK+
M9xOYC4qQImtIQwj0INIc1MSUKFCEcNSXK49AvlrSO1XIxYa8fdagJVcXCqhBlW9
jo5XAEYv070+xjtu52oI230dJW10sZoeEbn12Z2nCoVaQQjatw0yYnYnswIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNakmxGQjKP/PopsSHp7JEU4TGKYMB8GA1UdIwQY
MBaAFNaqP7x44xIpFXx4ttI6ZesuNT3OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXFvX3ZIampFaWtWZkhpMjBqcGw2eTQxUGM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC82Y2Y4YmUtMjUzZC00NmQ1LWFiN2Mt
ODI3NmM4YWFjNTBlLzEvMXFTYkVaQ01vXzgtaW14SWVuc2tSVGhNWXBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC82Y2Y4YmUtMjUzZC00NmQ1LWFiN2MtODI3NmM4YWFjNTBl
LzEvMXFvX3ZIampFaWtWZkhpMjBqcGw2eTQxUGM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABObDsD
BAZObAAwDQYJKoZIhvcNAQELBQADggEBADUFOsI3EJNgeSIK2NuK2dlLCv18LK6m
BccTwVfJfHTkKkAehqhKkudvqB8JFR/ktfqCwRbCGL7vuLivqs+iFvt3pkVbSoBw
TYQQE6ehlld11/cwZTZxzkxFJam6Bw8FCeA20ZP4981lrzFkNHmwqKHLBcipGoaA
53UEv3ePHOUSlloiNRssqEMXKnMNkf0u32NCDOhOnAkl4XX8iVr1sjHWBskB7nqo
om8TUFbWLNtD6U2SubNf727M6iDVf4/H3XpHboLaEVDOqKPZRsZiBbMjXqv/vBFU
3roxF+rm8wM2gx3tc7N/1mMgakde/Y2dNeipFqc1cHNRu0CbPprDMgU=
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:31:29 2025 by rpki-client