Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/72xETN3EGS_29IM5K3IYHeNlZd0.roa
File: 72xETN3EGS_29IM5K3IYHeNlZd0.roa (raw, json)
Hash identifier: B6dl0+BtzH8HXghfM7KBoR9JhCS+ZFCQ5iwNUkD3hAs=
Subject key identifier: EF:6C:44:4C:DD:C4:19:2F:F6:F4:83:39:2B:72:18:1D:E3:65:65:DD
Certificate issuer: /CN=d6aa3fbc78e31229157c78b6d23a65eb2e353dce
Certificate serial: 01980872F6CA15C1C29A42A50BCF4DEBE819
Authority key identifier: D6:AA:3F:BC:78:E3:12:29:15:7C:78:B6:D2:3A:65:EB:2E:35:3D:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1qo_vHjjEikVfHi20jpl6y41Pc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/72xETN3EGS_29IM5K3IYHeNlZd0.roa
Signing time: Mon 14 Jul 2025 10:20:08 +0000
ROA not before: Mon 14 Jul 2025 10:20:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 78.108.60.0/23 maxlen: 23
78.108.62.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 14 Jul 2025 11:35:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:08:72:f6:ca:15:c1:c2:9a:42:a5:0b:cf:4d:eb:e8:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6aa3fbc78e31229157c78b6d23a65eb2e353dce
Validity
Not Before: Jul 14 10:20:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ef6c444cddc4192ff6f483392b72181de36565dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e5:5f:4a:e6:62:6f:bf:5c:66:10:94:c1:d7:
76:a3:40:8e:90:a7:6b:39:91:78:75:e0:20:9b:c9:
ae:6b:e4:c2:6b:de:3c:a6:7d:3e:03:79:97:9b:c1:
20:fd:c4:84:8c:d3:1b:fe:1b:1a:48:b3:a3:4c:d6:
f8:49:ac:38:7e:53:ae:0b:ad:69:7f:ee:c7:14:af:
c2:9a:6e:92:df:33:ca:d6:b4:61:30:c3:14:4a:11:
45:7e:8c:7d:ae:c4:30:bc:eb:e0:8f:37:47:81:f7:
3d:e3:7d:a2:51:68:27:e3:9f:35:48:d2:21:99:45:
e8:19:30:75:fb:b5:5f:4d:e7:0b:27:a9:f1:9c:ca:
ec:0f:6d:7d:6c:82:b8:cb:b5:4d:80:33:f1:c4:1d:
9e:d0:81:6e:cd:00:22:22:c0:95:cb:80:02:41:8f:
70:3c:ed:0f:c4:b6:12:09:f0:98:06:a5:20:20:85:
b3:5b:38:bf:97:2e:47:c4:f3:b9:9c:4e:cc:85:82:
af:86:36:d4:58:17:4b:e3:62:5c:d8:be:f6:27:8c:
d9:66:95:02:a2:30:23:b8:2d:5c:5b:57:fe:6b:e8:
4d:b0:88:79:e8:57:0b:7f:4d:75:30:25:fd:88:94:
02:b8:70:58:08:bd:f5:54:17:ef:b4:bd:19:38:32:
7d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:6C:44:4C:DD:C4:19:2F:F6:F4:83:39:2B:72:18:1D:E3:65:65:DD
X509v3 Authority Key Identifier:
keyid:D6:AA:3F:BC:78:E3:12:29:15:7C:78:B6:D2:3A:65:EB:2E:35:3D:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1qo_vHjjEikVfHi20jpl6y41Pc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/72xETN3EGS_29IM5K3IYHeNlZd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/1qo_vHjjEikVfHi20jpl6y41Pc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.60.0/22
Signature Algorithm: sha256WithRSAEncryption
d1:78:7d:8c:66:4a:18:0f:bc:e4:39:66:8f:91:f0:2d:d5:d0:
6b:ae:b5:02:16:74:87:a3:22:66:85:48:12:9b:82:c9:b3:b3:
9c:32:0d:12:92:09:1b:79:73:8b:ee:c9:7e:d9:cc:e3:b3:25:
8b:65:b8:51:59:0c:d0:c5:fb:b1:6a:47:38:85:f3:b8:48:c6:
4d:73:0e:c1:ec:f3:6a:15:9d:a5:d0:80:66:7f:6b:3f:06:ec:
af:b9:f3:0c:82:c0:35:ee:21:19:a9:6c:46:5c:38:2f:19:32:
90:1c:a5:07:da:04:0a:ce:8e:c2:5b:1b:a8:a1:f9:80:88:ad:
d8:b3:04:d0:e2:b6:76:cb:eb:37:37:9e:c3:5f:5c:9c:06:04:
75:63:ac:1b:79:35:01:9d:5c:b1:82:49:6b:f7:b8:14:70:26:
b6:59:7b:1e:27:f4:81:23:be:71:ac:f7:8c:2d:a1:f6:ab:9f:
ab:d6:2d:f7:c0:b8:5b:82:67:97:5d:a2:a5:b8:ad:da:58:71:
f2:4b:24:c2:bd:ef:fa:71:d1:5f:34:8a:e3:cb:d8:b3:08:4a:
9f:34:4a:78:c6:31:c0:88:24:27:b9:0e:e4:b1:05:81:c3:06:
a7:d6:8e:7b:39:ad:93:08:0f:3f:cf:45:f7:f0:4f:da:8d:af:
a0:df:91:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZgIcvbKFcHCmkKlC89N6+gZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2YWEzZmJjNzhlMzEyMjkxNTdjNzhiNmQyM2E2NWViMmUz
NTNkY2UwHhcNMjUwNzE0MTAyMDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjZjNDQ0Y2RkYzQxOTJmZjZmNDgzMzkyYjcyMTgxZGUzNjU2NWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuVfSuZib79cZhCUwdd2o0COkKdr
OZF4deAgm8mua+TCa948pn0+A3mXm8Eg/cSEjNMb/hsaSLOjTNb4Saw4flOuC61p
f+7HFK/Cmm6S3zPK1rRhMMMUShFFfox9rsQwvOvgjzdHgfc9432iUWgn4581SNIh
mUXoGTB1+7VfTecLJ6nxnMrsD219bIK4y7VNgDPxxB2e0IFuzQAiIsCVy4ACQY9w
PO0PxLYSCfCYBqUgIIWzWzi/ly5HxPO5nE7MhYKvhjbUWBdL42Jc2L72J4zZZpUC
ojAjuC1cW1f+a+hNsIh56FcLf011MCX9iJQCuHBYCL31VBfvtL0ZODJ9JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO9sREzdxBkv9vSDOStyGB3jZWXdMB8GA1UdIwQY
MBaAFNaqP7x44xIpFXx4ttI6ZesuNT3OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXFvX3ZIampFaWtWZkhpMjBqcGw2eTQxUGM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC82Y2Y4YmUtMjUzZC00NmQ1LWFiN2Mt
ODI3NmM4YWFjNTBlLzEvNzJ4RVROM0VHU18yOUlNNUszSVlIZU5sWmQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC82Y2Y4YmUtMjUzZC00NmQ1LWFiN2MtODI3NmM4YWFjNTBl
LzEvMXFvX3ZIampFaWtWZkhpMjBqcGw2eTQxUGM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCTmw8MA0G
CSqGSIb3DQEBCwUAA4IBAQDReH2MZkoYD7zkOWaPkfAt1dBrrrUCFnSHoyJmhUgS
m4LJs7OcMg0SkgkbeXOL7sl+2czjsyWLZbhRWQzQxfuxakc4hfO4SMZNcw7B7PNq
FZ2l0IBmf2s/BuyvufMMgsA17iEZqWxGXDgvGTKQHKUH2gQKzo7CWxuoofmAiK3Y
swTQ4rZ2y+s3N57DX1ycBgR1Y6wbeTUBnVyxgklr97gUcCa2WXseJ/SBI75xrPeM
LaH2q5+r1i33wLhbgmeXXaKluK3aWHHySyTCve/6cdFfNIrjy9izCEqfNEp4xjHA
iCQnuQ7ksQWBwwan1o57Oa2TCA8/z0X38E/aja+g35Fs
-----END CERTIFICATE-----
Generated at Fri Jul 25 01:01:34 2025 by rpki-client