Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/fXZxZECOBESkXdqSheKL7JFJXmc.roa
File: fXZxZECOBESkXdqSheKL7JFJXmc.roa (raw, json)
Hash identifier: wc57DcsZzhUbF/DYBnLMnOofYpKtZEPYrrulR+13Oq4=
Subject key identifier: 7D:76:71:64:40:8E:04:44:A4:5D:DA:92:85:E2:8B:EC:91:49:5E:67
Certificate issuer: /CN=d6aa3fbc78e31229157c78b6d23a65eb2e353dce
Certificate serial: 0197813006D041436836905DB157B253D908
Authority key identifier: D6:AA:3F:BC:78:E3:12:29:15:7C:78:B6:D2:3A:65:EB:2E:35:3D:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1qo_vHjjEikVfHi20jpl6y41Pc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/fXZxZECOBESkXdqSheKL7JFJXmc.roa
Signing time: Wed 18 Jun 2025 03:58:17 +0000
ROA not before: Wed 18 Jun 2025 03:58:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215287
IP address blocks: 78.108.57.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 19 Jul 2025 11:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:81:30:06:d0:41:43:68:36:90:5d:b1:57:b2:53:d9:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6aa3fbc78e31229157c78b6d23a65eb2e353dce
Validity
Not Before: Jun 18 03:58:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d767164408e0444a45dda9285e28bec91495e67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c8:d9:17:19:49:ea:52:1e:00:f4:57:1a:7e:
33:ed:fa:cb:bd:4f:cd:ee:b2:cf:a9:e5:95:02:d6:
51:80:17:89:9b:56:6d:49:e4:77:dd:a5:7e:58:d8:
8e:53:19:5b:ab:74:60:41:42:b6:0f:3a:f0:68:26:
31:d9:a3:17:ad:9c:74:9e:c0:38:ab:b3:fe:68:52:
eb:d2:18:25:36:f5:0d:f3:19:76:52:88:5a:be:15:
50:e5:0f:3e:17:be:5f:68:20:27:fb:c0:a2:72:b0:
a5:a3:63:8f:e3:26:ad:d8:3f:54:db:0c:ef:20:b1:
75:27:d3:64:3c:62:a5:23:b1:92:b2:48:fb:9e:c4:
25:4a:80:ac:51:e6:0f:11:9f:04:23:df:91:e3:31:
29:31:28:86:b4:fb:c3:75:e5:6e:96:26:b1:8c:5b:
cc:72:06:7d:00:4e:a1:2a:1a:bd:28:e7:a3:07:1c:
c4:5f:46:6d:7f:7d:00:bf:0d:cd:40:1a:e9:23:1b:
98:34:db:9b:06:57:89:72:9f:b9:96:f8:5a:0a:c6:
39:c9:aa:f8:92:a1:1e:1e:06:3d:a5:36:69:b0:3a:
07:be:55:c8:b4:73:38:7d:e4:4f:48:44:1a:02:e9:
c0:3a:e2:24:cd:d2:78:93:90:65:fe:22:a3:f0:0b:
d5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:76:71:64:40:8E:04:44:A4:5D:DA:92:85:E2:8B:EC:91:49:5E:67
X509v3 Authority Key Identifier:
keyid:D6:AA:3F:BC:78:E3:12:29:15:7C:78:B6:D2:3A:65:EB:2E:35:3D:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1qo_vHjjEikVfHi20jpl6y41Pc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/fXZxZECOBESkXdqSheKL7JFJXmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/6cf8be-253d-46d5-ab7c-8276c8aac50e/1/1qo_vHjjEikVfHi20jpl6y41Pc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.57.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:88:ad:8c:2a:fc:ab:57:65:90:5e:85:db:e7:2a:df:27:0c:
e5:08:48:48:cb:a7:c4:92:1a:ae:e1:40:cd:85:96:4f:38:af:
79:bd:3c:7b:f2:f8:eb:d1:6d:63:55:26:76:c6:13:23:7c:ba:
0b:25:47:5d:fc:8e:15:a5:76:a5:a8:7b:0d:e2:32:44:2b:d2:
e1:55:95:bb:71:a8:2f:5b:ad:9b:d5:ad:fc:cf:85:f7:f8:76:
52:5f:eb:25:23:56:36:83:95:13:15:a9:35:fe:98:c5:c6:55:
63:5d:c1:8e:42:cb:69:31:b9:07:a8:d7:9f:a7:a6:8e:54:92:
fe:ee:43:28:46:97:62:1e:c9:7e:b5:5d:a5:56:6e:a7:e9:53:
a0:43:ff:56:af:94:dc:af:66:59:c8:b1:90:b0:a6:03:c9:69:
00:6a:d3:53:e0:79:53:dc:48:50:94:b3:6d:d4:10:5c:6b:72:
80:01:8d:87:b1:5f:d6:7d:50:4a:7f:16:bf:5e:85:8a:18:fc:
7c:d0:a4:15:51:84:1f:e4:66:d4:4f:a1:b7:c0:c0:bd:41:fb:
45:6a:2f:97:ab:9b:40:ed:84:9f:2c:d7:e1:93:19:d7:4a:ad:
3f:15:b4:66:24:bf:97:1d:77:9b:2a:46:dc:c5:69:78:ce:76:
47:9a:55:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZeBMAbQQUNoNpBdsVeyU9kIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2YWEzZmJjNzhlMzEyMjkxNTdjNzhiNmQyM2E2NWViMmUz
NTNkY2UwHhcNMjUwNjE4MDM1ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDc2NzE2NDQwOGUwNDQ0YTQ1ZGRhOTI4NWUyOGJlYzkxNDk1ZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusjZFxlJ6lIeAPRXGn4z7frLvU/N
7rLPqeWVAtZRgBeJm1ZtSeR33aV+WNiOUxlbq3RgQUK2DzrwaCYx2aMXrZx0nsA4
q7P+aFLr0hglNvUN8xl2UohavhVQ5Q8+F75faCAn+8CicrClo2OP4yat2D9U2wzv
ILF1J9NkPGKlI7GSskj7nsQlSoCsUeYPEZ8EI9+R4zEpMSiGtPvDdeVuliaxjFvM
cgZ9AE6hKhq9KOejBxzEX0Ztf30Avw3NQBrpIxuYNNubBleJcp+5lvhaCsY5yar4
kqEeHgY9pTZpsDoHvlXItHM4feRPSEQaAunAOuIkzdJ4k5Bl/iKj8AvVzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH12cWRAjgREpF3akoXii+yRSV5nMB8GA1UdIwQY
MBaAFNaqP7x44xIpFXx4ttI6ZesuNT3OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXFvX3ZIampFaWtWZkhpMjBqcGw2eTQxUGM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC82Y2Y4YmUtMjUzZC00NmQ1LWFiN2Mt
ODI3NmM4YWFjNTBlLzEvZlhaeFpFQ09CRVNrWGRxU2hlS0w3SkZKWG1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC82Y2Y4YmUtMjUzZC00NmQ1LWFiN2MtODI3NmM4YWFjNTBl
LzEvMXFvX3ZIampFaWtWZkhpMjBqcGw2eTQxUGM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATmw5MA0G
CSqGSIb3DQEBCwUAA4IBAQBeiK2MKvyrV2WQXoXb5yrfJwzlCEhIy6fEkhqu4UDN
hZZPOK95vTx78vjr0W1jVSZ2xhMjfLoLJUdd/I4VpXalqHsN4jJEK9LhVZW7cagv
W62b1a38z4X3+HZSX+slI1Y2g5UTFak1/pjFxlVjXcGOQstpMbkHqNefp6aOVJL+
7kMoRpdiHsl+tV2lVm6n6VOgQ/9Wr5Tcr2ZZyLGQsKYDyWkAatNT4HlT3EhQlLNt
1BBca3KAAY2HsV/WfVBKfxa/XoWKGPx80KQVUYQf5GbUT6G3wMC9QftFai+Xq5tA
7YSfLNfhkxnXSq0/FbRmJL+XHXebKkbcxWl4znZHmlVx
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:58:53 2025 by rpki-client